ITS

Information Technology Services
Information Technology Services

Recently, several Queen's computers were found to be infected with the "Wannacry" ransomware.

Those incidents were corrected, but what is ransomware? Why do we need to watch out for it?

What is ransomware?
Ransomware is malicious software that locks a device such as a computer, tablet, or smartphone, and then demands a "ransom" payment to unlock it. 
 
There are two types of ransomware: 
  • Ransomware that locks the browser window on your computer. 
  • Ransomware that encrypts all the files on your device's hard drive.

Wannacry encrypts all the files on your device's hard drive.

How can devices become infected with Wannacry?
Wannacry works by accessing configurations on your device that are susceptible to being exploited. The attacker scans systems and devices from the internet for weaknesses in software. Once the vulnerability is identified, it is exploited by dropping a piece of code onto your device. Wannacry then informs the user that their files have been locked and displays information on how much is to be paid, when, and to where.
Am I at risk from Wannacry?
While you are not at risk as a result of the recent infection, you are at risk if your devices do not have the latest operating system, browser, and software updates. If you have not performed a recent backup of your data, you are also at risk of losing all information and files stored on your computer's hard drive.
What do I do if I'm infected? Should I pay the ransom?
If you become infected with ransomware, know that Queen's does not agree to pay any ransom or other type of demand. Payment of ransom by Queen's employees will not be reimbursed by the university.
 
Contact the IT Support Centre or your local ITAdmin representative for assistance. Your device may require a full re-imaging, which will wipe all your drives of any data or information you had stored on the hard-drive of your device. This is why it is important to create backups of your data at regular intervals.
How can I protect myself?
  • Regularly keep your operating system up-to-date. 
    • You can check what updates are available for your system by using your computer's search functionality to search for "updates".
    • Note that updates occur at regular intervals; it is not a one-time occurrence. The easiest way to ensure you have the latest updates is to set your device to automatically scan and alert you when an update becomes available.
       
  • Ensure you have a reliable antivirus software and scan regularly.
     
  • Create regular back-ups of your data.
  • Educate yourself on how to identify a phishing email.
    • Being able to identify when an email does not come from a legitimate source will help to prevent inadvertently installing malware and/or ransomware on your devices.

If you have any questions or concerns about ransomware, please contact the ITSC at (613)533-6666 or by filling out our online help form.

 

Tags: