Another tip in a series provided by the Offices of Information Security, Information Systems & Computing and Audit, Compliance & Privacy

Over the past five years, Penn’s Office of Information Security has published several articles and tips to warn the community about ransomware threats. Ransomware is a type of malware that encrypts your data, denying you access unless you pay a financial ransom. Some key guidelines to assist you in protecting your data and electronic systems from being hijacked by malicious individuals include:

• Back up your data. Make regular incremental backups of your data, preferably stored offline through a cloud backup service. For Penn-owned computers, contact your school or center IT support staff for more information and availability. For a personally-owned computer, consider cloud-based backup services available for a fee.
• Install and run antivirus/malware detection software. Penn provides eligible active affiliates with Symantec antivirus at no cost. Set up automatic updates to stay current with virus/malware definitions.
• Enable and use two-factor verification to secure the accounts and websites you use whenever possible. 
• Be suspicious of emails and texts that foster a sense of urgency, threatening consequences unless you download an attachment or visit a website to download a piece of software. The “urgency” could be anything from public health information to a misdirected Amazon package, or even an order from your boss to suddenly buy gift cards. “ACT NOW” is a signal to slow down and check.
• Contact your school or center IT support staff to verify information sent in emails urging you to click on links or attachments. Report suspicious emails, text messages, or chat announcements to your IT support staff or to phishing@upenn.edu. 

If you do fall victim to a ransomware attack: change your passwords immediately, do not pay the attackers, and contact your school or center IT support staff. 

For additional Information: 

• Almanac One Step Ahead: Protect Yourself Against Ransomware at https://almanac.upenn.edu/articles/one-step-ahead-protect-yourself-against-ransomware 
• Secure Remote Backup: http://www.isc.upenn.edu/secure-remote-backup

For additional tips, see the One Step Ahead link on the Information Security website: https://www.isc.upenn.edu/security/news-alerts#One-Step-Ahead