"I had a window come up, and clicked on it. It has frozen the screen, and is asking for visa details to unlock." - UBT Customer

Beware of Cryptolocker Ransomware!

A new ransomware virus known as Cryptolocker is infecting computers globally and reinforces the need for users to be diligent in not opening email attachments from unknown senders.

IMPORTANT: If you have this problem

• Turn off your computer and disconnect the machine from any network immediately
• Contact UBT for assistance on 0800 UBT 123 (828 123).

What is a Ransomware Virus?

Typically Ransomware installs a malware application on your desktop or laptop and then requests payment to have it removed. A skilled IT technician can usually remove these for you.

What is Cryptolocker?

Cryptolocker is a very nasty and destructive version of ransomware. Once installed, Cryptolocker silently encrypts your files and then hides the special key required to decrypt the files to somewhere on the internet. Without this key you will not be able to open any of your files. Cryptolocker will then ask you to pay a fee to get the decryption key. The fee is about USD/Euro $300.00. This fee must be paid within a defined time period (usually 72 hours), or the server will destroy the decryption key and your files will be lost forever.

How do you become infected with CryptoLocker?

This infection is typically spread through emails sent to company email addresses that pretend to be customer support related issues from Fedex, UPS, DHL, etc. These emails would contain a zip attachment that when opened would infect the computer. These zip files contain executables that are disguised as PDF files as they have a PDF icon and are typically named something like FORM_101513.exe or FORM_101513.pdf.exe. Since Microsoft does not show extensions by default, they look like normal PDF files and people open them.

So how do you protect yourself from this attack?

1. Make sure you have an off-line back up of your data. The easiest method is to use an external USB hard drive and only plug this in when you are doing a backup. If you have on-line backup then this will also provide you with good protection as these services usually operate with multiple backups protected through powerful encryption and security measures.
2. Ensure you have a good anti-virus and anti-malware application installed, and regularly updated such as the Eset or NOD 32 as installed on all UBT supplied computers.
3. Be conscious of downloading any files from web-sites, and do not open email attachments that you are not sure of.

If you have any questions regarding this - please open a helpdesk request for further assistance.