Cybersecurity — Seven Stages of a Ransomware Attack

Olu Adekoya
8 min readMay 9

Introduction — Importance of data

Every public or private company’s success depends on the data on which it operates. Companies often classify aspects of this data as their intellectual property. Intellectual property includes trademarks, copyright, trade secret and patent. Coca-Cola’s trade secret is the Coke formula. Google’s intellectual property is its source code. Pfizer’s leading intellectual property is its different drug patents over the years. Likewise, the Federal Bureau of Intelligence’s intellectual property is its covert data. Data has helped organisations and companies succeed by acquiring significant market share and revenues or achieving other organisational outcomes. It’s given most companies and organisations their competitive edge. Leading technology companies use data to understand potential customers, recruit new sales leads, create targeted sales campaigns and directly market services to new users. In other industries like telecommunication, transport and postal services, data is being used to improve business processes, delivering time and cost-efficiency. Likewise, data in the wrong hands can cause physical, psychological, technological, business and social damage. Recent anonymous data leaks and disclosures on technology products have resulted in significant cybersecurity hacks. Other examples include the illegal use of sensitive data in winning elections with targeted fake news campaigns and whipping sentiment by manipulating data, thereby fuelling uprisings to topple world governments. Crucially, just as data in the right hand can be productive, likewise, data in the hands of cybercriminals can be destructive. Due to the importance of data in all industries and walks of life, its protection is critical. The topmost priority of Chief Information Security Officers (CISO) or Directors of Security is ensuring the confidentiality, integrity and availability of customer and business assets, including data. This data is seriously at risk of ransomware attacks.

What is a ransomware attack?

Ransomware comprises two words which are ransom and malicious software. A ransom is the money demanded in exchange for an asset (e.g. data), and malicious software is a computer program showing intent to harm. Combining these two words, ransomware is a computer program that holds data in exchange for money, most commonly cryptocurrency. The National Institute of Standards and Technology (NIST) defines…