The recent ransomware on the UK’s NHS IT systems has shown everyone how severe the impact of ransomware can be - not just for small businesses but from large organizations, too. And there are constant reports from IT security specialists that are warning us that we are on the edge of a potential ransomware epidemic.

As a business owner, the chances are that you have a few ideas on IT security for your company, but if there was ever a time to take these threats more seriously, now is it. And instead of treating IT security as an afterthought, it should be at the forefront of the priority list for companies and organizations of all sizes. With this in mind, how well protected against ransomware is your business? Let’s take a closer look.

Image Credit

What do you need to know?

There are three important things you must understand about ransomware. First of all, it’s a huge business that results in the loss of tens of millions of dollars to companies every year. Secondly, it’s a growing issue that is showing no signs of abating - there is year on year rises in attacks that have, so far, culminated in an attack this week in more than 70 countries in the world. Finally, it’s scary. Once you suffer from a ransomware attack, your website could be unusable unless you pay a release fee. And once you hand over any money - which is not advisable - there are no guarantees of getting your systems back online.

How do you get infected?

Ransomware usually infects computers and systems in two different ways. The first is via attachments in emails - a user will click on a phishing link, and then the ransomware will go to work. The second way is through compromised websites. This occurs when an exploit kit is setup on a website and finds a vulnerability which then allows the ransomware to be installed.

How do you stop ransomware?

The primary principle to understand about ransomware is that as soon as you are infected, it is usually too late. Backups can help, of course. But, the important thing for all IT and technology based companies - which pretty much covers everyone these days - is to have robust business system disaster prevention and recovery in place. The system you have has to be able to roll back a few days - perhaps even longer - so that you can restore your local and server apps and data to an uninfected state. It is also vital to invest in robust encryption and to ensure that the ransomware is completely removed before restoring any of your backups.

Who is at risk?

Ultimately, every business is in danger from ransomware, and given it can enter your system just from the simple act of an employee clicking on a link, it should make you aware that IT security training is vital. It is also critical that you keep all your systems up to date. Most ransomware attacks occur through legacy systems that are no longer updated by the provider - old Windows operating systems, as an example.


Ransomware is a huge issue for every modern business. Make sure you are doing all you can to protect yourself.