Securing Information
Strengthening Business

Ransomware attacks – don’t let them happen to you

Ransomware attacks – don’t let them happen to you

The BBC has reported there could be further ransomware attacks this week, following the global cyber-attack that saw 48 NHS Trusts, Hospitals and GPs’ surgeries become its most high profile victims.

It has taken an attack on an institution that serves to protect lives to propel ransomware onto our TV screens and newspapers – but ransomware has been around for some time and it doesn’t just target organisations the size of the NHS.

This article briefly covers what ransomware is, what happened in the attack and offers advice on how to protect your own systems – whether you are a large organisation, an SME or a solo business/operator running a single computer.

What is ransomware?

Ransomware is the installation you really don’t want – it’ll encrypt your files and you’ll be blackmailed in to paying a ransom for the recovery key. As users found out last week, when the ‘pay to unlock’ message pops up on screen – it’s already too late.

Ransomware can attack any PC users, whether it’s a home computer, endpoints in an enterprise network, or servers used by a government department or healthcare provider – such as the NHS. 90% of infections come from users downloading malicious content in emails or from web sites.

Ransomware incidents increased rapidly last year and, like an earthquake waiting to happen, it was only a matter of time before an attack took place on the scale that has seen more than 200,000 victims in 150 countries – at least so far.

What happened in this attack?

This attack was by the ‘WannaCry’ virus which appears to have been built to exploit a Microsoft bug and therefore only infected machines running Windows operating systems prior to Windows 10 which is unaffected. The NHS was particularly affected as it still runs Windows XP in some Trusts – Microsoft stopped supporting XP in 2014.

Microsoft have released a fix for all operating systems affected by the WannaCry virus. Downloads are available from the Microsoft guidance pages .

Reports suggest that ‘WannaCry’ spread via a worm virus – which can move around a network by itself, looking for vulnerable machines. The larger the organisation still using such machines, the greater the number of machines at risk of being compromised.

Any large organisation running dated IT systems will have had an uncomfortable weekend.

How can you protect your systems?

Ascentor has written a series of articles with the theme of ‘ Back up – or pay up ‘. We believe that the most effective strategy to avoid being held to ransom by the cyber criminal is to regularly back up your data so you can restore files without having to pay up should you be infected.

You should also ensure that you protect yourself by running updates, using firewalls and anti-virus software and by being vigilant and using common sense when reading email messages.

Further Ascentor ransomware guidance specific to your organisation type can be found here:

Larger enterprises – a defence in depth strategy

Top tips for SMEs

Organisations or home users working from a single computer

But ultimately, having good backups in place is no excuse for not implementing good preventative measures in the first place to reduce the risk of infection.

Cyber security controls don’t need to be complex or cutting edge to be effective. We’ve covered a number of recommended basic measures in our blog article ‘ An ounce of prevention could be worth a ton of cyber attack cure ‘.

Further reading

The NCSC – Protecting your organisation from ransomware

Ransomware facts – Microsoft Malware Protection Center

Worried about ransomware?

If you’d like to discuss the topic of ransomwarein more depth or any aspect of IA and cyber security, please contact Dave James, MDat Ascentor.


Office:01452 881712


Twitter: @Ascentor

For Further Information

If you have any questions about the topics we've covered, or would like to have a chat about any aspect of your own cyber security strategy, please get in touch with the team at Ascentor.

Please use the contact details below - also found on our Contact Us page.


Fields marked with an * are required
Share this:

You may also be interested in:

Ascentor’s cyber security review of 2020

2020 wasn’t the first year where a virus emerged causing large scale disruption and opportunities for cybercrime. It was, however, the first time

Cyber security myths putting SMEs at risk

SMEs have long been a favourite hunting ground for cyber criminals. Big enough to be of interest in terms of data held and yet often small enough not

Cyber security myths home workers fall for

From King Arthur to the moon landings that (allegedly) didn’t happen, it’s surprising what people want to believe without any real basis in fact.