Ransomware can take different forms, but it is a type of malware that denies access to a device or files until a ransom has been paid. Ransomware encrypts a user or company’s files and forces them to pay a fee to the hacker in order to regain access to their own files.
Ransomware encrypts the files on a workstation, and can travel across your network and encrypt files located on both mapped and local network drives. It’s how one infected user can bring a department or entire organization to a halt.
Once the files are encrypted, the hackers will display a screen or webpage explaining how to pay to unlock the files. Historically, ransoms started in the $300-$500 range, but fast forward to 2016 and companies are being hit with ransoms in the thousands of dollars.
Paying the ransom invariably involves paying a form of e-currency like Bitcoin. Once the hackers verify payment, they provide “decryptor” software, and the computer starts the arduous process of decrypting all of the files.