Security, Cryptolocker, Ransomware, Malware

I opened an attachment that I think it might be malware or ransomware. What can I do?

Cryptolocker / Ransomware scams involve a type of malware that infects computers, restricts users' access to their files, and/or threatens the permanent destruction of their information unless a ransom is paid. Once ransomware launches on your machine, it is nearly impossible to access your files.

For university-owned machines,Please follow the steps in this KB article:Cybersecurity, Emergency Incident, Contacting Security
  • Disconnect all network connections (wireless and wired), but leave the computer turned on.  
  • Contact your local unit helpdesk immediately.

What can you do to avoid this in the future?

  • Don't click suspicious links or attachments, and avoid using email for file sharing when you can.

  • Ensure the latest patches are installed for your operating system and software. Machines that aren't up-to-date are vulnerable and are highly targeted.

  • Install the anti-malware solution CrowdStrike Falcon for real-time mitigation of threats, including ransomware. See Endpoint Security, CrowdStrike, What is CrowdStrike?

  • Avoid enabling macros in Office documents. If you open a file that asks you to enable macros, embedded code can execute malware on your machine.

  • See Security, How to identify phishing attempts and similar scams for more tips.
  • Your files will be safer if back up your files to a cloud storage service that keeps a history or archive of your files. See Cloud, Cloud-based storage solutions for campus



Keywordscrypto malware cryptovirus locky ransomware   Doc ID62569
OwnerSecurity S.GroupUniversity of Illinois Technology Services
Created2016-04-07 11:15:29Updated2023-09-25 15:06:02
SitesUniversity of Illinois Technology Services
Feedback  0   0