Ransomware
Ransomware is a type of malicious software that is used to extort money by encrypting or blocking access to applications or files and then demanding payment for their release. It typically enters systems through phishing emails, malicious links, and unpatched software vulnerabilities.
Furthermore, it has evolved to not only hold files hostage but also steal sensitive data and then threaten to release it publicly if demands are not met.
It is essential to note, however, that even if victims pay the ransom, there is no guarantee that the files will be restored or that the stolen data won’t appear for sale on the dark web.
Remember, cybersecurity is a shared responsibility. Small habits like taking a moment to think before you click help to protect not only your own work, but also the entire district’s data and systems.
Protect Yourself Against Ransomware
Once a ransomware infection occurs, it’s most often too late to recover the encrypted information, and years of work or personal treasures may be lost forever.
Fortunately, there are a few things one can do to avoid the devastating effects of ransomware.
- Be mindful of what you open. Many attacks start with a single careless click, so it’s important to be able to recognize and avoid phishing attempts.
- Back up your files regularly. Use OneDrive to back up your important work. If you use an external drive, plug it in only when you’re backing up, and then disconnect it (to avoid ransomware from encrypting the drive as well).
- Keep your software and systems current. Ensure that your Windows and macOS systems, as well as your applications (MS Office, Chrome, PDF readers, Zoom, etc.), are set up to receive automatic updates. If your applications do not auto-update, just make sure to update them before using them.
- Use Endpoint Protection tools. District computers have extra security tools in place; however, you may consider adding one of the top reliable endpoint security solutions to your home computer.
- Protect your login credentials. Strong passwords and multi-factor authentication stop most attacks before they start.
If You Experience Ransomware
If you get hit by ransomware, your files suddenly won’t open, your screen may lock, and you will probably see a ransom message. Do Not Panic. Do not try to fix it by yourself.
- Unplug the device from the network or Wi-Fi to stop the ransomware from spreading.
- Leave the computer on to preserve forensic evidence.
- If possible, take a quick photo of the screen to help with the investigation.
- Contact the IT Helpdesk @ x4357 asap and provide the information described in the ITS Incident Reporting Procedure.
The FBI on Ransomware
The FBI does not support paying ransomware demands because:
- There is no guarantee that the perpetrators will decrypt your files, and
- Paying the ransom only encourages perpetrators to target more people
Instead, the FBI encourages victims to report ransomware incidents by:
- Contacting your local FBI field office to request assistance, or
- Submitting a tip online, or
- Filing a report with the FBI’s Internet Crime Complaint Center (IC3)
Video: What is Ransomware and How Can I Protect Myself? (2:56 min)
Video courtesy of ESET Technology
If You See Something, Say Something
Cybersecurity is a shared responsibility. Please report any suspicious activity or unauthorized access to computers, software, and websites to the Office of Information Security.
If you need to report a potential crime or similar non-emergency situation, please refer to the Police & Campus Safety website.
Protect your password
Important: Administrative Procedure 3720 specifically prohibits the sharing of login credentials, so you must never provide your password to anyone: not your coworker, not your boss, not even ITS.
Don’t be a victim of phishing!
Whether you are working from the office or remotely, please maintain your cyber vigilance by:
- Recognizing and reporting Phishing Attempts and Common Types of Scams,
- Protecting yourself from Ransomware,
- Reviewing Password and Passphrase Best Practices, and
- Implementing Cybersecurity Best Practices When Working Remotely.