GHC ITS has been alerted about a new ransomware campaign that took place at another University System of Georgia institution recently. The attack consisted of an email message masquerading as a document sent with a scan-to-email function from a printer at that institution. This message contained a malicious attachment with a ransomware and remote access trojan payload.

Be on alert for any email messages that appear to have been sent from a suspiciously generic address such as copier@highlands.edu or workroom-copier@highlands.edu and DO NOT OPEN any file attachments included in these messages.

Modern ransomware attacks use strong encryption to lock you out of your data and may also encrypt data on network drives. In almost every instance of ransomware, the damage is not reversible without paying the ransom for a decryption key and hoping the attacker acts in good faith to deliver that key once the ransom is paid. These types of attacks are extremely dangerous and destructive. If you believe you’ve received one of these messages, please report it by forwarding the message to rt@highlands.edu