The State of Maine Office of Information Technology has been seeing an increase in CryptoWall malware infections. CryptoWall is ransomware that infects computers and encrypts documents along with any connected file shares or drives making everything unreadable and essentially unusable. After the damage is done, the malware will send a message to the user demanding a ransom be paid to regain access to the encrypted files, documents, photos, spreadsheets, databases, etc.
CryptoWall can infect computers through:
- scam emails,
- malicious advertisements,
- legitimate websites, and
- fake updates to products such as Adobe Reader, Adobe Flash, and Java.
- Backup, make sure your files are backed up regularly or kept in a location that is backed up regularly.
- Never download suspicious and unauthorized programs or open suspicious emails.
- Never respond to requests for personal information via e-mail. Legitimate businesses will never ask for passwords, credit card numbers, or other personal information in an e-mail.
- Do not enter personal information in a pop-up screen.
- Use anti-virus and anti-spyware software, as well as a firewall, and update them regularly.
- Hover cursor over website and email links, without clicking and wait a few seconds. The email application or browser will display the actual location of the link. If the address shown is unfamiliar, simply delete the phishing email or close the webpage.
- Review credit card and bank statements as soon as received to identify unauthorized charges.
- Delete unsolicited e-mails. Don't open, reply to, forward, click on links, or view attachments.
CryptoWall Awareness: If you think your computer has been infected:
- Immediately turn off and disconnect your machine from the network.
- For OIT issued State government computers, call the OIT Helpdesk at (207) 624-7700.
- For ALL OTHER computer users, call your computer support specialists.
- Never pay the ransom demanded to decrypt files. (If you are inclined to consider doing this, I have a bridge in Brooklyn I would like to sell you.)
- Only visit reputable websites and online services.
- Create and use strong and unique passwords. (more on this subject can be found in Risk Management's tip on Password Fatigue Syndrome and its Treatment )