Small businesses are becoming popular targets to a form of malware known as ransomware. Ransomware is used by cyber criminals to freeze your computer or mobile device, steal your data and demand a “ransom” — anywhere between a couple of hundred to thousands of dollars — be paid. Ransomware infiltrates enterprise networks and servers and individual laptops or computers, leading to the loss of critical information and data. “Ransomware poses a great threat to small businesses because it has the power to wipe out and compromise their entire network,” said Doug Johnson, the American Bankers Association’s senior vice president of payments and cyber security policy. “Businesses can minimize their exposure to these malicious threats by educating their frontline staff, limiting the use of privileged accounts and making sure all virus protection software is up to date.”These tips can help small businesses thwart ransomware attacks:

  • Educate your employees. Employees can serve as a first line of defense to combat online threats and can actively help stop malware from infiltrating the organization’s system. A strong security program paired with employee education about the warning signs, safe practices, and responses aid tremendously in preventing these threats. 
  • Manage the use of privileged accounts. Restrict users’ ability to install and run software applications on network devices, in an effort to limit your networks exposure to malware.
  • Employ a data backup and recovery plan for all critical information. Backups are essential for lessening the impact of potential malware threats. Store the data in a separate device or offline in order to access it in the event of a ransomware attack. 
  • Make sure all business devices are up to date. Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans so that your operating systems operate efficiently. 
  • Contact your local FBI field office immediately to report a ransomware event and request assistance. Visit to locate the office nearest you.

Click here to view ABA’s ransomware infographic.

This blog is intended to be an informational resource for readers. The views expressed on this blog are those of the bloggers, and not necessarily those of FSB. This blog does not provide legal, financial, accounting or tax advice. The content on this blog is "as is" and carries no warranties. FSB does not warrant or guarantee the accuracy, reliability, and completeness of the content on this blog.