Ransomware is a type of malicious software (malware) that encrypts files and stops you from being able to access your files or computer systems.

It’s not just bigger businesses that are targeted and there are no particular industries that are more vulnerable than others. If you work online, you’re at risk.

The attackers are generally financially motivated. They’ll try to extort you by demanding you pay a ransom to get access to your system and files again.

Ransomware infections can occur through things like phishing campaigns – where you’re tricked into clicking an infected link or attachment within an email.  They can also happen if you don’t have strong passwords or don’t regularly update your software.

Prevention is better than cure. These simple steps can help protect you and your business from ransomware and cyber attacks:

• Be aware of phishing campaigns. Phishing is a common way that computers and systems get infected. Learn how to spot dodgy emails, websites or links that could be harbouring malicious software. If you have staff, talk to them to make sure they’re aware of the risks as well.
• Regularly install updates on software and devices. This will prevent attackers from exploiting vulnerabilities which they could use to get into your systems.
• Implement two-factor authentication. Two-factor authentication is usually a code that’s sent to your phone or an authentication app to verify your identity. This is used in addition to a password and adds another layer of security to your logins.
• Back up your business and customer data. This way if your data is lost or stolen, you can recover it quickly. You can back it up on an external hard drive or on a cloud service.
• Talk to your IT team or service provider about setting up logs. They record when particular actions are taken on your website and systems and who’s done them. You’ll then be notified if any unusual or unexpected activity occurs.
• Have an incident response plan. No matter how well you prepare and how good your cyber security is, things can still get through the cracks. Have a plan that will help you take control of the situation if the worst were to happen. Know who to call and prepare by doing things like making hard copies of all important documentation in case you can’t access your system.

Top 11 tips for cyber security(external link) — CERT NZ
Phishing scams and your business(external link) — CERT NZ
Creating an incidence response plan(external link) — CERT NZ
Further guidance on how to prevent or contain cyber security attacks(external link) — CERT NZ

• Get your network offline immediately. The faster you do this, the more you can contain the spread of the malicious software. You can do this by simply taking out network cables from your workstation and unplugging your wireless router.
• Seek the advice of an IT professional. If you don’t have an internal IT person, then ask your IT service provider to help work out how your systems were infiltrated and how you can stop it from happening again. If you’ve already paid a ransom and received your files back it’s still important inspect your systems and check if any malware remains on your computer, or if the attackers have created any other ways of accessing your systems and data.