Ransomware: What Is It and How Does It Happen?

Posted on
PHOTO: Image of a UF medical school employee at his workstation, looking at brain scan results. Text overlay says, "Impacts of a Cyber Attack." University of Florida.

While new cyber threats, like deepfake phishing and MFA bombing, are on the rise, older types of threats remain a big danger. Understanding what these threats are is vital to protecting your personal data and UF’s digital environment.

A particularly damaging threat is ransomware — a type of malware that prevents users from accessing their device and the data stored on it. This is usually done by encrypting the files on that device—it can happen on your smartphone, laptop, or PC. The malware is typically introduced through a traditional social engineering scam like phishing. Ransomware attackers claim that if the user pays some amount of money — a ransom — then the attacker will provide the decryption key needed to restore the data. In reality, the hacker may or may not provide that key…even after the victim pays.

If losing access to your data is not bad enough, ransomware attackers often steal copies of the data before they encrypt it and then threaten to release what they’ve found unless the victim pays the ransom. Think about what it would mean for someone, somewhere, to have your personal photos, emails, and documents stored on your device.  Even if you paid to get them back, a year or more later the ransomware attacker could come back and threaten you again with an extortion demand or just decide to put everything they stole from you on a website.

According to Verizon’s 2024 Data Breach Investigations Report, email is one of the most common methods for attackers to carry out “system intrusion” attacks, like ransomware and extortion. Recognizing the signs of phishing, such as strange email addresses, urgent and unusual requests, and suspicious links, can help protect you from a ransomware attack. Regularly backing up the files on your computer to a cloud or external drive can also be helpful if you fall victim to an attack.

UFIT offers several options for cloud file storage at no cost for faculty, students, and staff through the GatorCloud. To learn more about how to back up your entire computer, with both cloud and local options, visit https://security.ufl.edu/learn-security/protect-my/computer/#backup.