Home/Glossary/Ransomware

Ransomware

Malware that encrypts systems or exfiltrates data, demanding payment to restore access or prevent disclosure.

Risk & Resilience

Modern ransomware operators blend extortion with data theft, targeting the most business-critical systems.

Attack pattern

  • Initial access via phishing, exposed services, or compromised credentials.
  • Lateral movement to escalate privileges and locate backups.
  • Encryption or data theft, followed by ransom demands and deadlines.

Defensive focus

  • Enforce MFA and monitor remote access.
  • Segment backups and test restoration regularly.
  • Use EDR and network detection to spot lateral movement early.

Related Tools

Related Articles

View all articles
Check Point Harmony vs Proofpoint: Choosing Email Security for Google Workspace

Check Point Harmony vs Proofpoint: Choosing Email Security for Google Workspace

Compare legacy Secure Email Gateways (SEG) like Proofpoint with modern API-based email security solutions like Check Point Harmony for Google Workspace environments. Learn why architecture matters for cloud email protection.

Read article →
AWS S3 Complete Guide: Storage, CLI, Security & Cost Optimization

AWS S3 Complete Guide: Storage, CLI, Security & Cost Optimization

The definitive guide to AWS S3 covering core concepts, CLI commands, storage classes, security best practices, and cost optimization. Master S3 from fundamentals to production deployment.

Read article →
AWS S3 Glacier Backup Guide: Long-Term Archive and Compliance

AWS S3 Glacier Backup Guide: Long-Term Archive and Compliance

Complete guide to AWS S3 Glacier for backups and archives. Learn Glacier tiers, retrieval options, compliance features, and cost optimization for long-term data retention.

Read article →
AWS S3 Security Best Practices: Encryption, Access Control & Compliance

AWS S3 Security Best Practices: Encryption, Access Control & Compliance

Secure your AWS S3 buckets with this comprehensive guide covering encryption options, IAM and bucket policies, Block Public Access, VPC endpoints, and compliance configurations.

Read article →

Explore More Risk & Resilience

View all terms

Business Impact Analysis (BIA)

An assessment that identifies critical business processes and quantifies the impact of their disruption.

Read more →

Cyber Insurance

Insurance coverage that protects organizations against financial losses from cyberattacks and data breaches.

Read more →

Data Breach Cost

The total financial impact of a security incident, including detection, response, notification, and long-term damages.

Read more →

Incident Response Plan (IRP)

A documented, tested approach for detecting, containing, and recovering from cybersecurity incidents.

Read more →

MITRE ATT&CK Framework

A globally accessible knowledge base of adversary tactics, techniques, and procedures mapped to the attack lifecycle.

Read more →

Recovery Point Objective (RPO)

The maximum acceptable amount of data loss measured in time, defining how far back systems must be restored after an incident.

Read more →
Back to glossary