A new form of malware is making its way to the University of Vermont: Ransomware is a particular form of malicious software which prevents you from accessing your own data. Once the software has locked down any data to which you have access, it demands that you pay a ransom in order to have access restored.
To avoid ransomware and/or reduce its impact, take the same precautions you’re already taking to avoid malicious software attacks:
- Make sure all critical files are backed up. If you use files.uvm.edu, data is already backed up for you. However, anything stored on your desktop or laptop hard drive, removable media, or other file services could be at risk and should be backed up before you suffer an attack. If you are unsure about backups, check with your local IT person.
- Slow down and scrutinize all email with attachments. Are you expecting this particular email and this specific attachment? If in doubt, call the sender and ask.
- Disable macros when opening Microsoft Office documents (Word, Excel, etc.). Most files will work without them. Seek help, otherwise.
- If you receive an email from yourself with an attachment, and you do not recall sending the email, do not open the attachment. This trick has been a particular favorite in cases we have observed.
If you think you may be the victim of a ransomware attack, take the following steps:
- Shut down your machine and disconnect from the network to limit the scope of damage.
- Do not pay the ransom. There’s no guarantee that paying will get your data back.
- Contact your local IT person. They will help you triage the problem and will escalate to the Information Security Operations Team as appropriate.
Enterprise Technology Services continues to update its safeguards against these attacks and others but the malware changes rapidly and can sometimes evade detection long enough to arrive in your Inbox. Your vigilance is our last line of defense against this kind of attack.
If you have questions or concerns, get in touch with the Information Security Operations Team at firstname.lastname@example.org.