Full definition
Evolved through three generations: (1) classic crypto-ransomware (encrypts files, e.g., WannaCry 2017); (2) double extortion (encryption + leak threat, e.g., Maze 2019, LockBit, BlackCat); (3) triple extortion (encryption + leak + DDoS, e.g., BlackCat 2022). Modern operations follow the RaaS model (Ransomware-as-a-Service): operators develop code and affiliates execute attacks, splitting revenue. Ransomware response requires: fast containment (network isolation), compromise forensics (entry vector, exfiltration), public decryptor attempt if available, immutable backup restore. Payment is discouraged in nearly all scenarios: no recovery guarantee, funds new attacks, may breach OFAC sanctions.
Need to recover data or have a technical question?
Senior engineers in PT, EN and ES.