Ransomware is a form of malware designed to obtain access to files on a device and encrypt them, making them unusable to the owner. Fraudsters then demand ransom in exchange for decryption. This scam is making headlines as the latest way fraudsters are taking money from vulnerable individuals and businesses. Luckily, there are a few things you can do to protect yourself and your business’s data.

How do ransomware schemes occur?

Before we dive into protecting yourself from ransomware schemes, you must understand how they most commonly occur. The most common strategy fraudsters use is phishing, which entails contacting you or an employee impersonating someone you should be familiar with and asking you to click on a link. While the request may seem reasonable – perhaps they’re from IT and calling to “update your software,” or they’re a colleague inviting you to “access a document” – but the link actually contains malware. Once the link is clicked, it compromises the device and its data.

How to protect yourself from ransomware

There are several ways to protect your data from ransomware schemes. Here’s a list of the top four strategies:

  1. Train your employees. If you have a business, no matter how large or small, you must have discussions with your employees about phishing. Employees are the first line of defense and are often targeted during these kinds of schemes. Offer training to teach them how to spot malicious emails, links, and phone calls.
  2. Install the most updated security software systems. There are a variety of options depending on a person’s or business’s needs and budget. Any layer of security is better than none.
  3. Back up your data regularly. Ransomware scammers often are not interested in the data they steal as much as the money they earn when you try to get it back. If you back up your data regularly – hourly, daily, weekly, depending on your needs – you’re less likely to need to negotiate with fraudsters to get access back.
  4. Use cybersecurity best practices. This includes using only secure private Wi-Fi and/or a VPN, enabling two-factor authentication, being careful of the websites you visit and changing your password

What to do if you’re a victim of ransomware

One of the first actions to take when you realize you are a victim of ransomware is to determine which of your systems is impacted and immediately isolate them by turning off internet networks or disconnecting the compromised device(s). Next, you should utilize your data backups to restore capabilities and data.

Once you’ve identified which systems are impacted and triaged critical data and capabilities, contact federal law enforcement and submit a claim with the FBI’s Internet Crime Complaint Center. You should also contact your financial institution(s) to ensure financial accounts haven’t been accessed and contact your cybersecurity insurance partner (if applicable) to create a claim.

Next steps:

  1. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) offers more tips on preventing and reporting ransomware. Find guides, FAQs, and more at their official site, Stop Ransomware.
  2. Contact me if you have any questions about preventing ransomware.
  3. Subscribe to receive our weekly e-newsletter.