Malware that encrypts a victim’s data and demands payment—often in cryptocurrency—for decryption.
Ransomware encrypts files or systems and demands payment to restore access. Attackers favor cryptocurrencies for cross-border payments and censorship resistance. Paying the ransom is risky—there’s no guarantee of decryption, and it may violate local laws or sanctions.
"An organization’s servers are encrypted, and the attackers demand payment to a specified crypto address in exchange for a decryption key."
Best practices include regular offline backups, timely patching, least-privilege access, phishing awareness training, and incident response plans. If attacked, involve authorities and follow legal guidance.
"Because backups were offline and recent, the company rebuilt systems without paying the ransom."
All terms and definitions may update as the Cryptionary improves.