What is Ransomeware

Ransomware is a type of malicious software that infects a computer and restricts users’ access to it until a ransom is paid to unlock it.  Ransomware variants have been observed for several years and often attempt to extort money from victims by displaying an on-screen alert. Typically, these alerts state that the user’s systems have been locked or that the user’s files have been encrypted. Users are told that unless a ransom is paid, access will not be restored. The ransom demanded from individuals varies greatly but is frequently $200–$400 dollars and must be paid in virtual currency, such as Bitcoin.

Computer screen showing a padlock and chains

How can I protect myself from Ransomware attacks:

  • Backup up your computer regularly and keep a backup copy on a separate system (i.e. Google Drive, your H: Drive on the server).  
    • There are dozens of ways other than Ransomware that files can suddenly vanish, such as fire, flood, theft, a dropped laptop or even an accidental delete. 
  • Do Not enable macros in document attachments received via email.
    • Microsoft deliberately turned off auto-execution of macros by default many years ago as a security measure. A lot of malware infections rely on persuading you to turn macros back on, so don’t do it!
    • To ensure you have disabled macros please see this article: How to disable macros in Microsoft Office
  • Do Not open unsolicited email attachments
    • The crooks are relying on the dilemma that you shouldn’t open a document until you are sure it’s one you want, but you can’t tell if it’s one you want until you open it. If in doubt, throw it out.
    • Forward suspicious emails to technology@isd518.net.
  • Learn how to spot suspicious email by visiting our Phishing resources page. 
    • Ransomware is commonly delivered via Phishing emails that entice you to click a malicious link or download and open a malicious file attachment. Visit our Phishing resources page for tips on how to spot and avoid Phishing attacks.