Protect your device from Ransomware
What is Ransomware?
Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
Follow these tips to help protect you from Ransomware or reduce the effect of an infection:
- Delete any suspicious e-mail. Messages from unverified sources or from known sources that offer deals that sound too good to be true are most likely malicious. If in doubt, contact the alleged source by phone or by using a known, public e-mail address to verify the message’s authenticity. Click Phishing information for details on how to detect and avoid phishing emails.
- Avoid clicking on unverified e-mail links or attachments. Suspicious links might carry ransomware (such as the CryptoLocker Trojan).
- Make sure you disable file synchronization and sharing. This way, if you happen to get hit, the ransomware infection will stay isolated to your computer only.
- Install and maintain up-to-date antivirus software. Keeping your operating system updated with the latest virus definitions will ensure that your security software can detect the latest malware variations. Sophos is available as a free download for Windows and Macintosh computers from Software Download in UCD Connect.
- Update all devices, software, and plug-ins on a regular basis. Check for operating system, software, and plug-in updates often or, if possible, set up automatic updates to minimize the likelihood of someone holding your computer or files for ransom.
- Back up your files. Back up the files on your computer, laptop, or mobile devices frequently so you don’t have to pay the ransom to access locked files.
More detailed information on this subject can be found in the Ransomware pdf.
In the event that you fall victim to a ransomware attack, here are a few things that you should do to thwart cybercriminals.
- Disconnect your Device from the Network which will sever the cybercriminals' connection. Disable the Wi-Fi, remove the network cable or just shut down your device.
- Remove all USB keys and external storage devices from your machine and do not connect them into any other device.
- Contact the IT Services Helpdesk Immediately. Ransomware can spread quickly across University network drives, so call the IT Helpdesk on ext 2700. The helpdesk will ask for the following details.
- What is your UCD Connect username.
- The name of your Computer and its MAC (network) address.
- Where is your computer located?
- What time did you discover the infection?
- Do you know the name of the Ransomware (Crytolocker, Spora, Locky, etc)
- Do you know how your machines was infected (Email attachment, compromised webpage, click on link, inserted USB key, etc )
- What Anti-Virus software is installed on your device(Sophos?)
- Was your machine connected to the University shared drives?
- Do you use Google file synch or any file synch software that may have spread the infection?
- Did you have any USB or Storage devices connected to your machine?
The Helpdesk will arrange for an IT Support person to contact you to help clean or rebuild your device and if possible help you to recover your files from your backups.
- Do Not Pay the Ransom as this will only make you a greater target for other cybercriminals’. These are criminals, so there is no guarantee that they will honour their word.
- Change your UCD Connect password. Cybercriminals have accessed your machine and may have monitored your activity, so change you UCD Password immediately and monitor your utility and bank accounts for suspicious behaviour.