Phone: (909)537-7677
Email: support@csusb.edu
Knowledgebase: Ransomware
Ransomware
Posted by Kenneth Baugh on 23 February 2017 03:55 PM

Ransomware

Ransomware is a growing concern. This malicious cyber threat locks down a system or encrypts the files requiring a ransom to be paid to regain access. Data rich organizations, like hospitals and universities are prime targets. Typically ransoms are low enough to make paying a more attractive solution than fighting. However, the FBI does not recommend paying ransom because it encourages cyber thieves. Ransom payment is in done in bitcoin, a digital currency that is unregulated and untraceable. Beware: sometimes criminals do not provide the decryption key after receiving payment.

Become more cyber savvy. Learn these ransomware facts:

  • Often delivered by phishing emails with malicious attachments or spoofed links, or dodgy websites.
  • Targets organizations of all types and sizes plus individuals as well.
  • Shared files, like Google Drive, Dropbox and other shared drives, are at risk. If someone accidentally clicks on a phishing email or a bad link ransomware can lock out all users.

What to do if confronted with ransomware:

  1. Stop all activity on your computer
  2. Disconnect your computer from intranet, internet or WiFi
  3. Immediately contact your designated IT staff for assistance

How to protect yourself:

  1. Regularly back-up all personal files - documents, pictures, etc.
  2. Install good antivirus, firewall and antimalware on personal computers, smartphones & tablets.
  3. Keep all software up to date by turning on auto updates
  4. Use secure websites when doing transactions (check for the "S" in https)
  5. Scrutinize emails - don't click on "phishy" links or unusual attachments
  6. Don't use public WiFi for any transactions (email, shopping, etc.)

User Awareness is part of a good defense against phishing, malware and ransomware. Educate yourself to improve your ability to identify and avoid cyber traps. There are short SANS Securing the Human videos available here: https://sso.securingthehuman.org/csusb/ca_main.php or select one of the articles listed below. Just copy and paste a link into a browser.

Recommended SANS videos to watch:

  • You are the Shield (1:06 min.)
  • Social Engineering (2:45 min.)
  • Email & Messaging (3:38 min.)
  • Protecting Your Personal Computer (2:23 min.)
  • Family Educational Rights & Privacy Act (FERPA) (4:32 min.)
  • Health Insurance Portability and Accountability Act (HIPAA) (2:57 min.)

RESOURCES

 

Click Here to view other Information Security Topics 

 

KEY WORDS: spoofed emails, antivirus, file encryption, cyber blackmail, decryption keys, data backups, Wi-Fi security