Skip to main content
Home/Glossary/Ransomware

Ransomware

Malware that encrypts systems or exfiltrates data, demanding payment to restore access or prevent disclosure.

Risk & Resilience

Modern ransomware operators blend extortion with data theft, targeting the most business-critical systems.

Attack pattern

  • Initial access via phishing, exposed services, or compromised credentials.
  • Lateral movement to escalate privileges and locate backups.
  • Encryption or data theft, followed by ransom demands and deadlines.

Defensive focus

  • Enforce MFA and monitor remote access.
  • Segment backups and test restoration regularly.
  • Use EDR and network detection to spot lateral movement early.

Related Tools

Related Articles

View all articles
πŸ“„

Incident Severity Levels: How to Classify, Escalate, and Respond

A practical guide to defining incident severity levels β€” from SEV-1 to SEV-5 β€” with escalation policies, response time targets, and real-world examples.

Read article β†’
MDR Vendor Performance Benchmarks: The Metrics That Matter

MDR Vendor Performance Benchmarks: The Metrics That Matter

Only a handful of MDR providers publish detection and response time benchmarks. We compiled every publicly citable metric from CrowdStrike, Expel, Huntress, eSentire, Arctic Wolf, Red Canary, and Microsoft to help you compare vendors on data, not marketing.

Read article β†’
AWS S3 Complete Guide: Storage, CLI, Security & Cost Optimization

AWS S3 Complete Guide: Storage, CLI, Security & Cost Optimization

The definitive guide to AWS S3 covering core concepts, CLI commands, storage classes, security best practices, and cost optimization. Master S3 from fundamentals to production deployment.

Read article β†’
Ransomware-Proof Backup & Recovery | Acronis-Powered Protection

Ransomware-Proof Backup & Recovery | Acronis-Powered Protection

Not sure if your backups are truly ransomware-proof? Let’s review them together

Read article β†’

Explore More Risk & Resilience

View all terms

Business Impact Analysis (BIA)

An assessment that identifies critical business processes and quantifies the impact of their disruption.

Read more β†’

Cyber Insurance

Insurance coverage that protects organizations against financial losses from cyberattacks and data breaches.

Read more β†’

Data Breach Cost

The total financial impact of a security incident, including detection, response, notification, and long-term damages.

Read more β†’

Incident Response Plan (IRP)

A documented, tested approach for detecting, containing, and recovering from cybersecurity incidents.

Read more β†’

MITRE ATT&CK Framework

A globally accessible knowledge base of adversary tactics, techniques, and procedures mapped to the attack lifecycle.

Read more β†’

Recovery Point Objective (RPO)

The maximum acceptable amount of data loss measured in time, defining how far back systems must be restored after an incident.

Read more β†’
←Back to glossary