“Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access.
Here’s an example of how a ransomware attack can occur:
- A user is tricked into clicking on a malicious link that downloads a file from an external website.
- The user executes the file, not knowing that the file is ransomware.
- The ransomware takes advantage of vulnerabilities in the user’s computer and other computers to propagate throughout the organization.
- The ransomware simultaneously encrypts files on all the computers, then displays messages on their screens demanding payment in exchange for decrypting the files.”*
*Exerpt from https://csrc.nist.gov/.