[](https://www.paloaltonetworks.com/?ts=markdown)

* Sign In
  
  * Customer
  * Partner
  * Employee
  * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown)
  * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown)

* EN
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * [CHINA (简体中文)](https://www.paloaltonetworks.cn)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [What's New](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Get Support](https://support.paloaltonetworks.com/SupportAccount/MyAccount)

* [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html)
  ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![Palo Alto Networks logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)](https://www.paloaltonetworks.com/?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg)

* [](https://www.paloaltonetworks.com/?ts=markdown)

* Products  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Products  
  [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)
  
  * [AI Security](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)
  
  * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)
  
  * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)
  
  * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)
  
  * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)
  
  * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)
  
  * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)
  
  * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)
  
  * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Enterprise Device Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)
  
  * [Medical Device Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)
  
  * [OT Device Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)
  
  * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)
  
  * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)
  
  * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)
  
  * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)
  
  * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)
  
  * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)
  
  * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)
  
  * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)
  
  * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)
  
  * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)
  
  * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)
  
  * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)
  
  * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)
  
  * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)
  
  * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)
  
  * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)
  
  * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)  
    [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)
  
  * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)
  
  * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)
  
  * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)
  
  * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)
  
  * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)
  
  * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)
  
  * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)
  
  * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)
  
  * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)
  
  * [Cortex AgentiX](https://www.paloaltonetworks.com/cortex/agentix?ts=markdown)
  
  * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)
  
  * [Cortex Exposure Management](https://www.paloaltonetworks.com/cortex/exposure-management?ts=markdown)
  
  * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)
  
  * [Cortex Advanced Email Security](https://www.paloaltonetworks.com/cortex/advanced-email-security?ts=markdown)
  
  * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)
  
  * [Unit 42 Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* Solutions  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Solutions  
  Secure AI by Design
  
  * [Secure AI Ecosystem](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)
  * [Secure GenAI Usage](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)  
    Network Security
  * [Cloud Network Security](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)
  * [Data Center Security](https://www.paloaltonetworks.com/network-security/data-center?ts=markdown)
  * [DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)
  * [Intrusion Detection and Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)
  * [Device Security](https://www.paloaltonetworks.com/network-security/device-security?ts=markdown)
  * [OT Security](https://www.paloaltonetworks.com/network-security/ot-device-security?ts=markdown)
  * [5G Security](https://www.paloaltonetworks.com/network-security/5g-security?ts=markdown)
  * [Secure All Apps, Users and Locations](https://www.paloaltonetworks.com/sase/secure-users-data-apps-devices?ts=markdown)
  * [Secure Branch Transformation](https://www.paloaltonetworks.com/sase/secure-branch-transformation?ts=markdown)
  * [Secure Work on Any Device](https://www.paloaltonetworks.com/sase/secure-work-on-any-device?ts=markdown)
  * [VPN Replacement](https://www.paloaltonetworks.com/sase/vpn-replacement-for-secure-remote-access?ts=markdown)
  * [Web \& Phishing Security](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)  
    Cloud Security
  * [Application Security Posture Management (ASPM)](https://www.paloaltonetworks.com/cortex/cloud/application-security-posture-management?ts=markdown)
  * [Software Supply Chain Security](https://www.paloaltonetworks.com/cortex/cloud/software-supply-chain-security?ts=markdown)
  * [Code Security](https://www.paloaltonetworks.com/cortex/cloud/code-security?ts=markdown)
  * [Cloud Security Posture Management (CSPM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-security-posture-management?ts=markdown)
  * [Cloud Infrastructure Entitlement Management (CIEM)](https://www.paloaltonetworks.com/cortex/cloud/cloud-infrastructure-entitlement-management?ts=markdown)
  * [Data Security Posture Management (DSPM)](https://www.paloaltonetworks.com/cortex/cloud/data-security-posture-management?ts=markdown)
  * [AI Security Posture Management (AI-SPM)](https://www.paloaltonetworks.com/cortex/cloud/ai-security-posture-management?ts=markdown)
  * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown)
  * [Cloud Workload Protection (CWP)](https://www.paloaltonetworks.com/cortex/cloud/cloud-workload-protection?ts=markdown)
  * [Web Application \& API Security (WAAS)](https://www.paloaltonetworks.com/cortex/cloud/web-app-api-security?ts=markdown)  
    Security Operations
  * [Cloud Detection \& Response](https://www.paloaltonetworks.com/cortex/cloud-detection-and-response?ts=markdown)
  * [Security Information and Event Management](https://www.paloaltonetworks.com/cortex/modernize-siem?ts=markdown)
  * [Network Security Automation](https://www.paloaltonetworks.com/cortex/network-security-automation?ts=markdown)
  * [Incident Case Management](https://www.paloaltonetworks.com/cortex/incident-case-management?ts=markdown)
  * [SOC Automation](https://www.paloaltonetworks.com/cortex/security-operations-automation?ts=markdown)
  * [Threat Intel Management](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown)
  * [Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)
  * [Attack Surface Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/attack-surface-management?ts=markdown)
  * [Compliance Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/compliance-management?ts=markdown)
  * [Internet Operations Management](https://www.paloaltonetworks.com/cortex/cortex-xpanse/internet-operations-management?ts=markdown)
  * [Extended Data Lake (XDL)](https://www.paloaltonetworks.com/cortex/cortex-xdl?ts=markdown)
  * [Agentic Assistant](https://www.paloaltonetworks.com/cortex/cortex-agentic-assistant?ts=markdown)  
    Endpoint Security
  * [Endpoint Protection](https://www.paloaltonetworks.com/cortex/endpoint-protection?ts=markdown)
  * [Extended Detection \& Response](https://www.paloaltonetworks.com/cortex/detection-and-response?ts=markdown)
  * [Ransomware Protection](https://www.paloaltonetworks.com/cortex/ransomware-protection?ts=markdown)
  * [Digital Forensics](https://www.paloaltonetworks.com/cortex/digital-forensics?ts=markdown)  
    [Industries](https://www.paloaltonetworks.com/industry?ts=markdown)
  * [Public Sector](https://www.paloaltonetworks.com/industry/public-sector?ts=markdown)
  * [Financial Services](https://www.paloaltonetworks.com/industry/financial-services?ts=markdown)
  * [Manufacturing](https://www.paloaltonetworks.com/industry/manufacturing?ts=markdown)
  * [Healthcare](https://www.paloaltonetworks.com/industry/healthcare?ts=markdown)
  * [Small \& Medium Business Solutions](https://www.paloaltonetworks.com/industry/small-medium-business-portfolio?ts=markdown)

* Services  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services  
  [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)
  
  * [Assess](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)
  
  * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown)
  
  * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown)
  
  * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown)
  
  * [BEC Readiness Assessment](https://www.paloaltonetworks.com/bec-readiness-assessment?ts=markdown)
  
  * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown)
  
  * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown)
  
  * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown)
  
  * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown)
  
  * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown)
  
  * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown)
  
  * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown)
  
  * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown)
  
  * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown)
  
  * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown)
  
  * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)
  
  * [Respond](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)
  
  * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown)
  
  * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown)
  
  * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown)
  
  * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown)
  
  * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown)
  
  * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)
  
  * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)
  
  * [Transform](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)
  
  * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown)
  
  * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown)
  
  * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown)
  
  * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown)  
    [Global Customer Services](https://www.paloaltonetworks.com/services?ts=markdown)
  
  * [Education \& Training](https://www.paloaltonetworks.com/services/education?ts=markdown)
  
  * [Professional Services](https://www.paloaltonetworks.com/services/consulting?ts=markdown)
  
  * [Success Tools](https://www.paloaltonetworks.com/services/customer-success-tools?ts=markdown)
  
  * [Support Services](https://www.paloaltonetworks.com/services/solution-assurance?ts=markdown)
  
  * [Customer Success](https://www.paloaltonetworks.com/services/customer-success?ts=markdown)  
    [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg)  
    UNIT 42 RETAINER
    Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial.
    Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown)

* Partners  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners  
  NextWave Partners
  
  * [NextWave Partner Community](https://www.paloaltonetworks.com/partners?ts=markdown)
  * [Cloud Service Providers](https://www.paloaltonetworks.com/partners/nextwave-for-csp?ts=markdown)
  * [Global Systems Integrators](https://www.paloaltonetworks.com/partners/nextwave-for-gsi?ts=markdown)
  * [Technology Partners](https://www.paloaltonetworks.com/partners/technology-partners?ts=markdown)
  * [Service Providers](https://www.paloaltonetworks.com/partners/service-providers?ts=markdown)
  * [Solution Providers](https://www.paloaltonetworks.com/partners/nextwave-solution-providers?ts=markdown)
  * [Managed Security Service Providers](https://www.paloaltonetworks.com/partners/managed-security-service-providers?ts=markdown)
  * [XMDR Partners](https://www.paloaltonetworks.com/partners/managed-security-service-providers/xmdr?ts=markdown)  
    Take Action
  * [Portal Login](https://www.paloaltonetworks.com/partners/nextwave-partner-portal?ts=markdown)
  * [Managed Services Program](https://www.paloaltonetworks.com/partners/managed-security-services-provider-program?ts=markdown)
  * [Become a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=becomepartner)
  * [Request Access](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerregistration?type=requestaccess)
  * [Find a Partner](https://paloaltonetworks.my.site.com/NextWavePartnerProgram/s/partnerlocator)  
    [CYBERFORCE
    CYBERFORCE represents the top 1% of partner engineers trusted for their security expertise.
    Learn more](https://www.paloaltonetworks.com/cyberforce?ts=markdown)

* Company  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Company  
  Palo Alto Networks
  
  * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
  * [Management Team](https://www.paloaltonetworks.com/about-us/management?ts=markdown)
  * [Investor Relations](https://investors.paloaltonetworks.com)
  * [Locations](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
  * [Ethics \& Compliance](https://www.paloaltonetworks.com/company/ethics-and-compliance?ts=markdown)
  * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
  * [Military \& Veterans](https://jobs.paloaltonetworks.com/military)  
    [Why Palo Alto Networks?](https://www.paloaltonetworks.com/why-paloaltonetworks?ts=markdown)
  * [Precision AI Security](https://www.paloaltonetworks.com/precision-ai-security?ts=markdown)
  * [Our Platform Approach](https://www.paloaltonetworks.com/why-paloaltonetworks/platformization?ts=markdown)
  * [Accelerate Your Cybersecurity Transformation](https://www.paloaltonetworks.com/why-paloaltonetworks/nam-cxo-portfolio?ts=markdown)
  * [Awards \& Recognition](https://www.paloaltonetworks.com/about-us/awards?ts=markdown)
  * [Customer Stories](https://www.paloaltonetworks.com/customers?ts=markdown)
  * [Global Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
  * [Trust 360 Program](https://www.paloaltonetworks.com/resources/whitepapers/trust-360?ts=markdown)  
    Careers
  * [Overview](https://jobs.paloaltonetworks.com/)
  * [Culture \& Benefits](https://jobs.paloaltonetworks.com/en/culture/)  
    [A Newsweek Most Loved Workplace
    "Businesses that do right by their employees"
    Read more](https://www.paloaltonetworks.com/company/press/2021/palo-alto-networks-secures-top-ranking-on-newsweek-s-most-loved-workplaces-list-for-2021?ts=markdown)

* More  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) More  
  Resources
  
  * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
  * [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/)
  * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
  * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
  * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
  * [Tech Insider](https://techinsider.paloaltonetworks.com/)
  * [Knowledge Base](https://knowledgebase.paloaltonetworks.com/)
  * [Palo Alto Networks TV](https://tv.paloaltonetworks.com/)
  * [Perspectives of Leaders](https://www.paloaltonetworks.com/perspectives/?ts=markdown)
  * [Cyber Perspectives Magazine](https://www.paloaltonetworks.com/cybersecurity-perspectives/cyber-perspectives-magazine?ts=markdown)
  * [Regional Cloud Locations](https://www.paloaltonetworks.com/products/regional-cloud-locations?ts=markdown)
  * [Tech Docs](https://docs.paloaltonetworks.com/)
  * [Security Posture Assessment](https://www.paloaltonetworks.com/security-posture-assessment?ts=markdown)
  * [Threat Vector Podcast](https://unit42.paloaltonetworks.com/unit-42-threat-vector-podcast/)
  * [Packet Pushers Podcasts](https://www.paloaltonetworks.com/podcasts/packet-pusher?ts=markdown)  
    Connect
  * [LIVE community](https://live.paloaltonetworks.com/)
  * [Events](https://events.paloaltonetworks.com/)
  * [Executive Briefing Center](https://www.paloaltonetworks.com/about-us/executive-briefing-program?ts=markdown)
  * [Demos](https://www.paloaltonetworks.com/demos?ts=markdown)
  * [Contact us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)  
    [Blog
    Stay up-to-date on industry trends and the latest innovations from the world's largest cybersecurity
    Learn more](https://www.paloaltonetworks.com/blog/)

* Sign In  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Sign In
  
  * Customer
  * Partner
  * Employee
  * [Login to download](https://www.paloaltonetworks.com/login?ts=markdown)
  * [Join us to become a member](https://www.paloaltonetworks.com/login?screenToRender=traditionalRegistration&ts=markdown)

* EN  
  ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Language
  
  * [USA (ENGLISH)](https://www.paloaltonetworks.com)
  * [AUSTRALIA (ENGLISH)](https://www.paloaltonetworks.com.au)
  * [BRAZIL (PORTUGUÉS)](https://www.paloaltonetworks.com.br)
  * [CANADA (ENGLISH)](https://www.paloaltonetworks.ca)
  * [CHINA (简体中文)](https://www.paloaltonetworks.cn)
  * [FRANCE (FRANÇAIS)](https://www.paloaltonetworks.fr)
  * [GERMANY (DEUTSCH)](https://www.paloaltonetworks.de)
  * [INDIA (ENGLISH)](https://www.paloaltonetworks.in)
  * [ITALY (ITALIANO)](https://www.paloaltonetworks.it)
  * [JAPAN (日本語)](https://www.paloaltonetworks.jp)
  * [KOREA (한국어)](https://www.paloaltonetworks.co.kr)
  * [LATIN AMERICA (ESPAÑOL)](https://www.paloaltonetworks.lat)
  * [MEXICO (ESPAÑOL)](https://www.paloaltonetworks.com.mx)
  * [SINGAPORE (ENGLISH)](https://www.paloaltonetworks.sg)
  * [SPAIN (ESPAÑOL)](https://www.paloaltonetworks.es)
  * [TAIWAN (繁體中文)](https://www.paloaltonetworks.tw)
  * [UK (ENGLISH)](https://www.paloaltonetworks.co.uk)

* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)

* [What's New](https://www.paloaltonetworks.com/resources?ts=markdown)

* [Get support](https://support.paloaltonetworks.com/SupportAccount/MyAccount)

* [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html)

* [Demos and Trials](https://www.paloaltonetworks.com/get-started?ts=markdown)  
  Search  
  All

* [Tech Docs](https://docs.paloaltonetworks.com/search)  
  Close search modal
  [Deploy Bravely --- Secure your AI transformation with Prisma AIRS](https://www.deploybravely.com)  
  [](https://www.paloaltonetworks.com/?ts=markdown)

1. [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
2. [Threats](https://www.paloaltonetworks.com/cyberpedia/threat?ts=markdown)
3. [Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown)
4. [What Are the Most Common Types of Ransomware?](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware?ts=markdown)  
   Table of Contents

* [What Is Ransomware?](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown)
  * [Ransomware Key Takeaways](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#ransomware?ts=markdown)
  * [Why Ransomware Matters](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#why?ts=markdown)
  * [Stages of a Ransomware Attack](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#stages?ts=markdown)
  * [How Ransomware Uses Psychological Pressure](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#how?ts=markdown)
  * [Types of Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#types?ts=markdown)
  * [Example Ransomware Strains](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#example?ts=markdown)
  * [Role of Human Behavior in Cybersecurity](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#role?ts=markdown)
  * [Ransom Payment and Prevention](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#prevention?ts=markdown)
  * [Creating and Testing an Incident Response Plan](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#creating?ts=markdown)
  * [Understanding if You Have a Ransomware Infection](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#infection?ts=markdown)
  * [Difference Between Malware and Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#difference?ts=markdown)
  * [What is Multi-Extortion Ransomware?](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#what?ts=markdown)
  * [Why Ransomware Is Illegal](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#illegal?ts=markdown)
  * [Recovery from Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#recovery?ts=markdown)
  * [Is Ransomware Still a Threat?](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#threat?ts=markdown)
  * [Future-Proofing Against Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#future?ts=markdown)
  * [Ransomware FAQs](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware#faqs?ts=markdown)
* What Are the Most Common Types of Ransomware?
  * [Ransomware Types and How They Work](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#ransomware?ts=markdown)
  * [How to Prevent Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#how?ts=markdown)
  * [The Evolution of Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#attacks?ts=markdown)
  * [Notable Ransomware Families](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#notable?ts=markdown)
  * [The Emergence of Ransomware Groups](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#groups?ts=markdown)
  * [How Nation-State Actors Have Embraced Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#actors?ts=markdown)
  * [Types of Ransomware FAQs](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#faqs?ts=markdown)
* [What is Ransomware Response and Recovery?](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery?ts=markdown)
  * [How to Respond to a Ransomware Attack](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#how?ts=markdown)
  * [How Do Ransomware Attacks Begin?](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#do?ts=markdown)
  * [Reducing Dwell Time](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#reducing?ts=markdown)
  * [Common Threat Actor Techniques](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#common?ts=markdown)
  * [Data Theft and Multi-extortion Ransomware](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#what?ts=markdown)
  * [How to Uninstall Ransomware and Retrieve Data](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#uninstall?ts=markdown)
  * [Steps to Recovery After a Ransomware Attack](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#steps?ts=markdown)
  * [® Incident Response Methodology](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#unit42?ts=markdown)
  * [Ransomware Removal and Recovery FAQs](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery#faqs?ts=markdown)
* [What are Ransomware Attacks?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods?ts=markdown)
  * [How Do Ransomware Attacks Happen?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#how?ts=markdown)
  * [What Are the 5 Main Ransomware Attack Vectors?](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#what?ts=markdown)
  * [How to Protect Against Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#protect?ts=markdown)
  * [How to Assess Your Ransomware Readiness](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#readiness?ts=markdown)
  * [Ransomware Attacks FAQs](https://www.paloaltonetworks.com/cyberpedia/ransomware-common-attack-methods#faqs?ts=markdown)
* [What is Ransomware Prevention?](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do?ts=markdown)
  * [Step 1: Reduce the Attack Surface](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do#step1?ts=markdown)
  * [Step 2: Prevent Known Threats](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do#step2?ts=markdown)
* [Step 3: Identify and Prevent Unknown Threats](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do#step3?ts=markdown)

# What Are the Most Common Types of Ransomware?

5 min. read  
Table of Contents

* * [Ransomware Types and How They Work](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#ransomware?ts=markdown)
  * [How to Prevent Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#how?ts=markdown)
  * [The Evolution of Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#attacks?ts=markdown)
  * [Notable Ransomware Families](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#notable?ts=markdown)
  * [The Emergence of Ransomware Groups](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#groups?ts=markdown)
  * [How Nation-State Actors Have Embraced Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#actors?ts=markdown)
* [Types of Ransomware FAQs](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#faqs?ts=markdown)

1. Ransomware Types and How They Work

* * [Ransomware Types and How They Work](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#ransomware?ts=markdown)
  * [How to Prevent Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#how?ts=markdown)
  * [The Evolution of Ransomware Attacks](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#attacks?ts=markdown)
  * [Notable Ransomware Families](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#notable?ts=markdown)
  * [The Emergence of Ransomware Groups](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#groups?ts=markdown)
  * [How Nation-State Actors Have Embraced Ransomware](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#actors?ts=markdown)
* [Types of Ransomware FAQs](https://www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware#faqs?ts=markdown)

Ransomware is malicious software that restricts access to a computer system or data, demanding a ransom for release. Cybercriminals constantly evolve ransomware tactics to exploit vulnerabilities and maximize their impact. The most common types of ransomware include:

1. **Crypto Ransomware:** Encrypts essential files and demands cryptocurrency payments to restore access.
2. **Locker Ransomware:** Blocks access to the entire system without encrypting individual files, holding the device hostage until the ransom is paid.
3. **Scareware:** Bombards users with frightening yet false security warnings to trick them into paying for unnecessary fixes.
4. **Doxware or Leakware:** Threatens to expose sensitive information unless the ransom is settled, leveraging the fear of reputational or legal repercussions.
5. **RaaS (Ransomware as a Service):** Has drastically lowered the entry barrier for cybercriminals, allowing them to lease ransomware tools from developers, further expanding this digital threat landscape.

Each type of ransomware presents different challenges and requires specific security measures to protect against it.

## Ransomware Types and How They Work

Ransomware is a formidable threat in the digital age which manifests in various forms, each employing distinct strategies to extort victims. Encrypting Ransomware, Locker Ransomware, and Master Boot Record (MBR) Ransomware stand out for their unique approaches to hijacking user data and systems.

Even as malicious actors embrace novel and diverse new attack techniques, encrypting ransomware and locker ransomware remain the two main types of ransomware by far. The five most common types of ransomware, each with its unique mode of operation, are:

### Crypto Ransomware

This type of [ransomware](https://stage.paloaltonetworks.com/cyberpedia/what-is-ransomware) encrypts the victim's files, making them inaccessible. The attacker then demands a ransom, typically in cryptocurrency, for the decryption key. Crypto ransomware targets individual files or entire systems, and the encryption is often strong enough that decryption without the key is impractical. It's spread through various methods, including phishing emails and malicious downloads.

### Locker Ransomware

Unlike Crypto Ransomware, locker ransomware does not encrypt files. Instead, it locks the victim out of their operating system, preventing access to files or applications. The ransom demand is displayed on the lock screen, often with a countdown to increase urgency. Locker ransomware is usually distributed through exploit kits and infected websites.

### Scareware

This type includes rogue security software and tech support scams. It bombards the user with false alarms or a fake detection of viruses or issues on the computer, demanding money to resolve these fabricated problems. While it may not restrict access to files or systems, its persistent and alarming notifications can be disruptive. Scareware often makes its way onto computers through pop-up ads or user-initiated software downloads.

### H3; Doxware (Leakware)

This ransomware threatens to publish sensitive personal or organizational data online unless a ransom is paid. The effectiveness of Doxware lies in the fear of reputational damage or legal consequences from the data release. This type of ransomware can infiltrate systems similarly to other malware, including through phishing attacks or security vulnerabilities.

### RaaS (Ransomware as a Service)

The [RaaS model](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware-as-a-service?ts=markdown) allows individuals to lease ransomware from developers, eliminating the need for technical expertise in creating the malware. The affiliate then conducts the attack, sharing profits between the developer and the affiliate. This model has made ransomware attacks more accessible and increased their frequency. RaaS is often distributed via dark web marketplaces, making it accessible to many cybercriminals.

## How to Prevent Ransomware Attacks

It is essential to move toward a [prevention-based platform](https://www.paloaltonetworks.com/cyberpedia/ransomware-prevention-what-your-security-architecture-must-do?ts=markdown) and away from simple detection and remediation after infection. This approach requires a fundamental shift toward proactive, AI-powered security that is automated across the network and endpoints.

Implementing such a system involves using advanced tools and technologies, including machine learning, to stop unknown and zero-day threats like ransomware preemptively. Coordinating endpoint prevention and network security, malware analysis and threat management solutions is crucial for closing security gaps and stopping dangerous variants.

A [multi-faceted response and recovery approach](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery?ts=markdown) for businesses to protect themselves against ransomware is highly recommended.

### Reducing the Attack Surface

Effectively managing[the attack surface](https://www.paloaltonetworks.com/cyberpedia/what-is-attack-surface-management?ts=markdown) enhances security by having complete network traffic visibility and blocking any unknown or potentially high-risk traffic. Controls based on applications and users are essential to limit access to SaaS-based tools, especially for employees who do not require them for their work.

It is also essential to control dangerous file types associated with recent attacks and align the endpoint policy with the level of risk, thus preventing noncompliant endpoints from connecting to critical network resources.

### Preventing Known Threats

Stopping known exploits, malware, and command-and-control traffic and blocking access to malicious and phishing URLs is vital. Scanning for known malware in SaaS-based applications is crucial because these platforms are a new path for malware delivery. Additionally, known malware and exploits on endpoints should be blocked.

### Identifying and Preventing Unknown Threats

The ability to detect and analyze unknown threats in files and URLs is crucial. As new files are submitted, they should be detonated, analyzed, and scrutinized for malicious behavior. Updating protections across the organization to prevent previously unknown threats is a key step.

Contextualizing threats improves proactive protections and mitigation. Once these threats or trends of suspicious behavior have been identified, blocking unknown malware and exploits on the endpoint is essential.

## The Evolution of Ransomware Attacks

Ransomware has evolved significantly, reflecting broader trends in cybercrime and technology. Today, threat actors are increasingly employing persistent extortion techniques to gain leverage over targeted organizations and accomplish their goals.

While much attention has been paid to ransomware in recent years---the malware itself---modern threat actors increasingly use cloud-based Ransomware as a Service tool and additional extortion techniques to coerce targets into paying. Sometimes, these ransomware groups dispense with ransomware and practice extortion independently.

### Early Stages (Late 1980s - Early 2000s)

The earliest forms of ransomware were relatively primitive. In the late 1980s, the AIDS Trojan was one of the first known ransomware, which involved physically mailing the ransom payment. These early ransomware types used simple locking mechanisms and often demanded payment via snail mail or wire transfers.

### Encryption-Based Ransomware (Mid-2000s - Early 2010s)

A significant evolution occurred with the advent of encryption-based ransomware. This type encrypts the victim's files, making them inaccessible without a decryption key. Notable examples include GpCode, CryptoLocker, and WannaCry. Payment was typically demanded in Bitcoin, reflecting the rise of cryptocurrencies. This era marked a shift to more sophisticated attack techniques and targeted larger organizations, causing widespread disruption.

### Ransomware as a Service (RaaS) and Double Extortion (The mid-2010s - Present)

The ransomware landscape further evolved with RaaS, where ransomware developers lease their software to others in exchange for a portion of the ransom. This model has lowered the entry barrier for cybercriminals. The tactic of double extortion emerged, where attackers not only encrypt data but also threaten to release it publicly unless the ransom is paid. This approach compounds the impact on victims, including reputational damage and regulatory penalties.

### Targeted Ransomware Attacks and AI Integration (Recent Trends)

More recently, attackers are moving away from widespread, indiscriminate attacks to highly targeted ones, often preying on large corporations, government entities, and critical infrastructure. Integrating AI and machine learning in ransomware operations is also a concerning trend, potentially leading to more adaptive and evasive malware.

Throughout its evolution, ransomware has consistently adapted to technological advancements and shifts in cybersecurity practices. This constant evolution underscores the need for robust, multi-layered cybersecurity strategies and regular updates to defense mechanisms.

## Notable Ransomware Families

A few of the countless strains of ransomware have emerged as particularly notorious. They wreak havoc across industries with their advanced techniques and high-profile attacks. These notable ransomware families are known for their unique characteristics, methods of attack, and the significant impact they have had on the global cybersecurity ecosystem.

### The Persistent Threat of Cryptolocker

Cryptolocker, emerging around 2013, set a precedent in the world of ransomware due to its advanced encryption methods. This malware encrypts a victim's files using asymmetric encryption, which requires two keys (public and private) to decrypt.

Victims would receive a ransom note demanding payment, usually in Bitcoin, for the private key. Cryptolocker was primarily spread through email attachments and was notorious for its high financial demands. It was effectively disabled by the Operation Tovar initiative in 2014, but its legacy endures as it inspired numerous subsequent ransomware strains.

### Maze Ransomware: The Compounding Danger

Maze ransomware, which first appeared in 2019, introduced a new threat level by combining data encryption with data exfiltration. This double-extortion tactic meant that even if victims had backups to restore their data, the attackers could still publicly threaten to release sensitive stolen data unless an additional ransom was paid.

Maze targeted various sectors, from healthcare to finance, and was known for its sophisticated evasion techniques. Its impact was significant, causing data loss, reputational damage, and regulatory concerns for affected organizations.

### Ryuk Ransomware: Targeting High-Value Networks

Ryuk ransomware emerged in 2018 and is known for targeting large, high-value organizations with a tailored approach. Unlike other ransomware that spreads indiscriminately, Ryuk attacks are typically well-planned and executed against organizations likely to pay large ransoms.

Ryuk disrupts networks by encrypting critical files and systems, causing significant operational and financial damage to organizations, including major newspapers, healthcare providers, and technology companies.

## The Emergence of Ransomware Groups

Ransomware groups range from opportunistic amateurs using easily accessible tools to highly sophisticated, organized criminal enterprises. Some exhibit advanced techniques, encryption methods, and evasion tactics, while others rely on more basic strategies. Their motivations primarily revolve around financial gain.

Some seek quick profits through indiscriminate attacks on numerous small targets, while others meticulously target high-profile organizations for larger ransoms. Ideological or geopolitical motives might drive certain groups, where disrupting operations or causing chaos becomes their primary goal.

Some ransomware groups operate like businesses, with clear hierarchies, specialized roles (such as developers, affiliates, and negotiators), and efficient operational structures. Others might function as looser collectives or networks, sharing tools and intelligence.

## How Nation-State Actors Have Embraced Ransomware

Extortion gangs are opportunistic, but there are some patterns in the organizations they attack. Based on an analysis of dark web leak sites by Palo Alto Networks' Unit 42 research group, manufacturing was one of the most targeted industries in recent years.

This trend is due to the prevalence of systems used by this industry running on out-of-date software that isn't regularly or easily updated or patched---not to mention the industry's low tolerance for downtime. According to leak site data, organizations based in the United States were most severely affected.

Advanced threat groups may use extortion and ransomware to fund other activities---or hide them. Threat groups from countries under economic embargoes or sanctions have been observed using ransomware and extortion to fund their operations. Other threat groups, including some from Iran or China, seem to have a different objective when using ransomware.

Threat actors can gain more than money from deploying ransomware---it also has the potential for destruction and espionage.

In the years ahead, Unit 42 experts expect to see continuing evolution in different types of ransomware and emerging trends like these from extortion groups:

* Increases in significant cloud ransomware compromises.
* A rise in extortion related to insider threats.
* A surge in politically motivated extortion attempts.
* The use of ransomware and extortion to distract from attacks aimed to infect the supply chain or source code.

## Types of Ransomware FAQs

### What is crypto ransomware, and how does it operate?

Crypto ransomware encrypts the victim's files and demands a ransom for the decryption key. It typically spreads through phishing emails, malicious downloads, or by exploiting system vulnerabilities. The encryption is usually intense, making decrypting files without the key impractical.

### How does locker ransomware differ from crypto ransomware?

Locker ransomware locks users out of their operating system, preventing access to files or applications. Unlike crypto ransomware, it does not encrypt files. The ransom demand is usually displayed on a lock screen, often with a countdown to create urgency.

### What is RaaS (Ransomware as a Service) and what is its impact?

RaaS (Ransomware as a Service) is a subscription-based model in which developers create ransomware software and lease it to others who carry out attacks. This has made ransomware more accessible, increasing attacks and profits shared between the developer and the affiliate.

### Can scareware be considered a type of ransomware?

Yes, scareware is a type of ransomware. It involves fake software, such as rogue security software or tech support scams, that creates false warnings or detects fake viruses on a computer and demands money to resolve these non-existent problems. Scareware is less about restricting access and more about tricking users into paying for unnecessary services.

### What is doxware and how does it threaten victims?

Doxware, or leakware, threatens to publish sensitive personal or organizational data online unless a ransom is paid. Its effectiveness lies in the fear of reputational damage or legal consequences from the data release. Doxware typically infiltrates systems through phishing attacks or security vulnerabilities.
Related Content  
[Cyberthreat Intelligence (CTI)
Cyberthreat intelligence enhances cybersecurity by analyzing and sharing insights on digital threats, helping organizations preemptively defend against cyberattacks.](https://www.paloaltonetworks.com/cyberpedia/what-is-cyberthreat-intelligence-cti?ts=markdown)  
[Cortex XSOAR intelligent automation
Threat intelligence management (TIM) is the process of effectively managing threat data. Read about Palo Alto Network's unique approach.](https://www.paloaltonetworks.com/cortex/threat-intel-management?ts=markdown)  
[2025 Unit 42 Global Incident Response Report
Discover the latest threat actor tactics and get real world insights and expert recommendations.](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown)  
![Share page on facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/facebook-circular-icon.svg) ![Share page on linkedin](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/linkedin-circular-icon.svg) [![Share page by an email](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/resources/email-circular-icon.svg)](mailto:?subject=What%20Are%20the%20Most%20Common%20Types%20of%20Ransomware%3F&body=Explore%20the%20various%20types%20of%20ransomware%2C%20from%20Crypto%20Ransomware%20to%20RaaS%2C%20and%20learn%20crucial%20tips%20to%20safeguard%20your%20data%20against%20these%20evolving%20cyber%20threats.%20at%20https%3A//www.paloaltonetworks.com/cyberpedia/what-are-the-most-common-types-of-ransomware)  
Back to Top  
[Previous](https://www.paloaltonetworks.com/cyberpedia/what-is-ransomware?ts=markdown) What Is Ransomware?  
[Next](https://www.paloaltonetworks.com/cyberpedia/ransomware-response-and-recovery?ts=markdown) What is Ransomware Response and Recovery?  
{#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2025 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language