Ransomware is a cyber extortion attack where adversaries encrypt or exfiltrate organizational data and demand payment for restoration or to prevent public disclosure. Unlike isolated malware incidents, modern ransomware operates as a business model — Ransomware-as-a-Service (RaaS) ecosystems enable even non-technical threat actors to launch sophisticated attacks. Defense requires layered prevention controls, rapid detection mechanisms, and practiced recovery procedures — because successful ransomware attacks rarely result from a single security failure, but rather from chained compromises across identity, access, and data protection layers.