Ransomware is a form of malicious software designed to encrypt a victim’s data and deny access until a ransom is paid. Once executed, ransomware typically encrypts files using strong cryptographic algorithms and displays a ransom note demanding payment, often in cryptocurrency, in exchange for a decryption key.
Unlike spyware, which focuses on data theft, ransomware primarily targets availability and integrity by rendering data unusable. Modern ransomware variants may also exfiltrate data before encryption to apply additional pressure on victims through extortion.
Option A describes command-and-control mechanisms, not ransomware. Option B refers to data-stealing malware such as spyware or trojans. Option D describes a storage issue, not a cyberattack.
Cybersecurity operations fundamentals identify ransomware as one of the most impactful attack types due to its ability to disrupt business operations, cause financial loss, and damage organizational reputation.
Therefore, the correct definition of a ransomware attack is that it encrypts a victim’s data and prevents access, making Option C correct.
