A new form of malware has infected several computers on campus. This new threat is called CryptoLocker and is considered very serious. This new form of malware attempts to encrypt the data on your hard drive as well as other shared drives, including your SkyDrive or network shared drive and then holds that data for “ransom,” promising to provide the encryption key if you make a payment of approximately $300.
The malware is spread via email that may appear to come from a legitimate source, such as a bank, IT Services, or even someone you know. This is a very serious threat and can destroy your data, as well as data needed for University business. IT Services is blocking all known CryptoLocker links on a daily basis; however, you may still be infected if you follow a link to an infected Web site, if you are off campus, or if the link is to a newly infected site that hasn’t yet been blocked by IT Services. IT Services is also working with Microsoft to deploy additional security software that will help prevent the spread of malware.
In order to prevent being infected by CryptoLocker, please take the following steps:
- Do not follow any links in suspicious emails.
- Please report any suspicious emails immediately to the Technology Service Desk at 973-275-2222 or via email at ServiceDesk@shu.edu. If you have any doubts at all about an email, contact the Service Desk; they can help you determine if the email is legitimate or is a phishing or spreading malware.
- Make sure your antivirus software is up to date. If you have a University-owned computer, instructions for updating your Microsoft Forefront EndPoint Protection system can be found here: http://www.microsoft.com/security/portal/definitions/adl.aspx.
- Be sure you back up your data regularly. The Technology Service Desk can assist University faculty and employees in backing up their data.
If your computer is infected, you will see a message like this when you attempt to open a file:
If you determine your computer is infected, contact the Service Desk immediately. They will provide assistance in removing the malware. While IT Services will attempt to recover your data, be advised that recovery of the data on your computer might be possible once you are infected.