How to Prevent Ransomware Attacks in Your Business

Ransomware Attacks

In order to help your business to prevent ransomware, it is important to understand how these attacks can penetrate your organisation’s security and what behaviours allow the attackers to break through your defences.

The bigger Ransomware attacks that you see reported in the press are likely to be targeted, where an active attacker is targeting the business on purpose for financial gain. There are a lot of automated Ransomware attacks just waiting to happen. From an email being sent attempting to get a recipient to click a link, to compromised websites waiting to be viewed by a user.

This article will explain some of the more common infection and attack methods to help you understand how these attacks take place and restrict the impact on your business. Ransomware attacks have evolved, and continue to evolve, and the process for executing is straightforward, any business can be a victim, even those with excellent perimeter and endpoint protection.

Focus on prevention, but also remediation. Best will in the world a user will click on a link, or visit a website, any code being exploited needs to be quickly identified and swiftly dealt with.

 

Exploit Kits

These are typically run on compromised websites which your user could be browsing. The website itself looks perfectly OK, but perhaps a third-party advert or piece of code has been hacked and the exploit kit uploaded.

When the user browses the site, a sophisticated toolkit scans your computer for vulnerabilities to exploit.

This code is hidden on the site, which is often in an online ad (malvertisement) and then, hidden from yourself, it will redirect to a site where the exploit kit is then run, silently. This can then initiate a drive-by download of the payload and then executed, your computer infected and then files will be held for ransom.

 

Malicious Email Attachments

This is where an attacker will craft an email, make it look at real as possible to the recipient, and write it in such a way to sail through any email filter. It’s likely to come from HR, or your IT department, and it will contain a malicious file. This may be a Word or PDF document and the content could be another link in the file or a script that’s waiting for you to click “Run” on. Once it’s opened or clicked, the payload is then downloaded, the system is infected and then files and folders are encrypted and waiting for you to pay the ransom.

 

Malicious Email Links

This is similar to the attachments scenario above, where URLs are sent directly in the body of the email. Once again the emails are cleverly written, usually with excellent spelling and grammar, and written to be approved by any email filter.

Once the link is clicked, normally the payload is downloaded and executed and potentially files will start to encrypt.

Past Blogs

This Small Change to Teams Will Make Your Meetings Run Smoother

If you’ve ever been in a Teams meeting where you’ve had to say, “next slide, please,” more times than you’d like, you’re not alone. For businesses that rely on online...
Cyber Essentials vs ISO27001

Cyber Essentials vs. ISO 27001: What’s the Difference and Which Is Right for You?

Cybersecurity certifications come in many shapes and sizes, but when it comes to choosing the right framework for your business, the decision often boils down to Cyber...
Overconfident employees: Your hidden cyber security threat?

Overconfident employees: Your hidden cyber security threat?

Your team are smart, right? They’d never fall for a scam email or click a suspicious link. At least, that’s what they think. Here’s why overconfidence could spell...

DMARC & DMARCBIS

What They Are, Why They Matter, and What Business Owners Need to Know If you’re a business owner, chances are you rely on email every day—whether it’s communicating...
Could automation save you from spreadsheet headaches?

Could automation save you from spreadsheet headaches?

Spreadsheets slow us down and are too easy to mess up. So, what if I told you there’s a better way to handle data in your business?

Did you notice Incognito mode’s improved privacy?

Did you notice Incognito mode’s improved privacy?

If your team use Google Chrome’s Incognito mode, you probably assume your browsing is private. But until Microsoft spotted this big flaw, your info could be shared...
Copilot could soon auto-open in Microsoft Edge

Copilot could soon auto-open in Microsoft Edge

Is Edge your business’s browser of choice? Microsoft’s thinking of automatically opening Copilot when you use it. It could boost productivity, but there are privacy...
How concerned should you be about cyber attacks?

How concerned should you be about cyber attacks?

You’ve probably heard a lot of talk about cyber attacks but how worried should you really be? Well, very, because cyber criminals are getting smarter. We have good news...
How to create secure passwords

How to create secure passwords

Weak passwords are one of the biggest security risks to your business. Why? Because cyber criminals are getting smarter than ever before. If they manage to crack just...
Beware these common ‘malvertising’ attacks

Beware these common ‘malvertising’ attacks

Ever clicked an online ad and wondered afterwards if it was a scam?… most of us have – and cyber criminals want us to keep doing it. Here’s what to look out for...