Ransomware is an increasing, common threat to small and medium-sized businesses and individuals, so it’s important to be aware and prepared. Learn how ransomware can affect your business and what you can do to protect it.
For more cyber security tips, download the Get Cyber Safe guide for small businesses (PDF, 2.32 MB)
How ransomware works
Ransomware is a form of malware that infects your computer or device. Cyber criminals will try to trick you into downloading ransomware by disguising links or downloadable files to look legitimate. Ransomware can be disguised as an attachment in a phishing message or even as a download on a website. Ransomware allows cyber criminals to infiltrate your systems and stop you from accessing your files or devices unless a ransom fee is paid.
Some of the most common methods cyber criminals use to trick their victims into downloading ransomware are through phishing messages and spoofed or malicious sites. Spoofed or malicious sites may appear to look legitimate but will contain malicious content that can corrupt your systems. In some cases, phishing messages can be disguised to look like they’re from your boss, an acquaintance or even your IT department. You should always validate email addresses, phone numbers and URLs if something seems suspicious before you download programs, follow links or open attachments.
How ransomware can affect your business
Ransomware can significantly affect your business. No organization is too big or too small to become a victim of a ransomware attack. These attacks can happen anywhere at any time, regardless of whether you work at home or at a work location.
If your systems are compromised by a ransomware attack, your organization could be unable to perform business as usual. You could also lose important data if your systems aren’t backed up and your data isn’t stored in a secure environment. Cyber criminals will refuse to return your data or unlock your systems if you don’t pay a ransom. In some cases, they may even try to negotiate for more money. It is important to protect your organization to keep your information secure.
How to protect your organization from ransomware
You can help protect your organization and sensitive information by following these security measures:
- Avoid clicking on suspicious links or downloading suspicious attachments
- Back up your data regularly
- Store sensitive data backups offline and offsite
- Enable automatic updates and system patches on all work devices
- Set up security tools including anti-virus software, a firewall, and a VPN on your organization’s devices and networks
- Ensure your staff is trained on best cyber security practices
- Create an incident response plan and practice ransomware simulations with your team for a smooth recovery
- Be aware and spread awareness on risks of ransomware attacks
How to recover your systems and devices after an attack
If your business experiences a ransomware attack, it’s best practice to never pay the ransom. There is no guarantee you will regain access after making the payment and it will leave your organization vulnerable to future attacks. Follow these steps to restore your systems and get back to business:
- Isolate the device that has been compromised
- Identify the type of ransomware through research or technical support
- Remove the ransomware with the help of technical support
- Reset and wipe all data from compromised and connected devices
- Update all the software and firmware on the systems
- Restore the device from the latest backup
- Run anti-virus scans
- Change passwords on any affected accounts including connected devices that could also be compromised
How to report a ransomware attack
If you experience a ransomware attack, report it to the Canadian Centre for Cyber Security through My Cyber Portal or email contact@cyber.gc.ca. You should always report cyber attacks so the proper authorities can investigate the source of the attack. This also helps you to protect any sensitive information that may have been compromised.
You should also report ransomware to the Canadian Anti-Fraud Centre (CAFC) and your local police. Reporting malicious activity like ransomware can help protect your organization from future attacks and help other businesses from being compromised.