Introduction to Ransomware

Abstract

Ransomware can lock users' information or resources (such as screens); hence, authorized users are blocked from retrieving their private data/assets. Ransomware enciphers the victim's plaintext data into ciphertext data; subsequently, the victim host can no longer decipher the ciphertext data to original plaintext data. To get back the plaintext data, the user will need the proper decryption key; therefore, the user needs to pay the ransom. In this chapter, the authors shed light on ransomware malware, concepts, elements, structure, and other aspects of ransomware utilization. Specifically, this chapter will extend the elaboration on the ransomware, the state-of-art ransomware, the ransomware lifecycle, the ransomware activation and encryption processes, the ransom request process, the payment and recovery, the ransomware types, recommendation for ransomware detection and prevention, and strategies for ransomware mitigation.