Ransomware Prevention Best Practices

Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. In recent years, ransomware incidents have become increasingly prevalent among private businesses, nonprofits, critical infrastructure organizations, and state, local and government entities.

Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. The monetary value of ransom demands has also increased, with some demands exceeding $1 million. Ransomware incidents have become more destructive and impactful in nature and scope. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data and publicly naming and shaming victims as secondary forms of extortion. Malicious actors engage in lateral movement to target critical data and propagate ransomware across entire networks. These actors also increasingly use tactics, such as deleting system backups, that make restoration and recovery more difficult or infeasible for impacted organizations. Throughout the initial disruption and, at times, extended recovery, the economic and reputational impacts of ransomware incidents have also proven challenging for organizations large and small.

Download the Ransomware Prevention Best Practices Checklist PDF