Ransomware refers to a type of malware that encrypts files on an infected computer and holds the key to decrypt the files until the victim pays a ransom. Ransomware has seen explosive growth over the past few years and has rapidly evolved into a highly lucrative business model. Sophisticated advanced persistent threats (APTs) are employing ransomware to maximize their profits with multiple layers of monetization strategies. New versions appear frequently with ever-evolving tactics and techniques making detection harder. In this chapter, we present a brief history of ransomware, top threat actors employing ransomware, tactics used, and key strategies firms need to deploy to prevent, detect, and respond to ransomware in attacks.
Part of the book: Malware