Among all types of malware, ransomware is one of the most disruptive and dangerous threats facing modern computer systems. In IB Computer Science, students are expected to understand what ransomware is, how it operates, and why it causes such severe damage, particularly to organisations.
IB examiners often assess ransomware as a real-world security scenario, requiring clear explanation rather than technical detail.
What Is Ransomware?
Ransomware is a type of malware that:
- Blocks access to data or systems
- Demands payment to restore access
This is usually done by:
- Encrypting files
- Locking the operating system
Once infected, users are presented with a message demanding a ransom, often in digital currency.
In IB terms, ransomware combines malware, encryption, and extortion.
How Ransomware Works
Ransomware typically follows these steps:
- The malware is installed on a system
- Files or systems are encrypted or locked
- The user is prevented from accessing data
- A ransom demand is displayed
The attacker promises to:
- Provide a decryption key
- Restore access after payment
However, there is no guarantee that access will be restored.
How Ransomware Spreads
Ransomware commonly spreads through:
- Phishing emails
