Security, Cryptolocker, Ransomware, Malware

I believe I opened an attachment that was Malware and might be cryptoware. What can I do?

Cryptolocker/Ransomware scams involve a type of malware that infects computers and restricts users' access to their files or threatens the permanent destruction of their information unless a ransom is paid. Once Ransomware launches on your machine, it is nearly impossible to access your files.

For University-owned machines, turn off your machine and contact security@illinois.edu.

For future reference you will want to back up your files to cloud storage service that keeps a history or archive of your files. Such options include:

U of I Box : http://box.illinois.edu/
Google Drive: https://drive.google.com/drive/my-drive
Microsoft OneDrive: https://onedrive.live.com/about/en-us/

What can you do to avoid this in the future?

Don't click suspicious links or attachments, avoid using email for file sharing.
Ensure the latest patches are installed for your operating system and software. Unpatched machines are the targets of most attacks due to their vulnerabilities.
Use our campus-provided anti-virus solution CrowdStrike for real-time mitigation of threats.
Avoid enabling macros. If you open a file that asks you to enable macros, embedded code can execute malware on your machine.

More detailed info from Microsoft can be found here.

Keywords:	crypto malware cryptovirus locky Suggest keywords	Doc ID:	62569
Owner:	Security S.	Group:	University of Illinois Technology Services
Created:	2016-04-07 11:15 CDT	Updated:	2021-06-08 14:12 CDT
Sites:	University of Illinois Technology Services
Feedback:	4 1 Comment Suggest a new document Subscribe to changes