RansomWare Virus Affecting Windows Computers

Published: 9 October 2013

A new RansomWare virus by the name of ‘CryptoLocker’ is infecting Windows computer, with a significant impact on users data. To help you to remain vigilant, we have included below some information about this virus and how to safeguard your business.

What does this virus do?

When this virus infects a system, it immediately encrypts the user’s data, and the data on any network shared drives that the user has access to.

Once the data has been encrypted, the virus prompts the user with a red background that requires the user to pay between $100 and $300 dollars to un-encrypt the data. The user has 72 hours from the start of the message to pay before the virus deletes the decryption keys.

Once the files are encrypted there are no other alternatives EXCEPT to recover the data from an offline backup. Online backup solutions ( like Carbonite, Mozy, Backblaze, and DropBox, etc…) are affected by the virus and will copy encrypted files to their repositories.

Will your Antivirus program protect you?

At this time, Antivirus vendors (such as Symantec) are still working on a solution to successfully detect this virus, and prevent its infection, but they do not have one yet. They also do not have a way to un-encrypt the files once they’ve been encrypted.

What you can do to protect your computer and your data?

  • Do NOT open attachments from people you’re not expecting to get attachments from. This includes emails from printers saying they’ve sent you a scanned document, or from shipping companies stating there is a customer support issue.
  • If you do not log onto the UA Domain to access your computer, but you would like help putting this mediation in place, please contact the OIT Support Center.
  • Take regular backups of your data and store them offline. If you back up your files to an external HDD, do not leave it connected to your computer. Disconnect it after you have backed up your files.

What should I do if I’m infected?

  • Immediately turn off your computer
  • Do not attempt to move files or circumvent the problem

Please see this for more details:- http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/ 

Should you require further advice with regards to CryptoLocker please email [email protected] 

Read More

World Password Day – Are your employees’ passwords protectin...

5 May 2022

Your employees protect your critical business data - Get your free password protection guide!

Xperience Granted a Platinum Partner Status with Sophos

27 April 2022

Xperience is delighted to announce they have been granted ‘Platinum Partner Status’ with Sophos. Read more...

Government Guidance To Take Cyber Security Action Following ...

23 March 2022

Organisations should follow the NCSC's guidance regarding the current global cyber threat; specifically wiper malware.

Cybersecurity advice during the current Russia-Ukraine crisi...

4 March 2022

Cybersecurity advice during the current Russia-Ukraine crisis

Free Phishing Tool – Make sure your business isn’...

21 February 2022

Free Phishing Tool - Make sure your business isn't bait!