Ransomware is a malicious cyberattack that denies users access to their computer system and/or data. During an attack, the cyberattacker demands a ransom fee from the victim within a specific period of time. If payment is not received, the cyberattacker permanently locks or deletes the ransomed information.
Paying the ransom does not guarantee that the attacker will release the victim's data. In some cases, attackers may request more money even after the ransom has been paid.
Ransomware can be installed on a computer in several ways, including:
- Going to a website and clicking on a link, such as an ad, that initiates a download and installation of the ransomware
- Remote installation via a software vulnerability
- Opening or clicking on a malicious attachment or link in an email
Protect yourself against a ransomware threat:
- Make sure your computer system, software applications, and antivirus software are all up to date and receive regularly scheduled backups.
- Back up your own data files to another source, such as cloud storage.
- Before you click on a link, hover over it. Ensure the URL that appears at the bottom of the screen looks legitimate! (For example, if the link in the email says www.Apple.com and the URL at the bottom of the screen reads www.App.ppple.com, there's a strong chance the link is malicious.)
If you suspect ransomware or any other kind of security threat, please call IT Customer Care immediately.
Our online UISO Security Training for Employees covers ransomware and other threats. Take this training to deepen your understanding of ransomware and broaden your general knowledge of security awareness. Find the training under "My Organizations" in Blackboard.
For more information on ransomware and how to protect yourself, visit Fordham IT Security News.
Additional resources about ransomware
From the FBI: A deep dive into ransomware and how to avoid being a victim.