Ransomware is a malicious software that restricts the user to operate his/her computer and access files unless a ransom is paid by the user. It is a combination of two words “ransom” and “ware”. According to Oxford dictionary ransom: “A sum of money demanded or paid for the release of a captive” and ware:” aware of”. Thus, it depicts, to be aware that he/she has the captive under their control and demand payment in order to release. As the threats in cybersecurity are evolving rapidly, Ransomware has become a powerful fast-growing menace in short span of time. The primary key for the computer intruders is obtaining a financial profit. Distant from other type of malwares, which allow the intruders to abscond with the secured personal/organization data and operate it globally, ransomware aims for the owners of the data, the files with data are captured until the owner pays a ransom. The alarming sophistication of ransomware marks a paradigm shift in the cybercrime ecosystem. The most advanced malware considering data theft often has a vulnerability as it needs a communication channel with its in-charge to acquire commands and exfiltrate the absconded data. During this process, it creates a signature which could be detected on network. Ransomware is more furtive, with some latest variants, where the work is completed without a single call to the Internet. The other various efforts made to eliminate data retrieving possibilities by encrypting the connected drives, deleting files and system restoration points, in some circumstances remaining inactive until after a backup cycle. This report will review the background of Ransomware; its common vectors and types of ransomware; impact of ransomware on organizations, propose risk management plans, remediation and recovery. Literature Review: Evolution of Ransomware: Inspite of the fact that ransomware infections have become common, the origin of this programme dates back to late 1980s. The ransomware was first developed by Dr. Joseph Popp, biologist owing a PhD from Harvard university in the year,1989 and was entitled as PC Cyborg Trojan, also known as AIDS Info Disk Trojan. Initially ransomware was distributed in a 5.25 ” floppy disk. The people who used the infected computer eventually turned out to be ignorant victims, storing their data to a floppy, with the PC Cyborg Trojan. Every time users placed an infected floppy into another computer, ransomware would intrude on to that machine and the cycle of contamination always multiplied. Following installation and execution, the ransomware placed the autoexec.bat file on the victim’s personal system and traced every time the computer was booted. When the boot count was 90, the ransomware would hide all the directories and encrypts all the files on C drive, hence causing the computer completely not usable. To regain the service, the ransomware claimed a price of $189 to PC Cyborg Corporation at a post office box in Panama. Despite that PC Cyborg Trojan appears to be unsophisticated for today’s standards, mainly its approach of distribution and ransom payment, it resulted in generating a crucial revenue from victims, thus driving the start of ransomware era. A closer view of the evolution of ransomware is displayed in the figure below, counting the initiation of some important forms. The sequence in above figure shows the growing improvement of ransomware, which poses a noteworthy task to all enterprises. As complications increase, the potential to fortify and regain from the attack declines. In 2013, ransomware attacks leaped from few infections and variants to an exponential increase curve in the count of reported attacks and there is no sign of slowing down of the trend.