Ransomware

What is Ransomware?

Ransomware is a type of malicious software for data kidnapping which restricts victims to access their data by encrypting victims' files on local machine and possibly on any connected external drives such as USB thumb drives or network share drives until the ransom (money) is paid. Once the system is infected, victims are prompted to pay a certain amount of money by a specified deadline to retrieve their data. In many cases, these files cannot be retrieved even ransom is paid. Once the files are encrypted, there are no other alternatives except offline backups to recover the data.

How to avoid Ransomware?

Ransomware can get on any machine including Windows PC, Mac and your mobile phone from any source such as malicious email attachments, fake free software downloads, suspicious websites and unsafe links in social media apps like Facebook.

  • Aware Email Phishing

    Ransomware typically spreads through phishing emails containing malicious links and attachments. See Tips to Avoid Email Phishing for more tips.
  • Never enable Macros in Microsoft Office files (Word, Excel)
    Some new ransomware distributed via embedded malicious macros in Microsoft Office files. Victims are tricked and advised to enable macros by scrambled document contents to trigger the attack.

How to protect my computer and my data?

  • Install Anti-virus Software
    The first step to prevent ransomware is starting with an up-to-day anti-virus software which active monitoring your system, applications and network activities. The latest free Anti-virus software offered by ITSO can help you protect your devices against well-known security threats.
  • Do Regular Backup
    The effective way to protect your data is to perform regular external backups of your files to storage separate from your computer. Regular backups allow you restore your files back to original uninfected state prior the attack and prevent you from paying ransom to retrieve your data. See OneDrive for Business provided by ITSO for document backup on user computers.
  • Perform Good Security Practices
    Good security practices help you to reduce the security risks and defense against the major security threats. The practices can also keep your computer and data safe.

If You Think You Are a Victim

If you believe you might have infected, unplug the machine from network, turn off all wireless connection immediately and report the matter to security@ust.hk as soon as possible to alert ITSO to look for suspicious or unusual activity.