Transcript Ransomware

Introduction

It’s early. You haven’t had coffee yet. You check your email and there’s a notice about a package that will arrive today. Again, it’s early. You haven’t had coffee yet–so without considering that you aren’t actually expecting a package, you click on the link. And the link leads to an infected website. That website downloads malicious software, or malware, onto your computer. Then, that malware starts communicating with cyberthieves (through what’s typically called a command and control server). Soon, all of your files are locked, and a ransom note appears.

  • Ransomware is a type of malicious software that locks up computers, devices, and data to make them inaccessible until a sum of money is paid to cyberthieves.
  • One way  ransomware is delivered is through phishing. Cyber thieves may send links in email, but they also may attack your computer with infected attachments, such as invoices. Or they may take advantage of vulnerabilities in software and technologies such as Remote Desktop Protocol.
  • Ransomware can lock up individual files and folders or it can lock up your entire device. It can also spread to attached devices. Cyberthieves may also infect one device and move through the network to other accounts. They may lurk there for a while, looking for other ways to exploit file shares, devices, and networks.
  • Thieves may demand over a million dollars ransom from organizations, including medical facilities and government offices. In 2020, the average payment demand was $233,000. Paying ransom does not guarantee that your data will be unlocked. Cyberthieves may also threaten to expose the data if you don’t pay.

Things to do 

Ransomware is bad news. But the good news is there are things you can do to avoid infection.

  1. Use  two-factor authentication (2FA) to access accounts and services. Click Duo in the links menu to find out more about 2-factor authentication for UW services.
  2. Avoid clicking on links in email. Open your web browser to visit websites to access the information you need instead.
  3. Use anti-virus software and keep it updated. Members of the UW community can click Sophos on the links menu to find a free version of Sophos antivirus for home use.
  4. Don’t download unexpected email attachments, and scan any attachments you absolutely must open with anti-virus software.
  5. Keep your operating systems and applications updated and patched.
  6. Use strong passwords, and don’t reuse your UW NetID password on other accounts.
  7. Back up your data regularly, making sure you have at least one backup that is not attached to your computer.
  8. Click “Report an Incident” to review what to do in case your device is infected with ransomware.
  9. Report phishing and scams to help@uw.edu

Thanks for taking steps to protect your personal data and UW institutional information from ransomware.