Protecting Your Organization from Ransomware Attacks

Ransomware is a type of cyber attack that locks a users files and forces a payment in return for unlocking the files.

Last week’s ransomware attack was possibly the most widespread and complex global cyber attack to date. In the wake of this incident, we think it’s important to reiterate things you can do to protect your nonprofit (and yourself) from becoming a victim during similar attacks in the future.

On the hardware and software side:

  1. Run updates as soon as they are available. Use the auto-update feature if the software has one. This applies to your operating system, Java, drivers and any other software you have installed.
  2. Backup your files. Preferably in the cloud, but even an external hard drive is better than no backup at all.
  3. Use anti-virus software, anti-malware software and make sure you have hardware and software firewalls in place.

On the user side (and this is the harder part to control):

  1. Educate users about not clicking links in emails from senders they don’t know.
  2. Educate users not to download files from emails and websites they don’t know or trust.
  3. Educate users about “phishing” – how emails can look like they come from a reputable source but aren’t the real deal.

Finally, here’s an article advising what to do if you get hacked by ransomware.