What is it?
Ransomware is malicious software that infects a computer and then restricts a user’s access to their documents until a financial ransom is paid. There are many types of ransomware, but most operate by encrypting your files. To regain access, as the names implies, you have to pay a ransom. We have seen ransoms anywhere from a few hundred dollars multiple thousands, depending on the type of information that is being held or how many computers are infected.
Educational institutions have reported cases where faculty and researchers have had to resort to back up files for terabytes of data because their computer were infected with ransomware.
How do I defend myself?
The sensitivity and of interconnectedness of information found at the University of Florida makes it an attractive target. Patient health information, student data, research data and intellectual property are parts of the every-day University and Hospital operations. Protecting that data and information is our shared responsibility.
Following information security best practices dramatically reduce individual vulnerability, and protects the University of Florida. Here’s what you need to know:
- Avoid opening email from unknown senders
- Do not click on links or open attachments from unknown senders
- Install and use up-to-date antivirus on personal machines
- Use the most up-to-date versions of web browsers and browser plugins
- Run up-to-date security software
- At work, shut down your workstation completely to allow UFIT Security updates and patches systems and software to take effect
- Speak with your local IT support about file back up strategies
- Regularly back up your files using encrypted external storage devices. Best practice suggests backing up files daily. Having a good back up is the best way to ensure recovery from a ransomware infection.
- For faculty and researchers, additional storage options can be found at UF Research Computing
What if I think I have a ransomware infection?
- Alert local IT Support or the UF Computing Help Desk
- If you think you have received a suspicious email, forward it to email@example.com