This work is licensed with a
Creative Commons Attribution 4.0 International LicenseEndFragment
This material was developed with funding
from the National Science Foundation
The Anatomy of a
The Anatomy of a Ransomware Attack
Ransomware is an attack designed
to deny an organization or a user
access to files on their computer.
The hacker encrypts the files and then demands a ransom payment for the decryption key. For many organizations and individuals, paying the ransom is the easiest and cheapest way to get back their files.
Ransomware can ruin a business. Not having access to files for even a day can impact revenue. Most ransomware takes victims offline for at least a week (or sometimes months)—the losses can be significant.
We start out with a hacker and his unsuspecting victim…
Private key delivered
Attacker sends a phishing email
Click each number
User receives a link and clicks on it
Malware unpacks and executes
Command and control server downloads public key
Files get encrypted and user gets ransomware screen