What is 'ransomware'?

Ransomware is a specific type of malicious software (malware) that targets individuals and organizations by encrypting their data and subsequently demanding a ransom in exchange for the decryption key. This tactic effectively locks users out of their crucial files and systems, creating significant operational disruptions and potential data loss. Once the files are encrypted, victims typically receive a ransom note detailing the payment required to restore access, making it a highly detrimental and economically driven cyber threat.

The key characteristic of ransomware is its dual function of data encryption and ransom solicitation, which sets it apart from other forms of malware. It is not merely a phishing technique, as it involves direct encryption of files rather than tricking users into divulging information. Additionally, unlike antivirus software designed to protect data from unauthorized access, ransomware inherently seeks to exploit vulnerabilities for malicious purposes. Lastly, while some cyber attacks do involve service disruptions, ransomware's primary operation revolves around data encryption and ransom demands, not outright denial of service.