The NHS has been hit by a large ransomware cyberattack - but how do they work and how fast is the problem growing?
Quite simply, ransomware locks or encrypts files or documents and demands payment to regain access.
The user is usually met with a basic screen that explains what is going on and instructions on how much and where to pay.
A countdown timer can threaten to delete - or expose the files publicly - if the ransom is not paid by a certain time.
Or - if the deadline is missed - the ransom sometimes increases.
:: Your everyday devices at risk of cyberattacks
However, even if payment is made there is no guarantee the files will be restored and some traces of the hostile programme could remain.
Image:
The NHS attack is typical and demands $300 in Bitcoin
The criminals usually demand payment in Bitcoin because the virtual currency is harder to trace.
Ransomware normally installs itself on a computer or phone via a Trojan programme disguised as something innocent, such as an email attachment/link, a popular app, or a fake software update.
NHS Digital said it was affected by WannaCry, also known as Wanna Decryptor, which experts describe as the "atom bomb of ransomware".
The flaw exploited by the programme was identified by the US National Security Agency, according to cybersecurity researcher Chris Doman.
He told Sky News that a hacking group called Shadow Brokers - believed to be Russian - then released documents to publicise the flaw.
"It's called Eternal Blue - that's the codename - it was leaked about a month ago," said Mr Doman.
Cybersecurity experts agree the threat from Ransomware is growing at an alarming rate.
McAfee Labs said ransomware cases grew 80% in 2016.
Fellow anti-virus firm Malwarebytes reported that 40% of the 540 businesses it surveyed last year had been affected, with some criminals demanding more than $50,000.
Ransomware was also in almost 40% of spam email in 2016, according to an IBM Security study.
:: NHS patients being put 'at risk' because of cybersecurity flaws
Image:
Hackers attacked San Francisco's light rail system with ransomware in November 2016
San Francisco's light rail system was one recent high-profile victim.
It was held ransom in November 2016, with ticket machines taken down and the city forced to open the gates and let passengers travel for free.
The attacker reportedly demanded $70,000 to get things back up and running - but the company said it refused to pay and sorted the problem itself.
As well as being careful what you open and being sure of the source, keeping a physically separate back-up of data, such as on an external hard drive, is one way to mitigate the effects of a ransomware attack.
Good anti-virus software is also recommended.
Pete Turner, from security company Avast, told Sky News his firm had seen a 100% year-on-year increase.
Image:
Ransomware can also get onto a phone if a user downloads an unverified app
"These things are often caused by the weakest thing in the security chain - us," he said.
"It's easy to fall into a trap, to click on a link in an email, go to a website we shouldn't, to download a bit of software attached to an email. And all of a sudden, our computer is locked completely.
"It's not just businesses, it's us individuals as well."
Smartwatches and smart TVs could also increasingly be vulnerable
, according to the National Crime Agency.
Its report in March said: "Ransomware on connected watches, fitness trackers and TVs will present a challenge to manufacturers, and it is not yet known whether customer support will extend to assisting with unlocking devices and providing advice on whether to pay a ransom."