Computing Alerts and Announcements
Malware Advisory regarding CryptoLocker Ransomware (posted 11/26/13 9:45 AM)
The National Cybersecurity and Communications Integration Center has provided an advisory regarding a new ransomware campaign that goes by the name of CryptoLocker. Ransomware is malware (e.g. viruses, trojans) that restricts access to infected computers and forces the victim to pay a ransom in order to regain full access.
In the case of CryptoLocker, once a computer is infected, the victim's files are then encrypted rendering them unusable (unless the ransom is paid within a specified window of time). The only way to recover the encrypted files without paying the demanded ransom is by restoring the files from a clean backup copy. Under no circumstances will Buffalo State authorize the payment of ransom.
This malware is spread via malicious phishing e-mails, delivered with subject lines that are seemingly legitimate but are NOT. These e-mails have been delivered with various lures, with subject lines that include keywords like “payroll” or “package tracking,” and they usually appear to be from legitimate sources (e.g., UPS, FedEx, PayPal).
It is recommended that you take the following precautions to prevent your campus computer from becoming infected with CryptoLocker (or other malware):
Remain extremely vigilant when opening e-mails, e-mail attachments, and clicking on hyperlinks contained within e-mails.
If an e-mail appears suspicious, or you have received an unexpected attachment, do not open it.
Verify the identity of the sender of any attachment, whether via a check of the sender's e-mail address or formal communication with the sender.
Regularly back up your important files to a network or external drive.
Regularly scan your computer for viruses. To learn how visit: http://libanswers.buffalostate.edu/a.php?qid=593637
If you believe your campus-owned computer has become infected with CryptoLocker, or other malware, please report it to the Help Desk immediately by phone (878-4357) or e-mail (email@example.com).