- Posted by Steve Brown
- On November 19, 2014
The CryptoLocker Virus, which originally surfaced last fall, has recently resurfaced. The information below should be used to educate your staff on suspicious emails.
What is it? CryptoLocker is a Trojan virus which targets computers running Microsoft Windows. The virus typically is downloaded via an attachment or link within an e-mail message. These messages appear to have been sent by legitimate company. Some recent subject lines include “You have a new Secure Message”, “Payroll Invoice” or “Payment Overdue”. It’s more than opening the email that spreads the virus. The virus is unleashed by clicking on the attachment or link within the email, this click allows the CryptoLocker virus to run on your computer.
When activated, the malware encrypts files stored on local and mounted network drives, then it typically displays a message which offers to decrypt the data if a “ransom payment” is made. Our opinion is that the ransom should not be paid. The files will not be decrypted, but should be restored from backup at a point prior to the attack. Visit the FTC’s write up regarding CryptoLocker for more information.
How can I protect myself? Educate your employees on this virus and remind them not to click on any attachments or links from an unknown source. Run your antivirus software. Make sure you have a backup process for your files. While antivirus software is designed to detect such threats, it might not detect CryptoLocker at all, or only after encryption is underway or complete.
If an attack is suspected or detected in its early stages, unplug and shut down the infected computer (despite the virus’s warning not to “disconnect from the Internet or turn off the computer,” this is exactly the first order step in attempt to stop further infection). Unplugging your computer may save some of your files, if the virus is still in the process of infecting them.
If you suspect that the virus has been downloaded, remove the infected computer from the network immediately and contact Alliance for diagnosis.