CryptoLocker update and ransomware alert

November 7, 2013

Carla Browning

From Karl Kowalski, UA Chief Information Technology Officer

CryptoLocker is a form of a virus that can encrypt and lock you out of all the files on your computer, any connected shared drive on the network or storage device such a a USB thumb drive.  Previously, OIT had notified the University community and pushed computer policies to many of the campus computers to prevent Cryptolocker from running. But, the bad guys are getting more sophisticated and changing the method of infection, so we felt an update was warranted.

If you feel your university system or a personal system you have on the university network is infected, disconnect it from the network immediately by turning off your wireless and/or unplugging your network cable and then contact the OIT help desk.

More information and recommended preventative actions from US-CERT (United States Computer Emergency Readiness Team) can be found here: https://www.us-cert.gov/ncas/alerts/TA13-309A. Cryptolocker has the potential to cause serious damage and frustrations within our system and/or on your personal home systems. Please heed the advice in the prevention section below.

Prevention

US-CERT recommends users and administrators take the following preventative measures to protect their computer networks from a CryptoLocker infection:


  • Do not follow unsolicited web links in email messages or submit any information to webpages in links

  • Use caution when opening email attachments. Refer to the Security Tip Using Caution with Email Attachments for more information on safely handling email attachments

  • Maintain up-to-date anti-virus software

  • Perform regular backups of all systems to limit the impact of data and/or system loss

  • Apply changes to your Intrusion Detection/Prevention Systems and Firewalls to detect any known malicious activity

  • Secure open-share drives by only allowing connections from authorized users

  • Keep your operating system and software up-to-date with the latest patches

  • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams

  • Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks


For more information.

If you have any questions, please feel free to contact OIT staff for further information. at 907-450-8300 or helpdesk@alaska.edu.