03-12-20 | Blog Post

What are the top sources of ransomware infection?

Blog Posts

Ransomware is forecast to cost $170 billion worldwide in 2020, and it’s well known that it can infect businesses of all sizes, industries and revenue anywhere around the world. What can you do to prevent a ransomware attack? First, it helps to understand the top sources of ransomware infection, so you can better fortify your employees and your networks against a possible attack. Below, we break down the top ransomware sources.


The most common attack vector. These are typically email attachments that contain malicious macro attachments, and are the chosen method these days. You’ll see these most often in phishing attacks, so you’ll want to double check the addresses of any emails that claim to be from your boss or the head of your organization, HR, or your finance department before downloading any attached files from them.

Removable media

This is a very simple way to infect a machine, as users generally trust these devices. For example, a study by Google and two US universities found that dropping an USB stick in public places was a simple and effective way to trigger human curiosity, with a full 49% of the ‘bait USBs’ being plugged into a computer by people who found them. Just like you wouldn’t eat candy lying on the sidewalk, don’t plug in USBs that you see lying around.


Malvertising is when attackers compromise the weak infrastructure of an online ad network that serves advertisements to legitimate websites. Users are tricked to download malware through display ads. Sometimes they don’t even need to download anything in order to be exposed, a tactic known as drive-by downloading. Keep your adblocking software on when you’re browsing the web.

Social media and SMS

Examples of ransomware delivered through social media include shortened links such as Owly or Bitly. These are often JavaScript based, so they require little action on the user’s part, other than to click the link and get infected. Be wary of messages with links from people you don’t recognize, either through SMS or your regular social channels. Even if you do know them, if they’re not the type to send you links to the latest cat dancing video, don’t click on them.


Unfortunately, ransomware has paid off big for hackers, and that has given rise to vast affiliate networks, where ransomware is easy to deploy and manage for almost anyone, and where the earning potential is significant. Think of it as the black hat version of regular cloud services, but instead of paying a flat or monthly fee for access to a service provider’s cloud infrastructure, they’re paying for ransomware kits they can easily send out to victims.

Now that we’ve covered some of the top sources of infection, you can start to address your infrastructure’s points of failure and whether you are susceptible to a possible attack through any of the above means. Check out our blog post, Ransomware Preparedness with Cloud Solutions for tips to strengthen your environment’s resiliency against a ransomware attack.

Related articles about ransomware:

Ransomware and healthcare: What you need to know

What is ransomware and how do you protect against it?


About Otava

Otava provides secure, compliant hybrid cloud solutions for service providers, channel partners and enterprise clients. By actively aggregating best-of-breed cloud companies and investing in people, tools, and processes, Otava’s global footprint continues to expand. The company provides its customers with a clear path to transformation through its highly effective solutions and broad portfolio of hybrid cloud, data protection, disaster recovery, security and colocation services, all championed by its exceptional support team. Visit www.otava.com to learn more.

Overwhelmed by cloud chaos?
We’re cloud experts, so you don’t have to be.

© 2024 OTAVA® All Rights Reserved