Ransomware is malware designed to deny access to a user’s computer and its data until a fee is paid. The ransomware does this by encrypting all the data on the user’s computer. This malware is typically delivered through a phishing email, which contains a link that, when clicked, delivers the ransomware payload onto the user’s computer. Ransomware first gained attention in the late 80s and was implemented using basic cryptography, which when it worked, set off a new world of cyber criminals, where corporate networks were targeted.
This malware essentially locks the users’ computer by running a payload, which locks the user’s computer until a ransom is paid to unlock it. This extortion may not end after the fee is paid. If the user has files that are deemed important, they should back them up on a separate, remote drive in case of an attack. When the ransomware is deployed, the files on the user’s computer are typically locked or encrypted and the fee is usually paid in a virtual currency, which is usually untraceable.
The NHS was hit by a targeted ransomware attack on May 12, 2017, so it is possible that even ultra-secure government organizations are vulnerable to such attacks. Ransomware attacks computer systems in one of two ways: the first way is that it encrypts the files on a computer or network; and the second attack focuses on locking the user’s computer. Some forms of this malicious software can even spread like a worm and infect other users on the network, damaging files. Even after paying the ransom, there is no guarantee that the user’s files will be undamaged or that the issue will go away. Paying the ransom may even embolden the cyber criminal to try and get more money out of the target.