Published May 1, 2023Updated Jun 5, 2023
Contribute to Docs

Ransomware is a cyber attack that blocks and prevents a user from accessing important files or personal data that is located on a device or computer. When the device is successfully infected with ransomware, the attacker will request payment, most commonly in the form of cryptocurrency, with the promise to restore access to the affected device.

Preventing Ransomware

There are various basic countermeasures to avoid ransomware from infecting a device:

  • Use secured networks when possible. Using unsecured networks will leave the device unprotected and increase the risk of ransomware infecting the device. The use of a virtual private network (VPN) is recommended to secure and encrypt the connection to protect against malicious threats.
  • Perform frequent backups of important data and store them on a separate device that cannot be accessed from the network. If a device is infected with ransomware, it is possible to restore the device to a previous state before the infection occurred.
  • Implement the use of multi-factor authentication to ensure that an attacker will not gain access to important accounts online by verifying an additional factor, such as a token, that the authentic user would only possess.
  • Avoid downloading software from suspicious websites, as they could contain ransomware hidden in their files. It is recommended to only download software and updates from trusted official support websites.
  • Avoid opening suspicious links or documents in emails sent by an unknown sender. Attackers will hide ransomware in emails in the hopes that someone opens them and infects the device that they are on.
  • Use up-to-date security software to protect devices. Outdated software might contain vulnerabilities making it easy for the attacker to infect the device.

All contributors

Looking to contribute?

Learn Cybersecurity on Codecademy