Skip links

Ransomware: Prevention, recovery, and why paying is never the answer

Ransomware: Prevention, recovery, and why paying is never the answer

Cybercriminals are becoming increasingly sophisticated, but that doesn’t mean your business has to be their next victim. Remember the WannaCry attack? It brought the UK’s National Health Service (NHS) to a halt, forcing hospitals to cancel appointments, delay surgeries, and divert ambulances. Over 80 NHS trusts were affected, exposing vulnerabilities in systems many businesses still rely on today.

WannaCry was a wake-up call for businesses across the UK, showing how ransomware can cripple operations—and why businesses, especially small and medium-sized enterprises (SMEs), must prioritise cyber security.

In this guide, we’ll break down ransomware, how it works, its devastating impact, and—most importantly—how you can prevent and recover from an attack.

wannacry attack on the NHS

What is ransomware, and how does it work?

Ransomware is a type of malicious software (malware) that locks or encrypts your data, holding it hostage until you pay a ransom—usually in cryptocurrency. It’s a business disruptor of the highest order.

Here’s how it typically strikes:

  • Locker ransomware: Prevents access to your entire system.
  • Crypto ransomware: Encrypts specific files, rendering them unreadable until a decryption key is obtained.

Ransomware often sneaks in through:

  1. Phishing emails: Messages designed to trick you into clicking malicious links or downloading infected attachments.
  2. Unpatched software: Vulnerabilities in outdated systems, like those exploited during the WannaCry attack.
  3. Compromised websites: Visiting an infected site can trigger an automatic ransomware download.
  4. Dodgy downloads: Files from unverified or suspicious sources.

What’s the worst that could happen?

A ransomware attack can grind your business to a halt, causing:

  • Lost data: Critical files, customer information, and financial records could be permanently inaccessible.
  • Downtime: Systems could be out of action for days or weeks, affecting productivity and revenue.
  • Financial loss: Ransom demands, recovery costs, and potential regulatory fines quickly add up.
  • Reputational damage: Clients and partners may lose trust in your ability to protect their data.

The UK Cyber Security Breaches Survey 2024 found that the average cost of the most disruptive cyber attack was £1,205 for small businesses and an eye-watering £10,830 for medium and large organisations. For many SMEs, these figures highlight the critical need for proactive defences.

Why you should never pay the ransom

Paying the ransom might feel like a quick fix, but it’s one of the worst decisions you can make.

  • No guarantee: There’s no certainty you’ll get your data back, even after payment.
  • Future targeting: Cybercriminals share information. If you pay once, your business is likely to be added to a list of organisations that pay, making you a prime target for future attacks.
  • Funding crime: Paying fuels criminal networks, encouraging more attacks on others.
  • Legal risks: Depending on your industry, paying could result in regulatory or legal repercussions.
"Paying a ransom might seem like a quick fix, but it’s the worst decision you can make. Not only do you fund criminal activity, but you’re also advertising your business as one that will pay up. That’s an open invitation for future attacks. Instead, focus on prevention and ensure you’ve got a strong recovery plan in place."
Tim killeen- cloud-and-more
Tim Killeen, Cloud & More

Prevention: your best defence against ransomware

The good news? Ransomware is preventable. Taking proactive steps now can save your business from significant trouble later.

  1. Educate your team: Train staff to spot phishing emails—responsible for 84% of cyber incidents in UK businesses.
  2. Upgrade your passwords: Use strong, unique passwords and encourage using a password manager.
  3. Stay updated: Regularly patch your systems and software to close vulnerabilities, as outdated systems were key to the WannaCry attack.
  4. Use the right tools: Install reliable antivirus and anti-malware protection.
  5. Backup, backup, backup: Regularly save critical data in secure, offline or off-site locations.
  6. Limit access: Grant permissions only to those who need them, minimising the impact of compromised accounts.
  7. Segment your network: Isolate parts of your network to prevent ransomware from spreading.
  8. Get Cyber Essentials certified:

Protect Your Business with Cyber Essentials

Cyber Essentials is a government-backed certification designed to shield your business from common cyber threats like ransomware. Not only does it enhance your security, but it also comes with free cyber insurance worth up to £25,000 for eligible businesses.

Take the first step towards safeguarding your data and earning your clients’ trust today.

cloud and more - cyber essentials

Why Cyber Essentials matters

Cyber Essentials is a government-backed certification designed to help businesses protect against common cyber threats—including ransomware.

Why it’s essential:

  • Stronger security: Cyber Essentials provides a framework for implementing practical controls that reduce your risk of attack.
  • Built-in insurance: Certification includes up to £25,000 in cyber insurance coverage for businesses with a turnover under £20 million.
  • Reassure clients: Demonstrate your commitment to security and build trust with clients and partners.

Recovery: what to do if ransomware strikes

If ransomware slips through the cracks, don’t panic—but act fast.

  1. Don’t pay the ransom.
  2. Isolate infected devices: Disconnect them from your network to limit the spread.
  3. Call in the experts: Notify law enforcement and contact Cloud & More for immediate assistance.
  4. Restore backups: Recent, reliable backups can get your business back on track without paying a penny.

Cloud & More: your cyber security partner

At Cloud & More, we know ransomware can feel like an impossible battle—but it doesn’t have to be. Our team can help you:

  • Get Cyber Essentials certified, boosting your defences and providing cyber insurance.
  • Implement phishing awareness training, secure backups, and robust network segmentation.
  • Respond quickly and effectively to any ransomware incident.

Don’t let ransomware hold your business hostage

WannaCry was a wake-up call, but it doesn’t have to be your business’s nightmare. Cybercriminals thrive on fear and unpreparedness. Take back control with proactive measures and a solid recovery plan. Contact Cloud & More today for a free cyber security assessment or to get started with Cyber Essentials certification.

cyber security
Share the Post: