Ransomware for business
Ransomware is a type of malicious software (malware) that makes your computer or its files unusable unless you pay a fee.
Ransomware attacks are typically carried out via a malicious but legitimate-looking email link or attachment. When downloaded or opened, most ransomware encrypts a user’s files, then demands a ransom to restore access – typically payable using cryptocurrency, like Bitcoin.
Use this guidance to learn about how to protect your business from ransomware.
Tip: Proactively protect your business from ransomware by creating regular backups of files that are important to your business and storing them offline.
Ransomware is one of the most frequent and damaging types of malware affecting businesses today. It can affect both individuals and organisations alike, and can impose significant costs – in both recovery and down-time. It doesn’t matter how big or small your business, or whether you hold valuable information, the aim is to stop you from accessing the files that matter to you.
Typically, ransomware works by locking up – or encrypting – your files so that they can no longer be used, and some types are even designed to stop your computer from working entirely!
Warning: We recommend that you do not pay the ransom if affected by ransomware. There is no guarantee that paying the ransom will fix your computer, and it could make you vulnerable to further attacks. Restore your files from backup and seek technical advice.
Protect your business from ransomware
Ransomware infects computers in the same ways as other types of malware – for example, attached to or linked from a malicious email, hiding on malicious websites or pretending to be useful applications on peer-to-peer networks.
The same advice to protect your business against malware applies to ransomware, but the key way to reduce the impact of a ransomware incident is to create regular backups of your important files.
Take the following steps to significantly reduce the risk that your business will be impacted by ransomware or other malware:
- Use antivirus software and automatically download signature updates daily. Learn about anti-virus software.
- Keep all your other software up-to-date too. Learn about updates.
- Use strong passwords. Learn how to create – and remember – strong passwords.
- Make regular backups of valuable files and maintain offline copies (that are not connected to your network). Learn about how to back up files.
- Don’t click on links in emails or messages or open attachments from people or organisations you don’t know. Be especially cautious if the message is very enticing or appealing.
- Disable Microsoft Office macros. (Macros are small programs used to automate simple tasks in Microsoft Office documents but can be used maliciously – visit the Microsoft website for information on disabling macros in your version of Office).
- Use safe behaviour online. Learn about how to use email safely and browse the web safely.
- Stay informed on the latest threats – sign up for the Stay Smart Online Alert Service.
What to do if your device is locked by ransomware
Use your backup to recover.
Or visit No More Ransom for free assistance to help you retrieve your data without paying the criminals. Supported by the Australian Federal Police and other law enforcement and IT security companies worldwide, No More Ransom provides ransomware crime prevention advice and decryption tools to help victims recover their files.
If you’ve given your credit card or account details to pay the ransom, contact your financial institution immediately.