Posted on

Ransomware: prevention is better than cure

If you’ve been following recent news stories about ransomware attacks, you might be feeling pretty nervous about clicking links or attachments in emails. The idea that just one click can set an attack in motion is enough to make any of us sweat.

But there’s a much less anxiety-inducing way to think about cyber security, and our Cyber Secure Choices series is here to help you see that. We want to show you how everyday choices can make a big difference in keeping our organisations and systems safe — even from ransomware.

By pulling back the curtain on how common cyber attacks work, Cyber Secure Choices builds your confidence in making security-related decisions. Turns out you have the power to foil cyber attacks — pretty cool, huh?

Cyber Secure Choices draws on all the security actions we cover in our Security Awareness programme, stepping through how they come into play in real-life situations and how they can help you take control of a security incident as it unfolds.

This month we’re launching Episode 2: Ransomware. Read about Episode 1: Invoice Redirection Fraud here.

Ransomware is on the rise

In the past few months, a bunch of high-profile ransomware attacks on organisations in New Zealand and globally have left a lot of us feeling unsettled. Ransomware can have a devastating impact, and recovering from an attack can be tough — so it’s understandable if you feel worried.

This problem isn’t unique to New Zealand. Across the globe, cyber attacks are happening more often. And though they’re also getting trickier to ward off, there’s still plenty we can do to stay safe.

But before we get to that, what is ransomware?

Ransomware is a type of harmful software that infects computers (or other devices like phones or tablets), making files unreadable by encrypting them. The software can then spread to other computers that are connected to the first computer, taking the problem far and wide very quickly. Once the organisation has lost access to their files, we get to the ransom part: the people behind the attack demand money in return for restoring access.

Banner Blog_Ransomware

How it happens

As we become more reliant on software and remote working, cyber criminals are gifted new ways of targeting our security weaknesses.

How might an attacker get ransomware onto your computer? One of the more common ways is through email, sending you malware either as an attachment or as a link to an unsafe site. Or they might drop it directly into a system. They can do this by looking for security weaknesses — either in the software a company uses, or in how their systems are set up.

But like any weakness, there are ways of getting stronger.

Be prepared: back it up, keep it safe, and know who to call

Backups, backups, backups

You may have heard it a million times before, but we’ll say it again for good measure: backups are your friend.

The best way to defend against any type of cyber attack is to have a backup strategy in place — and by “in place”, we mean set up and working smoothly before anything bad happens. Getting backups sorted may not be the most glamorous of tasks, but if things go wrong, you’ll thank past you for making it so easy to get your lost documents or records back.

If you’re worried about how a ransomware attack could affect your organisation, check in with whoever is responsible for IT, whether that’s an IT support team, an external provider, or maybe even just one person in your team. Make sure they’ve got backups configured to happen regularly, that those backups are kept somewhere safe, and that they check on them every so often to make sure they’ll work when they really need to.

Healthy devices and strong defences

Another way you can defend yourself against ransomware attacks is by securing the spots where they commonly get in.

Three steps to doing this are:

  1. Keeping the software and devices you use up to date with the latest patches and updates.
  2. Using long, unique passwords.
  3. Setting up two-step authentication.

These actions are especially important for any software or accounts that can be accessed from anywhere on the Internet — which is a lot of the software we commonly use these days.

Ask for help

It’s important to know who to call if you think an attack has happened. Start with your IT support person or team if you have one, but if not, you can always call CERT NZ (the New Zealand Computer Emergency Response Team).

Find out more about these ways to stay safer online (plus a few more) in this article our founder Laura wrote for The Spinoff.

Attacks are random

Ransomware attacks happen for all sorts of reasons. There’s the obvious financial motive, but sometimes the aim is  more about causing havoc or making a political statement. 

The sophistication of attackers also varies, from small groups using relatively simple skills and tools, to organised criminal groups carrying out advanced attacks as a commercial service for clients.

Sometimes it‘s hard to understand why an organisation is targeted, like in the case of recent ransomware attacks affecting kindergartens in New Zealand. Kindergartens aren’t known for being goldmines, so ransomware doesn’t make a lot of sense at first glance — but this is an example of an attack that targets software (in this case, Kaseya) that’s vulnerable.

We can spend a lot of time trying to understand who’s behind these attacks and why they’re happening — but what’s more important is making sure we have sound security practices in place and that our teams understand how ransomware is spread and how they can make more secure choices.


Like always, people are the best defence

There’s no one security action or product that will banish ransomware attacks for good, and attackers will always think up new and creative ways to get into our systems. But that doesn’t mean we have to be sitting ducks.

We want to help you build a culture of cyber security awareness and support. When we’re aware of security incidents and how they can unfold, we’re better placed to handle them. So even if something terrible does happen, we have a safety net of basic knowledge we can rely on to catch us before the problem gets out of control. 

And that’s where Cyber Secure Choices comes in.

As well as giving you a safe way to see how different choices can affect a situation, we also want to show why ongoing communication about the basics of good security practice is so important.

A lot of the advice on safe cyber security practices has hardly changed over the years, and that’s for good reason — our weaknesses around the basics are still an easy target for cyber attackers. The attacks haven’t necessarily become any more complex. They’re just taking advantage of the same old mistakes.

Interactive learning: Ransomware

Our next episode in our Cyber Secure Choices series is all about ransomware. You get to work through three different ransomware attempts and see how your choices affect the outcome of the attacks. 

You’ll also see how the choices we make can stop cyber criminals in their tracks. Neat!

We’ll go through the security learning actions that can help, including:

  • Treating unsolicited emails with attachments and links with caution.
  • Protecting your email with a unique password and two-step authentication.
  • Making regular backups of critical data.
  • Staying updated with software updates and patches.
  • Knowing who to call when you think something bad has happened.

Try it yourself

Sign up for our SafeStack Academy Security Awareness training today, or take it for a spin with a free 14-day trial

We love to hear from you

We hope our Cyber Secure Choices series helps you and your team think about the many small choices we make every day that can impact our cyber security for better or worse.

We’d love to hear your feedback. Drop us a line on and let us know what you think.