Virus turns Sunnyside records into ????...????,* paralyzes some service
*The word in the headline means "garbage" in Greek.
It is an example of what many Sunnyside City computer files look like after being infected by a new virus.
A growing type of malicious software, "ransomware," has hit the worldwide computer market recently, effectively shutting down computer terminals and servers until a certain amount of cash or ransom is paid.
What makes this type of software so dangerous is the fact that in addition to shutting down a person's computer, the virus usually doesn't release the terminal's files even after the ransom is paid.
In fact, according to Microsoft, "Victims should never pay the ransom as the files will not be decrypted."
Just last month, a new ransomware variant titled Cryptolock began infecting machines with the added danger that those infected could lose their personal files forever.
Sunnyside City Recorder Polly Sanderson has been dealing with the highly advanced virus for more than a week, working with Max Technology's Seth Shumway to keep the town up and running while saving Sunnyside City's digital files.
"My computer just stopped working last weekend," said Sanderson. "We thought the hard drive was dying so I sent the machine to Seth and he realized that our computer had been infected."
Cryptolocker is typically spread through infected websites and has been targeting entities via phishing attacks. The scam has evolved over time, using various techniques to disable a computer and turn the machines display into gibberish.
According to Symantec, the most recent evolution locks the computer display and does not allow the user to access any programs. The computer then displays a message that claims to be from a branch of local law enforcement. Messages are usually something along the lines of "You have browsed illicit materials and must pay a fine," said the Symantec website. "Law enforcement logos are used to give the message an air of authenticity."
Infected users are being asked to pay anywhere from $300 to $500 ransom.
Some data salvaged
Shumway, a technician who services Castle Country, was able to help Sunnyside save most of their Caselle program files. This was vital to Sanderson as Caselle handles all of the city's accounting, utilities, credit and payable accounts. Whether the city will get many of their other program files back is still up in the air. The virus has already destroyed several portions of the computer's memory.
"Some of what is still encrypted is 20 years old," explained Sanderson. "That information can never be replaced. This truly has been a horrible week."
Because ransomware tends to attack hard-to-crack encrypted files, recovering from such an attack can be difficult and typically requires the assistance of a professional.
Symantec explains that the best thing you can do for yourself is to keep anti-virus protection up to date and avoid shady sites and emails.
"If a relative of yours that is asking for something out of the ordinary, call that person and verify the message," said Sun Advocate computer technician Chris Williams. "Opening that email or an attachment assigned to it, is like asking a thief to come right on in to your house."
Whether it be malware (malicious software) or ransomware, loosing data and program reliability is only part of the issue. According to Sanderson, Cryptolocker has brought a great deal of the city's essential functions to a halt.
"We have lost seven days to this virus," explained Sanderson. "And our technician is still working to salvage our information and make sure that our programs run like they did before."