Ransomware, in a nutshell, is a vicious type of malware that cybercriminals use to block access to your entire system or specific sensitive files/databases, until you or your company pays a ransom. It is a form of cyber extortion. Some victims get two ransom notes. One ransom payment to prevent cybercriminals from disclosing the sensitive data they have stolen before encrypting it. The second ransom payment to get cybercriminals to hand over the decryption key, for the victim to gain back access to their data. This is a form of double extortion.
Unfortunately, ransomware is a complex cybersecurity problem with no silver bullet to address this menace. Thankfully the National Institute of Standards and Technology (NIST) released guidance on identifying and protecting assets against ransomware. The Cybersecurity Special Publication (SP) 1800-25 lays out the steps to having a comprehensive strategy around protecting assets.
Thales Trusted Cyber Technologies (TCT) data security and access management solutions provide some of the most essential components of the cybersecurity framework proposed by NIST to protect organizations against ransomware.