Our 5-minute guide to avoid becoming the next victim of ransomware
Follow these simple steps to stop a hacker holding your files hostage


Ransomware attacks on businesses shot up in 2016, with the creation of new ransomware families increasing threefold between Q1 and Q3 of the year and attacks jumping from every two minutes to every 40 seconds, according to the Kaspersky Security Bulletin 2016 (you can download the full report here). For individuals, frequency of attacks has gone from every 20 seconds to every 10.
Criminals use common forms of ransomware such as crypto-malware to lock users out of their systems and demand money (ordinarily via Bitcoin) to allow them to regain access. But while ransomware has seemingly gotten more sophisticated, we're far from helpless with various protections and fight back techniques available to those in the know.
Here are three simple things you can do that will help keep yourself and your company more secure against ransomware attacks.
Backup your data
Arming yourself with the knowledge of how to effectively fight back against ransomware attacks is one of the most vital tools your business can have in its arsenal. There are many simple and effective security solutions out there, but prevention is often the best form of defence in these cases.
It sounds simple, but backing up your data is the number one thing you can do to protect it from being lost in the event of an attack. According to Kaspersky, one in five of companies who are hit by crypto-malware never get their data back (even if they pay the ransom), so there are no guarantees information will be safe unless it's backed up somewhere secure. You can read more about this in Kaspersky's full report.
Take a moment today to make sure everything is up to date, whether you are using a cloud storage platform or a physical hard drive, and make it a regular part of your work schedule to do this.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Make sure the latest version of software is on all devices
Various trends in 2016 - such as a rise in Ransomware-as-a-Service (RaaS) - have increased the risk and awareness of ransomware moving forwards, and companies and individuals must increasingly make sure they know about the dangers these kinds of attacks can pose to their data.
Another basic habit that could save a lot of aggravation down the line is making sure software is always up to date. Attackers can seize upon gaps in security on older versions, so don't make it easy for them - never put off updating apps and software when prompted, and tell colleagues to do the same. So many significant attacks have been successful because of security holes present in outdated software, but these can be easily prevented with just a few moments of your time.
Know what to do when you're hit
With all the care in the world, it's possible that you will suffer from a ransomware attack at some point. This just means that you should spend a few minutes reading up on what to do (and what not to do) if and when it does happen.
For starters, report the criminal activity to the authorities as soon as possible, and arm yourself with one of the many free decryption tools to give yourself the best chance of retrieving your data. Read more tips on this in the Kaspersky Security Bulletin (download here).
It's also important to know that you should never, ever pay the ransom, as there is no guarantee that the person behind the attack will follow through on their end of the deal. Often, sophisticated cybercriminals offer help and advice to victims on how they could buy bitcoin in order to pay the ransom, but this is obviously not in their best interests. In fact, paying will simply make you a bigger target, and more money could be demanded next time.
Caroline has been writing about technology for more than a decade, switching between consumer smart home news and reviews and in-depth B2B industry coverage. In addition to her work for IT Pro and Cloud Pro, she has contributed to a number of titles including Expert Reviews, TechRadar, The Week and many more. She is currently the smart home editor across Future Publishing's homes titles.
You can get in touch with Caroline via email at caroline.preece@futurenet.com.
-
What is polymorphic malware?
Explainer Polymorphic malware constantly changes its code to avoid detection, making it a top cybersecurity threat that demands advanced, behavior-based defenses
-
Outgoing Kaseya CEO teases "this is just the beginning" for the company
Opinion We spoke to Fred Voccola who remains a key figurehead at the firm as it enters its next chapter...
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the last
News Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackers
News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Healthcare systems are rife with exploits — and ransomware gangs have noticed
News Nearly nine-in-ten healthcare organizations have medical devices that are vulnerable to exploits, and ransomware groups are taking notice.
-
Alleged LockBit developer extradited to the US
News A Russian-Israeli man has been extradited to the US amid accusations of being a key LockBit ransomware developer.
-
February was the worst month on record for ransomware attacks – and one threat group had a field day
News February 2025 was the worst month on record for the number of ransomware attacks, according to new research from Bitdefender.
-
CISA issues warning over Medusa ransomware after 300 victims from critical sectors impacted
News The Medusa ransomware as a Service operation compromised twice as many organizations at the start of 2025 compared to 2024
-
Warning issued over prolific 'Ghost' ransomware group
News The Ghost ransomware group is known to act fast and exploit vulnerabilities in public-facing appliances