Ithaca College

Ransomware is a variant of malware (i.e. hostile or intrusive software) that has recently been on the rise. It has the capability to prevent you from accessing your own files. There have been several recent reports in the news of ransomware affecting hospitals and other organizations. Continue reading for more information on what ransomware is and how you can protect yourself.

What is Ransomware? 

Cryptoransomware, or more simply ransomware, is a type of computer malware that has been found on Windows, Mac, and Linux computers. It targets common document file types (Word docs, Excel workbooks, PDFs, etc.) that are stored on local hard drives, network folders, and external hard drives. Once the malware has located these files it encrypts (locks) them, which means the files and the data they hold will be inaccessible until the files are decrypted. The malware will encrypt every file it can find, then display an alarming message demanding that you pay a fee (hundreds or even thousands of dollars) to have your files decrypted (unlocked). If users have no backups of their files, they are faced with permanent loss of access to the files, or payment of the fee. Paying the fee is not recommended since there is no guarantee your files will be decrypted after payment.

How Does Ransomware Get On a Computer?  

The two most common methods of infection are malicious email attachments, and email links to malicious websites. Hackers will often use eye-catching email subject lines and messages to trick you into believing you are about to lose access to an important account, or that you are late making a payment, for example. The messages may include attachments or links that when clicked on will install malware on your computer. 

What can I Do to Protect Myself?  

Protect Your Computer from Malware

• Do not open email attachments from an address you do not recognize or trust. If you received an unexpected email attachment from a trusted source, such as a friend or colleague, double check with them to confirm that they actually sent the message.
• Beware of messages from non-Ithaca email addresses (if the message is related to any kind of IC account), messages with a generic salutation such as “Dear Account Owner,” messages with spelling mistakes, poor grammar, and vague subjects and bodies.
• Do not click on website links from someone you do not know or trust. If a trusted source sends you a link, hover over the link with your mouse’s cursor to check that the destination of the link looks recognizable.

Backup Your Files  

The most important thing you can do to protect yourself from ransomware is to back up your data. Neither DIIS nor any third party computer company or tools can decrypt locked files. If your files become locked, it is very likely that your only reasonable recourse will be to restore your files from back up. There are several tools available to the Ithaca College community to help you back up your files:

• Mentor file server – Faculty and staff have access to the College’s file server, Mentor. Any files saved on Mentor are automatically backed up regularly.
• Microsoft OneDrive for Business – All students, faculty, and staff have access to use OneDrive for Business (ODFB). ODFB is a cloud-based file hosting service similar to Dropbox or Google Drive. ODFB offers a large amount of space to store your files and can be accessed via the Outlook Web App’s application menu. All files stored in ODFB are automatically backed up with each revision. This may give you the ability to restore a file that was affected by ransomware.
• External hard drives – The price of an external hard drive has dropped dramatically in recent years. Currently, a drive offering 1 terabyte (1,000 gigabytes) of storage can be purchased for around $60.

Kyle Szuta
Information Security Engineer
infosec@ithaca.edu