INFORMATION SECURITY: RANSOMWARE

Ransomware

Ransomeware is a term that describes malicious software that attacks a computer and requires payment of a "ransom" to remove the harmful effects of the software.

How Ransomware Spreads:

Ransomware can infiltrate your system through various means, including e-mail attachments, links in social media posts, such as Twitter or Facebook, and infected websites. Unfortunately, even seemingly innocuous websites, including some adult content sites, have been known to be used as a disguise for distributing ransomware.

Targets and Methods:

Ransomware often targets both individuals and organizations, primarily through phishing attacks. Once your system is compromised, this type of ransomware encrypts your files using asymmetric encryption, a method that necessitates both a public and private key to decrypt the files.

The Consequences:

It's essential to understand that while traditional anti-malware software can often remove ransomware, it cannot recover encrypted files. Once your files are encrypted, there is a high probability that they may be lost forever.

Protecting Your Computer:

  1. Avoid Clicking Suspicious Links:
    • It's important never to click on links in e-mails from unknown senders.
    • Be cautious even when the sender is someone you know, as their machine might be infected. When in doubt, delete the e-mail.
  2. Backup Your Files:
    • Regularly back up essential files to a secure location, such as a network share, removable media, or a reputable cloud service like Google Drive or Dropbox.
    • Periodically check that your backups are functioning correctly and that you can restore your files. An untested backup can be no better than no backup.
  3. Install Quality Anti-Virus Software:
    • Ensure you have a reliable anti-virus product installed on your computer and keep it updated frequently.
  4. Update Your Operating System:
    • Configure your operating system to install critical updates automatically and regularly check to ensure they are up to date.
  5. Stay Away from Questionable Websites:
    • Avoid websites that engage in illegal file sharing, pornography, and other suspicious activities. This doesn't mean these are the only sites that can infect your computer so it's important that you remain aware of unusual behavior from your computer and act quickly if you think your machine has become infected.
  6. System Restore (Windows):
    • If you're using a Windows operating system, make sure "System Restore" is enabled and functioning. This feature allows for a "point in time restore" and can be a quick way to recover an infected Windows computer.

Contact Information:

If you suspect your computer is infected or have questions, please contact the ITS Help Desk at 607-777-6420 or e-mail helpdesk@binghamton.edu.