Monday, 25 November 2013

There's a new online security threat - Cryptolocker

The latest criminal scam reminds us how important it is to backup our files. Ransomware scams try to trick you into downloading software that then encrypts all of your files so that you can’t open or view them. The criminals behind the scam then demand money in return for a password that will let you view your files.

The latest one is ‘Cryptolocker’ and it’s particularly nasty. It’s a real threat to your files and has gained a lot of attention in the media. The good news is that you can avoid being caught out if you follow our good practice advice.

How to stay safe

You can protect yourself from scams like these by doing the following:
  • Keep antivirus software up to date and install operating system security updates.
  • Don’t be taken in by fraudulent emails claiming to be your bank or another service provider.
  • Be very careful when downloading attachments from emails, especially when they are unexpected or from people you don’t know.
  • Keep backups of important files in a safe place, separate from your computer.

We have information about staying online on our website at http://www.shef.ac.uk/cics/security/safecomputing

To protect your computer from Cryptolocker and malware in general you should install security updates for your computer as soon as they are made available. To detect specific threats (such as Cryptolocker) you should also download antivirus software from the link below and ensure you keep it updated.

Unpleasant though Cryptolocker is, it reminds us how important it is to make sure all your work files as well as your photos and other personal files on your home computer are securely backed up.

Cryptolocker will encrypt any external hard drives and memory sticks that are connected to your computer. To protect your files make sure you have multiple copies in multiple places - you need to make sure there is separation between your working files and backups or they will both get caught out by this type of scam.

  • University personal and shared networked filestore are the safest place to store files; CiCS will make sure your work is backed up.
  • Google Drive is also a great place to store your files.
  • CDs and DVDs are are great for offline copies of important files but they are not infallible so should be used as a backup and not the only copy of important files.
  • External hard drives and memory sticks are vulnerable to Cryptolocker so they should be disconnected once you have finished backing up your files.

Cryptolocker currently only affects Windows PCs and is primarily spread as an email attachment. It is likely that the threat will evolve to spread through other means and may be developed to affect Macs.

What to do if you get caught out

Don’t panic! If you do suspect your computer has been infected by Cryptolocker, or any ransomware, turn your computer off immediately, disconnect any external hard drives or memory sticks and contact the CiCS Helpdesk. Do not try to and fix the problem or recover files yourself as you may make the problem worse by spreading the infection to other computers and files.