Ransomware has become a significant cyber threat to our Nation, claiming victims such as local governments, hospital networks, and most recently K-12 schools. While ransomware incidents are prevalent among government entities and critical infrastructure organizations, individuals are still very much at risk. Malicious actors can target anyone with a device connected to the internet or important data stored on their network.
Ransomware is a type of malicious software, or malware, designed to infect computers and encrypt files until a sum of money or other form of ransom is paid. After the initial infection, ransomware will attempt to spread to connected systems, including shared storage drives and other accessible devices.
Consequences of a ransomware attack can be severe and there is no guarantee a user will recover the files, even after paying the ransom. On a personal level, an infection can result in financial damage or disclosure of sensitive information. On an organizational level, ransomware can cause business disruptions, financial strain from a payout or costly investigations, and reputational damage causing loss of current or potential customers.
To help spread awareness about ransomware attacks, protective measures, and response tactics the Cybersecurity and Infrastructure Security Agency (CISA) developed the following resources: