Brock’s Information Technology Services (ITS) team encourages employees and students to learn about how to protect their devices against ransomware.

Ransomware, a type of malicious software or malware, that can take control data by encrypting it or locking users out of a device.

Devices can become infected with ransomware when users download a program that looks legitimate.

Almost all ransomware attackers will provide a ransom note indicating their demands, and the ransom is usually requested in untraceable online currency such as Bitcoin.

The following are signs that a device may be infected by ransomware:

• Users are locked into or out of a device or are unable to access specific files.
• Files have a unfamiliar new extension appended to their names, such as .ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .encrypted and others.
• Data is suddenly not where it was previously saved or files are missing.
• The device is suddenly slower than normal.
• The device takes longer than usual to boot up.
• Applications crash or fail to launch.
• Antivirus or anti-malware software has been inexplicably deactivated, removed or bypassed.
• The device crashes more frequently than usual.
• Email contacts have received unexpected messages because ransomware may have attempted to spread to other users and computers through email.

ITS advises that users take the following steps to protect their devices:

• Install antivirus and anti-malware software and ensure it is kept up-to-date.
• Keep operating systems and all software up-to-date.
• Avoid clicking on links or opening attachments or emails from unfamiliar senders.
• Do not visit unknown websites and be careful of clicking on links.
• Only install software from trusted sources like the Apple App Store, Google Play Store and Microsoft Store.
• Avoid using public Wi-Fi networks as many are not secure.
• Regularly backup important files, preferably in a cloud-based location such as OneDrive.

It is critical that users act quickly when they suspect their device has been infected with ransomware. The first step is to disconnect the affected computer from the network by unplugging the network cable or disconnecting from Wi-Fi to stop the spread of the ransomware. The next step is to contact Brock ITS Help Desk immediately at x4357 or email itsecurity@brocku.ca