Ransomware is a type of malware that encrypts your files and requires payment of a ransom in return for restoring access to your data. There’s no guarantee that a perpetrator will honor the terms of the ransom, however, so preventing ransomware through cybersecurity best practices and routine snapshots is your best option.

Like all malware, ransomware must be downloaded onto your machine or network for it to gain access to your data. The most common way to contract ransomware is through a downloadable attachment delivered via a phishing email, but thumb drives, compromised apps, and infected websites are also viable attack vectors.

Once downloaded and executed, ransomware encrypts the host system’s files, and renders it computationally inaccessible without the right decryption key. Typically, a ransom note is presented to the owners of the compromised system with details on how to make payment to have their files released. More sophisticated ransomware, such as NotPetya, can deliver its payload without relying on human error, but instead, it exploits critical software vulnerabilities in your system.