January 31, 2019
Similar to other large organizations, the University of Guelph is a frequent target for attackers attempting to gain unauthorized access or disrupt computing services on campus. In order to protect our systems and data, the University employs a layered defense strategy which is comprised of several security technologies across our network, servers, and applications.
Ransomware is a particularly invasive form of malicious software that can have a significant impact, and has affected many public institutions in recent months. Simply defined, ransomware is a type of malware which prevents you from accessing your computer or certain files unless a ransom is paid.
In the event of a ransomware infection, the strong recommendation of Information Security is never to pay the ransom. Any impacted system must be removed from the campus network immediately to prevent further spread. Those systems must be reimaged completely before reconnecting to the network, and any user data should only be restored from known good backups.
Information Security strongly advises against paying any type of ransom for several reasons:
Furthermore, we recommend that all campus users take proactive measures to defend against ransomware. Additional information and guidance can be found on the Information Security website, including ransomware prevention tips and ransomware incident assistance.
Users with questions or requiring assistance with a security incident should email Information Security (infosec@uoguelph.ca) or via call 519-824-4120 Ext. 58006.