Ransomware is a type of malicious software that encrypts the files on your computer and blocks the related information. Usually, user needs to pay a “ransom” or fee for the decryption key in order to decrypt and gain access to the files. Ransomware may spread to any shared networks or drives which your devices are connected. It is expected that increase number of ransomware attacks will occur in the future.
How will I get infected by Ransomware?
Common media for ransomware attacks include emails with malicious attachments or links to malicious websites. It is also possible to get an infection through instant messaging or texts with malicious links. Antivirus may not detect a malicious attachment, so it is important for you to be vigilant.
How can I protect myself against Ransomware?
There are two steps to protect yourself against ransomware:
- Preparation Back up your information regularly.Once a ransomware infection occurs, it is often too late to recover the encrypted information. Your research project or other important information may be lost permanently. For the PC which is provided by ICTO, there is a basic backup function for each user to prevent the lost of files from desktop and notebook computers which connecting to our campus network. For more details, please refer to “PC Data Backup“. Moreover, you can consider regularly performing extra backup for your important files to a location that you are not continuously connected to;
- Identification Ransomware typically appears as phishing emails, either with links to malicious websites or infected files attached. You might also see a ransomware attack perpetrated through a pop-up telling you that your computer is infected and asking you to click for a free scan. Another possible media is malvertising, such that malicious advertisement will be embedded in other normal websites to deceive users.
4 important things to “Ensure”
- Ensure that your information is backed up regularly and properly. Because ransomware can encrypt the files on your computer and any connected drives, potentially including connected cloud drives such as Dropbox，as we just mentioned, it is important to back up your files regularly to a location that you are not continuously connected to;
- Ensure that you are able to restore files from your backups. Users can periodically restore some of the files from the backup copies for verification;
- Ensure that antivirus is up to date and functioning;
- Ensure that you are keeping your system and mobile devices up to date with patches;
What should I do if I think I’m infected?
- Report the ransomware attack to the related IT technical support immediately;
- Isolate or shut down the infected computer. Disconnect it from WiFi network or unplug the network cable;
- Infected systems should be removed from the network as soon as possible to prevent ransomware from attacking network or shared drives.