Ransomware

Recognize, Respond, Report

Ransomware is malicious software that encrypts your files. The attackers will ask for a ransom or fee before providing a decryption key that allows you to regain access to your files. It is usually not possible to recover this encrypted data in any other way.

Recognize
  • Be aware that malware can be transmitted through any type of electronic phishing or scam. Learn to spot these attacks to stay safe from ransomware.
  • Pay attention to the behavior of your electronic devices, if you notice performance issues, like consistent freezing of your computer this could be ransomware.
  • In some circumstances ransomware may begin to encrypt your data; if you notice you no longer have access to files or the names have been altered, ransomware may be the culprit.
Respond
  • Identification: learn to identify phishing emails and malicious pop-ups to decrease your chances of a ransomware infection.
  • Preparation - backup your information regularly: once a ransomware attack occurs, it's too late to recover the encrypted information. Your information may be lost permanently. Here is more information on backing up your data.
  • Isolate or shut down the infected computer; if you're on Wi-Fi, turn off the Wi-Fi; unplug from the network if you have a plugged connection.
Report
  • If you believe your device has been infected by ransomware, report the ransomware attack immediately to the RIT service Center by phone at 585-475-5000, or online at help.rit.edu.