RansomWare Virus Affecting Windows Computers

Published: 9 October 2013

A new RansomWare virus by the name of ‘CryptoLocker’ is infecting Windows computer, with a significant impact on users data. To help you to remain vigilant, we have included below some information about this virus and how to safeguard your business.

What does this virus do?

When this virus infects a system, it immediately encrypts the user’s data, and the data on any network shared drives that the user has access to.

Once the data has been encrypted, the virus prompts the user with a red background that requires the user to pay between $100 and $300 dollars to un-encrypt the data. The user has 72 hours from the start of the message to pay before the virus deletes the decryption keys.

Once the files are encrypted there are no other alternatives EXCEPT to recover the data from an offline backup. Online backup solutions ( like Carbonite, Mozy, Backblaze, and DropBox, etc…) are affected by the virus and will copy encrypted files to their repositories.

Will your Antivirus program protect you?

At this time, Antivirus vendors (such as Symantec) are still working on a solution to successfully detect this virus, and prevent its infection, but they do not have one yet. They also do not have a way to un-encrypt the files once they’ve been encrypted.

What you can do to protect your computer and your data?

  • Do NOT open attachments from people you’re not expecting to get attachments from. This includes emails from printers saying they’ve sent you a scanned document, or from shipping companies stating there is a customer support issue.
  • If you do not log onto the UA Domain to access your computer, but you would like help putting this mediation in place, please contact the OIT Support Center.
  • Take regular backups of your data and store them offline. If you back up your files to an external HDD, do not leave it connected to your computer. Disconnect it after you have backed up your files.

What should I do if I’m infected?

  • Immediately turn off your computer
  • Do not attempt to move files or circumvent the problem

Please see this for more details:- http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/ 

Should you require further advice with regards to CryptoLocker please email [email protected] 

Read More

Not-For-Profit Technology Forum GB : Recap

25 September 2023

We hosted our not for profit technology forum in Cambridge this September. Learn more about the technology insights we covered.

IT Vendor Relationship Management  

15 September 2023

Successful IT vendor relationship management can be crucial for your business performance in terms of costs, service levels and more.

Beyond MFA – Protecting users from modern attacks

12 September 2023

Our CTO Simon Barnes discusses MFA and the further steps you must take to protect your business from modern attacks.

EDR, MDR and XDR- what do they mean?

11 August 2023

EDR MDR and XDR

Xperience Hospice Technology Forum: Recap

24 July 2023

Hospice Technology Forum