The road to constructing an effective novel response against ransomware begins with understanding the recent trends of the underground ransomware ecosystem: common targets of ransomware, typical ransomware behavior, common ransomware encryption schemes, as well as the construction and application of decryptors and other effective response approaches and tools.