Ransomware attacks have evolved from opportunistic malware to sophisticated, targeted operations often conducted by organized cybercrime groups. Modern variants exfiltrate sensitive data before encryption, creating double extortion by threatening public release if ransom is unpaid. The 2021 Colonial Pipeline attack disrupted fuel supply across the US East Coast, demonstrating ransomware's potential for widespread impact. Effective defenses include offline backups, network segmentation, endpoint protection, user training, incident response plans, and decisions about whether to pay ransoms considering legal, ethical, and practical implications.