What is a ransomware attack and how can I prevent it from happening?

Ransomware is malicious code or software that cyber-criminals use to block people from accessing their own data or system files. A form of malware, it encrypts the victim’s files and allows the perpetrator to publish the personal data enclosed within unless a ransom is paid.

The victim is then shown instructions on how to pay a fee set by the attacker, which is often in the form of a non-attributable digital currency. Once the demands of the ransom are met, the attacker will normally provide a decryption key or restore the user’s access to their data – if they are lucky.

How is ransomware spread?

Ransomware is often spread through phishing emails that contain malicious attachments, or through drive-by downloading.

Phishing is a type of social engineering in which an attacker can send fraudulent messages that encourage you to reveal sensitive information. Some 36% of all data breaches are said to come from phishing accounts.

Drive-by downloading occurs when a user unknowingly visits an infected website from where malware is automatically downloaded and installed without the user’s knowledge or awareness.

How to prevent a ransomware attack

Understanding the definition of a ransomware attack is the first step in preventing one taking place. The subsequent and most crucial step is knowing how to protect your data from this kind of attack.

The five points below are critical in protecting your files and are indispensable if you wish to keep your data safe from cyber-criminals.

1. Knowing the correct technology to use

Normal anti-virus software will only detect a problem after a file is infected, but by then it is too late. AV plus content filters at the gateway may reduce ransomware that would lead to the malicious code infiltrating the user’s IT system. Patching and applying system updates are also vital in the fight against ransomware.

2. Receiving the correct training

Phishing training is designed to help employees refine their knowledge of phishing attacks. This knowledge will improve the employee’s response to an attack and help them to deal with this issue in a calm and professional manner.

Being able to spot phishing emails in the first place will allow stakeholders to identify compromise attempts, which could lead to prevention of the problem before it even arises.

3. Cyber-security awareness

Cyber-security technologies and processes are designed to protect your IT systems and data from unauthorised access. With the correct cyber-security in place, you will be able to reduce vulnerabilities in your network, ultimately reducing the likelihood of ransomware attacks.

Again, training plays a vital part in this effort to secure your systems and data. The greater the awareness that your staff have about what to look for when it comes to a ransomware threat, the higher the probability that you’ll be able to stay protected.

4. Incident reporting

When ransomware or other cyber-attacks occur – and if personal data has been breached – you must report the breach to the ICO (Information Commissioner Officer). You are legally obliged to report any data breaches within 72 hours of becoming aware of the violation, unless you can prove that the breach is unlikely to pose a threat.

5. Follow ‘best practice’

The term ‘best practice’ is defined as a method that has been accepted as superior to any other and of which the results produced are known to be the standard way of complying with legal or ethical requirements.  When faced with a ransomware attack it is important to understand the best practice techniques to help you and your business deal with the problem without it escalating further. These include the following:

ISO  – International Organisation for Standardization.

NIST-800 – Computer security documentation for procedures, policies and guidelines.

CE/CE+ – Basic Cyber Essentials (self-certification) and Cyber Essentials Plus (external vulnerability scan).

How to protect your data from ransomware

Ransomware is a malicious software attack with the power to block you from accessing your own data. It is a threat that must be avoided to prevent the encryption of your files and breach of your personal data.

It should not take a ransom payment to the attacker to fix the issue. The steps explained in this article can assist you in preventing the problem from occurring in the first place.

Furthermore, with guidance from a cyber-security expert you can be confident of protecting yourself and your business from such threats.

Xpertex delivers what are widely regarded as the best technology solutions to build a secure infrastructure that addresses all of your cyber risks. Our consultants can take an organisation to ISO27001 standard as well as applying CE/CE+ alongside offering basic and complex training scenarios such as phishing attack training. Xpertex can also provide policies, processes and procedures that fit your organisation and its culture.

Contact Xpertex today on +44 (0) 203 021 0749 or visit to find out more information.


Related articles