A few days ago, Hancock Health, which operates dozens of health care facilities in Indiana became a victim of ransomware in an attack that infected its computer system and locked up more than 1,400 of its files. In return for freeing the files, the cybercriminals demanded a ransom of approximately $50,000 in Bitcoins, which the hospital paid, after which their files which included patient records and company emails were unencrypted. It appears that the source of the ransomware infection was through an outside vendor of Hancock Health victimized by spear phishing.
Most ransomware attacks as well as other types of malware attacks are spread  through phishing emails that lure unsuspecting people into clicking on malware infected links or downloading attachments tainted with malware.  As I am constantly reminding you, never click on links or download attachments until you have confirmed that they are legitimate.
You also should update all of your electronic devices with the latest security updates and patches as soon as they become available, preferably automatically.  Many past ransomware attacks exploited vulnerabilities for which patches had already been issued.
As for protecting yourself specifically from ransomware, you should back up all of your data on at least two different platforms, such as in the Cloud and on a portable hard drive. Companies and agencies which can afford to should also use Whitelisting software which prevents the installation of any unauthorized computer software programs.