There has been an uptick in ransomware attacks targeting universities worldwide. Ransomware is a type of malware that is typically deployed via malicious links in phishing messages. Once a malicious link is clicked, ransomware begins encrypting or scrambling files on your device and connected systems. Following the encryption/scrambling of files, a ransom note displays on screen demanding payment in bitcoin in exchange for a decryption/restoration key. Paying the ransom however, is no guarantee of receiving the decryption key/restoration. In addition to extorting bitcoin, scammers may be attempting to steal data, such as research.
What can you do to avoid a ransomware attack?
- Regularly back-up your devices. Doing so will allow you to wipe your device and restore from back-ups if necessary.
- Install antivirus-malware protection software, which will protect you from known malware. For information on NYU sponsored malware protection software, see: www.nyu.edu/it/antivirus.
- Think before you click. For tips on spotting phishing messages, please see the following KBase article: Recognizing phishing scams and protecting yourself online.
- Do not click on embedded links of any or open attachments in unexpected messages (e.g., email, text messages, social media updates).
- Perform updates and downloads on trusted networks only, as updates and downloads may otherwise come with malware.
- Only download software from trusted sources such as Appleās App Store and Google Play.
What are the signs that you may have a ransomware attack and what can you do?
- The telltale sign of a ransomware attack is that the file extensions of your files begin to change and you are unable to access these files.
- Another sign of a ransomware attack is locked web browsers which cannot be used.
- If you suspect you have a ransomware attack, immediately disconnect from the network and all connected systems, power off your device, and report it to your local IT Admin and/or email security@nyu.edu.