CryptoLocker – A threat plaguing Canadian universities

There is a very dangerous and malicious threat attacking Canadian universities known as CryptoLocker.

CryptoLocker is malware that arrives attached to an email, usually inside of a zip file and attempts to extort money from computer users. This kind of computer infection can be considered as ransomware.

When your computer is infected with a CryptoLocker, the program begins encrypting any files it can access. These can be files on your hard drive, on USB keys or drives and even network drives in public environments. Once the files are encrypted you will be presented with a notice like the one below which gives you a limited time to pay a ransom to get a key to decrypt and get access to your files. Currently, infected users are instructed to pay $100 USD to get access to their files.



1.       Inform yourself: Never open an .exe file that you receive via email. Beware of any attachment that is sent to you from someone you don’t know. Even if you know the person, verify that it was something they sent with a purpose.

2.       Download Sophos anti-virus software: ICT has a Sophos license for all university computers and servers. This free software is available to current students, employees, and alumni of the university for both on-campus and home use. This service will automatically download the latest updates to the anti-virus software to your computer providing constant real-time protection with minimal system overhead.

3.       Backup your files: An effective daily backup solution is essential in order to be able to restore files that are not infected. We recommend using hard drives that you unplug regularly or use an online service. These types of backups are physically separated from your computer so CryptoLocker can’t get to them.

For more information, contact:
ICT Help Desk: