It is a form of cybercrime.

First of all a certain type of malware finds it way on to the victim's computer. This is by the usual routes of a compromised web site, email scam, infected file and so on.

Once on the computer, the malware searches all the drives for data and system files. This includes any shared network drives, connected external backup drives and so on. Then it encrypts those files over days so that even the backups may be secretly encrypted. However, everything seems normal to the user - the malware is covertly decrypting the files every time one is requested or used.

Finally the malware reveals itself to the user and demands money (often in the form of Bitcoins) to decrypt the files, otherwise all the files have been rendered useless.

To protect against this kind of attack, there needs to be malware detection software installed on the system, so as soon as the malware tries to encrypt, it hopefully will be detected. Regular scanning of the system should also be carried out to look out for altered system files.

Challenge see if you can find out one extra fact on this topic that we haven't already told you

Click on this link: What is ransomware



back to glossaryback to glossary