Ransomware

What is Ransomware?
Ransomware is computer malware that encrypts the files on your PC, making them (and often your whole computer) unusable.  It may also encrypt files on network drives that you have access to, like your N: drive.  You regain access to the files by paying a ransom to receive a decryption key.  In 2016, Ransomware was estimated to be a $1 Billion business.

How does my computer get ransomware?
Commonly, your computer can be infected with ransomware when you click on a link that allows the program to load.  Usually, it’s in a targeted phishing email, but sometimes attackers can secretly load malware onto web pages or even advertisements on legitimate webpages.

How do I know if my computer is infected?
You will see a pop-up screen instructing you to go to a webpage or, more likely, to call a phone number.  Yes, the bad guys have call centers.  You may also get “file not found” messages for files that you know exist, or you may see files with their names or file types (.docx, .xlsx, etc.)  changed.

What do I do if my FIT computer gets infected?

  1. Do NOT contact the attacker or pay the ransom. You will be giving your credit card information to criminals.
  2. Take as many notes and screenshots as you can within 3 minutes to help you remember what happened.
  3. Remove your computer from the network; unplug the ethernet cable and turn off WiFi. Do not shut it off.
  4. Contact TechHelp

How do I prevent ransomware?

While you can’t prevent this threat entirely because cybercriminals continually think up new schemes, there are some things you can do to significantly reduce the risk and impact of being infected.

  1. Follow all the tips on the IT for FIT Cybersafe page and don’t click on links or emails that are from strange people or that don’t make sense.
  2. Don’t store FIT work on your computer’s local drive. Use the N: drive, Google Drive, or a departmental share.  The N: drive is backed up, and if the files become encrypted, IT can get them back.  If your local drive becomes encrypted, the files are irretrievable.
  3. On your personal computer, regularly back up your files to a USB drive that you only attach to the computer when you’re taking a backup, or use a cloud-based backup service.
What does IT do to prevent ransomware?
  1. We keep your anti-virus software current.
  2. We are limiting the number of individuals with administrative rights. Ransomware often is unable to load if the user is not signed in as an administrator.

Following a few simple guidelines can help make FIT Cybersafe.