Ransomware attacks are on the rise in 2016, and corporations need to be aware of how to protect themselves. Ransomware is a type of cyberattack involving malware that encrypts files, databases, and other caches of information on a single computer or an entire network. Once the files are encrypted, hackers demand a ransom payment in exchange for a key to decrypt the data, otherwise the data is destroyed.

In the first three months of 2016, ransomware victims paid over $209 million in ransom, compared to $25 million in all of 2015. At least 18 healthcare providers and dozens of state and local governments, police departments, and schools have been publicly attacked by ransomware in the last year, with countless other businesses having handled unreported attacks.

The key to preventing a ransomware attack is understanding what your “crown jewels” are and how they are protected. Companies should develop a multi-tiered cybersecurity plan, which can include segmenting your computer network, updating your system with the latest patches, and restricting the ability of users to install and run new software. Your workforce is often the weakest link through which ransomware can attack, because ransomware infects networks usually after an employee opens a malicious attachment or clicks on a link in a phishing email. Educating your workforce to recognize and report malicious links and attachments is an effective means of avoiding ransomware attacks.

There are also important strategies to minimize the impact of ransomware attacks if they occur. Companies should engage in incremental system backups that are stored off network, so that up-to-date data can be restored quickly in the event of an attack. And companies should consider cybersecurity insurance options to help cover financial losses associated with paying the ransom, or lost business before systems can be restored.

Ultimately, by having mature information governance and training your workforce to be aware of the dangers, companies can overcome the growing threat of ransomware.

McKaye Neumeister