Ransomware is a form of malware that an attacker uses to encrypt a victim’s files – they typically demand a ‘ransom’ from the victim before restoring access to the data.

Simply put, hackers and cybercriminals send malicious software to the victims PC and once opened, they are locked out the system. Then the victims are served with the option of either paying a ransom to regain full control or have all their operations partially or completely shut down.

Once a system or network is infected with malware, a notification informs the victim that the decryption key will only be accessible once the payment has been made. If this message is ignored, then the decryption key is destroyed and the data can never be restored.

How It Works

You will be happy to know that that you won’t face such a threat unless you open a dubious link or attachment within an email.

Here are five steps of a ransomware’s life cycle – from infestation all the way to recovery.


The System Is Compromised

Users are sent intriguing content or promotional offers with a CTA or attachment; once opened, their systems end up being compromised.

The Malware Takes Control

If the malware has been activated, it will instantly start populating certain file types with an encryption key. Furthermore, the user will be denied access to all such files.

The Victim Is Notified

When a system has been completely taken over, a notification pops up that informs the victim about the severity of the situation; it also includes details about the amount of ransom and the way it should be transferred.

The Ransom Is Paid

When cybercriminals gain access to a victim’s system, they either halt all operations or encrypt certain file types – and access is only granted once the ransom is paid in full and as per the instructions.

Full Access Is Returned

Attackers and cybercriminals typically send the decryption key to access all locked files after the payment has been made.

Types of Ransomware

Though you may have heard about ransomware in recent times, the interesting fact is that it dates back to the late 90s.

In 1998, the PC Cyborg strain denied access to files through asymmetric encryption, but 2012 was the year when the Reveton worm surfaced. This was the first occurrence of malware that held data hostage until an agreed-upon payment was made.

Currently, there are two types of ransomware causing havoc for many users; Locker Ransomware and Crypto-Ransomware. Both of these deny access to important files until money is successfully extorted from the victim.