What Is Ransomware? A Plain-English Guide for Small Business Owners

If you've landed here, you're either worried about ransomware or you've just been hit by it. Either way, I'm going to give you the truth in plain language — no jargon, no fear-selling. I'm David Martin; I help small businesses in central Kentucky prepare for exactly this.

Here's the most important sentence on this page, and I'll put it right up front so you don't miss it: once ransomware hits, whether you fully recover is mostly decided by what you did before it happened. If that sounds harsh, stay with me — because it's also the good news.

What ransomware actually is

Ransomware is a type of malicious software that sneaks onto your computer, scrambles all your files so you can't open them, and then demands a payment — usually in cryptocurrency — to unscramble them.

Think of a burglar who doesn't steal anything. Instead, he slips in, changes every lock in your building, and leaves a note: "Pay me and I'll give you the keys." Your files are all still sitting right there. You just can't get into any of them. That's ransomware.

How it gets in

It's almost never dramatic. The most common ways it slips in are boring:

  • A bad email. Someone clicks a link or opens an attachment in an email that looked legitimate — an invoice, a shipping notice, a message that seemed to be from a coworker.

  • A weak or reused password. If the same password protects your email and got leaked somewhere else, attackers can walk right in.

  • Out-of-date software. Old, unpatched programs have known holes that ransomware is built to crawl through.

  • No second lock. An account with just a password — no second step to log in — is a single point of failure.

Notice something: none of these require you to be careless or a big target. Small businesses get hit constantly, precisely because attackers assume — often correctly — that they're not prepared.

What happens when it hits

Usually you find out all at once. A screen turns red. Files won't open. A note appears demanding payment, often with a countdown timer to pressure you into deciding fast. Your point-of-sale, your QuickBooks, your client files, your photos — all locked at the same time.

And here's where people make their most expensive mistake: they assume they can just pay, or just "restore it," and it'll be fine. Often, neither is true.

The hard truth about recovery

I'm going to be straight with you, because most of this industry won't be: without preparation already in place, full recovery is unlikely.‍ ‍

Here's why.

  • The encryption is real. Modern ransomware uses the same kind of strong encryption that protects banks. Without the attacker's key, unscrambling your files isn't a matter of finding the right tech — for most strains, it genuinely can't be done.

  • Paying is a gamble, not a guarantee. Plenty of businesses pay and never get a working key, or get one that only recovers some of their files. You're also trusting a criminal to keep their word, funding the next attack, and marking yourself as someone who pays.

  • "Just restore from backup" only works if the backup is real. Most businesses think they have backups. Then they try to restore and discover the backup stopped working months ago, or the ransomware reached it too because it was sitting on the same network.

There's one narrow bit of hope: for certain older or broken ransomware strains, free decryption tools exist (the No More Ransom project is the legitimate place to check). But you cannot count on your particular attack being one of those. Planning around it is like planning to win a raffle.

So no — I'm not going to promise you a magic fix after the fact. What I'll promise is that the before is completely within your control.

How to actually be prepared

This is the part that matters, and none of it is complicated:

  • Have real, tested backups. Not "files syncing to a cloud folder" — actual backups you have tried restoring from so you know they work. A backup you've never tested isn't a backup; it's a hope. If you want an app for that, check out the purpose driven VaultGuard Backup that I created.

  • Keep at least one copy ransomware can't reach. An offline or off-site copy that isn't connected to your everyday network. If your only backup is plugged into the same computer that gets infected, it gets encrypted too.

  • Turn on two-step login for your email and important accounts. This one setting stops a huge share of attacks cold.

  • Keep your software updated, and be suspicious of unexpected links and attachments — even ones that look like they're from someone you know.

  • Know who you'd call before you need to. Panic is a terrible time to be looking up phone numbers.

Do those things, and ransomware goes from "existential threat" to "expensive annoyance you recover from in a day."

If it happens anyway

If you're reading this mid-attack:

  1. Disconnect the affected computer from the internet and your network immediately — unplug the cable, turn off the Wi-Fi. This can stop it from spreading to other machines.

  2. Don't rush to pay. That countdown is designed to make you panic. Take a breath.

  3. Don't wipe or "fix" anything yet. You may destroy evidence or your one path back.

  4. Get help, and report it to the FBI's Internet Crime Complaint Center (ic3.gov).

  5. If you prepared — clean backup, offline copy — this is the moment it pays off. You restore, and you move on.

If you want the step-by-step version of that last part, I've written a separate guide on how to recover from ransomware without paying.

The bottom line

Ransomware isn't really a recovery problem. It's a preparation problem wearing a scary mask. The businesses that shrug it off are the ones who got ready ahead of time — and getting ready is neither expensive nor complicated.

If you're not sure where your business actually stands, that's exactly what my free 30-minute Data Safety Check is for. It's a plain-language conversation — no software to install, no access to your systems, no pressure. If you're already in good shape, I'll tell you that.

I'm local, in Hardin County, and when you call, you're talking to me.

‍ ‍

Request a free Data Safety Check →

Next
Next

Windows 11's New "Default Backup" Won't Save Your Files — Here's What It Actually Does