Ransomware is a type of malware in which data on an infected device is locked, typically by encryption, and payment is demanded to access the ransomed data. Unlike other types of malware that operate undetected, a user is likely to be notified that they’ve been infected and given instructions on how to recover their data from the attack.
What should I know?
When a system is infected with ransomware, payment for ransom is often demanded in cryptocurrency, such as Bitcoin, so that it is untraceable and so that the tracker can remain anonymous. Computers, phones, and tablets can be infected by ransomware.
The most common type of ransomware attack is a “data kidnapping” attack, which means that a user’s data is encrypted and held hostage until the ransom is paid. A “lock screen” attack will change the user’s login credentials or password and hold access to the user’s device ransom. Other times, the user’s passwords will be changed, and the attacker will hold the user’s accounts ransom. Attackers will sometimes threaten to publish sensitive information if the ransom is not paid.
Even when a ransom is paid, there’s no guarantee that the attacker will follow through on restoring the user’s access to their data.
Examples of the Effects of Ransomware
- A user is presented with a threatening message on their screen or in their browser.
- A user is unable to access their data or navigate past a certain screen on their device.
- A user is sent an email threatening destruction or release of their personal information if they don't pay a ransom.
Do you think you have been infected by ransomware? Make sure you are protected with a strong antivirus software.