Carnegie Mellon University
CryptoLocker, Locky, Zepto? these recent ransomware titles sound scary. They don't have to be if you protect computer. Ransomware is a type of malware that: infects the computer, encrypts the files on it and demands a ransom be paid to unlock them. The ISO has seen a surge in ransomware infected computers within the campus community. Most were infected through email.


Before your Computer is Infected

These security practices specifically help you prevent, detect and recover from ransomware
  1. Use a separate, non-administrator account.
    Create a separate user-account for day-to-day use that does not have administrator permissions. Ransomware deletes automatic local computer file backups making it difficult to recover files. If your account does not have administrator permissions, these local file backups cannot be deleted.
  2. Disable Office macros.
    Many ransomware infections are caused through macro enabled Office attachments. Change your Office settings to disable macros. For steps search Office Support at
  3. Install Anti-Virus Software
    Most ransomware is detected by anti-virus software. Be sure you have the recommended anti-virus software installed. See for your operating system.
  4. Backup your Data
    Backup your data regularly to an off-site location or external drive. If you are using an external or network drive, be sure to eject it once the backup is completed.
  5. Practice Safe “Clicking”
    Verify URLs by hovering over the link and don’t open attachments you’re not expecting.

If you suspect your computer is infected, contact the ISO as soon as possible. We can help determine your next steps.