What should I do if my computer has received ransomware?

What should I do if my computer has received ransomware?

Aimed at:  Edinburgh Napier’s staff & students

Kill the power immediately

The moment you think something is wrong, kill the power to your machine by unplugging it, and call the IS Service Desk on ext. 3000.

Power image

The only way you can stop these infections from continuing is if they don’t have power. Once they are running, they will continue to encrypt all accessible documents, including those on network shares, until no more can be found.

If you believe your computer is infected with ransomware, the IS Support team will remove the hard drive from the computer, scan it, and remove any infections before returning power.

If the drive is infected and you power it back on, the ransomware will continue to encrypt documents.


Contact the IS Service Desk

Telephone ext. 3000 (0131 455 3000 externally).

The IT Support team will disconnect the infected system from the network and remove the threat, as well as restoring any impacted files from a known good backup.

Restoration of your files from a backup is the fastest way to regain access to your data.

IT Support Logo
Do not pay the ransom!

Paying the ransom may seem like the only option at the time, but it is only encouraging and funding these attackers. Even after paying the ransom, there are no guarantees that you will actually regain access to your files.   

Remember that these are the same aggressors that are holding your files hostage in the first place. Paying the ransom can actually increase the likelyhood that you will be directly targeted for additional extortion attempts.

 

Attachments
There are no attachments for this article.
Related Articles RSS Feed
How do I run a virus scan?
Viewed 20232 times since Tue, Jun 28, 2016
How do I lock my screen?
Viewed 16294 times since Wed, May 11, 2016
How do I change my password?
Viewed 25485 times since Thu, Mar 17, 2016
Where can I find information regarding Moodle privacy?
Viewed 19576 times since Thu, Feb 16, 2017
What is the Information Security Policy?
Viewed 15561 times since Mon, Mar 14, 2016
Where can I find out more about phishing, spam and scam emails?
Viewed 32332 times since Fri, Mar 11, 2016
What are Extortion Emails?
Viewed 5274 times since Wed, Jan 23, 2019
How can I recognise a phishing email?
Viewed 30573 times since Fri, Mar 11, 2016
How do I block / disable Pop-ups?
Viewed 15493 times since Mon, Mar 14, 2016
How do I avoid ransomware?
Viewed 20132 times since Wed, Apr 13, 2016
MENU