University of Malta

Ransomware & Data Backups
UOM Main Page
Google Apps for Education
Facebook TwitterFacebook

Recently there were new reports of computers infected by a dangerous virus called 'ransomware'. This virus encrypts ('scrambles') data files on the infected computer's local hard drive and mapped network drives that the computer can access, including data in USB drives and external hard drives connected to the computer. The owners of infected computers are typically informed via a pop-up window that they can retrieve their data files after paying money (the ransom) for the decryption key.

Your computer can be infected by ransomware when you:

  • open a malicious attachment in an email
  • click on a malicious link in an email, instant message, social networking site or other website
  • visit dubious websites
  • open infected macros in application documents (word processing, spreadsheets etc.)
  • connect infected USB devices (e.g. memory sticks, external hard drives, MP3 players)
  • insert infected CDs/DVDs into your computer.

The only way to avoid losing data is to regularly back up all your data on a USB-connected device. However, it is important that you unplug the USB device after you back up your data.
You can also back up your data on Google Drive that can also keep multiple versions of data files. Other recommendations that can minimise the risk of infection include:

  • Do not reply to, or click on links in unsolicited or spam emails from companies or individuals you do not recognise
  • Avoid illegal or disreputable websites
  • Ensure that your Avira antivirus software is regularly updating.

If your computer gets infected:

  • Switch off your computer immediately if you notice strange pop-up dialog boxes or other symptoms, such as file names changing colour. Turning off your computer reduces the number of files that you might lose.
  • Do not connect any backup devices with the infected computer, as the virus will also encrypt your backups, making them unusable.
  • Do not pay the ransom. There are no guarantees that you would get your files back even if you do pay the ransom.
  • Contact the IT Helpdesk (t. 2340 4112) to book your computer for inspection. Our staff can guide you through the next steps.

Last Updated: 10 March 2017

Log In back to UoM Homepage
University of Malta
L-Università ta' Malta