Are Your Employees Ransomware Ignorant?

Ransomware is one of the most profitable forms of attack for cybercriminals. Yet, according to a recent survey, 37 percent of employees don't know what ransomware is.

In one report, 32 percent of those surveyed who have been the victim of ransomware still didn't know what ransomware is. Forty-five percent said they would not know what to do in response to a ransomware attack, and 40 percent of those who had been victims still didn't know what to do.

Thirty-five percent of respondents said they would not know what to do if their personal data was compromised and their employer would not pay the ransom. Around five percent said the employee should pay the ransom if their organization won't. Thirty percent of respondents thought their organization should use a ransomware decryption tool.

Fifteen percent of those who had never been victims thought an organization should never pay a ransom. Interestingly, that percentage increased to 21 percent among respondents who had been suffered from a ransomware attack. Sixty-seven percent said they would not pay any amount of money to recover their personal files, and 20 percent believe they wouldn't get their data back even if they paid.

Finally, 68 percent of respondents think that an organization's information technology team should be responsible for keeping employee data safe, while only five percent think employees themselves should be responsible for keeping their own data safe by checking email links and attachments.

The report is based on a survey of 2,007 employees in the U.S. and 1,011 employees in Canada conducted in November 2019. Lance Whitney "Survey: 37% of workers unaware of ransomware, putting businesses at risk" (Apr. 2, 2020).


Ransomware encrypts data so that you cannot access it. To release your data, criminals demand a ransom, typically in Bitcoin, from the organization or person in exchange for regaining access to data that has been locked up and cannot be accessed.

Even if you pay the ransom, criminals may not decrypt the data; they may compromise the data; or they may install malware to monitor your data use for future attacks. Once you pay a ransom, you are marked as someone that will pay a ransom and that increases your risk.

You are dealing with criminals, so trusting them to do what they promise is a stretch. As a result, most argue that paying the ransom is not the best practice unless absolutely necessary.

There are many defenses to ransomware, but the best security blanket is backing up your information so that if it is encrypted you can access most of it.

Another best practices is training. Train employees to use a virtual private network (VPN) to securely access the organization’s network when working remotely and to protect all accounts with a long, unique, strong password.

Train employees to regularly back up all files both on a physical hard drive not connected to the internet and in the cloud. That way, locked up, inaccessible data can be retrieved elsewhere.

Software must be kept updated, and all security updates should be promptly run. Security updates often involve a patch, which addresses an exploited known vulnerability.

Employees must notify your organization’s information technology department or a manager if a ransom is demanded. Have a security plan and a ransomware response plan in place in those cases.

Finally, your opinion is important to us. Please complete the opinion survey: