Ransomware is malicious software designed to encrypt files on a computer or other device and render them unusable until a ransom is paid. Ransomware attacks target both organizations and individuals.
Victims of ransomware attacks may lose their data permanently—even if they pay the ransom. Ransomware often provides cover for other kinds of cyberattacks.
Following practices recommended by the Cybersecurity and Infrastructure Security Agency (CISA) can reduce your risk of a ransomware attack. Organizations and businesses, especially, should heed CISA’s recommendations, but individuals also can take basic steps to counter ransomware.
Maintain Secure Backups
Regularly back up your data. Many ransomware attacks seek out and delete accessible backups, so keep encrypted, offline copies for maximum security.
Update Your Software
Promptly install all software updates and patches. Run updates for your operating system and antivirus or anti-malware software, especially.
Use Multi-factor Authentication
Always use Two-Step Login—preferably push notifications to the Duo Mobile app—with University of Iowa tools like MyUI and Employee Self Service. Use similar multi-factor authentication services whenever available for banking, social media, and other online services.
Recognize Phishing Attempts
Phishing emails are among the most common vectors for ransomware attacks. Beware of any communications that ask you to provide sensitive information, open attached files, or engage with suspect websites.
University of Iowa security systems screen out many suspicious messages, but some slip by these defenses. Other email accounts you use may be less secure, so it’s essential to stay vigilant.
If an email looks suspicious in any way, delete it. Trust your instincts and learn more about phishing.
Avoid Sketchy Links
Don’t click links in suspicious emails or on unfamiliar websites. They can initiate ransomware or other malware downloads without your permission.
Likewise, download software and media files only from websites or other sources you know and trust.
Avoid Unfamiliar Devices
Don’t use USB flash drives or other removable storage devices unless you know where they came from and can be confident they don’t carry malicious software.
Get Help if Attacked
If you think you’ve been a victim of a ransomware attack, get help right away—contact your local IT support or the ITS Help Desk.
If possible, disconnect the affected device from your network (e.g., unplug wired connections) and power it down.
Resist the impulse to respond to a ransomware demand or pay a ransom. Doing so can leave you open to additional attacks.
For more information, including detailed recommendations for IT system administrators, see CISA’s ransomware guidance and resources.