I normally do not panic about new virus alerts, but this one has caught a lot of attention because of the potential destruction.
The links in this page are safe, but are a perfect example of how viruses spread through email. Do not trust unknown links (except for this). One way to verify links are by hovering over with your mouse, the destination address should appear in the bottom left corner of the browser window.
What does this virus do?
When this virus infects a system, it immediately encrypts the
user’s data and possibly the data on any external drives (such as
USB/thumb drives) or network share drives to which the machine is
currently connected. Once the data has been encrypted, the virus
prompts the user to pay money ($300) by a specified deadline to
decrypt the data. If there is no response before the deadline, the
key to decrypt files specific to the encrypted machine is
destroyed. Once the files are encrypted there are no other
alternatives EXCEPT to recover the data from an offline backup. Read more here
Will your Antivirus program protect you?
At this time, both Vipre and other major antivirus vendors have
updated signatures to this virus and prevent its infection.
However, they do NOT not have a way to decrypt the files once they
have been encrypted. It is critical that you keep your antivirus
active and updated daily. They are still not 100% fool proof, and
the best defense is user education and excessive caution when
opening email attachments or files downloaded from the internet.
What you can do to protect your computer and your data?
- Do NOT open attachments from people you are not
expecting to get attachments from. This includes emails from
printers saying they have sent you a scanned document, or from
shipping companies stating there is a customer support issue. - Continue to keep your antivirus signatures updated.
- Importantly, the only sure way to beat this virus and others
like it is to make regular backups of your data and store them
offline. If you backup your files to an external hard drive, do
not leave it connected to your computer unless it is in the
backup process.
What should I do if I get infected?
- Immediately turn off your computer by holding the power button
down for 10 seconds. - Do not attempt to move files or circumvent the problem.
- Immediately contact your local computer support group
What should I do at home?
- Backup
your important data regularly to an external USB drive, and keep
the drive disconnected. - Be sure you are running up to date Antivirus software
- Microsoft Security Essentialsis recommended due to it’s cost
(free) and minimal impact.
- Microsoft Security Essentialsis recommended due to it’s cost
- Scan your computer now for Malware and Rootkits.
- Do not trust links or attachments sent through email unless
you are absolutely sure of what you are downloading. - Do not connect to an office network or VPN if you are unsure
that your computer is clean.
What about other devices?
At this point Linux, Apple and Android computers and devices are
not affected.
Cloud storage such as Dropbox, Google drive, etc. can be affected
by this and other viruses if an infected computer is synchronized.