Information Technology Services

Drop Shadow

Urgent Security Alert

Other Alert

Dear USD Campus Community,

What would you do if you suddenly lost access to all your important files, and someone demanded a large sum of money to get them back?  Would you pay the money, OR would you already have another copy of your files stored safely somewhere else?

There is a new, extremely serious security risk to your computer that is becoming more prevalent.  This new risk is called “ransomware", and the most serious variant of ransomware is called CryptoLocker.

Ransomware typically begins as a phishing email with a file attachment or link to a virus disguised as something else.  Once you open the file or click on the link, your computer becomes infected and the attack begins.  CryptoLocker will proceed to encrypt all the files on your computer with a sophisticated encryption algorithm and then display a ransom message on your screen instructing you to submit a payment within a specific amount of time (usually 3 days).  If you fail to make the payment, your files will remain permanently encrypted and inaccessible.  The type of encryption can be very advanced and we may not have a method of recovering data from this attack.

What can you do to prevent this from happening?

There are only two defenses against this new virus:

  1. Ensure you have a full backup of your data to a cloud-based solution, or an external (USB) drive.
    NOTE:  your backup MUST be disconnected from your computer to keep it safe!  The virus will affect your external hard drives or USB drives if they are connected when you become infected, so a cloud backup is a safer approach. Here are a few options to consider:
  2. Avoid getting infected!  Be especially diligent about what emails you open and which links you click in those emails.  If something doesn’t look right or you’re unsure of the legitimacy of an email, send it to the Help Desk for analysis.  ALSO keep your computer up to date!  Install any important system and application updates, including Adobe and Flash updates.

If you fall victim of this attack, your data may be unrecoverable so please be very cautious when handling your email.   If in doubt, call the ITS Help Desk at (619) 260-7900 or forward the email in question to help@sandiego.edu.

** By following these steps you will safeguard your computing systems against many similar phishing attacks.

For the most current information about this new threat, please visit the ITS Knowledge Base:
http://www.sandiego.edu/its/kb/135448

You can also read more about this virus here:
http://www.scientificamerican.com/article.cfm?id=ransom-malware

You can review samples of ransomware emails and popup messages here:
https://www.google.com/search?q=Ransomware+images&client=firefox-a&hs=oO4&rls=org.mozilla:en-US:official&tbm=isch&tbo=u&source=univ&sa=X&ei=GbuCUrDVGYPDigK5joHwDw&ved=0CDoQsAQ&biw=1536&bih=858

As always, feel free to contact the ITS Help Desk if you have any questions or concerns.

Contact ITS Help Desk for more information.

Alert last edited 11:36am Fri Nov 15, 2013

Return to Alerts listing