Back to glossary


Ransomware is a type of malware attack where an attacker threatens to leak, delete, or make a victim's files inaccessible by encrypting them – unless the victim agrees to pay a ransom. While ransomware attacks can be targeted at individuals, they are more often directed at organizations (who have deeper pockets and more to lose from a data leak). 

Previous ransomware attacks have been conducted using phishing emails, malicious websites, text messages, and various other forms of social engineering. The attacker uses these methods to gain access to an organization's internal network, or to sensitive data stored on a public cloud, which can then be used as a bargaining chip for their ransom demands.

Ransomware attacks are notoriously difficult to prevent. Organizations can reduce their likelihood by using cybersecurity tools, cloud data security posture management (DSPM), regularly updating software, installing antivirus software, and systematically training employees on how to identify and avoid phishing attempts.