Upper school and middle school faculty at risk of virus on Windows computers
March 15, 2016
A computer virus attacked upper school network computers this morning, causing the computer people to notify Harker faculty using PC computers to immediately shut down their computers.
The crypto locker virus, a ransomware virus first detected in 2013, targets Windows computers through email attachments. Once downloaded, the virus encrypts all files on the computer applying a password to decrypt the files. In order to get the password, infected users must pay a ransom in order to reclaim and decrypt their files.
The IT Department has verified that only data from Monday is possibly at risk as their last safe backup took place Sunday night. The backup has been now taken offline to prevent further infection.
According to Director of Information Technology Service and Support Dan Hudkins, this cryptolocker virus is transmitted through an email attached with zipped files that look like PDF files. Once clicked, the infection is launched. An infected machine then has the potential to infect all other folders if that specific user is connected to a share on a file server that will also become infected.
Student laptops have not been infected since students have been isolated off the internal network in caution of their lack of knowledge to check for viruses. Faculty are still advised not to use their Windows computers until further notice.
The IT department has deployed resources to figure out exactly what variant of this virus has occurred so they know how to further deal with the situation and bring things back online.
“If we identify the variant, we can be certain that is not one of the ones that propagates from client to client,” he said. “In other words, it jumps from one machine to another machine without talking to a server. If we are sure that those two things are not true, then we should be able to start bringing on machines fairly soon. If we can’t identify that to a certainty then I have a hard decision to make.”
Here is how to prevent cryptolocker if the machine has already not been infected:
– Be careful with emails from senders you are unaware of, especially if there is an attached file
– Disable hidden file extensions in Windows
– Backup all your files
– If you have not already backed up your files and your machine has been infected, do not pay the ransom.