Security, Cryptolocker, Ransomware, Malware
I opened an attachment that I think it might be malware or ransomware. What can I do?
Cryptolocker / Ransomware scams involve a type of malware that infects computers, restricts users' access to their files, and/or threatens the permanent destruction of their information unless a ransom is paid. Once ransomware launches on your machine, it is nearly impossible to access your files.
- Disconnect all network connections (wireless and wired), but leave the computer turned on.
- Contact your local unit helpdesk immediately.
What can you do to avoid this in the future?
Don't click suspicious links or attachments, and avoid using email for file sharing when you can.
Ensure the latest patches are installed for your operating system and software. Machines that aren't up-to-date are vulnerable and are highly targeted.
Install the anti-malware solution CrowdStrike Falcon for real-time mitigation of threats, including ransomware. See Endpoint Security, CrowdStrike, What is CrowdStrike?
Avoid enabling macros in Office documents. If you open a file that asks you to enable macros, embedded code can execute malware on your machine.
- See Security, How to identify phishing attempts and similar scams for more tips.
Your files will be safer if back up your files to a cloud storage service that keeps a history or archive of your files. See Cloud, Cloud-based storage solutions for campus