Ransomware: Don't Pay the Ransom!

What Is Ransomware?

  • Ransomware is malicious software that can infect and encrypt the files and folders on your computer and other devices, preventing you from opening them. Victims are asked to pay a ransom to get their folders, files, and devices unlocked.
  • Criminals use ransomware to extort money from individuals and organizations. A number of large health care providers have been targets.

If You Get Ransomware

If a computer or device that is owned or managed by the university or is used to access or maintain sensitive U-M data is infected and encrypted by Ransomware, take action immediately.

  • Report it to the appropriate contact or contact the ITS Service Center.
  • Don't pay the ransom. There are no guarantees when you are dealing with criminals.

How Ransomware Typically Gets on Devices

  • You open an email attachment that downloads the malicious software, which then infects your device.
  • You open a shared document link in an email message, and the document contains ransomware.
  • You click a link in an email message that takes you to a malicious website where you are deceived into clicking on a link and downloading malicious software.

Once a computer or other device is infected, the malware begins encrypting files and folders on the device, local drives, any attached drives, backup drives, and potentially other computers on the same network.

What You Can Do to Protect Yourself

Ransomware and Cloud Services

Ransomware infects files on your computer, so content stored in the cloud, such as content in U-M Google Drive or Box, is protected as long as it is not synced to the infected computer.

If files synced to your computer via Box Sync are infected with ransomware, you can make an older version current via the Box webapp. This works because the ransomware creates a new version of the file, but Box keeps the original, uninfected version as a prior version.

If you are using Desktop Backup (CrashPlan) to backup your files, you can use it to get back older, uninfected versions of infected files. CrashPlan is recommended if you routinely store files on your device for protection against ransomware, data corruption, hard drive crashes, and so on.