Entersekt | Encyclopedia | Ransomware
What is ransomware?

Ransomware is a type of malware that entails a hacker encrypting and holding a user's data hostage before demanding a ransom payment in exchange for the decryption key so the user can gain access again.

In the past, these attacks comprised attackers encrypting a company or individual’s data and then, simply, demanding a ransom. Today, ransomware attacks can be a double or even triple ransom attempt, with hackers threatening to also leak the victim’s data online and use the business’s data to launch attacks on their customers.

What security measures can banks take to prevent ransomware attacks?

Ransomware attack vectors can include cyberattacks like credential theft, phishing, or other social engineering attacks, to gain entry to a company’s systems. Hackers also take advantage of any weaknesses in a device’s operating system or other software in these attacks.

Along with cybersecurity measures like maintaining backups, keeping software up to date, and continual security awareness training, companies can protect themselves from ransomware attacks with multi-factor authentication (MFA) measures to prevent unauthorized access.

Why is ransomware dangerous for financial institutions and their customers?

The consequences of a ransomware attack in banking can range from minor to major financial and reputational damages and a suspension of a bank’s critical core services. In 2023, the average ransomware payment was $1.54 million. However, the overall cost of such a cyberattack can be over $5 million, as this includes the additional costs such as compliance fines, loss of productivity, and system downtime.

What’s more, large banks or financial institutions are not the only focus of these attacks. Smaller or community banks are also becoming targets or being asked to make ransomware payments.

What’s the difference: Ransomware vs malware?

Ransomware is a type of malware. Malware refers to any malicious software that aims to damage, disrupt, or help cybercriminals gain unauthorized access to computer systems and networks. Malware examples include ransomware, viruses, trojan horses, or worms.

Users often install malware unintentionally by clicking on a fake link in a phishing email or downloading software that is not from a reputable website.

Additional resources:


Ransomware | Cybersecurity | Digital fraud