Ransomware is a type of malicious software (malware) that can be used by others to hold your data hostage when unknowingly installed by you. Ransomware encrypts your computer’s data, encoding it so that a digital key is required to gain access to it. Unless you pay a “ransom” (often via a digital currency and under a time limit) to try to obtain this decryption key, you are denied access to your own computer files and data. Without the decryption key, data on the encrypted volume is effectively lost.
Ransomware authors frequently use social engineering or “phishing” techniques to trick you into downloading and installing the ransomware. They may pose as governmental or law enforcement agencies, sending emails with catchy subject lines designed to entice you to click an embedded link or download and open an email attachment. Or they may provide links to malicious websites where clicking on an infected advertisement link will stealthily download the malware.
If you become the victim of a ransomware infection, should you pay the ransom? No, you shouldn’t, because there is no guarantee that the malicious software authors will restore access to your data if you pay them. Consider your data completely lost, just as if the sole copy of your data were on a stolen computer with zero chance of recovery.
Ransomware can effectively destroy your data forever if you’ve failed to take the right precautions. Protect yourself against losing your valuable data and files if ransomware strikes:
- Back up your data! Make regular incremental backups of your data, preferably offline backups through a cloud backup service. For a Penn-owned computer, contact your Local Support Provider (LSP) to set up backups with a service like Secure Remote Backup: http://www.isc.upenn.edu/secure-remote-backup For a personally-owned computer, consider cloud backup services such as CrashPlan, Carbonite or Mozy.
- Have antivirus/antimalware software installed on your computer.
- Be naturally suspicious of emails from law enforcement agencies, banks, postal agencies or even businesses that may give you a sense of false urgency, threatening consequences unless you download an attachment or visit a website to download a piece of software.
- If you question the contents of a specific email, visit the sender’s official website or call their officially published number to discuss your concerns.
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/