Emerging Malware

CRYPTOLOCKER - WHAT IS IT?

Some ransomware just freezes your computer and asks you to pay a fee; no guarantee that paying will give you access to your files. CryptoLocker is different: your computer and software keep on working, but your personal files, such as documents, spreadsheets and images, are encrypted. The malware seems to do its cryptography by the book, so there is no way to recover your scrambled files once it has triggered.

HOW DO I DETECT AND REMOVE IT?

IT always recommends that you rebuild your system when you have been infected with any virus on this page and not try to remove the virus.  If the system is personally or student owned and can't reinstall your system. The IT help desk has disks that can remove the Malware. The disk has a Virus removal Tool that scans your memory, and removes any active malware. If CryptoLocker is running and has already popped up its payment demand page, you can still remove it and clean up, but the Virus Removal Tool cannot decrypt your scrambled files - the contents are unrecoverable without the key, so you may as well delete them.

HOW DO I ENSURE THERE'S NO "NEXT TIME?"

1. Keep backups of important files. Keeping files offline is ok, as long as they are locked up in a safe place; i.e. safes, safety-deposit box, locked file cabinets.

2. Use your Anti-Virus, stay up-to-date. This will also help keep your system safe in the event of an attack other than Cryptolocker.

3. Keep software and applications up-to-date. If there is a new update to software it is advisible to update that software. These updates generally have new security fixes which hlep protect you from Malware. Java is one attack vector that hackers like to take advantage of. Please visit this link to update your Java to the newest release.