Skip to Main Content Skip to bottom Skip to Chat, Email, Text

How to prevent ransomware

Frustrated woman working at desk, hand to forehead

At a glance

  • Ransomware is malicious software that blocks you from accessing files and the hacker demands a ransom to allow access again.
  • Ransomware attacks can come from numerous sources, including a compromised website, email or download.
  • Proactive steps to improve your device’s security include using a VPN on public networks, keeping systems up to date, diversifying passwords and setting up two-factor authentication across all devices.
  • Curious about cybersecurity? Learn more about online technology degrees from University of Phoenix.

Among other forms of malware, ransomware blocks you from accessing your files, passwords or additional personal information until you pay a ransom to regain control. Ransomware appears in 10% of all data breaches, doubling its frequency in a year.

While malware such as viruses, spyware and bots can injure your device’s productivity, ransomware will lock you out of your system until you pay to remove the malicious program. Find out how ransomware can compromise your computer systems and how you can avoid it.

Where does ransomware come from?

Ransomware may come from numerous sources. Whenever a user visits a compromised webpage, opens a malicious email attachment, downloads an infected program, or communicates with another user whose device is infected with malware, ransomware can attach itself to their device.

Often, ransomware can reach your device through popular digital communication tools like email and instant messaging phishing attacks. In other cases, ransomware can spread through insecure public internet access.

At times, ransomware can also reach your device when you visit a malicious website. Known as “drive-by downloading,” this ransomware attack occurs when you unknowingly reach an infected website. Even if you only visit that website for a few seconds, ransomware can attach to your device.

Read Similar Articles

How does ransomware affect your devices?

Ransomware attacks don’t usually begin the moment you download malware. It works first by infecting your device, then by locking — often encrypting — your data. This usually means you can still turn your device on but cannot access information stored in documents or databases.

After an attacker uses ransomware to lock down your data, users typically receive a ransom demand. This offer can be made in several ways. You might notice that your background image has changed to the ransom demand. In other cases, hackers will replace your files with a copy of the ransom note.

Many types of ransomware also work to maximize damage after they infect a device. For example, Maze ransomware scans your files and steals valuable data even if a ransom is paid. Another ransomware variant, WannaCry, also uses your device to search for other devices it can attack and encrypt.

Ransomware prevention

Whether you’re an organization or a private device user, ransomware is an intimidating form of malware. Fortunately, there are several steps you can take to protect your devices from malicious attackers. These same steps can also help you limit damage if your device is infected.

Develop an IT disaster recovery plan

An important first step in preventing ransomware is developing an IT disaster recovery plan. This plan helps your entire organization protect against ransomware, while identifying critical first steps in the event of a ransomware attack.

The right IT disaster recovery plan helps with far more than post-attack recovery, and should also include the following elements:

  • Prevention — Actions your IT team and your entire organization can take that help to deter ransomware and perform surveillance on all important devices.
  • Mitigation — Measures that help reduce the chance of a ransomware attack ever taking place.
  • Preparedness — Activities that help users remain vigilant against ransomware threats, including anticipatory ransomware response training.
  • Response — Plans that outline how users respond in the event a ransomware attack occurs, either on a single device or across an organization.

Your IT disaster recovery plan can look different from another organization’s plan. It’s important to customize your plan to the size and strengths of your organization and ensure all employees are aware of the plan’s steps in the event of a ransomware infection.

Keep systems up to date

Updating device systems is an even simpler approach to preventing ransomware attacks. Attackers often target users with outdated devices, or with outdated device operating systems, because their security parameters can be less protected.

After updating your device’s systems, it’s also important to update the programs you use. After a sizable operating system update, for example, your device’s programs might require an update to maintain compatibility. Hackers may find vulnerabilities to target with a ransomware attack if your updated device uses outdated programs.

Maintain backups

Whether you store your information on a server or the cloud, it’s important to maintain backup files. Store backup files in a separate location, preferably on a different device, to keep them accessible if you ever need them.

During a ransomware attack, backup files can often save your organization thousands, if not millions, in lost payments. Without backup files, your organization may need to spend time, and money, pursuing IT strategies that help restore file access.

You must frequently update your backup files to ensure they reflect any changes. Many device users trust cloud computing to back up their files securely since cloud storage solutions are typically secure — and you can set them to automatically back up your device’s files regularly.

read similar articles

Photo of a woman working in cybersecurity at her desk surrounded by many screens

12 cybersecurity threats and how to avoid them

Increase security on your devices

You can improve security on your devices in various ways. Many of these strategies are preventive:

  • Don’t hand out your personal information.
  • Log out of websites after you make a payment.
  • Turn off both Wi-Fi and Bluetooth connectivity when not in use.

You can also take proactive steps to improve your device’s security:

  • Use a VPN to encrypt your connection when using a public network.
  • Read reviews and verify the reputation of an application before downloading.
  • Diversify your passwords and change them frequently.
  • Set up two-factor authentication across all devices.
  • Only use trusted device charging stations.
  • Disable any app or program permissions for your camera or microphone.
  • Get trained on how to spot malicious links.

These and other measures can help keep your information safe, particularly when you use shared or public networks.

Use an intrusion detection system

As attackers grow more advanced in their ransomware deployment methods, IT teams are developing new ways to prevent malware, including ransomware, from reaching sensitive information. One emerging cybersecurity strategy — an intrusion detection system (IDS) — consists of programs that proactively alert IT personnel to security threats.

An IDS typically relies on both signature-based and anomaly-based intrusion detection. Signature-based protection compares ransomware threats to trends in your network to identify possible threats before they affect device performance. Anomaly-based detection uses machine learning to classify all device activity as normal or risky, depending on how users on your network normally operate.

Consult professionals

IT professionals can help you with every phase of ransomware protection, including proactive device protection, backing up your files, regularly scanning device activity and even mitigating issues after an attack.

If you yourself are considering joining the evolving world of cybersecurity, you’ll need to complete a few initial steps. Many employers prefer candidates with at least an undergraduate degree in technology. Students sometimes prefer online technology degrees, given the greater flexibility and the freedom to work while they learn.

Aspiring cybersecurity professionals may choose to pursue a bachelor’s degree in information technology, which can help prepare them to mitigate and prevent IT risks like ransomware attacks and other malware. This degree sharpens key skills in systems analysis, information systems, operations and cybersecurity.

Information technology degree options at University of Phoenix

Whether you’re seeking to gain a basic understanding of information technology or cybersecurity, or you’re a working professional looking to expand your skill set, University of Phoenix (UOPX) offers online course collections, bachelor’s degrees and master’s degreesLearn more about undergraduate and graduate online technology degrees from UOPX and start your IT journey today!

  • Bachelor of Science in Information Technology — In this program you’ll learn skills including business process, cybersecurity, information systems, operations and systems analysis.
  • Bachelor of Science in Cybersecurity — This online program teaches skills such as security policies, network security, cybersecurity and more.
  • Master of Science in Cybersecurity — This online program explores in depth such skills and topics as cybersecurity, security policies and vulnerability.
  • Certified Ethical Hacker Course Collection — This course collection can help you prepare to sit for the EC-Council Certified Ethical Hacker (CEH) certification exam. Topics include the phases of ethical hacking, recognizing weaknesses and vulnerabilities of a system, social engineering, IoT threats, risk mitigation and more.
  • Certified Incident Handler Course Collection — This course collection can help you prepare to sit for the EC-Council Certified Incident Handler (ECIH) certification exam. This specialist certification focuses on how to effectively handle security breaches. 
  • Certified Network Defender Course Collection — This course collection can help you prepare to sit for the entry-level EC-Council Certified Network Defender (CND) certification exam. Courses focus on protecting a network from security breaches before they happen.
  • Computer Hacking Forensics Investigator Course Collection — This course collection can help you prepare to sit for the EC-Council Computer Hacking Forensics Investigator (CHFI) certification exam. You’ll learn about the latest technologies, tools and methodologies in digital forensics, including the dark web, IoT, malware, the cloud and data forensics.


want to read more like this?

Internet of Things Applications and Career Paths

Online Degrees

September 13, 2023 • 7 minutes

What Is Cloud Computing? | 3 Types, Definitions and Use Cases

Online Degrees

March 21, 2022 • 10 minutes

Types of Technology Internships

Online Degrees

April 24, 2023 • 7 minutes