Skip to content

How to protect your business from Ransomware

The Head of the UK’s spy agency, Lindy Cameron at the National Cyber Security Centre (NCSC), has recently urged companies and individuals to take the risk of ransomware seriously as a key threat to the UK. In her speech to an audience at the Royal United Services Institute (RUSI), Lindy said:

“For most UK citizens and businesses, and indeed for the vast majority of critical national infrastructure providers and government service providers, the primary key threat is not state actors but cyber criminals, and in particular the threat of ransomware.

“While government is uniquely able to disrupt and deter our adversaries, it is network defenders in industry, and the steps that all organisations and citizens are taking that are protecting the UK from attacks, day in, day out.

“The protection they provide is crucial to the digital transformation of the economy, and every organisation, large and small, has a role to play.”

What is ransomware?

Ransomware is malicious software (malware) that is installed on your device or network that encrypts (locks) important files and applications making them unusable and useless to you.

A ransom payment is demanded in return for the decryption key that supposedly unlocks the impacted files and systems.

The ransom payment is usually requested in digital currencies, such as Bitcoin.

Even if you pay the ransom, you have no guarantee of getting the files unlocked. These are criminals at the end of the day!

Law enforcement does not condone making ransom payments as this funds and encourages further criminal activity.

Protecting your business from Ransomware

There is no way to fully protect a business from ransomware. The steps below help by decreasing the likelihood of a ransomware attack having a massive impact on you, your business and your customers.

  • email and spam filtering;
  • website filtering;
  • file inspection for downloads;
  • scanning removable media (e.g. USB sticks);
  • network firewalls.
  • running regular (daily) anti-virus scans;
  • restrict the use of privileged ‘Admin’ accounts;
  • switch off macros if not required;
  • keep devices, software and apps up to date;
  • disable removable media auto-run if not needed;
  • use device firewalls;
  • educate your team about the acceptable use of systems, passwords and phishing emails.
  • backing up your critical files, data and systems regularly;
  • make multiple copies on different storage media, including a completely separate offsite backup;
  • test that the backups actually work.

You’ll feel better prepared if you have a tried and tested plan for dealing with a ransomware attack. This should include the company’s stance on whether you’d pay a ransom demand – you don’t want to be making that decision in the middle of a crisis! Once your response plans are ready; test them and make improvements where necessary.