Ransomware is malicious software (malware) that encrypts a victim’s data. It typically spreads through phishing emails, malicious downloads, or exploiting security vulnerabilities.
Ransomware attacks vary; some attackers stay in the network for a long time, while others operate more like a hit-and-run. There are even foreign companies offering “Ransomware as a Service” (RaaS) who gain access to companies and sell that access to other bad actors on the dark web.
Once activated, ransomware spreads through the network, encrypting files and rendering them inaccessible. Modern ransomware attacks also utilize data exfiltration, where corporate data is downloaded as well.
Encrypted environments cripple your business, and data theft creates massive civil liability.
Victims are pressured to pay, usually in cryptocurrency, as attackers threaten to delete and/or leak data. However, paying the ransom doesn’t guarantee the hijacker will follow through, so taking proactive measures is critical.