What is Ransomware?

S. Gonzales

Ransomware is a specific type of malicious software that holds a computer and its contents virtually hostage. This malware acts as a means to perpetuate extortion. Attackers who use malware do so with the goal of forcing victims to pay money to regain access to their own files. After the money has been received, the attacker provides the victim with a code that can restore the system back to normal.

Ransomware is a program that holds a computer -- and its data -- hostage.
Ransomware is a program that holds a computer -- and its data -- hostage.

Viruses that can encrypt files and withhold them from their rightful owners have also been called cryptoviruses, cryptoworms and cryptotrojans. They have become increasingly popular. Ways that ransomware can infiltrate a computer system are similar to those of the average computer computer worm. Ransomware can enter through an infected email or a network vulnerability. They can also make their way onto the computers of unsuspecting victims by way of search engine activities, infected web advertisements and automatic Internet downloads.

Ransomware may be used as a means of extorting someone for money.
Ransomware may be used as a means of extorting someone for money.

Upon its installation, ransomware can disable or compromise important system functions, such as the computer's startup mechanisms. It will then encrypt the victim's files, making it impossible for the user to access them without undergoing a specific action that can monetarily benefit the attacker. The particular action demanded from the attacker can vary, depending on the attacker's preferences.

For example, a victim of a ransomware attack might be prompted to enter a code into their computer in order to regain access to their files. The code is safely guarded by the attacker, and the attacker will provide it only if the victim sends payment to the attacker. In some cases, the code is not even known by the attacker until payment is sent.

Some attackers urge victims to send short message service (SMS) messages so that victims can be charged for the action. In scenarios such as these, Internet access is also blocked on the victim's computer. Craftier attackers might create a fake malware removal program notice on a victim's computer, alerting him or her of security threats. The notice can warn the victim that the computer's virus protection software has expired and urge him or her to pay for instant removal of the virus from his system.

Computer users can protect themselves against ransomware attacks by installing good antivirus programs on their computers. Being vigilant about web-surfing habits can reduce the risk of computer infection as well. Regularly updating programs to make sure that known security issues have been addressed can also minimize threats.

Ransomware can gain access to an individual's computer through infected e-mails.
Ransomware can gain access to an individual's computer through infected e-mails.

You might also Like

Discussion Comments


@Cageybird- I wish I had thought of that when I got hit with ransomware last year. I had to take my infected PC to a local computer repair shop, and the tech ran all sorts of advanced malware virus scans. He finally found the malicious code and restored my settings, but it was not a quick or easy fix.

I warn my friends now to be extra cautious on the Internet. I shouldn't have been visiting that kind of website, but I didn't think my computer would be taken hostage like that. I can see why some people would willingly pay the ransom, since the warnings look very official. I've heard of some ransomware viruses that access a user's webcam and display the video feed alongside the warning.


Ransomware is very scary. One time I was looking at different videos and pictures on a fairly popular website, and I clicked on a link that was supposed to be a cute cat video. The screen froze up for a minute, then a blurry screenshot of a porn video appeared. I couldn't back out of it. Everything remained frozen.

A minute later, a very official looking page appeared, informing me that my computer had been seized by a government anti-pornography agency and I faced 10 years in prison if convicted of child pornography possession. I would have to purchase a pre-paid debit card loaded with $200 and send it to a specified address in order to have my computer released and avoid future prosecution. I was petrified, because it was my wife's computer and I didn't want her to think I would download child pornography.

I explained the situation to my wife, and she said she had heard of ransomware at work. She managed to run a malware virus scan, but it didn't fix the problem. She finally accessed the system restore program and reset the date on our computer to a time before the ransomware computer virus was installed.

Post your comments
Forgot password?