Ransomware Prevention

The threat of ransomware is impacting educational institutions across the nation (and close to home). This note is intended to give you some practical steps that you can use to protect your data and the University.  Ransomware attacks are designed to infect computers and encrypt computer files until a ransom is paid. After the initial infection, ransomware will attempt to spread to connected systems, including shared storage drives and other accessible computers.  

Ransomware is commonly delivered through phishing emails. Phishing emails often appear as though they have been sent form a legitimate organization or someone known to the victim and entice the user to click on a malicious link or open a malicious attachment. 

What do I do if my computer is infected with ransomware?

If you suspect that your computer has been infected with ransomware you should immediately disconnect it from the network and contact the IT HelpDesk at 315-268-HELP.  

What can I do to prevent ransomware infections?

While the University’s Office of Information Technology works diligently to maintain institutional defences against ransomware and other types of malicious content, there are still a number of actions that you can take to protect your data from a ransomware attack.

  • Update and patch your computer.  Ensure your applications and operating systems (OSs) have been updated with the latest patches.  If you are using a Clarkson-owned computer, OIT will ensure that patches are pushed to your computer for installation, but you must occasionally allow your computer to reboot in order for those patches to finish installing. 
  • Use caution with links and when entering website addresses. Be careful when clicking directly on links in emails, even if the sender appears to be someone you know. Attempt to independently verify website addresses (e.g., contact the IT HelpDesk, search the Internet for the sender organization’s website or the topic mentioned in the email). Pay attention to the website addresses you click on, as well as those you enter yourself. Malicious website addresses often appear almost identical to legitimate sites, often using a slight variation in spelling or a different domain (e.g., .com instead of .net). 
  • Open email attachments with caution. Be wary of opening email attachments, even from senders you think you know, particularly when attachments are compressed files or ZIP files.  (See Using Caution with Email Attachments.)
  • Keep your personal information safe. Check a website’s security to ensure the information you submit is encrypted before you provide it. (See Protecting Your Privacy.)
  • Verify email senders. If you are unsure whether or not an email is legitimate, try to verify the email’s legitimacy by contacting the sender directly. Do not click on any links in the email. If possible, use a previous (legitimate) email to ensure the contact information you have for the sender is authentic before you contact them.  (See How to Spot a Phishing Email.)
  • Back up your computer. Perform frequent backups of your system and other important files, and verify your backups regularly. If your computer becomes infected with ransomware, you can restore your system to its previous state using your backups.  
  • Store your backups separately. Best practice is to store your backups on a separate device that cannot be accessed from a network, such as on an external hard drive. Once the backup is completed, make sure to disconnect the external hard drive, or separate device from the network or computer.
Scroll to Top