What Is Ransomware?
Ransomware is a type of malicious software that encrypts your files. Often, the only way to decrypt and gain access to the files is by paying a “ransom” or fee to the attackers. The attackers might provide the decryption key allowing you to regain access to your files. Ransomware may spread to any shared networks or drives to which your devices are connected. We are continuing to see ransomware attacks and expect their frequency to increase.
How Can I Get Infected with ransomware?
Common vectors for ransomware attacks include e-mails with malicious attachments or links to malicious websites. It’s also possible to get an infection through instant messaging or texts with malicious links. Antivirus may or may not detect a malicious attachment, so it’s important for you to be vigilant.
How Can I Protect Myself Against Ransomware?
There are two steps to protection against ransomware:
- Preparation. Back up your information regularly. Once a ransomware infection occurs, it’s often too late to recover the encrypted information. Your research project or other important information may be lost permanently.
- Identification. Ransomware typically appears as phishing e-mails, either with links to malicious websites or infected files attached. You might also see a ransomware attack perpetrated through a pop-up telling you that your computer is infected and asking you to click for a free scan. Another possible vector is malvertising, malicious advertising on an otherwise legitimate website.
Probably the Most Important Steps You Can Take to Prepare…
- Ensure that your information is backed up regularly and properly. Because ransomware can encrypt the files on your computer and any connected drives, it’s important to back up your files regularly to a location that you’re not continuously connected to. Currently, IITS provides you the option to .
- When using back up methods such as external hard drives, ensure that you’re able to restore files from your backups.
- Ensure that antivirus/anti-malware is up to date and functioning on your home computer. Antivirus may detect malicious attachments.
- Ensure that you’re keeping your system (and mobile devices) up to date with patches. If you’re prompted by your computer or mobile device to accept updates, accept them at your earliest convenience.
- Don’t do day-to-day work using an administrator account. A successful ransomware attack will have the same permissions that you have when working. (If you’re not using an account with administrator privileges, the initial attack may be foiled.) IITS prohibits access to administrative accounts on its internal networks.
What Do I Do If I Think I’m Infected?
- Immediately report the ransomware attack to the IITS Help Desk.
- Isolate or shut down the infected computer. (If you’re on Wi-Fi, turn off the Wi-Fi. If you’re plugged into the network, unplug the computer. Infected systems should be removed from the network as soon as possible to prevent ransomware from attacking network or shared drives.)
Video: What is Ransomware and How to Can I Protect Myself? (2:56 min)
Video courtesy of ESET Technology
- The FBI’s tips for dealing with the ransomware threat.
- New York Times article “How to Protect Yourself from Ransomware Attacks.”
- Naked Security by Sophos offers 8 Tips for Preventing Ransomware.
- Explore Trend Micro’s “Ransomware 101: What, How, and Why,” which includes a rescue plan infographic and a five-minute video.
- Europol’s European Cybercrime Center provides tips and advice to prevent ransomware from infecting your electronic devices.
- Learn more about the Global Impact of Ransomware on Businesses in this MalwareBytes infographic.
- Watch these short videos: Ransomware – Anatomy of an Attack and How Ransomware Locks Your PC and Holds Your Data Hostage.