How To: Prevent Ransomware Attacks

Updated on October 16, 2019

Don’t let this happen to you!

Ransomware is a form of malware (malicious software) that encrypts access to a computer system until the victim pays a ransom. It is typically spread through infected emails or websites, and can prove devastating to businesses of any size. Ransomware has been become alarmingly prolific in the last few years, with 2017’s WannaCry attack infecting over 200,000 computers across 150 countries. Perpetrators will typically target companies that house sensitive customer data on local servers, such as medical practices, law firms, and accounting services.

Risk Sources

Network systems may be susceptible to ransom due to

Outdated software and security systems
Poorly configured computer systems
Failure to identify unsafe websites/emails

Criminal Motivations

Many cyber-criminals are drawn to ransomware because the encryption software is cheap, easily spread, and difficult to remove. Additionally, they can sell the sensitive data acquired from hacked systems should a Ransomware victim refuse to pay. Hackers often demand ransomware payment in untraceable Bitcoin, meaning there is no guarantee that they will restore a victim’s system access upon being paid.

Proactive Measures

Training: Employees should be able to identify red-flags on suspicious emails and websites. Emails from unknown sources with eye-catching subjects like “see attached receipt”, “status of your USPS delivery”, and “request for payment” are often used as a “Trojan Horse” delivery system for Ransomware and other viruses.
Invest: Using email spam-filters, antivirus software, and physical firewalls can help prevent Ransomware from infiltrating your system.
Backup: Keep both physical and Cloud system backups available to ensure access in the event of a Ransomware attack.
Updates: Make sure all software and operating systems are regularly updated, as outdated versions are specifically targeted by Ransomware hackers.