Ransomware can arrive on a computer system the same way other malware does, but ransomware threat actors — those who hold the data hostage — aren't usually able to breach systems themselves. Instead they rely on a variety of methods to get their malware onto the systems they deem ripe for plucking.

Why should you care about ransomware? Simple: ICIT said that financial institutions are likely the next major sector to be targeted by ransomware, if their systems have not been infected already. According to report findings, ransomware attackers are 21st century highwaymen threatening the lifeblood of their victims — information and law enforcement has neither the time nor the resources to track down the culprits.

In fact, if infected by ransomware, law enforcement itself often pays the ransom simply to regain control over its own computer systems. If the good guys are reduced to paying ransom, what's a financial services company to do — particularly since the cost of being locked out of customer data can be far higher than paying ransom?

User awareness is key to deterring attacks

One thing companies can do is make sure that personnel are more aware of common ransomware attacks, since, as the report said, only a societal cybersecurity reformation in user awareness and training will deter the attackers.

The importance of not clicking on unknown emails or attachments, or even ads on reputable sites, and of learning to recognize bogus emails and ads, should be impressed on all staffers from top to bottom at financial firms. In addition, all personnel should be warned not to use unsecured devices, connect unprotected personal devices (such as flash drives) to company systems and to keep their own antivirus protection up to date. Last but not least, organizations should keep their own system protections current, ensure that all third-party vendors are thoroughly checked out, and have a plan in place to respond if they're infected.

To that end, here are seven ways the report said ransomware can gain a foothold at your company:

1. Traffic Distribution System

Traffic distribution services redirect web traffic to a site hosting an exploit kit. That traffic can be pulled from adult content sites, video streaming services or media piracy sites.

Some ransomware groups may even hire a traffic distribution service to spread their ransomware. If the host is vulnerable to the exploit kit on the landing page, then the malware is downloaded onto the system as a drive-by download, sometimes without the user's knowledge.

2. Malvertisement

As with a traffic distribution service, a malicious advertisement can redirect users from a harmless site to a malicious landing page. Malvertisements may appear legitimate and can even appear on trusted sites if the administrator is fooled into accepting the ad provider or if the site is compromised.

Malicious threat actors can purchase traffic from malvertisement services. Redirected victims can be purchased according to geographic location, time of day, visited site and a number of other factors.

3. Phishing Emails

These are the primary delivery methods of ransomware, simply because people are so conditioned to open emails and click on links and attachments. Even with training and awareness programs, the report said, most organizations find it difficult to reduce successful spear phishing attempts to less than 15% of personnel.

Botnets send spam or tailored phishing emails randomly or to personnel within an organization. According to Symantec, ransomware emails tend to masquerade as mail delivery notifications, energy bills, résumés, notifications from law enforcement or tax returns.

4. Downloaders

Malware can be delivered onto systems through stages of downloaders to minimize the likelihood of signature-based detection. Ransomware criminals pay other threat actors to install their ransomware onto already infected machines.

Ransomware could even act as a mask for a deeper malware infection unsuspected by users that will remain even after the ransomware is removed.

5. Social Engineering

Social engineering and human ignorance can conspire to get people to install the malware on their own computers.

The report pointed out that fake antivirus applications tell users that their computer is at risk of numerous debilitating viruses, and performance optimizers convince users that their system can achieve better results.

Even locker ransomware (which locks a user out of a system, rather than encrypting the data the system contains) that appears as a malvertisement on other sites depends on users clicking on the prompt to initiate installation.

6. Self-Propagation

Usually a form of crypto-ransomware (which encrypts a user's data), some forms of ransomware are able to self-replicate throughout a network much as other kinds of malware do — such as spreading through a user's contact book via messages into other systems. ICIT said that self-propagating ransomware is likely how malware will evolve, thanks to the growing interconnectivity of the Internet of Things.

7. Ransomware as a Service

This is actually the outsourcing of malware to less-technical criminals.

The applications are designed to be deployed by almost anyone, with the original creator of the malware collecting a percentage of the ransom as a fee if the person using the creator's ransomware is successful at collecting a ransom from the victim.