Interested in our Cybersecurity Framework?
Visit our article on how to organise an effective cybersecurity strategy to download a copy of our framework.
Don't Let Cyber Threats Blur Together.
Dive into our latest blog to get clear, actionable insights and learn how to stay one step ahead of attackers. Are your defences built for both?
Interested in a Free Phishing Security Test?
VirtueUK are partners with KnowBe4, the world's largest security awareness training and simulated phishing platform.
If you're interested in assessing the Phish-prone percentage of your users, contact us to arrange a free simulated phishing attack.
If you're interested in assessing the Phish-prone percentage of your users, contact us to arrange a free simulated phishing attack.
Ransomware has become an increasingly serious threat for charities and non-profits, many of whom operate with limited resources and rely heavily on public trust. These attacks can encrypt vital files and demand a ransom for their release—potentially disrupting services and compromising sensitive donor or beneficiary information.
This article offers practical advice on how charities can protect themselves against ransomware and outlines the key steps to take if an incident occurs.
What is Ransomware?
Ransomware is a form of malicious software designed to infiltrate systems, encrypt critical files, and demand a ransom payment in exchange for their release. These attacks can be both financially damaging and deeply disruptive, posing a serious risk to organisations of all sizes.
How Does Ransomware Work?
Ransomware typically infiltrates systems through phishing emails, malicious websites, or vulnerabilities within a network. Once deployed, it encrypts files using advanced cryptographic methods, rendering them inaccessible. Victims are then presented with a ransom demand in exchange for the decryption key.
How Does Encryption Work?
Encryption relies on the use of algorithms and cryptographic keys to protect information. An algorithm is a defined set of rules used to transform readable data into an unreadable format. A key functions much like a secure password—it is required to decrypt the data and make it accessible only to authorised users.
How Can You Prevent Ransomware Attacks?
There are several effective strategies to help prevent ransomware attacks before they cause harm. Below are some essential preventative measures to consider:
Keep Your Software Up to Date
Always keep your computer and programs up to date. Updates often fix problems that ransomware uses to gain access.
Use Robust Antivirus Software
Implement robust antivirus software, ensuring it is always active and regularly updated. This will help detect and prevent a wide range of ransomware threats.
Be Careful With Emails
Don’t open emails from people you don’t know. Don’t click links or download files unless you are sure they’re safe.
Back Up Your Files
Copy your most important files and store them on something other than your primary computer. That way, if ransomware encrypts your files, you’ll still have copies.
What Do You Do If You Experience Ransomware?
So you think you have ransomware? Don’t panic. Here’s what to do:
Disconnect From the Network
Immediately disconnect your computer from the internet. This may prevent the ransomware from spreading or worsening.
Don’t Pay the Ransom
Experts say you shouldn’t pay. There’s no guarantee you’ll get your files back. Plus, paying encourages more attacks.
Report the Attack
Tell the police about the attack. They can help and use the info to stop future attacks.
Use Your Backups
If you have backups, then you can restore your files from them. That is what backups are for, after all.
How Can Organisations Protect Themselves?
Organisations will want to take a few additional steps to remain safe. Here are some suggestions:
Train Your Employees
Train your employees about ransomware. Give them examples of what to watch out for, and what to do in case they encounter something suspicious.
Limit Access to Key Files
Not everyone needs access to every file. Provide access only to those needed to perform the job. This may limit how far ransomware can spread.
Have a Plan Ready
Have a strategy in place, in case you become a target of ransomware. Test it regularly. Preparation will help you act quickly when you need to most.
How is Ransomware Evolving?
Ransomware is getting better all the time. Watch for this:
Attacks on Phones and Tables
Both computers and mobile devices, such as phones and tablets, can be targeted by ransomware. It is important to exercise caution with all your devices.
Double Extortion
Some ransomware variants now exfiltrate sensitive data before encrypting it, with attackers threatening to release or sell the stolen information unless a ransom is paid. This adds an additional layer of risk and severity to the attack.
Attacks on Cloud Services
Many individuals and organisations are migrating to the cloud for storing data. Ransomware has started targeting those services too. Ensure your cloud accounts are secure.