Ransomware – when nothing works

26.05.2025 - Suddenly everything is blocked: You can't access your systems and networks, all your data is encrypted – and shortly afterwards you get a ransom note. Typically, the note contains the threat that the data will be irrevocably deleted or published on the darknet. Unprepared companies are often faced with huge challenges at this point. But what can you do to prevent a ransomware attack or, if it is already too late, how can you deal with it in the best possible way? This year's national S-U-P-E-R.ch campaign "No excuses – take action!" calls on you to take responsibility and act preventively.

There are many ways that ransomware can enter a system. One common way is through unpatched security holes. Unpatched software or outdated systems make it easy for hackers to infiltrate networks and plant malware. It is therefore important that you install updates on all your systems as soon as they become available. Don't put it off – make carrying out updates a part of your routine.

Another common entry point for attackers is systems protected by weak passwords. This risk becomes especially critical when these systems are accessible directly from the internet. Cybercriminals often exploit such vulnerabilities to gain unauthorised access and deploy ransomware. To mitigate this threat, it is essential to secure remote access points. Best practices include restricting access by using virtual private networks (VPNs) and two-factor authentication.

As it's impossible to completely prevent ransomware attacks, it's important to ensure that you're not completely at the mercy of cybercriminals in the event of an incident. This is where a solid backup strategy becomes essential: Take the time to back up your systems and data regularly using a variety of methods, such as external hard drives or cloud storage. It is important to include backups that are disconnected from your network after the process (called 'air gap backups'). This precaution will help prevent ransomware from encrypting your backup data. In addition, regularly test your recovery process to confirm that your backups can be effectively restored when needed.

Employee awareness plays a vital role in protecting against cyberthreats. It's important to educate staff about potential risks and provide support when needed. Take the time to invest in training!