A ransomware reminder
27th June 2025
In 2025 the number of ransomware attacks has increased by 125% globally* – is your business prepared?
With high-profile attacks on retailers leading to extortionate ransoms, we want to remind everyone one exactly what ransomware attacks are and what to do if you are unlucky enough to be a victim of one.
Ransomware is a type of malware – malicious software – that can infect devices via phishing emails, malicious links, vulnerabilities in software or compromised websites. What makes ransomware unique is that once it is inside a system, it locks or encrypts files and displays a message demanding payment to be made to return the files to the user.
If you are the victim of a ransomware attack, here are the steps you should take:
Isolate – disconnect affected systems from the network, remembering to disable Wi-Fi and unplug ethernet cables.
Notify – make your leadership teams, as well as your IT support, aware of the breach, so that further action can be taken to stop it from spreading.
Report – in the UK, report to Action Fraud or the National Cyber Security Centre, as well as your cyber security provider (if applicable).
Assess – identify what has been impacted and check logs to understand the scope of the attack.
Don’t pay – even if you do pay, there is no guarantee that your data will be recovered, and it may further criminal activity. Talk to law enforcement and cyber security experts before acting.
Restore – if clean backups exist, wipe infected systems and rebuild from backups, ensuring the backups are scanned for malware before restoring.
Investigate – determine how the attack happened, finding vulnerabilities and entry points.
Strengthen – make updates and additions to fix the gaps in your security found in the investigation. Additionally, training on phishing and social engineering for all staff is essential.
Remember, resilience and awareness are key to good cyber security: if you know what to look for, you’ll never have to worry about ransomware! If you’d like more information on ransomware attacks, please contact Interfuture Security.