Information Technology Services is warning campus computer users of a new and “nasty”email threat called “Cryptolocker.”
Cryptolocker, which generally comes in as an attachment to an email claiming to be a UPS delivery or some another realistic-sounding story, will:
- encrypt the victim’s files using a public key encryption;
- let the victim know their files are encrypted and demand money (usually $300 to $400) for the private key to decrypt those files; and
- delete the private key if payment is not received within a fairly short time frame, usually three to four days.
Cryptolocker will find all files the person has access to at the time of the infection, including network mapped drives and USB drives.
Unless the victim has a good, recent backup of their files, they will be unrecoverable.
ITS recommends the following steps to protect campus computers:
- Do not open emails from unknown sources.
- Do not open attachments unless you know the sender and trust that it is a legitimate file.
- Take regular backups and store the back up offline. If the backup is accessible at the time of the infection, the backup files also will be encrypted by Cryptolocker.
- Keep your computer current with patches and antivirus.
For more information, call (815) 753-8100 – open 24/7 – or email [email protected].