**Abstract**

Ransomware refers to a type of malware that encrypts files on an infected computer and holds the key to decrypt the files until the victim pays a ransom. Ransomware has seen explosive growth over the past few years and has rapidly evolved into a highly lucrative business model. Sophisticated advanced persistent threats (APTs) are employing ransomware to maximize their profits with multiple layers of monetization strategies. New versions appear frequently with ever-evolving tactics and techniques making detection harder. In this chapter, we present a brief history of ransomware, top threat actors employing ransomware, tactics used, and key strategies firms need to deploy to prevent, detect, and respond to ransomware in attacks.

**Keywords:** ransomware, extortion, threat actor groups, tactics, prevention, detection, response
