Information Security Office
Beware of Ransomware
Malicious software (malware) come in the form of viruses, worms, Trojans, bots, etc. There is a relatively newer category called "ransomware" or "crypto-malware" that may prevent access to a computer, or the data on it, unless the victim pays a the malware creator money.
The Cryptolocker, CryptoWall, Locky, Zepto ransomware are examples of such ransomware that has recently surfaced that encrypts the victims files thereby making them inaccessible. If you fall victim to this malware, there is no way to unlock the files and you will need to rely on your backups. UT Arlington does not pay ransoms.
How is it delievered?
Crypto-malware is typically sent via a Phishing email or websites that are infected.
What does it Do?
Once a computer is infected with crypto-malware the user’s documents are encrypted with a secret key that effectively keeps the user from accessing their files. It can also spread to attached networked drives or attached storage such as flash drives. The crypto-malware then demands payment using bitcoins (or other untraceable method) within a limited amount of time in order to provide a key to decrypt files. If the victim does not pay, they delete the key, and the encrypted files will be unrecoverable.
What can you do to prevent this?
The following preventative measures are recommended to protect your computer from a crypto-malware infection:
- As with all email, practice safe computing. Never open an attachment from someone you don’t recognize, and do not open suspicious or unexpected attachments.
- During the holiday seasons, be wary of unexpected messages that appear from UPS, FEDEX, US Postal Service or other such mail/package delivery services that include attachments or links – it is safer to go directly to the service websites and enter any tracking numbers than click included links.
- As the calendar year comes to a close, be wary of any unexpected emails that include attachments or links relating to tax returns.
- Be wary of any payroll deposit notifications that include unexpected attachments.
- If an email message appears unusual verify the identity of the sender of any attachments, whether through an informal consistency check of the e-mail address and content of the e-mail or formal communication with the sender.
- Perform regular backups of all systems to limit the impact of data and/or system loss – UTA computers can use share drives for the backups (as appropriate) or contact OIT for CrashPlan.
- Make sure your computer has updated anti-virus software and enable automatic updates for malware-signatures and software. Systems managed by OIT or that are part of the UTA active directory should have the antivirus software. Antivirus software for university owned computers are available on OIT’s download site.
- Make sure your computer is updated/patched of all operating system and application software by using automatic updates.
- Backup your data regularly and store it in a separate location. If you own a University computer - OIT has CrashPlan available for backups. Always verify that your backups are occurring (do not assume that it is).
- If you use an external hard drive, , disconnect it from your computer when not in use.
Note that the tips above apply to your home computers with the exception that you will need to acquire your own antivirus and backup software. Free antivirus software is available for personal use (not to be installed on UT Arlington computers) on the BlazeWare site.
What do I do if infected?
Turn off your computer immediately - If you get infected, the malware will move faster than you can.
Get help from your tech support.
As always, contact Information Security Office if you have questions.