What is Ransomware?
- Ransomware is malicious software that infects, locks and encrypts your computer and its files, as well as other devices. Victims are asked to pay a ransom to get their folders, files and devices unlocked.
- Criminals use ransomware to extort money from individuals and organizations.
How Ransomware gets on devices
- You open an email attachment that downloads the malicious software that then infects your device.
- You open a shared document link in an email message and that document contains ransomware.
- You click a link in an email message that takes you to a malicious website where you are deceived into clicking a link and downloading malicious software.
- In some cases, the malware is self-replicating and simply spreads virally from vulnerable machine to vulnerable machine without having to open a file, click a link or any other sort of action.
Once a computer or other device is infected, the malware begins encrypting files and folders on the device, local drives, any attached drives, backup drives, and potentially other computers on the same network.
What you can do to protect yourself
- Do not open unexpected email attachments, even if they appear to come from someone you know. Many times the attachment or link will appear to be coming from a friend or business associate, but the from address is easily spoofed. Contact the sender first.
- Check links in email before clicking by hovering over them with your mouse. The actual URL will show up in the bottom left of your screen. If it does not match the link shown in the email, do NOT click it.
- Make full backups of your device and keep them separated from and not connected to your device.
- Have anti-virus software installed and keep it updated. At WMU we provide Symantec Endpoint Protection which may be obtained via the Software Downloads portlet in GoWMU. You can check to see if it is current by right-mouse-clicking the gold shield in the lower right of your screen. If you are informed that you are out of date, take the option to fix it.
- Make sure your OS security patches and updates are current.
- Keep your mobile device secure.
If you get Ransomware
- If the device is on the University network, immediately power it off to remove it from the network, and contact your unit IT support person, or the Technology Help Desk if your unit does not have an IT support person.
- Do NOT pay the ransom. There are no guarantees when you are dealing with criminals.
See also the FBI Ransomware security notification