Viruses and Ransomware
Viruses, worms, trojans and ransomware—know what to look for and how to prevent infection.
Types of Malware
- A computer virus attaches itself to a program or file, enabling it to spread from one computer to another when opened, leaving infections as it travels.
- A worm is similar to a computer virus, but it is also capable of traveling without any human action. A worm takes advantage of a file or information transport features on your system to allow it to spread unaided.
- A Trojan horse disguises itself as useful software but will actually do damage once run on your computer.
- Ransomware uses encryption to block access to files or systems until ransom is paid.
How to Protect Yourself
Lab computers and University-issued office computers also come installed with antivirus software.
If you need to purchase antivirus software for your personal computer, we recommend both Windows and MAC users install, run and maintain an Antivirus program on their own computers for personal data protection and to keep your computer running at its best.
How to Avoid Ransomware
One of the more dangerous developments in malware in recent years is the increasing growth of ransomware. Ransomware (including Cryptolocker, Cryptowall, Crowti and Reveton) is designed to hold valuable computer files, such as images and documents hostage by encrypting. Your files are held for ransom until you pay a fee.
Data that has been encrypted should be considered as lost, unless it has been backed up to other, offline locations. For many years, IT has provided users with the advice to keep important files on networked drives, or at least store a copy there. Networked drives are backed up nightly, and if files are lost due to encryption, can generally be recovered. However, files that are not placed on, or copied to network drives will most likely be permanently lost.
What You Should Look Out For
Emails from unknown senders with .doc, .zip, .exe or other attachments and subjects like “adelphi.edu witness subpoena” or “RE: Billing Problem” or “Invoice”. These may not always be in your Spam folder.
Think You’ve Activated Ransomware or a Virus?
Shut down your computer immediately, and call the Help Desk at 516.877.3340.
How Serious Can This Be?
It can be very serious. Hollywood Presbyterian Medical Center in Los Angeles paid a ransom of $17,000 in order to regain access to encrypted files. In higher education, Columbia University experienced outages during a recent ransomware attack, and student data was found posted online shortly after.
Adelphi faculty, staff and students have also been victims of such attacks. Unfortunately, these types of malware may also infect any USB External or network shared drive you have access to and encrypt the entire department’s data files that are present on shared drives and online file storage/sharing services.
Examples of Ransomware Attacks
It’s important to note that there are thousands of variations—so you may receive threats that don’t look exactly like the ones below.
Google has warning messages and the attachments are flagged as suspicious. However, these warnings may not always appear immediately or at all, so be sure to also look for signs like encryption notices, not just virus alerts.
Gmail antivirus warning. This warning indicates that the email contains two attachments flagged by the email provider’s security system and that the user cannot download them due to potential threats.
Google has warning messages and the attachments are flagged as suspicious. However, these warnings may not always appear immediately or at all, so be sure to also look for signs like encryption notices, not just virus alerts.
Gmail encrypted attachment warning. The message emphasizes that the file could not be security-scanned due to encryption. This warning prompts the user to verify the sender’s identity before proceeding with any download.
If you open a ransomware attachment disguised as an Excel document, one of their tactics is to show garbled text with a message asking you to enable macros:
Microsoft Excel ransomware warning asking to enable content (Image Source)
Below is an example of a ransom message, but at this point it is already too late to stop the attack and your files are likely lost forever:
Ransom message (Image Source)