How to
Jonathan Crowe
May 2016

Surviving Ransomware: Lessons from IT Pros Who Didn't Pay

Police evidence and case records held hostage. A hospital brought to a grinding halt. An entire school district extorted. Hardly a day goes by without a new ransomware attack or variant making headlines. 

But for all the breaking news and troubling ransomware stats, one thing that is often missing from reporting on ransomware are the perspectives of the people in charge of protecting their companies and users against it. 

What Dealing with a Ransomware Attack Looks and Feels Like Firsthand

To get a better sense of the full impact of ransomware and what an attack actually looks and feels like, we asked members of the Spiceworks IT pros community to share their first-hand experiences of getting hit with it. 

Their responses underscore how much of a nightmare dealing with a ransomware attack can be, but they also capture a remarkable defiance and determination not to let attackers win.

While some reports have indicated up to 50% of American ransomware victims have chosen to pay the ransom, an astounding 95% of our survey respondents refused to give in to the attackers' demands. 

For a look at the key findings from our survey, along with tips for limiting the damage and preventing ransomware attacks in the first place, see our infographic below.

Click here to download a PDF version of the infographic


Ransomware Lessons Learned Firsthand: 5 Tips to Help You Avoid Paying the Ransom

  1. “Make sure there are no mapped drives a virus can easily access." Some ransomware families like VirLock and Locky are able to access and encrypt shared network drives, spreading the ransomware infection across an entire organization. 
  2. “Limit user access to only what they actually need. Not necessarily what they think they need.” If a user can access files, it's likely an attacker who compromises that user will be able to access them, too.   
  3. “If end users were more educated this wouldn't happen." The majority of ransomware gets delivered by tricking users into clicking malicious email attachments and links. Training users how to spot phishing emails and avoid taking the bait is critical to reducing your risk.
  4. “We replaced outdated and ineffective antivirus with current protection on all vulnerable endpoints." Traditional signature-based security solutions like antivirus products have protection gaps that today's attackers readily take advantage of. Find out more here.
  5. “Always make sure you have a working and complete backup." Restoring encrypted files from backup is a good way to avoid paying ransomware demands, but only if you make the proper preparations


Looking for more info on how to prevent ransomware attacks?

See how Barkly's runtime malware defense stops ransomware. 

Jonathan Crowe

Jonathan Crowe

Jonathan covers the latest threats and cybersecurity trends from a practical perspective.


Close the gaps in your security

Stop paying for AV, get the strongest protection instead. See how Barkly blocks attacks that are getting past AV.

See a demo


Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.