Preventing Ransomware

Recommended actions individuals should take to prepare computers that are not managed by WPI ITS for ransomware attacks

Ransomware is malicious software that encrypts a victim's hard drive and demands a ransom be paid in order to decrypt the contents. Initial infections may occur through phishing, but can later promulgate as a worm or other infection, preying on vulnerabilities in unpatched computers. At this point, infection can occur with NO USER INTERACTION.

Partnering with ITS for system management and data storage affords protection from ransomware and other malware. ITS-managed systems on the WPI domain are regularly updated by WPI ITS. Data saved on ITS-managed network storage is regularly backed up.

Individuals should verify that the following requirements have been met for systems not on WPI's domain.

  • Back up your files (home computers, too) before you're attacked.
  • Ensure that your computer is up to date with patches. Unpatched Microsoft systems are vulnerable to the WannaCry ransomware variant.
  • Ensure that anti-virus/anti-malware is up to date and functioning.
  • Use a strong password and don't share it.
  • If you receive an email with an unexpected attachment or link, verify with the sender BEFORE opening the attachment or clicking on the link. Your colleague's account may be compromised. The malicious email may come from them.
Individuals who believe they have received malicious email or may have an infected computer should take action:

  • Please submit suspected phishing/spam to ITS by creating a new mail message to phishing@wpi.edu and attaching the suspicious email. Then delete the suspicious email and/or attachment.
  • If you have clicked on a suspicious link or opened a suspicious attachment, change your password and contact the ITS Service Desk immediately.
WPI Info
What is your Affiliation with WPI?

Include details such as which device(s), your location (on or off campus), how long the issue has been ocurring.