Ransomware

ransomware image

What is Ransomware?

Ransomware is malicious software designed to block access to a computer system or data until a ransom is paid.

Ransomware variants have been observed for several years and often attempt to extort money from victims by displaying an on-screen alert. Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money.

Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge.

Crypto ransomware, a malware variant that encrypts files, is spread through similar methods and may be spread through social media. Additionally, newer methods of ransomware infection have been observed, like vulnerable web servers being exploited as an entry point to gain access to an organization’s network.


Protecting Against Ransomware

1. Back Up Your Data

Once a ransomware infection occurs, it may be too late to recover the encrypted information. Regular backups can help protect you.

Learn about backing up your data.

2. Stay Updated

Keep your devices, apps, and browsers patched and up-to-date. Attackers can take advantage of unpatched or outdated operating systems.

3. Think Before You Click

Ransomware typically appears in phishing emails either through links to malicious websites or via infected attachments.

Learn about phishing attacks.

4. Check Out the Toolkit. 

We've put together a ransomware toolkit complete with flyers and videos to help you protect against ransomware.

for videos and flyers with this information!


Responding to a Ransomware Infection

What to do if you believe your system has been infected with ransomware

1. Disconnect From Networks

  • Unplug Ethernet cables and disable wifi or any other network adapters. 
  • Put your device in Airplane Mode
  • Turn off Wi-Fi and Bluetooth

This can aid in preventing the spread of the ransomware to shared network resources such as file shares.

2. Disconnect External Devices

Immediately disconnect:

  • USB drives or memory sticks
  • Attached phones or cameras
  • External hard drives
  • Or any other devices that could also become compromised

3. Report the Incident

It is important that incidents are reported as early as possible so that campus can limit the damage and cost of recovery.