October marks Cybersecurity Awareness Month, a nationwide initiative aimed at educating individuals and organizations about the importance of digital safety. This article is the second in a series to help our campus community protect themselves against cybercrime. One of the most disruptive cyberattacks uses ransomware.

What is ransomware?

Ransomware is a type of malicious software (malware) designed to encrypt a victim’s files, rendering them inaccessible. Once the files are locked, attackers demand a ransom – often in cryptocurrency – in exchange for a decryption key. These attacks can target anyone, from individuals to large corporations, and even critical infrastructure.

What is the cost of ransomware?

Beyond the financial cost of paying the ransom (which is guaranteed to never work), victims face downtime, data loss and reputational damage. In recent years, attackers have shifted tactics: instead of simply locking systems, they now demand multiple payments and steal the data to sell on the dark web.

According to Comparitech, the daily cost of a ransomware attack (not the ransom) in U.S. schools is approximately $550,000. In 2024, a report from Sophos found that the average ransom paid was $4.4 million, the average remediation costs were $4 million, and 41% of higher education institutions took more than a month to recover.

How does ransomware spread?

Like most cyber infections, ransomware typically infiltrates systems through:

• Phishing emails: Fraudulent emails trick users into clicking malicious links or downloading infected attachments.
• Exploiting vulnerabilities: Outdated software or unpatched systems can serve as open doors for attackers.
• Compromised websites: Visiting or interacting with a compromised website can lead to a ransomware infection.
• Malicious ads (Malvertising): Clicking on fake ads can unknowingly download ransomware onto your device.

How to protect yourself

Staying safe from ransomware requires vigilance and a few smart habits:

• Regular backups: Maintain secure, offline backups of your critical data. This ensures you can recover your files without paying a ransom.
• Update and patch systems: Keep your operating systems, software and antivirus programs updated to close security gaps.
• Be cautious with emails: Avoid clicking on links or downloading attachments from unknown or suspicious sources.
• Enable multi-factor authentication (MFA): Adding an extra layer of security to your accounts makes it harder for attackers to gain access.
• Educate yourself and your team: Awareness is your first line of defense. Regular training on recognizing phishing attempts and other cyber threats is essential.

What to do if you’re attacked

If you suspect you may be a victim of a ransomware attack, it’s crucial to act quickly and strategically. Take the device off the network, and contact the IT team. S&T’s IT professionals will help identify the issue and prevent it from spreading to the rest of our campus family.

Protecting everyone

Cybersecurity isn’t just an IT issue – it’s a shared responsibility. Whether you’re a student or staff or faculty member, understanding phishing and practicing safe online behavior protects your identity, finances and peace of mind. A single compromised account can give attackers access to an entire organization.

This Cybersecurity Awareness Month, take time to review your digital habits. A few proactive steps today can prevent costly mistakes tomorrow.

Need help? Visit it.mst.edu or email the IT Help Desk.