What is a Ransomware

Ransomware is a form of malware that encrypts a victim’s files. The attacker then demands a ransom from the victim to restore access to the data after payment. Users are shown instructions on how to pay a fee to get the decryption key. Costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin.

Fill out the form and one of our ransomware experts will get in touch to help you with your request.

* we recommend sending files in zip or rar format

How Ransomware Works

There are several vectors that ransomware can use to gain access to a computer. One of the most common delivery systems is phishing spam – attachments that arrive at the victim in an email, disguised as files they should trust. Once downloaded and opened, they can take control of the victim’s computer, especially if they have built-in social engineering tools that trick users into granting administrative access. Some other more aggressive forms of ransomware, such as NotPetya, exploit security holes to infect computers without having to fool users.

The most common types of ransomware

The goals of the ransomware

There are several ways in which attackers choose the organizations to target with ransomware. Sometimes it’s a matter of opportunity – for example, attackers might target universities because they tend to have smaller security teams and a disparate user base that does a lot of file sharing, making it easier to penetrate their defenses.

On the other hand, some organizations are tempting targets because they seem more likely to pay a ransom quickly. For example, government agencies or medical facilities often need immediate access to their files. Law firms and other organizations with sensitive data may be willing to pay to keep news of a compromise silent, and these organizations may be particularly sensitive to leakware attacks.