Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Viruses vs. Ransomware: What Is the Difference?

Malware, a contraction for "malicious software," is intrusive software that is designed to damage and destroy computers and computer systems. Viruses and ransomware are two examples of common malware. Worms, spyware, and adware are other kinds of malware.

What is a virus?

A virus is a type of malware that multiplies by inserting a copy of itself into another program, becoming part of that program. It spreads from one computer to another, leaving a path of destruction as it propagates. Viruses can range in severity from causing mildly disturbing effects to severely damaging data or software. Since viruses are designed to disrupt a system's ability to operate, they can cause significant operational issues and data loss.

What is ransomware?

Ransomware uses an attack technique called cryptoviral extortion, meaning it encrypts the victim's files and makes them inaccessible. The attacker then demands a ransom payment--typically in bitcoin, a form of cryptocurrency. In return for payment, the attacker promises to send a decryption key to release the victim's data. The demand often involves a deadline, after which time the data will be deleted if the ransom is not paid. In some cases, even after payment a decryption key is not sent.

Some organizations refuse to pay the ransom and must spend millions of dollars working to rebuild and recover their files. Many organizations purchase cyber insurance to cover expenses associated with an attack. Some say this perpetuates the problem, as attackers--knowing they are more likely to get paid--increase their efforts to target companies with potentially larger insurance policies.

How do viruses spread?

Almost all viruses are attached to an executable host file, which means the virus may exist on a system but lays dormant until the file is opened, then it spreads the malicious program. When the host code is executed, the viral code is executed as well. Viruses spread when the software or document they are attached to is transferred from one computer to another using the network, a drive, file sharing, or infected email attachments.

A virus is often associated with a worm, a type of malware that clones itself to spread to other computers, performing various damaging actions on whatever system it infects. The difference is, unlike a virus a worm exists as a standalone entity.

How does ransomware spread?

Ransomware is typically distributed through a few main avenues. These include phishing emails, malvertising--where legitimate online advertising is hacked to spread malware--and exploit kits. After it is distributed, ransomware encrypts selected files and notifies the victim that payment is required to unlock the data. Ransomware can spread like a worm.

How can I prevent a computer virus and ransomware?

Advanced threats require sophisticated solutions to ensure they remain effective against the daily emerging threats. Learn how Cisco cybersecurity solutions are designed to block, root out, and destroy malware--including viruses and worm-causing ransomware--and other daily threats used in cyber attacks.