What Different Industries Need to Do to Defend Against Ransomware

Several recent articles have identified the industries most frequently hit by ransomware attacks. If you work in one of these fields, you might need to be extra vigilant about protecting data and making sure it is replicated, accessible and immutable.

Read on to find out what you can do to fight back!

Business/Professional Services

ZDnet reports that ransomware in business/professional services accounts for more than a quarter of all attacks. Email attachments are the norm for these companies, and savvy attackers can make phishing emails and attachments look very legit.

What to do: In addition to protecting data system-wide, educate all employees on how to identify a suspicious email, and set policies for how emails should be handled even on the employees’ own devices.

Local/Municipal Governments

Government agencies are frequent targets. In these environments IT staffs are small, overworked, and under-resourced, so ransomware is more likely to slip by unnoticed.

What to do: Consult a managed service provider or vendor of data protection software to find the most affordable, least time-consuming way to stay safe. If you choose a turnkey product or service, make sure it’s automatically updated to save administrative time and headache.


Contradicting the prior report, TechRepublic identifies education as the top target for ransomware – 13 percent of educational organizations were attacked in the year studied. In government offices, smaller IT teams and smaller budgets create vulnerability.

What to do: Both of the above. A small investment in a cybersecurity consultation, and training for staff and students, will help identify breaches waiting to happen. As file sharing is rife on campuses, consider implementing policies on peer-to-peer file sharing and/or systems to address it.


Ransomware in healthcare and hospitals doesn’t just cost money, it can cost lives. These organizations tend to get attacked for one simple reason: they pay up. Access to patient data is a matter of life and death, so they hand over the ransom stat.

What to do: Rather than pay a ransom, the best defense is a good offense. When data is as critical as this, don’t skimp on security. Most healthcare data is subject to privacy regulations already, so it makes sense to take the extra necessary steps to keep it safe from cybercrime too.


Hacker Noon identifies the investment industry as an ideal target for ransomware. For starters, data is the lifeblood of banking and finance, and then of course there’s the fact that these institutions and firms have what cybercriminals want most: money.

What to do: Remember the cost of downtime can be ten to 20 times higher than the dollar amount of ransom demanded.

Spare no expense protecting the personal financial data of clients, data that is used for analytics (such as trend analysis and forecasting), data that would be valuable to your competitors, and any other data the organization monetizes.


Retail businesses are also highly likely to retain their customers’ private data, such as credit card or bank account numbers, as well as information collected via store loyalty programs. Industry experts note that online retailers often sacrifice network protection in the interest of providing customers with a smooth shopping and transaction experience.

What to do: Ransomware in retail not only compromises customer data, it compromises reputation, so take steps to train both local and store-level workers, ensure all OSes are updated, and use storage at a remote store location to keep encrypted backups.

In Conclusion

Regardless of industry, all organizations need to take practical steps to ensure they can prevent and recover from attacks.

At a minimum, ensure business-critical information is stored and backed up safely, make sure data is encrypted, and keep backups stored offline, at another site, or on another network.

If you’re curious about your risks, take a short survey here or talk to us today!


[gravityform id="47" title="false" description="false" tabindex="64"]
[gravityform id="62" title="false" description="false" tabindex="20"]
[gravityform id="60" title="false" description="false" tabindex="20"]
[gravityform id="58" title="false" description="false" tabindex="20"]
[gravityform id="47" title="false" description="false" tabindex="30"]
[gravityform id="47" title="false" description="false" tabindex="20"]
[gravityform id="39" title="false" description="false" tabindex="50"]
[gravityform id="19" title="false" description="false" tabindex="10"]