Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.
You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware.
Once the code is loaded on a computer, it will lock access to the computer itself or data and files stored there. More menacing versions can encrypt files and folders on local drives, attached drives, and even networked computers.
Most of the time, you don’t know your computer has been infected. You usually discover it when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments.
Tips for Avoiding Ransomware
The best way to avoid being exposed to ransomware—or any type of malware—is to be a cautious and conscientious computer user. Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on.
Other tips:
- Keep operating systems, software, and applications current and up to date.
- Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
- Back up data regularly and double-check that those backups were completed.
- Secure your backups. Make sure they are not connected to the computers and networks they are backing up.
- Create a continuity plan in case your business or organization is the victim of a ransomware attack.

How to Respond and Report
The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.
If you are a victim of ransomware:
- Contact your local FBI field office to request assistance, or submit a tip online.
- File a report with the FBI’s Internet Crime Complaint Center (IC3).
Information from IC3
02.04.2021 Ransomware: What It Is & What To Do About It (pdf)
This fact sheet provides the public with important information on the current ransomware threat and the government’s response, as well as common infection vectors, tools for attack prevention, and important contacts in the event of a ransomware attack.
10.02.2019 High Impact Ransomware Attacks Threaten U.S. Businesses and Organizations
Although state and local governments have been particularly visible targets for ransomware attacks, ransomware actors have also targeted health care organizations, industrial companies, and the transportation sector.
09.15.2016 Ransomware Victims Urged to Report Infections to Federal Law Enforcement
The FBI urges victims to report ransomware incidents to federal law enforcement to help us gain a more comprehensive view of the current threat and its impact on U.S. victims.
Related FBI News and Multimedia
-
03.23.2021
FBI Tech Tuesday: Building a Digital Defense Against Ransomware
The FBI Phoenix Field Office is warning the public about ransomware attacks in this month’s Tech Tuesday.
-
02.04.2021
The National Cyber Investigative Joint Task Force Releases Ransomware Fact Sheet
The NCIJTF's ransomware fact sheet provides the public with important information on the current ransomware threat and the government’s response.
-
01.27.2021
Department of Justice Launches Global Action Against NetWalker Ransomware
The Department of Justice announced a coordinated international law enforcement action to disrupt a sophisticated form of ransomware known as NetWalker.
-
01.25.2021
Cypriot Hacker Pleads Guilty to Extorting Website Operators with Stolen User Data
Joshua Polloso Epifaniou, a Cypriot national, has pleaded guilty to accessing multiple major websites based in the United States without authorization.
-
08.25.2020
Egor Igorevich Kriuchkov, a Russian national, made his initial appearance in federal court for his role in a conspiracy to extort ransom money from a company.
-
11.21.2019
Mayur Rele was indicted for committing computer fraud and abuse by causing ransomware to be intentionally downloaded to computer systems, and other acts.
-
10.23.2019
The FBI’s Protected Voices initiative provides cybersecurity recommendations to political campaigns on multiple topics, including ransomware, to help mitigate the risk of cyber influence operations targeting U.S. elections.
-
10.15.2019
Oregon FBI Tech Tuesday: Building a Digital Defense Against Ransomware
The Oregon FBI’s Tech Tuesday segment provides information on protecting yourself against ransomware.
-
08.22.2019
FBI, This Week: Advocating Against Ransomware Payment Demands
The FBI urges victims of ransomware not to pay the ransom to cyber criminals.
-
12.06.2018
A man who profited from the ransomware known as Reveton, which appropriated the FBI logo to scare victims into paying to unlock computers infected with the malware, will be spending time in prison.
-
12.05.2018
Atlanta U.S. Attorney Charges Iranian Nationals for City of Atlanta Ransomware Attack
Faramarz Shahi Savandi and Mohammed Mehdi Shah Mansouri, Iranian nationals, have been charged with committing a sophisticated ransomware attack.
-
11.28.2018
Wanted by the FBI: Iranians Indicted for SamSam Ransomware Hacking and Extortion Scheme
Two Iranian men are wanted for their alleged roles in the creation and deployment of a sophisticated malicious software that caused more than $30 million in losses to more than 200 victim hospitals, schools, and other entities.
-
11.28.2018
Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri, both of Iran, were indicted in connection with an international computer hacking and extortion scheme involving the deployment of sophisticated ransomware.
-
11.28.2018
Two Iranian men were indicted in connection with the deployment of the sophisticated and sinister SamSam ransomware that crippled the operations of critical facilities in the U.S. and Canada.
-
09.20.2018
Eveline Cismaru, a citizen of Romania, pleaded guilty to charges in a conspiracy to illegally access approximately 126 computers.
-
08.13.2018
Washington State Man Sentenced to Prison for Role in Connection with Reveton Ransomware
Raymond Odigie Uadiale, a former Microsoft employee, was sentenced for conspiracy to commit money laundering in connection with the spread of ransomware.
-
08.13.2018
Washington State Man Sentenced to Prison for Role in Connection with Reveton Ransomware
Raymond Odigie Uadiale, a former Microsoft employee, was sentenced to 18 months in prison after pleading guilty to conspiracy to commit money laundering.
-
02.06.2018
FBI Tech Tuesday: Building a Digital Defense Against Ransomware at Home
Welcome to the Oregon FBI’s Tech Tuesday segment, building a digital defense against ransomware attacks at home.
-
02.02.2018
Alleged Operator of Kelihos Botnet Extradited from Spain
Peter Yuryevich Levashov, a Russian national, has been extradited from Spain to Connecticut on charges stemming from his operation of Kelihos botnet.
-
01.30.2018
SAC Sean M. Cox announced Michael Gillespie as the recipient of the FBI Director’s Community Leadership Award for 2017.