Ransomware


The horrors of ransomware can go beyond the loss of data and the ghastly financial costs of data recovery. To customers and business folk alike, interruption to operations is an additional cost to the expense of data recovery.

What is Ransomware?

Ransomware is malicious software designed to block access to a computer system or data until a ransom is paid. However, it's important to note that paying the ransom does not guarantee the data will be released to the victim. Preventing a ransomware attack is the first and best protection.

How does the malware get installed?

Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge.

Protecting Against Ransomware

The following tips will serve to protect your information, as well as the University's information resources.

  • Use cloud storage to save your files
    • Saving your files solely on your hard drive can leave you vulnerable to a ransomware attack. Using a cloud file storage system, such as Microsoft Office 365 and Box, provides redundancy of your important files, should you fall victim to a ransomware attack.
  • Keep your devices and software secure and up-to-date
    • Run updated antivirus/anti-malware software
    • Ensure that your software and operating systems are up-to-date with the latest security patches
  • Social engineering is everywhere -- think before you click!
    • ALWAYS be vigilant of verifying the legitimacy of communications, whether it be received via email, phone, or text message – especially from new senders
    • ALWAYS think carefully before following a link or opening an attachment
    • ALWAYS verify a request is legitimate before sharing sensitive information or performing a consequential action (purchasing something, granting access, etc.)

If you think you are infected, report the incident immediately to the Information Security Office.