Technology Department News

Virus Warning.

There is a new virus that is spreading across the web. Falling for this virus could destroy the data of EVERY USER in the district. (This could also affect your home computer).

The virus’s design has made it so that even current Antivirus products running in your firewall and antivirus software on your PCs aren’t detecting it until it’s too late, if at all. The antivirus companies are trying to respond, but the virus ‘morphs’ each time it replicates, so its slippery for them to detect and block or quarantine.

What does it do?

In short, the virus is a form of Ransomware. Once it gets into your PC, it ‘encrypts’ all your personal files and data, and then holds your data hostage for ransom. In this case they want $300 to provide you with the unlock code to decrypt your files and remove their application.

Here is what the message will look like once it’s too late:

CryptoLocker Message

To motivate the affected user to quick action, they only give you 72 hours to act, then the data is lost forever.

Its design is such that if your IT person then tries to remove it, this will leave your files encrypted forever.

It gets worse. If your PC has external media like USB hard drives and USB keys attached, it encrypts those too. Imagine if your Backup drive was attached, it would be encrypted and unusable to restore your data from before the attack. Even worse, if your infected PC is connected to a network and you have connections to a Server, it reaches out and encrypts the data on the Server too. If you use a Cloud based storage like Dropbox or Google Drive, it will encrypt the data within those folders as well. If you use Internet Backup, the backup will pick up copies of the encrypted files.

How it’s getting in

I can’t tell you for certain how it’s been getting in (which is troubling). With its ability to slip through the Antivirus filters it comes down to there is no defense (yet) other than you using your smarts. Reports to date seem to indicate it gets in using one of two methods:

  • As an attachment to an email message. Typically something claiming to be a shipping notice or receipt for your review. A common lure to get you to try and open the attachment to see what it is, and if you open that attachment the virus sets in. /li>
  • If your computer is already infected with some mild spyware (pop ups, other nuisances) they have found a way to exploit the Spyware’s communication methods to slip in and get started that way. This doesn’t need a user’s interaction, and is crazy scary.

To Defend Yourself:

  • Don’t open attachments that come with emails unless you are 100% certain to the validity of the attached file. Meaning you should know who is sending it to you, why they are sending it, and you should have been expecting it. Even an emailed attachment from someone you know could be a cleverly disguised virus, so be SURE before you open it. You can always pick up the phone and contact that person to be sure they sent you something. YOU CAN’T rely on your antivirus software to defend you at the moment. You have to use your own smarts and avoid things that will trigger it.
  • If you suspect that your PC has Spyware in any other way (acting weird, slow, pop-ups) contact your IT person to address this immediately. When in doubt, turn off the PC until your IT person evaluates it.
  • Keep your Antivirus program up to date on a daily (or more frequent) basis.

Basically, responsible surfing is the best defense.

Information from: https://blog.mmeconsulting.com/cryptolocker-alert/