Viruses & Ransomware | Information Technology at Adelphi

Viruses, worms, trojans and ransomware—know what to look for and how to prevent infection.

Types of Malware

A computer virus attaches itself to a program or file, enabling it to spread from one computer to another when opened, leaving infections as it travels.
A worm is similar to a computer virus, but it is also capable of traveling without any human action. A worm takes advantage of a file or information transport features on your system to allow it to spread unaided.
A Trojan horse disguises itself as useful software but will actually do damage once run on your computer.
Ransomware uses encryption to block access to files or systems until ransom is paid.

How to Protect Yourself

Lab computers and University-issued office computers also come installed with antivirus software.

If you need to purchase antivirus software for your personal computer, we recommend both Windows and MAC users install, run and maintain an Antivirus program on their own computers for personal data protection and to keep your computer running at its best.

How to Avoid Ransomware

One of the more dangerous developments in malware in recent years is the increasing growth of ransomware. Ransomware (including Cryptolocker, Cryptowall, Crowti and Reveton) is designed to hold valuable computer files, such as images and documents hostage by encrypting. Your files are held for ransom until you pay a fee.

Data that has been encrypted should be considered as lost, unless it has been backed up to other, offline locations. For many years, IT has provided users with the advice to keep important files on networked drives, or at least store a copy there. Networked drives are backed up nightly, and if files are lost due to encryption, can generally be recovered. However, files that are not placed on, or copied to network drives will most likely be permanently lost.

What You Should Look Out For

Emails from unknown senders with .doc, .zip, .exe or other attachments and subjects like “adelphi.edu witness subpoena” or “RE: Billing Problem” or “Invoice”. These may not always be in your Spam folder.

Think You’ve Activated Ransomware or a Virus?

Shut down your computer immediately, and call the Help Desk at 516.877.3340.

How Serious Can This Be?

It can be very serious. Hollywood Presbyterian Medical Center in Los Angeles paid a ransom of $17,000 in order to regain access to encrypted files. In higher education, Columbia University experienced outages during a recent ransomware attack, and student data was found posted online shortly after.

Adelphi faculty, staff and students have also been victims of such attacks. Unfortunately, these types of malware may also infect any USB External or network shared drive you have access to and encrypt the entire department’s data files that are present on shared drives and online file storage/sharing services.

Examples of Ransomware Attacks

It’s important to note that there are thousands of variations—so you may receive threats that don’t look exactly like the ones below.

Google has warning messages and the attachments are flagged as suspicious. However, these warnings may not always appear immediately or at all, so be sure to also look for signs like encryption notices, not just virus alerts.

Gmail antivirus warning banner. The banner is highlighted in yellow. It displays the message: "Anti-virus warning – 2 attachments contain a virus or blocked file. Downloading these attachments is disabled." The warning indicates that the email contains two attachments flagged by the email provider's security system and that the user cannot download them due to potential threats.

Gmail antivirus warning. This warning indicates that the email contains two attachments flagged by the email provider’s security system and that the user cannot download them due to potential threats.

Email encrypted attachment warning banner. The banner appears in yellow, signaling caution. It reads: "Encrypted attachment warning – Be careful with this attachment that can't be scanned for malicious content. Avoid downloading it unless you know the sender and are confident that this email is legitimate." The message emphasizes that the file could not be security-scanned due to encryption. This warning prompts the user to verify the sender’s identity before proceeding with any download.

Gmail encrypted attachment warning. The message emphasizes that the file could not be security-scanned due to encryption. This warning prompts the user to verify the sender’s identity before proceeding with any download.

If you open a ransomware attachment disguised as an Excel document, one of their tactics is to show garbled text with a message asking you to enable macros:

Microsoft Excel security warning message is displayed at the top of the workbook. A yellow warning bar spans the width of the Excel window and contains the message: "Security Warning: Macros have been disabled." To the right of the message is a clickable button labeled "Enable Content." This warning indicates that the workbook contains macros, which have been automatically disabled by Excel for security reasons, and requires user action to activate them.

Microsoft Excel ransomware warning asking to enable content (Image Source)

Below is an example of a ransom message, but at this point it is already too late to stop the attack and your files are likely lost forever:

Ransomware message displayed prominently on desktop initial screen. The message reads: "LockBit Black, All your important files are stolen and encrypted! You must find HLJkNskOq.README.txt file and follow the instruction!"

Ransom message (Image Source)

Information Technology

Contact

E-mail

helpdesk@adelphi.edu

Phone Number

516.877.3340

Fax

516.877.3038

More Info

Website

Locations

Main Office

Hagedorn Hall of Enterprise LL

Help Desk

Swirbul Library, 2nd Floor

Hours

Connect

Viruses and Ransomware