![]() How to Avoid CryptoLockerAzusa Pacific University has several layers of protection in place to help detect and prevent malware of all kinds. While these are generally very effective, the CryptoLocker malware has the ability to circumvent these controls if you unknowingly execute an infected file or click on a malicious link in an email. CryptoLocker is most often spread through booby-trapped email attachments, but the malware also can be deployed by hacked and malicious web sites by exploiting outdated browser plugins.
Tips for avoiding these malicious email attachments, malicious websites, and more are available on this site here and here. Additional information is made available via US-CERT (United States Computer Emergency Readiness Team) here.
Backup Your ComputerHaving good backups of the data on your computer is the fastest and most reliable way to recover from any malware--this is especially true with CryptoLocker. If you are using a good backup system, chances are, you'll be able to recover from CryptoLocker with very little impact.
Personal Computers There are a number of good computer backup solutions available at a very reasonable price. These solutions have been evaluated by IMT and, while not officially recommended, are known to be effective. If you believe you have the CryptoLocker malware on your personal computer, contact the IMT Support Desk immediately.
APU Owned EquipmentThe main campus file server is backed up on a regular basis. We strongly recommend that you store your critical work files on your "L" and "M" drives to ensure recovery if your machine(s) become infected. Google Drive also provides revisions for native Google files. However, non-native files (Word, Excel, and Powerpoint) may not have revision history. If you believe that you have the CryptoLocker malware on your APU owned machine, contact the IMT Support Desk immediately.
Help! CryptoLocker Is On My ComputerIf your machine has been infected with the CryptoLocker malware, you have only a few feasible options. Since CrytpoLocker encrypts everything it can find on your local hard drive, your Dropbox, Box.net, SkyDrive, Google Drive, etc., having good backups is the best recovery option available. Restore Your BackupPersonal ComputersIf you have used one of the recommended backup solutions or have a backup solution of your own, there are two keys steps to recovering from CryptoLocker.
APU Owned EquipmentIf you believe that you have the CryptoLocker malware on your APU owned machine, contact the IMT Support Desk immediately. Pay the Ransom
If you don't have any backups of your work, and the files that have been encrypted by CryptoLocker are critical, you may want to consider paying the ransom. While this is ideologically offensive to most, there have been numerous reports of individuals who have paid the ransom and successfully recovered their files.Before you consider paying the ransom, please contact the IMT Support Desk first. We will help you determine the best course of action for recovering your data. Other ResourcesThere is a growing number of resources on the web dealing with CryptoLocker. Here are some sites that can provide additional accurate information.Malwarebytes: Cryptolocker Ransomware: What you need to know.Naked Security (Sophos): Destructive malware Cryptolocker on the loose.http://www.symantec.com/connect/forums/cryptolocker-and-adc-policies Reddit thread: Proper care and feeding of your Cryptolocker Makeuseof.com: Cryptolocker is the nastiest malware ever and here’s what you can do Ars Technica: You’re infected — if you want to see your data again, pay us $300 in Bitcoins |
IMT Security Office Home > Security Alerts >