Jericho Security | Glossary

Jericho's Cybersecurity Glossary | Ransomware

Written by Jericho Security Team | September 28, 2024

Definition:

Ransomware is a type of malware that encrypts a victim’s data or locks them out of their system, demanding a ransom payment (usually in cryptocurrency) in exchange for restoring access to the data.

Use Cases:

  • Used by cybercriminals to extort money from organizations or individuals by encrypting sensitive files.
  • Employed in targeted attacks on businesses, hospitals, and governments to disrupt operations and force ransom payments.

Related Terms:

Questions and Answers:

  • How does ransomware spread?
    Ransomware can spread through phishing emails, malicious downloads, and software vulnerabilities, allowing attackers to infect a system and encrypt files.

  • What are the best defenses against ransomware?
    The best defenses include regular data backups, employee training to recognize phishing, patching vulnerabilities, and using up-to-date antivirus software.

  • Should victims pay the ransom in a ransomware attack?
    Security experts advise against paying the ransom, as it does not guarantee the recovery of data and encourages further criminal activity. Instead, victims should rely on backups and consult cybersecurity professionals.