How to Protect Your Small Business from Ransomware

In 2023, over 70% of ransomware attacks targeted small and medium-sized businesses, and the FBI's Internet Crime Complaint Center received more than 2,800 ransomware complaints from businesses that year alone (Source: FBI IC3, 2024). The average ransom demand was over $200,000 — and that doesn't include lost revenue, recovery costs, or the damage to your reputation.

Hackers love targeting small businesses for one simple reason: small businesses often have valuable data but far fewer defenses than large corporations. If you're running a company on a few computers without dedicated IT support, you're a target.

The good news: most ransomware attacks are preventable. Here's exactly how they work, and what you can do to stop them.

What Is Ransomware, Really?

Ransomware is a type of malicious software that, once it gets onto your computer, encrypts all your files — making them completely unreadable. You'll see a message on your screen demanding payment (usually in cryptocurrency) in exchange for the key to unlock your files.

Without that key, your files are gone. Even if you wipe your computer and start over, the encrypted files can't be recovered without either paying the ransom or restoring from a clean backup.

Some ransomware gangs also steal your data before encrypting it, then threaten to publish sensitive customer or financial information if you don't pay — a tactic called "double extortion." According to IBM's Cost of a Data Breach Report, the average total cost of a ransomware attack reached $4.91 million in 2024, not counting the ransom itself (Source: IBM Security, 2024).

How Does Ransomware Get In?

The most common entry points are surprisingly simple:

• Phishing emails — a convincing email with a malicious attachment or link. One click is all it takes. CISA reports that phishing is involved in over 90% of cyberattacks, making it the leading ransomware delivery method (Source: CISA, 2023).
• Weak or reused passwords — attackers buy leaked password lists and try them on your accounts. If you use the same password everywhere, one breach exposes everything.
• Unpatched software — outdated operating systems and software have known security holes that ransomware exploits automatically.
• Remote Desktop (RDP) — businesses that use remote desktop tools with weak configurations are frequently targeted by automated attacks.
• Malicious downloads — free software, cracked programs, or fake updates that secretly install ransomware alongside them.

6 Ways to Protect Your Business Right Now

1. Back Up Your Data — Properly

This is the single most important thing you can do. If you have a clean backup, a ransomware attack becomes a bad day instead of a catastrophe. But the backup has to be done right — it needs to be automatic, stored off-site or in the cloud, and tested regularly. A backup on the same computer (or a drive plugged into it) will be encrypted along with everything else.

2. Keep Everything Updated

Windows updates, browser updates, software updates — they're annoying, but many of them are security patches that close holes ransomware uses. Managed IT services handle this automatically so you never have to think about it.

3. Use Strong, Unique Passwords + a Password Manager

Every account should have a different password that's long and random. A password manager makes this easy — you only remember one master password, and it handles the rest. This alone eliminates one of the most common attack vectors. The Verizon Data Breach Investigations Report found that compromised credentials were involved in 38% of all breaches in 2024 (Source: Verizon DBIR, 2024).

4. Train Your Team to Spot Phishing

Most ransomware starts with a human clicking something they shouldn't. Teaching your employees to recognize phishing emails — suspicious senders, urgency, links that don't match where they claim to go — is one of the cheapest and most effective defenses you have.

5. Use Enterprise-Grade Antivirus + Anti-Ransomware

The free antivirus that came with your computer isn't enough. Modern ransomware is designed to evade basic detection. Enterprise-grade security software watches for ransomware behavior — not just known signatures — and shuts it down before it can encrypt your files.

6. Have a Response Plan

Know what you'd do if it happened. Who do you call? Where are your backups? Having a plan before an attack means you won't waste critical hours figuring it out in a panic. The FTC recommends that every small business maintain a written incident response plan as a baseline cybersecurity practice (Source: FTC, 2023).

What Happens If You Get Hit?

If ransomware does get through, here's what to do immediately:

1. Disconnect the infected computer from the network immediately — unplug ethernet, turn off Wi-Fi
2. Do NOT pay the ransom — there's no guarantee you'll get your files back, and it marks you as a target
3. Contact your IT provider right away — they can assess the damage and begin recovery
4. Restore from your backup if you have one — this is why backups are non-negotiable
5. Report the attack to the FBI's Internet Crime Complaint Center (IC3)

The Bottom Line

Ransomware is a real and growing threat to small businesses, but it's mostly preventable with the right protections in place. Backups, updates, strong passwords, and proper security software eliminate the vast majority of attack vectors.

If you're not sure whether your business is protected, contact York Computer for a free 15-minute security review. We'll look at what you have and tell you honestly where you stand.