Iowa State University

ITInformation Technology

Security Alert: Cryptolocker Virus Detected on Campus

This news item expired November 28, 2013. It may contain out-of-date information.

ITS security officials are aware of a relatively new, very effective, virus actively attacking campus users with Windows computers. Once your files have been corrupted, there is no way to open them without paying a "ransom" (they will unlock your files for a prescribed amount of money, usually around $300). Currently the Iowa State mail servers are removing infected attachments, but your personal email account could be vulnerable.

This new virus, Cryptolocker, uses the standard methods of attack: downloads from infected websites or infected email attachments.

To protect your computer and your data:

  • Do NOT click on links or open attachments in email from people you are not expecting to get email from.
  • Keep all applications, especially antivirus programs, updated.
  • The only sure way to beat this virus and others like it is to make regular backups of your data and store them offline. If you back up your files to an external hard drive, do not leave it connected to your computer unless it is in the backup process.

If your computer is infected:

  • Don't pay the ransom.
  • Immediately turn off your computer.
  • Contact your departmental IT support staff or the Solution Center at 515-294-4000.

For additional information about Cryptolocker, please see the Sophos NakedSecurity blog post.