Your browser does not support JavaScript!

COV ITRM Glossary

R

Ransomware

Definition

(Context: Information Systems Security)


1.  A type of malware from cryptovirology that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash or Bitcoin and other cryptocurrency are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

2.  Malicious software designed to gain access to files and encrypt data by generating a private-public pair of keys. The data is impossible to decrypt without the private key which is retained by the attacker’s server until the ransom is paid.


Reference:

1.  

2.  EA-Solution-Data-Availability-Requirements.pdf (virginia.gov)

Previous <  |  > Next
Q < | > S