Ransomware

Ransomware is a type of malicious software that is most often installed by opening an email attachment, clicking on an ad, or visiting an infected website. This type of malware encrypts the most commonly used files (Word, Excel, pictures, music, video, etc.) and then demands payment for their restoration; however, one must be aware that attackers may or may not actually provide the decryption key upon receiving payment.

How Can I Protect Myself Against Ransomware?

Once a ransomware infection occurs, it’s often too late to recover the encrypted information. Many years of research and/ or personal treasures may be lost forever.

Fortunately, there are a few things one can do to avoid the devastating effects of ransomware.

  • Be mindful when using email. Because most phishing strategies try to lure victims into clicking on malicious links and installing malware, it is important to be able to recognize and avoid phishing attempts.
  • Back up your information regularly. IITS provides you with the option to backup important work-related files to OneDrive; however, if you backup your data to an external drive, do not leave that drive attached at all times. Only attach a backup drive when performing backups; otherwise, malware will find and encrypt your backups as well.
  • Install anti-virus/ antimalware solutions. IITS provides multiple layers of defense for District computers. Home users can choose from dozens of free and paid-for solutions. Just make sure that they are scanning and receiving updates frequently.
  • Keep your operating system and software up to date. Although both Windows and macOS automatically install security updates, you should make a semi-regular habit of checking to ensure that updates are not awaiting your response, haven’t failed, or that the update service has not stopped. Furthermore, many software packages do not auto-update on their own, so you need to keep an eye out for updates when they become available.

What Do I Do if I Suspect My Computer Is Infected?

  • Stop using the device immediately.
  • Do not power down the device. The device may contain important information for a forensics team.
  • Unplug the device from the network or disconnect it from Wi-Fi.  Infected systems are often used to infect others on the same network.
  • Follow the IITS Incident Reporting Procedure.

The FBI’s Take on Ransomware

The FBI does not support paying a ransomware’s demands because:

  • There is no guarantee that the perpetrators will decrypt your files, and
  • Paying the ransom only encourages perpetrators to target more people

Instead, the FBI encourages victims to report ransomware incidents by:

Video: What is Ransomware and How to Can I Protect Myself? (2:56 min)

Video courtesy of ESET Technology

Post

Protect your password

Administration Regulation 6006 specifically prohibits the sharing of login credentials. Never provide your password to anyone: not your coworker, not your boss, not IITS.

Post

Don’t be a victim of phishing!

Forward all suspicious emails to Report a Phish. No one, not even IITS, should ask for your password or send emails or texts soliciting you to log in with your account. If someone does, they are phishing. If you do give your password to someone, immediately change it in the Viking Portal.