Protect your device from Ransomware
What is Ransomware?
Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password.
- Install Sophos Anti-Virus Software On Devices. Sophos endpoint protection is available for free for Windows and Mac computers from IT Services Software Downloads.
- Install Updates Immediately. Apply security updates and patches to operating systems, software applications including browser plug-ins when they are available.
- Always Verify Links And Never Open Unexpected Attachments. Check IT Security’s Phishing webpage for more details.
- Backup Backup Backup. Backup your files frequently using the 3-2-1 rule. Review IT Services file storage locations for backup options.
- Think Before You Synch. Disable cloud sync tools such as Google Drive Synch to prevent locally encrypted files from becoming encrypted files on Google Drive.
Please contact a member of the IT Services Support team if you need assistance.
In the event that you fall victim to a ransomware attack, here are a few things that you should do to thwart cybercriminals.
- Disconnect your Device from the Network which will sever the cybercriminals' connection. Disable the Wi-Fi, remove the network cable or just shut down your device.
- Remove all USB keys and external storage devices from your machine and do not connect them into any other device.
- Contact the IT Services Helpdesk Immediately. Ransomware can spread quickly across University network drives, so call the IT Helpdesk on ext 2700. The helpdesk will ask for the following details.
- What is your UCD Connect username.
- The name of your Computer and its MAC (network) address.
- Where is your computer located?
- What time did you discover the infection?
- Do you know the name of the Ransomware (Crytolocker, Spora, Locky, etc)
- Do you know how your machines was infected (Email attachment, compromised webpage, click on link, inserted USB key, etc )
- What Anti-Virus software is installed on your device(Sophos?)
- Was your machine connected to the University shared drives?
- Do you use Google file synch or any file synch software that may have spread the infection?
- Did you have any USB or Storage devices connected to your machine?
The Helpdesk will arrange for an IT Support person to contact you to help clean or rebuild your device and if possible help you to recover your files from your backups.
- Do Not Pay the Ransom as this will only make you a greater target for other cybercriminals’. These are criminals, so there is no guarantee that they will honour their word.
- Change your UCD Connect password. Cybercriminals have accessed your machine and may have monitored your activity, so change you UCD Password immediately and monitor your utility and bank accounts for suspicious behaviour.