Ransomware is a type of malicious software that is most often installed by opening an email attachment, clicking on an ad, or visiting an infected website. This type of malware encrypts the most commonly used files (Word, Excel, pictures, music, video, etc.) and then demands payment for their restoration; however, one must be aware that attackers may or may not actually provide the decryption key upon receiving payment.
How Can I Protect Myself Against Ransomware?
Once a ransomware infection occurs, it’s often too late to recover the encrypted information. Many years of research and/ or personal treasures may be lost forever.
Fortunately, there are a few things one can do to avoid the devastating effects of ransomware.
- Be mindful when using email. Because most phishing strategies try to lure victims into clicking on malicious links and installing malware, it is important to be able to recognize and avoid phishing attempts.
- Back up your information regularly. IITS provides you with the option to backup important work-related files to OneDrive; however, if you backup your data to an external drive, do not leave that drive attached at all times. Only attach a backup drive when performing backups; otherwise, malware will find and encrypt your backups as well.
- Install anti-virus/ antimalware solutions. IITS provides multiple layers of defense for District computers. Home users can choose from dozens of free and paid-for solutions. Just make sure that they are scanning and receiving updates frequently.
- Keep your operating system and software up to date. Although both Windows and macOS automatically install security updates, you should make a semi-regular habit of checking to ensure that updates are not awaiting your response, haven’t failed, or that the update service has not stopped. Furthermore, many software packages do not auto-update on their own, so you need to keep an eye out for updates when they become available.
What Do I Do If I Think I’m Infected?
- Immediately report the ransomware attack to the IITS Help Desk.
- Isolate or shut down the infected computer. If you’re on Wi-Fi, disconnect your computer from the Wi-Fi. If you’re plugged into a network, unplug the network cable from the computer. Infected systems should be removed from the network as soon as possible to prevent ransomware from attacking network drives.
The FBI’s Take on Ransomware
The FBI does not support paying a ransomware’s demands because:
- There is no guarantee that the perpetrators will decrypt your files, and
- Paying the ransom only encourages perpetrators to target more people
Instead, the FBI encourages victims to report ransomware incidents by:
- Contacting your local FBI field office to request assistance, or
- Submitting a tip online, or
- Filing a report with the FBI’s Internet Crime Complaint Center (IC3)
Video: What is Ransomware and How to Can I Protect Myself? (2:56 min)
Video courtesy of ESET Technology