Information Technology

 

Ransomware

Stay informed so you can avoid becoming a victim of Ransomware.

There are multiple cyber security workshops taking place throughout the month of October. Register today!

One of the more dangerous developments in malware over the past year is the increasing growth of ransomware. Ransomware (including Cryptolocker, Cryptowall, Crowti and Reveton) is designed to hold valuable computer files, such as images and documents hostage by encrypting. Your files are held for ransom until you pay a fee.

Data that has been encrypted should be considered as lost, unless it has been backed up to other, offline locations. For many years, IT has provided users with the advice to keep important files on networked drives, or at least store a copy there. Networked drives are backed up nightly, and if files are lost due to encryption, can generally be recovered. However, files that are not placed on, or copied to network drives will most likely be permanently lost.


What should I look out for?

Emails from unknown senders with Doc, Zip, Exe or other attachments and subjects like “adelphi.edu witness subpoena” or “RE: Billing Problem” or “Invoice”. These may not always be in your Spam folder.


What should do if I think I’ve activated ransomware or another virus.

Shut down your computer immediately, and call the Help Desk at 516.877.3340


How serious can these be?

In February 2016 the Hollywood Presbyterian Medical Center in Los Angeles paid a ransom of $17,000 in order to regain access to encrypted files.

Adelphi faculty, staff and students have also been victims of such attacks. Unfortunately…..

These type of malware may also infect any USB External or network shared drive you have access to and encrypt the entire department’s data files that are present on shared drives and online file storage/sharing services.

Don’t become a victim. Think before you click.

Examples of Ransomware Attacks

Please note: There are thousands of variations, so you may receive threats that don’t look exactly like the ones below. The next three images below show what a message might look like in your mailbox. In these examples Google has warning messages and the attachments are flagged as malicious. This will not always be the case, or not right away.

CrytpovirusRansomwareEducationCampaign-inbox

CrytpovirusRansomwareEducationCampaign-supoena

CrytpovirusRansomwareEducationCampaign-invoice

 


If you open a ransomware attachment disguised as a Word document, one of their tactics is to show garbled text with a message asking you to enable macros:

CrytpovirusRansomwareEducationCampaign-macrosv3

CrytpovirusRansomwareEducationCampaign-macrosv2


Below is an example of a ransom message, but at this point it is already too late to stop the attack and your files are likely lost forever:

CrytpovirusRansomwareEducationCampaign-cryptolocker

 

For further information, please contact:

Office of Information Technology
p – 516.877.3340
e – helpdesk@adelphi.edu
» Video Tutorials

Apply Now
Request Information