UCSB Ransomware Readiness Plan

Ransomware is a growing threat across the world and to our campus. Ransomware happens when criminals infect your computer with malware that scrambles all your files and leaves you a ransom note demanding payment to recover your data.

Your best defense against ransomware is a good backup. 

To address this evolving threat we have been working with a team from across campus to develop a Ransomware Readiness Plan for UCSB. This newly developed plan will go into effect on May 24, 2020.

If ransomware happens to you, no matter if you are faculty, staff, or a student, take these three critical steps immediately!

  1. Disconnect your device from the network (unplug the network cable, turn off Wi-Fi and Bluetooth, set your device to Airplane Mode)
  2. Disconnect all external storage (USB drives, memory sticks, attached phones, cameras or external hard drives)
  3. Do not turn off your computer and call the UCSB Service Desk at (805) 893-5000

If you experience a ransomware incident, the UCSB Service Desk will collect necessary information from you, including your department. The UCSB Service Desk will notify security contacts or the support staff from your department to provide in-person support to help faculty or staff victims respond and recover. If you are a student you will be directed to the appropriate student support channels.

We provided IT support staff with a Ransomware Attack Response Checklist of tasks to contain damage and help victims toward recovery. If you like you can preview this information here: it.ucsb.edu/ransomware

Remember, most successful ransomware attacks begin with phishing emails. You’re the first line of defense. If a message is urgent and threatening, it could be phishing. If you’re in doubt, don’t click the link or open the attachment. If you have any comments or concerns, please contact Sam Horowitz or Kip Bates.