A new security threat has been infecting computers, on and off campus, called Ransomware.
Ransomware comprises a class of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator of the malware in order for the restriction to be removed. Some forms of ransomware encrypt files on the system's hard drive (cryptoviral extortion) while some may simply lock the system and display messages intended to coax the user into paying.1
Incidents of ransomware have grown globally, with reports across the CSU and on our campus. Most malware is removed by security tools before it can infect our campus, however the open nature of our academic environment makes it impossible to protect against all possible vulnerabilities.
Ransomware is typically installed when users open a malicious email attachment, a malicious link in an email attachment or instant message, or unknowingly open malicious links on social networking sites or other websites.
If you fall victim to ransomware:
- Do NOT pay the “ransom” or attempt to contact the ransomware creator.
- Immediately disconnect your computer from the wired or wireless network, to help avoid your computer from infecting others on the network.
- Contact your local technical coordinator for assistance. Be aware that in order to remove the ransomware your campus-issued computer may need to be completely wiped and re-installed to remove the malware, which means you may lose important work saved to your computer.
- If it is your personally owned computer that is locked by ransomware, you may need to seek the assistance of a professional computer technician to wipe/reformat your computer, in which case you may lose your personal files and data.
- As a precaution, you may find it worthwhile to read and print out this IT Knowledge Base article to learn about 10 Steps for Removing Ransomware.
The following tips can help protect you against ransomware and other malware:
- Keep all of the software on your computer up to date.
- Don’t open spam email messages or click links on suspicious websites. You may visit the campus Phishing Reports page to confirm current known phishing attempts. You may also forward suspicious mail to firstname.lastname@example.org.
- Use a reputable antivirus and anti-malware program, and keep it up to date.
- Minimize storing important work on your computer’s local hard drive, or store it on campus provided file shares which are secured and backed up on a regular basis. ITS is actively deploying 2 gigabytes of individual, centrally supported storage to every faculty and staff member on campus.
- For personally owned computers, make frequent backups of your important files.
Feel free to contact ITS-servicemanagement@csulb for any additional questions or help regarding IT security on campus.