This chapter is a general introduction to ransomware starting with the basics and leading to a more mature discussion of all the features and components that make it such a mature and formidable foe today. You will learn that much of the ransomware industry is run more like a professional, corporate industry rather than like the traditional perception of a few bad guys or gangs hiding out in their basements drinking jacked-up caffeinated sodas surrounded by empty bags of chips. Instead, you're more likely to find CEOs, payroll departments, professional developers, and business partners. You will come away with a very good understanding of today's ransomware, what and how it does it, and the significant challenges to defeat it.

How Bad Is the Problem?

Many press and security experts seem to compete with each other to use the latest over-the-top superlatives surrounding ransomware. But for once in the computer security world, the statistics and scary reputation are well earned. We have had other very bad, long runs of damage-causing malware such as that from DOS boot viruses, disk-formatting computer viruses like Michelangelo (1992), worms that crashed email and pager systems like the Iloveyou worm (2000), rapidly spreading and database-crashing worms like SQL Slammer (2003), the USB-key spreading Conficker (2008), spam bots, and resource-sucking crypto-miners. We've been ...