Ransomware is an online attack perpetrated by cybercriminals or nation state-sponsored groups who demand a monetary ransom to release a hold on encrypted or stolen data. Increasingly, ransomware attacks result in crisis-level operational impact to critical infrastructure and commercial organizations, while criminals threaten to publicly release or destroy data if prompt payment isn’t made.
In the past decade, ransomware attacks have evolved from a consumer-level nuisance of fake antivirus products to sophisticated malware with advanced encryption capabilities that now primarily target public and private-sector organizations. Robustly applied threat intelligence can help identify industries and geographies considered a primary target at any given time, but no individual or organization is immune to attack.