Cybersecurity Awareness Month: What is Ransomware?
FBI Portland Special Agent Gabriel Gunderson answers questions about ransomware during Cybersecurity Month.
Video Transcript
What is ransomware?
Ransomware is a form of malicious software that targets your data. If ransomware infects your device or network, the ransomware actors behind that attack have the ability to lock you out of the data stored on your devices or network. They will demand you pay a ransom – usually by cryptocurrency. They claim they will give you the “key” to recover your data if you pay, but there are no guarantees.
Who is most at risk for ransomware attacks?
There are three basic groups who can suffer ransomware attacks:
- Businesses – both large and small
- Individuals; and
- ·Public agencies and public service providers
What’s the risk to individuals?
When these kinds of attacks first started, ransomware actors often targeted regular people at home. The majority of attacks now go after larger targets, but individuals still need to take precautions. The loss of wedding photos or videos of your newborn are irreplaceable.
What’s the risk to businesses?
Any business can be vulnerable, but we are particularly concerned about small and medium-sized companies. They often don’t have the expertise or, they think, the funds to invest in the robust security they need. If you are a business owner, please take the time to learn about some simple steps you can take to protect your business. Otherwise, one bad ransomware attack can cause you to shut your doors for good.
What’s the risk to public agencies and service providers?
We are seeing attack after attack targeting hospitals, health care providers, government agencies, and schools. Not only do these organizations risk a loss of money, they also hold sensitive information that the attackers can pull out and re-sell on the dark web. Beyond that, there are real world consequences of a hospital that is unable to care for patients.
How do ransomware attacks usually start?
Ransomware actors will often send ransomware through email phishing campaigns. Once anyone on your network clicks on an infected file or link, the fraudsters can have access to all of your devices and data. They encrypt the system, effectively locking you out.
How much can a ransomware attack cost?
The ransom demands may range from a few hundred dollars for an individual to millions of dollars for a big company, hospital, or utility. But the ransom is only the start. Organizations risk loss of productivity, legal fees, and the need to purchase credit-monitoring services for employees and customers.
What are some basic steps to take to avoid a ransomware attack?
To avoid a ransomware attack, you should:
Educate yourself and your employees as to how to identify and manage phishing lures.
Back up your data often and keep back-ups segregated and offline from normal operations.
Make sure that all devices on your network are using the most current versions of operating systems and applications; and
Keep your anti-malware software up-to-date.
Should I pay to unlock my system?
The FBI recommends that victims do NOT pay a hacker’s ransom demand. The payment only encourages more criminal activity, and, even if you do pay, there is no guarantee that the hacker will unlock your data, hasn’t already downloaded your data for re-sale, or won’t return for another round of ransom.
Video Download
Video Source
Recent Video
- 06.17.2025 — Romance Scam Victim Warns Others Not to Fall Prey to Scammers
- 06.16.2025 — Kansas City Detective Describes How Regional Computer Forensics Labs Extract Data from Devices
- 06.16.2025 — Kansas City Detective Describes How RCFL Extracted Forensic Clues From Damaged Phone
- 06.12.2025 — FBI San Francisco: Assault on Federal Officers
- 06.10.2025 — FBI Los Angeles May 2025
- 06.04.2025 — Run. Hide. Fight. - Safe in Schools (Trailer)
- 06.02.2025 — Learn About FBI Sacramento's Citizen's Academy
- 05.21.2025 — Ahead of the Threat Podcast: Episode Ten - Hugh Thompson
- 05.21.2025 — Parents of Overdose Victim Describe Darknet Dangers
- 05.20.2025 — FBI Seattle Police Week Message 2025
- 05.14.2025 — Inside the FBI Podcast: Protecting Chinese Students from Scammers
- 05.12.2025 — FBI Director Kash Patel's National Police Week Message
- 05.08.2025 — FBI Search Targets Darknet Drug Networks
- 05.08.2025 — What Makes Darknet Marketplaces So Dangerous
- 05.07.2025 — FBI New York: Operation Restore Justice
- 05.07.2025 — FBI Cleveland - Operation Restore Justice
- 05.07.2025 — Operation Restore Justice
- 05.06.2025 — FBI's CJIS Division Meets the Mission 24/7
- 05.01.2025 — FBI Columbia Citizens Academy 2025 Recruitment Video
- 05.01.2025 — Inside the FBI Podcast: Transnational Repression
FBI Weekly Newsletter
Subscribe to our email newsletter for news on the FBI, sent out every week.