What is Ransomware?

Ransomware is a form of malware that encrypts a victim's computer files and then the attacker demands payment or ransom for restored access. Ransomware attacks are becoming the fastest-growing global cyber threat.

The National Cyber Security Authority (NCSA) recommends adopting the following preventive measures to greatly reduce your chances of being a victim of ransomware attacks.

1. Keep your devices systems up-to-date

Update your devices operating systems, software and applications with the latest updates. Outdated systems are the most vulnerable targets of cyber attacks, and ensuring your systems are kept up to date significantly reduces the number of exploitable entry points available to cybercriminals.

2. Never open unfamiliar links or attachments in emails

Most ransomware is distributed through email, and so users must avoid clicking on suspicious links in their inbox to prevent a potential infection. Once you click on a malicious link, an automatic download could be started, which could lead to a full-scale ransomware attack due to unrestricted access to a machine. Avoid opening links or attachments sent by unknown or suspicious senders.

3. Employ data backup

Backup all of your data consistently, to ensure you have multiple copies of your data. Backup your data on a local storage device that is offline or on the cloud storage, in order to have additional copies of your data out of your organization or business network.  

4. Maintain up-to-date anti-virus software

Ensure you have installed an anti-virus or endpoint protection software on your device and enabled automatic update of your anti-virus software. The anti-virus will be used to scan email attachments and downloaded software, to prevent running malicious content on your device.

5. Do not disclose personal information

If you receive a call, text message or email from an untrusted source requesting personal information do not reply. Instead contact the sender directly to see whether they are legitimate. Cybercriminals who are planning an attack may try to collect personal information from you to then tailor specific phishing messages targeting you or your organization.