• United States




Measures your business can take to stop ransomware

Jul 27, 20174 mins

Learn simple measures your business could implement to prevent the increasing threat of ransomware attacks.

Credit: Thinkstock

By now, we would be amazed if you haven’t heard about WannaCry, the May 12th ransomware attack that affected organizations across the world with devastating results. This, along with some other high-profile ransomware attacks around the same time, has made the business community stand up and take notice of the ransomware threat. Now, we are seeing lots of business owners asking us what measures they could take to protect their business against attack from similar viruses. So naturally, we have created a short guide showcasing some simple measures your business could take to prevent ransomware attacks.

Install anti-virus, web filtering and firewalls

Preventing any form of malware, including ransomware from entering your business in the first place is undoubtedly the best way to guard against attack. The best way to do this is to adopt what is called a “layered” approach to security – in other words, lots of layers of protection. We recommend implementing anti-virus software on every machine and all servers, putting web filters in place company-wide and installing firewalls. It’s essential that you ensure each component of this layered approach is accurately configured and kept up to date in order to work effectively.

Keep your IT up-to-date and apply all patches

Some of the most high profile data breaches this year have been cause by the smallest things – like someone forgetting to install a security patch. The cyber criminals who develop ransomware and other forms of malware spend a lot of time probing and searching for weaknesses within certain commonly used programs, finding out what holes they can exploit to gain access to your data. The companies who produce the genuine software are also constantly working to fill these holes, and they fix them before they can be attacked by issuing security patches. Without these patches and other IT updates, your systems will be vulnerable to attack, no matter how much protection you have in place.

Train your employees

When it comes to malware, a lot of infections happen due to human error or employees opening very convincing looking scam emails. Business should therefore be thinking about education and ongoing training for all employees, regardless of level or contact with technology. Doors for ransomware can be opened through email attachments, nefarious links, infected websites, social media or even email attachments from legitimate contacts whose business has been infected. Your anti-virus, web filtering and firewalls should be able to filter a lot of this out, but it is essential to keep reminding employees of potential ransomware threats and what they can do to prevent it.

Back up regularly

Of course, something completely out of your control could happen, and it’s at that time that you need your final layer of protection – your back up. As a business you should be doing regular backups of your full systems – and by regular we mean at least once a day, usually overnight. Not only is this just good practice, but it also protects you against data loss if the rest of your precautions should fail. Users who find themselves the target of a ransomware attack will be unable to access any live data, but if their back up data is stored off site and siloed (as it should be), it should be untouched. So if we take the worst-case scenario and a ransomware attack hits at 4:30 in the afternoon, the business will only lose data generated that day, as opposed to everything. This means that you don’t have to panic – you can focus on getting rid of the ransomware infection and restore your data quickly once the systems are clear, so you’re back up and running.


Anthony Young specializes in the provision of security and risk support services across the UK for Bridewell Consulting.

Anthony commenced his information security career in 2003. He worked as a security consultant primarily within central government and the gaming industry where he reduced threat profiles by establishing security frameworks and management systems. He is a BS7799/ISO27001 Lead Auditor with a number of certifications from CESG.

The opinions expressed in this blog are those of Anthony Young and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.