There has been a national increase in a type of Cyber Security Incident that you need to know about. Ransomware is a type of computer malware that encrypts a users’ data files and demands a monetary payment to decrypt them.
What Happens?
- A College user receives an email with an attachment and a seemingly credible message to open the attachment. This email may seem to come from a trusted source.
- The user opens the attachment and often enables macros.
- The ransomware installs itself and begins to encrypt files on all drives connected to the computer (local, USB, and network drives).
- The users computer wallpaper is then changed with instructions for paying the attacker in order to decrypt the files.
Why this is bad?
- Ransomware will attempt to encrypt network drives attached to the target machine, meaning just a few users can impact everyone since shared files on the network will be encrypted.
- Access to the data is removed as these files cannot be decrypted without the attacker providing information.
What should I do about it?
Be proactive
- Do NOT open unsolicited attachments in email.
- Do NOT enable macros in email attachments from anyone.
Act immediately if you think you are a victim
If you notice this behavior on your workstation...- Do NOT contact the attacker!
- Contact the help desk at 251.380.2276 immediately.