---
url: 'https://www.corbado.com/glossary/ransomware'
title: 'Ransomware'
description: 'Discover what ransomware is, how it operates, and effective strategies to protect your data from this formidable cybersecurity threat.'
lang: 'en'
keywords: 'ransomware'
---

# Ransomware

## What is Ransomware?

**Ransomware** is a type of [malware](https://www.corbado.com/glossary/malware) that encrypts a victim's data or
locks device functionality until a ransom is paid to the attacker. It can paralyze entire
organizations by restricting access to critical files and systems, demanding substantial
[payments](https://www.corbado.com/passkeys-for-payment) for decryption.

> - **Ransomware** encrypts or locks data until a ransom is paid.
> - Can lead to significant financial and data losses.
> - Evolved into more complex forms like double and triple extortion.

---

## Evolution and Types of Ransomware

Ransomware has evolved significantly since its inception. Initially simple in operation,
modern ransomware includes tactics like double-extortion, which not only encrypts data but
also steals it, threatening public release unless additional demands are met.

### Types of Ransomware

- **Encrypting Ransomware:** Encrypts victim’s data, demanding a ransom for the decryption
  key.
- **Screen-locking Ransomware:** Locks the user out of their operating system, demanding
  [payment](https://www.corbado.com/passkeys-for-payment) to regain access.
- **Leakware or Doxware:** Threatens to publish stolen data if a ransom isn’t paid.
- **Mobile Ransomware:** Targets mobile devices, typically locking access rather than
  encrypting data.
- **Wipers:** Destroys data regardless of whether the ransom is paid, often used in
  politically motivated attacks.

### Impact of Ransomware

The consequences of ransomware attacks can be devastating:

- **Financial Loss:** Beyond the ransom itself, victims face operational downtime, lost
  productivity, and reputational damage.
- **Data Breach:** Sensitive data may be stolen and sold or leaked, compounding the
  attack's impact.
- **Operational Disruption:** Essential services can be halted, affecting
  [healthcare](https://www.corbado.com/passkeys-for-healthcare), governmental, and educational institutions.

---

## Ransomware FAQs

### How does ransomware infect systems?

Ransomware typically enters systems through [phishing](https://www.corbado.com/glossary/phishing) emails,
exploiting software [vulnerabilities](https://www.corbado.com/glossary/vulnerability), or credential theft,
enabling attackers to deploy malicious payloads discreetly.

### What should you do if infected by ransomware?

Isolate the infected systems, identify the ransomware variant, and check for decryption
tools. Avoid paying the ransom, as this does not guarantee data recovery and may encourage
further attacks.

### How can organizations protect against ransomware?

Regularly back up data, apply software updates, and train employees on cybersecurity best
practices. Employ robust antivirus solutions and restrict access to sensitive data.