Ransomware is malicious software that encrypts a victim's hard drive and demands a ransom be paid in order to decrypt the contents. Initial infections may occur through phishing, but can later propagate as a worm, preying on the vulnerabilities in unpatched computers. At this point, infection can occur with no user interaction.

System owners should verify that the following requirements have been met for systems not on WPI's domain:

  • Routinely back up your files on all of your devices.
  • Ensure that your computers are patched regularly. Unpatched Microsoft systems are vulnerable to  ransomware and other destructive malware.
  • Ensure that anti-virus/anti-malware is up to date and functioning.
  • Use a strong password and don't share it.
  • If you receive an email with an unexpected attachment or link, verify with the sender BEFORE opening the attachment or clicking on the link. Your colleague's account may be compromised.  
Individuals who believe they have received malicious email or may have an infected computer should take action NOW:
Please submit suspected phishing/spam to IT by creating a new mail message to phishing@wpi.edu and attaching the suspicious email. Then delete the suspicious email and/or attachment.If you have clicked on a suspicious link or opened a suspicious attachment, change your password and contact the IT Service Desk immediately.
Partnering with IT for system management and data storage affords protection from ransomware and other malware. 
IT-managed systems on the WPI domain are regularly updated by WPI IT and data saved on IT-managed network storage is regularly backed up.