Ransomeware can ruin your day and your data

There has been a lot in the news about ransomware lately. Recent ransomware attacks have caused high-profile business shut downs, including the San Francisco Municipal Transportation Agency’s ticketing system, Hollywood Presbyterian Medical Center, and the University of Calgary, just to name a few.

Ransomware is the fastest growing malware threat, targeting users of all types—from the home user to the corporate network. This article provides some background on what Ransomware is and how to protect yourself.

Ransomware is a type of malicious software that locks the victim out of their computer or files – often by encrypting them – until a ransom is paid. The ransomware typically displays a message letting the victim know that they have been locked out, along with instructions for how much and how to pay.

Ransomware is often spread through use of stolen credentials, malicious links and harmful attachments in email; however, this is not the only mechanism. Other sources include malicious applications and files, and adware/spyware.

It is important to note that paying the ransom doesn’t necessarily guarantee that you’ll get access to your computer or files back. In fact, a couple of recent, high-profile cyber-attacks, dubbed “WannaCry” and “Petya”, even posed as ransomware to distract people from the real attack, but in those cases there was no way for people to get their files back by paying the ransom. The FBI and law enforcement advise never pay the ransom.

HOW TO PROTECT YOURSELF

  1. Back up critical files, and store the backups in a physically separate location from the originals. This is probably the best protection against ransomware. If your files are backed up, you can get technical assistance to restore everything back to your computer and you will not lose anything important. Remember to test your backups periodically — backups are useless if they don’t work.
  2. Always think twice before clicking on links or opening attachments in email, even if they look like they’re from someone you know. Whenever possible, go to web pages by a path you know is legitimate instead of clicking on a link in a message. If an attachment is unexpected, contact the sender by a method you know is legitimate to confirm they sent it. This small extra effort is one of the best ways to keep your devices and information safe.
  3. Keep a clean machine! Keep your devices, apps and browsers patched and up to date. Recent attacks have taken advantage of unpatched/out-of-date operating systems.
  4. Protect your passwords, and use multi-factor authentication wherever possible. Also use different passwords for work and non-work activities.
  5. If it’s suspicious, report it! This is an important habit in general; if something doesn’t seem right, ask. With respect to ransomware, if you think a device or files you use for work have been infected with ransomware, report it to your supervisor and security@uci.edu. If this happens to you at home, notify law enforcement.

Cybersecurity resources

Isaac Straley
Chief Information Security Officer-Risk and Compliance
Office of Information Technology

Josh Drummond
Chief Information Security Officer-Technology and Operations
Office of Information Technology

Information Security & Privacy Committee

Scroll Up