PULLMAN, Wash. – A nasty new strain of malware, CryptoLocker, is circulating on the Internet. The dangerous, malicious computer software encrypts your personal data files (word, PowerPoint, pictures, music, videos, etc.), rendering them useless and inaccessible.
The only recovery option has been to pay a fee or ransom for a key to unencrypt the files and return the machine to full functionality.
Information Services at Washington State University emphasizes that this malware is not known to have infected any university resources. This announcement is designed to help avoid potential infection(s).
At right is an example of the screen that pops up when CryptoLocker has activated.
More information on this malware can be found at Today (http://www.today.com/money/nasty-new-malware-locks-your-files-forever-unless-you-pay-8C11511655) and KrebsonSecurity (http://krebsonsecurity.com/2013/11/how-to-avoid-cryptolocker-ransomware/).
What is malware?
Generally, malware is a program that might attempt to steal information or block usage of features on your computer. The term formerly used was “virus,” but the word malware has evolved to encompass a wide range of programs that are unwanted on a computer.
What is encryption?
Encryption encodes files on your computer so only you and authorized people or authorized websites can read the data. A key is required to decrypt files; without a key, the information is useless even to the person who owns the machine.
What computers are at risk?
All computers using Windows XP 2, Vista, 7, 8 and 8.1. This includes any Apple or Linux and systems running Parallels.
What can you do?
• Make sure your files are backed up on an external server or device.
• CryptoLocker is reported to have been largely activated through social engineering (http://searchsecurity.techtarget.com/definition/social-engineering). Individuals could also receive an email that includes attachments that appear to be PDFs. It is important to note that it is likely that different file formats may be used. The customer then clicks on the attachment and the malware is launched. Other reports suggest that compromised websites have been a source of this malware.
• Avoid opening attachments you weren’t expecting or from people you don’t know.
• Make sure your antivirus program is up to date.
• Keep your system patched and up to date.
• If a window pops up that is unexpected, do not click on any part of the window as this may activate the malware. Immediately contact your departmental IT support staff for guidance or the IS Help Desk at 509-335-4357 or helpdesk@wsu.edu.