Ransomware

Overview

Ransomware
Office of Information Security

Ransomware is a type of malicious software that is used to extort money by encrypting or blocking access to applications or files and then demanding payment for their release. It typically enters systems through phishing emails, malicious links, and unpatched software vulnerabilities.

Furthermore, it has evolved to not only hold files hostage but also steal sensitive data and then threaten to release it publicly if demands are not met.

It is essential to note, however, that even if victims pay the ransom, there is no guarantee that the files will be restored or that the stolen data won’t appear for sale on the dark web.

Remember, cybersecurity is a shared responsibility. Small habits like taking a moment to think before you click help to protect not only your own work, but also the entire district’s data and systems.

Protect Yourself Against Ransomware

Once a ransomware infection occurs, it’s most often too late to recover the encrypted information, and years of work or personal treasures may be lost forever.

Fortunately, there are a few things one can do to avoid the devastating effects of ransomware.

  • Be mindful of what you open. Many attacks start with a single careless click, so it’s important to be able to recognize and avoid phishing attempts.
  • Back up your files regularly. Use OneDrive to back up your important work. If you use an external drive, plug it in only when you’re backing up, and then disconnect it (to avoid ransomware from encrypting the drive as well).
  • Keep your software and systems current. Ensure that your Windows and macOS systems, as well as your applications (MS Office, Chrome, PDF readers, Zoom, etc.), are set up to receive automatic updates. If your applications do not auto-update, just make sure to update them before using them.
  • Use Endpoint Protection tools. District computers have extra security tools in place; however, you may consider adding one of the top reliable endpoint security solutions to your home computer.
  • Protect your login credentials. Strong passwords and multi-factor authentication stop most attacks before they start.

If You Experience Ransomware

If you get hit by ransomware, your files suddenly won’t open, your screen may lock, and you will probably see a ransom message. Do Not Panic. Do not try to fix it by yourself.

  • Unplug the device from the network or Wi-Fi to stop the ransomware from spreading.
  • Leave the computer on to preserve forensic evidence.
  • If possible, take a quick photo of the screen to help with the investigation.
  • Contact the IT Helpdesk @ x4357 asap and provide the information described in the ITS Incident Reporting Procedure.

The FBI on Ransomware

The FBI does not support paying ransomware demands because:

  • There is no guarantee that the perpetrators will decrypt your files, and
  • Paying the ransom only encourages perpetrators to target more people

Instead, the FBI encourages victims to report ransomware incidents by:

Video: What is Ransomware and How Can I Protect Myself? (2:56 min)

Video courtesy of ESET Technology