This work is licensed with a
Creative Commons Attribution 4.0 International LicenseEndFragment
This material was developed with funding
from the National Science Foundation
The Anatomy of a
Ransomware Attack
1/8
Back
Next
The Anatomy of a Ransomware Attack
Restart
Bitcoin received
1
2
Ransomware is an attack designed
to deny an organization or a user
access to files on their computer.
The hacker encrypts the files and then demands a ransom payment for the decryption key. For many organizations and individuals, paying the ransom is the easiest and cheapest way to get back their files.
Ransomware can ruin a business. Not having access to files for even a day can impact revenue. Most ransomware takes victims offline for at least a week (or sometimes months)—the losses can be significant.
We start out with a hacker and his unsuspecting victim…
3
4
Private key delivered
6
Attacker sends a phishing email
Click each number
to continue
User receives a link and clicks on it
Malware unpacks and executes
Command and control server downloads public key
Files get encrypted and user gets ransomware screen
5
User communication