During the pandemic, ransomware attacks increased drastically at universities. Ransomware is a type of malware that accesses and encrypts files stored on a computer or a server. Cyberthieves then demand a ransom (money) to restore the files. If the ransom is not paid, the information remains encrypted and is lost forever.

How does Ransomware work?

The attacker sends an infected URL or attachment through email disguised as a legitimate document that tricks users into clicking on it. Once the reader clicks the infected document, the malware downloads and takes over the device in seconds, encrypting all of the files in the system. It can also infect any USB devices connected to the infected computer. The ransom message is then displayed on the computer screen.

How to Stay Safe

1. Apply those updates! The most important way to stay protected is to keep your computer patched, update your software and keep antivirus running. If you don't take these steps, you will get infected.
   
   
2. Back up your data. Set up a system that backs up your data automatically and consistently to a separate storage system. There are many cloud-based options available (Dropbox, OneDrive, Carbonite, etc.). If you use an external hard drive, be sure to detach it from the computer when done with your backup.
   
   
3. Avoid clicking links. Avoid clicking any links in suspicious emails or spam, and do not open attachments you aren’t expecting. 

What to Do During an Attack

• Disconnect. Prevent the attack from spreading to other computers in your network by disconnecting from the internet and changing passwords to be safe.
• Report It. Report the issue to Help Desk Central.

• Don’t Pay. Once you’ve contacted Help Desk Central, you should wipe your machine, update all software and restore your data from backup. Ransom payers tend to be flagged and targeted more frequently.