• Home
  • About Us
  • Resources
    • Annual Reports
    • Other Reports
  • Procurements
  • Media
Information for
  • General Public
  • Businesses
  • Government
  • General Public
  • Businesses
  • Government

Home » What Is Ransomware? How Ransomware Works and How to Prevent It ?

What Is Ransomware? How Ransomware Works and How to Prevent It ?

What is Ransomware?

Ransomware is malicious software that holds an individual’s or organization’s data hostage until they pay a ransom to gain access to it. It is a type of cybercrime that lock access to information on computer networks, mobile devices, and servers, forcing victims to pay to free their data. Typically, the payment is requested in Bitcoin – a cryptocurrency that is notoriously difficult to track.

No one is safe from ransomware attacks. Cybercriminals target companies and individuals alike. If the infected device is in a network, such as in a company, the malware can spread to the entire network and encrypt all devices on that network.

To effectively prevent ransomware, users need to inculcate a culture of awareness that gives the means to protect themselves and the organization from these cyberattacks.

How Does Ransomware Happen?

Ransomware typically happens when a user inadvertently clicks a link or attachment that results in these common ransomware attack methods:

  • Downloader: infiltrates a computer and then downloads additional malware to attack the computer or device.
  • Malvertisement: fake criminal advertisements are displayed on real websites. When clicked, it sends the victim to a website hosting an exploit kit that uses computer or network weaknesses as the entry point.
  • Phishing or Spear Phishing: emails use social engineering tactics to trick victims into downloading and opening infected attachments.
  • Self-Propagation: ransomware that spreads across a computer network, infecting any computers, servers, or devices on the network.
  • Traffic Distribution System: redirects website traffic to a website that hosts an exploit kit and then installs the ransomware with drive-by-download malware.

Are you a potential target of a ransomware attack?

There are a number of factors that might make you the target of a ransomware attack.

  • The device used is no longer state-of-the-art
  • The device has outdated software
  • Browsers and/or operating systems are no longer patched
  • No proper backup plan exists
  • Antivirus and Scanning tools not being utilized effectively
  • Insufficient attention has been paid to cybersecurity, and a concrete plan is not in place

How do you protect yourself from getting infected by Ransomware?

To prevent ransomware, user awareness and understanding of how ransomware happens is vital. When users understand the real impact of ransomware, they become invested in keeping their organization and themselves alert to cyberattacks. The following tips can be utilized to avoid you getting infected by Ransomware.

  • Avoid clicking on links in spam messages or on unknown websites. If you click on malicious links, an automatic download could be started, which could lead to your computer being infected.
  • Avoid disclosing personal information: If you receive a call, text message, or email from an untrusted source requesting personal information, do not reply. If in any doubt as to whether the message is legitimate, contact the sender directly.
  • Do not open suspicious email attachments, avoid opening any dubious-looking attachments. Never open attachments that prompt you to run macros to view them. If the attachment is infected, opening it will run a malicious macro that gives malware control of your computer.
  • Never connect USB sticks or other storage media to your computer if you do not know where they came from. Cybercriminals may have infected the storage medium and placed it in a public place to entice somebody into using it.
  • Use only known download sources, Rely on verified and trustworthy sites for downloads. Websites of this kind can be recognized by the trust seals. Make sure that the browser address bar of the page you are visiting uses “https” instead of “http”. A shield or lock symbol in the address bar can also indicate that the page is secure.
  • Backup all important information. Perform and test regular backups to limit the impact of data or system loss and to expedite the recovery process.
  • Keep your operating system and software up-to-date with the latest patches. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
  • Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
  • Avoid enabling macros from email attachments. If a user opens the attachment and enables macros, embedded code will execute the malware on the machine.
  • Educate and encourage cyber security awareness thus making it easy for employees to participate in cyber security awareness training. Give employees the training that fits with how and when they learn.
  • Configure your anti-spam filters for dangerous file types. Setting your spam filters to flag files such as .exe, .vbs, and .scr can go a long way in preventing ransomware attacks.
  • Use the Show File Extension feature. An increasing number of ransomware attacks disguise the file carrying the malicious code in a file such as Table.xlsx.exe. Turning on Windows’ Show File Extension feature completely negates these attacks.
Connect with us

  • The decision we make today on cyber security will determine the security of the society in which we live tomorrow.
  • Related link

    • Sri Lanka CERT|CC

Quick links

  • Home
  • Resources
  • Publications
  • About Us
  • Contact us

Contact us

Address
Sri Lanka CERT,
Room 4-112, BMICH, Bauddhaloka Mawatha,
Colombo 07, Sri Lanka.

Phone
+94 11 269 1692 / +94 11 269 5749
+94 11 267 9888

Email
cert@cert.gov.lk

318882
Total Users : 318882
© Sri Lanka CERT|CC 2025. All rights Reserved.
Designed and Developed by Procons Infotech
WordPress Lightbox
Skip to content
Open toolbar Accessibility Tools

Accessibility Tools

  • Increase TextIncrease Text
  • Decrease TextDecrease Text
  • GrayscaleGrayscale
  • High ContrastHigh Contrast
  • Negative ContrastNegative Contrast
  • Links UnderlineLinks Underline
  • Readable FontReadable Font
  • Reset Reset