Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.
You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware.
Once the code is loaded on a computer, it will lock access to the computer itself or data and files stored there. More menacing versions can encrypt files and folders on local drives, attached drives, and even networked computers.
Most of the time, you don’t know your computer has been infected. You usually discover it when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments.
The best way to avoid being exposed to ransomware—or any type of malware—is to be a cautious and conscientious computer user. Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on.
- Keep operating systems, software, and applications current and up to date.
- Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
- Back up data regularly and double-check that those backups were completed.
- Secure your backups. Make sure they are not connected to the computers and networks they are backing up.
- Create a continuity plan in case your business or organization is the victim of a ransomware attack.
The FBI does not support paying a ransom in response to a ransomware attack. Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.
If you are a victim of ransomware:
Public Service Announcements from IC3
10.02.2019 High Impact Ransomware Attacks Threaten U.S. Businesses and Organizations
Although state and local governments have been particularly visible targets for ransomware attacks, ransomware actors have also targeted health care organizations, industrial companies, and the transportation sector.
09.15.2016 Ransomware Victims Urged to Report Infections to Federal Law Enforcement
The FBI urges victims to report ransomware incidents to federal law enforcement to help us gain a more comprehensive view of the current threat and its impact on U.S. victims.
Related FBI News and Multimedia
The FBI’s Protected Voices initiative provides cybersecurity recommendations to political campaigns on multiple topics, including ransomware, to help mitigate the risk of cyber influence operations targeting U.S. elections.
The FBI urges victims of ransomware not to pay the ransom to cyber criminals.
A man who profited from the ransomware known as Reveton, which appropriated the FBI logo to scare victims into paying to unlock computers infected with the malware, will be spending time in prison.
Two Iranian men are wanted for their alleged roles in the creation and deployment of a sophisticated malicious software that caused more than $30 million in losses to more than 200 victim hospitals, schools, and other entities.
Two Iranian men were indicted in connection with the deployment of the sophisticated and sinister SamSam ransomware that crippled the operations of critical facilities in the U.S. and Canada.
Public service announcement warning of the dangers of ransomware and how to avoid them.
Document provides an aggregate of already existing federal government and private industry best practices and mitigation strategies focused on the prevention and response to ransomware incidents.
Brochure explains what ransomware is and what to do about it.
FBI offers tips to protect yourself and your organization from this growing threat.
The FBI provides guidance as it sees a recent rise in ransomware.
The malware’s use is increasing, but the FBI and partners are working to combat this cyber threat.
A new Internet virus is holding computers hostage across the United States and beyond.
There is a new “drive-by” virus on the Internet, and it often carries a fake message—and fine—purportedly from the FBI.