Ransomware is malicious software that encrypts your files and holds them hostage. The attacker demands payment (usually in crypto) for the decryption key. If you don't pay, your data is lost forever.

How Infection Happens

Malicious Attachments: An invoice.pdf.exe file you accidentally opened.
Drive-by Downloads: Visiting a compromised website with an outdated browser.
Cracked Software: Downloading pirated games or tools often establishes a backdoor.

The 3-2-1 Backup Rule

The only 100% effective defense against ransomware is backups. If your data is backed up, you don't need to pay the ransom. You just wipe your computer and restore.

Follow the 3-2-1 rule:

3 copies of your data.
2 different media types (e.g., computer drive + external hard drive).
1 offsite copy (e.g., cloud storage).

Air-Gapped Backups

For critical data, unauthorized access is a risk. An "air-gapped" backup is a hard drive that is strictly offline. You plug it in to backup, then unplug it. Ransomware cannot encrypt a drive that isn't connected.

Secure File Transfers

Ransomware often spreads through lateral movement in networks. If you need to transfer a file between potentially infected machines or to an IT specialist for analysis, avoid direct network shares.

Use Snapsend. Uploading the file to an ephemeral link creates a quarantine gap. The recipient downloads it into a sandboxed environment. The direct network bridge is never formed.