top of page

6 steps to help prevent a ransomware attack

  • Writer: SECRC
    SECRC
  • Oct 14, 2022
  • 3 min read

In the 2022 Cyber Security Breaches Survey, it was identified that of the 39% of businesses that identified a cyber-attack, 21% suffered a malware, denial of service, or ransomware attack. A ransomware attack is a type of malicious software designed to block access to a computer system until a sum of money is paid.


If your business fell victim to a ransomware attack, the cybercriminals behind it will threaten to publish your company’s data or perpetually block access to it unless a ransom is paid. If a ransom fee is paid, there is no guarantee that data will ever be returned to you. This information is valuable as the criminals behind the attack can publicly post the data or sell it on cybercriminal forums and dark web marketplaces for additional revenue.


How does ransomware work?

  1. Access - Attackers gain access to your network. They establish control and plant malicious encryption software. They may also take copies of your data and threaten to leak it.

  2. Activation - The malware is activated, locking devices and causing the data across the network to be encrypted, meaning you can no longer access it.

  3. Ransom demand - Usually, you will then receive an on-screen notification from the cybercriminal, explaining the ransom and how to make the payment to unlock your computer or regain access to your data.

It is important to try and establish how the attackers gained access to your network in the first place so you can prevent future ransomware attacks.


How can I protect my business or charity from a ransomware attack?

  • Always back up your data, as restoring your files from a backup is the quickest way to regain access to your data.

  • Never click on unverified links, especially when they are from sources or senders that you don’t recognise.

  • Regularly scan your emails and systems for malware

  • Only download files from trusted sites

  • Use a VPN when using public Wi-Fi.

  • Do not use unfamiliar USB devices.

Download and print our new infographic - 6 steps to help prevent a ransomware attack and display this in your workplace, email to your employees or include in your newsletter.


How a business or charity responds and recovers from a ransomware attack will hugely affect the impact of the attack. The National Cyber Security Centre has a number of resources designed to help respond and recover, we recommend you take a look at the following:

How can The Cyber Resilience Centre for the South East help my business?

To help outsmart cyber criminals and toughen up their cyber security, the Cyber Resilience Centre for the South East (SECRC), has been established to provide businesses and organisations, with an affordable way to access cyber security services and consultancy to help improve cyber resilience.


Businesses and charities in the South East can sign up for free Core Membership online and receive a welcome pack full of practical resources and tools that will help you identify your risks and vulnerabilities and the steps you can take to increase your levels of protection. Through your membership, you will also get regular updates on new threats, designed to help you stay safer.


Comments


NPCC
TVP Logo
Hampshire Police Logo
SEROCU logo
Surrey Police Logo
Sussex Police Logo
Cyber Essentials Logo
Cyber Essentials Plus Logo

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of the South East Cyber Resilience Centre is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect the most recent legislation, practice, or application to your circumstances. The South East Cyber Resilience Centre provides funded services and Cyber Essential Partners if you need specific support. For specific questions please contact us at enquiries@secrc.police.uk.  The South East Cyber Resilience Centre does not accept any responsibility for any loss that may arise from reliance on information or materials published on this website.  It is not responsible for the content of external internet sites that link to this site or which are linked from it.

© 2022 - 2025 The South East Cyber Resilience Centre

Registered in England & Wales, No. 13263448 

TM

  • Facebook for South East Cyber Resilience Centre
  • LinkedIn for South East Cyber Resilience Centre
  • X for the South East Cyber Resilience Centre
  • Youtube for South East Cyber Resilience Centre
  • Instagram for South East Cyber Resilience Centre
  • RSS feed for South East Cyber Resilience Centre
  • Threads
bottom of page