RIT Information Security Education--Avoiding Ransomware Attacks

Ransomware is a type of malware designed to encrypt users’ files or lock their operating systems so attackers can demand a ransom payment. According to a 2016 Symantec report, the average ransom demand is almost $700 and “consumers are the most likely victims of ransomware, accounting for 57 percent of all infections between January 2015 and April 2016.”

How would I get ransomware?

Similar to a phishing attack, ransomware executes when a user is lured to click on an infected link or email attachment or to download a file or software while visiting a rogue website. Sophisticated social engineering techniques are used to entice users to take the desired action; examples include:

  • an embedded malicious link in an email offers a cheap airfare ticket;
  • an email that appears to be from Google Chrome or Facebook invites recipients to click on an image to update their web browser; or
  • a well-crafted website mimics a legitimate website and prompts users to download a file or install an update that locks their PC or laptop.

How do I avoid an attack?

To avoid becoming a victim of ransomware, follow these tips, at work and at home:

  • Delete any suspicious email. Messages from unverified sources or from known sources that offer deals that sound too good to be true are most likely malicious. If in doubt, contact the alleged source by phone or by using a known, public email address to verify the message’s authenticity.
  • Avoid clicking on unverified email links or attachments. Suspicious links might carry ransomware (such as the CryptoLocker Trojan).
  • Use email filtering options whenever possible. Email or spam filtering can stop a malicious message from reaching your inbox. RIT filters most of the phishing/spam emails sent to us.
  • Install and maintain up-to-date antivirus software. Keeping your operating system updated with the latest virus definitions will ensure that your security software can detect the latest malware variations.
  • Update all devices, software, and plug-ins on a regular basis. Check for operating system, software, and plug-in updates often--or, if possible, set up automatic updates--to minimize the likelihood of someone holding your computer or files for ransom.
  • Back up your files. Back up the files on your computer, laptop, or mobile devices frequently so you don’t have to pay the ransom to access locked files.

Quick Infosec Tip: Sign up for Multi-Function Authentication now. It will help ensure your information in Oracle myInfo/myBiz remains secure.

Reminder: The RIT Information Security Policies and Standards are designed to help keep RIT and the RIT community safe from cybersecurity threats.