What is a characteristic of a ransomware attack?

A characteristic of a ransomware attack is that it encrypts data and demands payment for decryption. In a typical ransomware scenario, the attacker's malware infiltrates a system, encrypting critical files and making them inaccessible to the user or organization. Once the data is encrypted, the attacker usually leaves a ransom note that instructs the victim to pay a specific amount, often in cryptocurrency, to receive the decryption key necessary to restore access to their files. This tactic creates a high-pressure situation for the victim, as vital operational data can be rendered completely unusable, potentially resulting in significant financial losses and operational disruption.

The nature of this attack is fundamentally focused on extortion through encryption, making this option the defining characteristic of ransomware, as opposed to other types of cyberattacks which may focus on theft or unauthorized access.