Ransomware is a type of malicious software that is most often installed by opening an email attachment, clicking on an ad, or visiting an infected website. This type of malware encrypts the most commonly used files (Word, Excel, pictures, music, video, etc.) and then demands payment for their restoration; however, one must be aware that attackers may or may not actually provide the decryption key upon receiving payment.
How Can I Protect Myself Against Ransomware?
Once a ransomware infection occurs, it’s often too late to recover the encrypted information. Many years of research and/ or personal treasures may be lost forever.
Fortunately, there are a few things one can do to avoid the devastating effects of ransomware.
- Be mindful when using email. Because most phishing strategies try to lure victims into clicking on malicious links and installing malware, it is important to be able to recognize and avoid phishing attempts.
- Back up your information regularly. IITS provides you with the option to backup important work-related files to OneDrive; however, if you backup your data to an external drive, do not leave that drive attached at all times. Only attach a backup drive when performing backups; otherwise, malware will find and encrypt your backups as well.
- Install anti-virus/ antimalware solutions. IITS provides multiple layers of defense for District computers. Home users can choose from dozens of free and paid-for solutions. Just make sure that they are scanning and receiving updates frequently.
- Keep your operating system and software up to date. Although both Windows and macOS automatically install security updates, you should make a semi-regular habit of checking to ensure that updates are not awaiting your response, haven’t failed, or that the update service has not stopped. Furthermore, many software packages do not auto-update on their own, so you need to keep an eye out for updates when they become available.
What Do I Do if I Suspect My Computer Is Infected?
- Stop using the device immediately.
- Do not power down the device. The device may contain important information for a forensics team.
- Unplug the device from the network or disconnect it from Wi-Fi. Infected systems are often used to infect others on the same network.
- Follow the IITS Incident Reporting Procedure.
The FBI’s Take on Ransomware
The FBI does not support paying a ransomware’s demands because:
- There is no guarantee that the perpetrators will decrypt your files, and
- Paying the ransom only encourages perpetrators to target more people
Instead, the FBI encourages victims to report ransomware incidents by:
- Contacting your local FBI field office to request assistance, or
- Submitting a tip online, or
- Filing a report with the FBI’s Internet Crime Complaint Center (IC3)
Video: What is Ransomware and How to Can I Protect Myself? (2:56 min)
Video courtesy of ESET Technology