Skip to content
Log in

Ransomware

Definition

Malware that encrypts or exfiltrates data and demands payment for restoration or suppression. Modern ransomware incidents often combine an availability impact (encrypted systems) with a confidentiality impact (stolen data), triggering multiple concurrent response obligations.

Related terms

Alert
A notification generated when an event or pattern of events matches a detection rule. Alerts require triage to determine whether they represent...
Data breach
An incident in which an unauthorised party gains access to, copies, or discloses protected data. Breaches trigger specific legal notification requirements under...
Insider threat
An incident originating from a person with legitimate access to an organisation's systems, whether through malicious intent (data theft, sabotage) or negligence...
Security event
Any observable occurrence in a system or network. Events are the raw material from which alerts and incidents are identified; the vast...
Security incident
An event or chain of events that violates an organisation's security policy or credibly threatens the confidentiality, integrity, or availability of information...

Explained in

  • What Is a Security IncidentMalware that encrypts or exfiltrates data and demands payment for restoration or suppression. Modern ransomware incidents often combine an availability impact...

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learningCreate Your Account