Ransomware is a type of malware that holds information hostage in an attempt to extort money for its release. This type of malware has grown in sophistication and will now completely encrypt all files on your computer and network drives. In many cases, these files cannot be retrieved.

How does it spread?

Ransomware is typically spread through phishing emails that contain malicious attachments. These emails appear to come from a legitimate source and give a compelling reason that the document is important. Malicious attachments are often PDF of ZIP files that appear as invoices, voice messages, or other work-related files.
In some cases, Ransomware may end up on your computer by visiting infected web sites. To avoid malicious drive-by downloads, ensure that antivirus and all installed software is up-to-date.

Why does it do?

Once ransomware has been installed on a computer, it will encrypt files on the computer as well as data on files servers like Opal or Knox. Once it has finished encrypting files, a message will be displayed for the user with instructions for retrieving lost files. In some cases the message will imply that the FBI, US Department of Justice, or some other government agency encrypted your files due to illegal activity. In other cases, the criminals will state up-front that they have illegally encrypted your files and the only way to retrieve them is by paying the ransom.

Note that MSU will never, EVER pay ransom! Under NO circumstances should you follow any provided links or contact the criminals by email. MSU will become a high priority target if any interest is shown in recovering encrypted files.