MCC Daily Tribune Archive

CryptoLocker Ransomware Virus


You may have already heard of the new virus called CrpytoLocker which falls into a category now called “Ransomware”.  Once you have become infected, your files on your computer are encrypted and can only be decrypted using a specific “key”.  Until recently, the only way to get the key is to pay ransom to the Cyber Criminals (approximately $300-$1000). You are given a specific amount of time usually 72-100 hours to send payment.   Even then it was questionable whether you would get your files back.

Last week two security firms launched, https://decryptcryptolocker.com/   which is a site that victims can use to recover their files.  Victims need to provide an email address and upload just one of the encrypted files from their computer, and the service will email a link that victims can use to download a recovery program to decrypt all of their scrambled files.  For more details you can go to https://krebsonsecurity.com/2014/08/new-site-recovers-files-locked-by-cryptolocker-ransomware/

What happens when your computer becomes infected?

Your computer files are totally unrecoverable without the key.  This would include all your photos.

Cryptolocker can be removed from the computer; however your files remain encrypted and can never be unencrypted even with the key.

Your computer must be restored to a base image and all applications and data backups must be reloaded.

How to avoid becoming infected:

Don’t click on unknown links/websites.  CryptoLocker needs a way into your computer.  This can occur when you open an e-mail and click a link or go to an unfamiliar website. 

Keep your antivirus up-to-date.  Antivirus software developers are continuously updating their “definitions” to combat new threats.  MCC is continually updating the antivirus definition.

Install Windows updates.  Microsoft releases patches to rectify exploits that have been discovered in their software.  Unless you apply these software updates, malicious software like CryptoLocker can gain access to your computer.  MCC pushes these patches to your computer on a monthly basis. You need to reboot your PC every month to make sure these patches are applied.

Backup your files. Despite your best efforts, you may still get infected. At MCC you should use the M: drive to store critical files.

Donna Pogroszewski
Communications and Network Services
08/11/2014