Ngā pakihi me te pūmanawa kino tono utu

Businesses and ransomware

Ransomware is a type of malicious software that denies a user access to their files or computer system unless they pay a ransom. Attacks can cause huge disruptions to businesses.

4 min read

What it is

Ransomware is a type of malicious software (or 'malware') that denies you access to your files or computer system unless you pay a ransom to get it back.  It's used to extort money from people. In some cases, the attacker will also threaten to leak your private data to the public if you don't pay them. 
Ransomware attacks can happen to anyone working online – from individuals and small businesses to large companies and government organisations.

How it works

The first sign of a ransomware attack is usually being unable to access your desktop, apps or files and getting a message telling you that you need to pay a ransom to get access back. The message might be a text file, application window or email.

Attackers target systems that have open avenues for attack – this could be through a user clicking on a link or an attachment contained within an email as part of a phishing attack, or an attacker could exploit a weakness in a network or software.

Attackers try to block access to systems and files that are critical to running a business. A successful attack can paralyse a business.

Attackers will often ask for payment in a cryptocurrency, such as Bitcoin, which is unregulated and difficult for authorities to trace.

We strongly recommend that no one pays a ransom, even if the amount seems quite small. There's no guarantee you’ll get your data back, and paying a ransom could put you at risk of further attacks because if an attacker sees that you're willing to pay them, they could try to target you again. It's also a financial incentive for criminals to continue this type of activity and it may even breach sanctions regimes.

The risks

Ransomware attacks are becoming increasingly common with attackers using more sophisticated methods to try and get their hands on your data. 

Alongside the initial financial demands, ransomware can be damaging in a number of ways, including:

  • locking employees out of systems
  • significantly disrupting day-to-day operations and services
  • loss of income, assets, productivity, or customer trust and goodwill
  • loss, theft or blocking of digital resources like customer data (for example, personal or financial information).

Businesses are also likely to suffer extra costs to get back up and running.