What is Malware?
“Malware” is a general term for any software that performs unwanted tasks on your computer. Malware can range from annoying pop-up advertising, to malicious software such as viruses that are intended to cause damage and steal data. See Malware and Botnets for additional information.
How does it spread?
Malware has grown in sophistication and is now spread through a variety of clever techniques including malicious email attachments and infected websites. In some cases, malware is even installed by the user unknowingly by clicking on pop-up ads or by installing software that comes bundled with “other software”.
Malware at MSU
Every week UIT receives reports of infected computers from MSU faculty and staff. Some examples of malware that have been seen on our campus include:
Keyloggers: Software that records every single thing thing you type and sends anything of interest to the person controlling it.
Ransomware: A type of malware that encrypts data in an attempt to extort money for its decryption. release.
Data Stealers: Software that crawls through your hard drive and takes anything that might be valuable. Files containing passwords, social security. numbers,or similar information are prime targets.
Botnets: A collection of computers usually associated with malicious activity such as sending spam emails, attacking websites, or infecting other computers.
How to protect yourself
Install and use antivirus software, even on Macs!
Be suspicious of email attachments and links: Think before you click!
Update add-on applications like Java and Flash.
Apply operating system patches immediately and restart your computer
See Safe Computing for more details.
Ransomware is a type of malware that encrypts data on your computer, thereby holding it hostage in an attempt to extort money for its release or decryption. This type of malware has grown in sophistication and will now completely encrypt all files on your computer and network drives. In many cases, these files cannot be retrieved.
How does Ransomware work?
Once ransomware has been installed on a computer, it will encrypt files stored locally as well as the data on files servers it is connected to like Opal or Knox. Once it has finished encrypting the files, a message will be displayed with instructions for retrieving lost files. In some cases the message will imply that the FBI, US Department of Justice, or some other government agency encrypted your files due to illegal activity. In other cases, the criminals will state up-front that they have illegally encrypted your files and the only way to retrieve them is by paying the ransom.
Note that MSU will never, EVER pay ransom! Under NO circumstances should you follow any provided links or contact the criminals by email. MSU will become a high priority target if any interest is shown in recovering encrypted files.
How is Ransomware spread and how do I avoid it?
Ransomware is typically spread through phishing emails that contain malicious attachments. These emails appear to come from a legitimate source and give a compelling reason that the document is important. Malicious attachments often come in the form of PDF of ZIP files disguised to look like invoices, voice messages, or other work-related files.
It is also possible, to get Ransomware by visiting infected web sites. To avoid malicious drive-by downloads, ensure that your antivirus and all installed software is up-to-date.