What is ransomware? Tips on prevention and what to do if you are affected

What can be done to help protect computers from malware?

Press Association
Last updated: 3 September 2018 - 12.55pm

In May 2017 the NHS was hit by a computer ransomware attack which affected services in England and Scotland. Ransomware is a growing threat and something that can affect business and individuals, so it’s important to take steps to protect yourself.

Action Fraud is encouraging people to understand more about what ransomware is, offering advice on how you can protect yourself and what to do if you are affected.

[Read more: 10 ways BT's free software keeps you safe online]

What is ransomware?


(Dominic Lipinski/PA)

Ransomware is a form of malicious software or malware that secretly installs itself on a user’s computer before remotely locking it down or blocking access to files and threatening to delete them unless a ransom is paid within a time limit.

How does it install itself?


(Dominic Lipinski/PA)

The most common form of attack is for hackers to hide the virus within harmless-looking emails that contain links, which users are then tricked into clicking on.

Opening the links will then covertly install the malware onto the computer without the user’s knowledge, giving it access to the computer’s files. It is at this point that the virus encrypts and locks the files and demands the ransom.

However, it can also be hidden within applications available to download from unofficial or unauthorised websites.

[Read more: How security savvy are you? Take our quiz and find out]

Can ransomware be removed?

With advanced anti-virus software, it is possible to remove the virus from a computer. It can also be done manually by putting a computer into “safe mode” and manually removing the infected files.

However, prevention remains the best form of defence.

Should I pay the ransom?

No, if you've been a victim of  ransomware you shouldn't pay. 

Even if you do pay you may not get access to your files - remember you are dealing with criminals. Paying is also (in effect) funding criminal activity.

Criminals may target you again if you pay, they may also install a 'backdoor' on your device which can be used to infect your machine again.

How can ransomware infection be prevented?


(Dominic Lipinski/PA0

Ensure your computer software is always up to date. Often important security updates are contained within these downloads and can prevent known viruses from infecting a device.

Use anti-virus software, which will protect your device agains malware. BT Broadband customers can download anti-virus software BT Virus Protect, and use it on 2 or 15 machines (depending on your package), find out more.

Users should also be vigilant in relation to email. Don't open any links or download attachments in emails from unfamiliar or possibly suspicious sources. 

Experts warn that software, apps and other programs should never be downloaded from unofficial sources as this is another common method for hackers to secretly install malware onto computers.

Make sure you back up your data onto a storage device, or using a cloud service like BT Cloud.

What happens if I get ransomeware on my device?

If you think you’ve been a victim of ransomware, report it at Actionfraud.police.uk Every report you make helps Action Fraud build up a clearer picture of the threat of ransomware and allows Action Fraud to direct the focus of its investigations.

Read more: BT Web Protect - Switch on your free protection against security threats, phishing scams and infections

More from BT