Logo
Sign InSign Up

What is Ransomware | Definition and Meaning

Last modified on Sunday, October 8, 2023

2 minute read

Defining Ransomware

Ransomware is a type of malicious software, or malware, designed to block access to a computer system or the files on it until a ransom is paid. Once the ransomware is installed, it typically encrypts the user's files, preventing them from being accessed until the user pays a ransom, usually in the form of cryptocurrency, to regain access. Encrypting ransomware has 2 main forms, Locker Ransomware, and Crypto Ransomware. Crypto ransomware locks user files, such as database contents, documents, images, and videos. Locker ransomware often locks or severely limits access to the UI. Ransomware extends to further forms such as Doxware, where attackers download a copy of personal data and threaten to release it, and ransomware scareware. Where no encryption has occured.

Paying the ransom is contentious, as it rewards criminals for their behaviour, invests in these criminal gangs, and provides them with the resources to develop new attacks, and hurt people further. It's also risky, as the criminal gang may take the money and run, and not be willing or even capable of recovering the data. Various legality by country. Some organisation's find it's cheaper to pay the ransom than to recover it. Or there may be time-pressure to unlock safety-critical machines, such as in a hospital. Ransomware can have lethal consequences.

Ransomware motivations include:

  • Money - Lucrative payouts when a victim pays for their information to be unlocked.
  • Disruption - Attacking a country and discouraging global corporations from doing business there.
  • Data Destruction and Cover - Destructive ransomware such as NotPetya may have been a way for attackers to hide evidence.

Ransomware Examples:

  • NotPetya - Notpetya's 2017 attack targeted Ukrainian infrastructure, including hospitals, energy grid, airports, banks, financial infrastructure, and most Ukrainian federal agencies The attack also spread to major global corporations.

Notable Cases:

  • In 2020 the first known case of a death directly linked to a ransomware attack occured after an attack on Düsseldorf University Hospital, causing the patient to be driven 19 miles (30 kilometers) to another hospital.

See also:


Share this article

Stellastra The Cyber Security Comparison Platform

© 2024 Stellastra Ltd. All rights reserved. All names, logos, trademarks, et al, belong to their respective owners. No endorsement or partnership is necessarily implied between company and Stellastra and vice versa. Information is provided for convenience only on an as is basis. For the most up to date information, contact vendor directly. Scores including email security, SPF, and DMARC are calculated based on Stellastra's algorithms and other analyses may return different results.

LinkedInTwitter

Company

About StellastraContact usCyber Security Risk ScoreEmail Deliverability ToolStellastra Discover

Stay up to date