Ransomware
Ransomware is a type of malicious software that is most often installed by opening an email attachment, clicking on an ad, or visiting an infected website. This type of malware encrypts the most commonly used files (Word, Excel, pictures, music, video, etc.) and then demands payment for their restoration; however, one must be aware that attackers may or may not actually provide the decryption key upon receiving payment.
How Can I Protect Myself Against Ransomware?
Once a ransomware infection occurs, it’s often too late to recover the encrypted information. Many years of research and/ or personal treasures may be lost forever.
Fortunately, there are a few things one can do to avoid the devastating effects of ransomware.
- Be mindful when using email. Because most phishing strategies try to lure victims into clicking on malicious links and installing malware, it is important to be able to recognize and avoid phishing attempts.
- Back up your information regularly. ITS provides you with the option to backup important work-related files to OneDrive; however, if you backup your data to an external drive, do not leave that drive attached at all times. Only attach a backup drive when performing backups; otherwise, malware will find and encrypt your backups as well.
- Install anti-virus/ antimalware solutions. ITS provides multiple layers of defense for District computers. Home users can choose from dozens of free and paid-for solutions. Just make sure that they are scanning and receiving updates frequently.
- Keep your operating system and software up to date. Although both Windows and macOS automatically install security updates, you should make a semi-regular habit of checking to ensure that updates are not awaiting your response, haven’t failed, or that the update service has not stopped. Furthermore, many software packages do not auto-update on their own, so you need to keep an eye out for updates when they become available.
What Do I Do if I Suspect My Computer Is Infected?
- Stop using the device immediately.
- Do not power down the device. The device may contain important information for a forensics team.
- Unplug the device from the network or disconnect it from Wi-Fi. Infected systems are often used to infect others on the same network.
- Follow the ITS Incident Reporting Procedure.
The FBI’s Take on Ransomware
The FBI does not support paying a ransomware’s demands because:
- There is no guarantee that the perpetrators will decrypt your files, and
- Paying the ransom only encourages perpetrators to target more people
Instead, the FBI encourages victims to report ransomware incidents by:
- Contacting your local FBI field office to request assistance, or
- Submitting a tip online, or
- Filing a report with the FBI’s Internet Crime Complaint Center (IC3)
Video: What is Ransomware and How to Can I Protect Myself? (2:56 min)
Video courtesy of ESET Technology
If You See Something, Say Something
Cybersecurity is a shared responsibility. Please report all suspicious activity and unauthorized access to computers, software, and websites to the Office of Information Security.
If you are looking to report a potential crime or similar non-emergency situation, please refer to the Police & Campus Safety website.
Protect your password
Administrative Procedure 3720 specifically prohibits the sharing of login credentials. Never provide your password to anyone: not your coworker, not your boss, not even ITS.
Don’t be a victim of phishing!
Forward all suspicious emails to Report a Phish. No one, not even ITS, should ask for your password or send emails or texts soliciting you to log in with your account. If someone does, they are phishing. If you do give your password to someone, immediately change it in the Viking Portal.