The hellish affliction of ransomware has filled Castle Country computer users with terror this Halloween season, shutting down Sunnyside City's network for more than a week and attacking terminals all across Eastern Utah. This type of malware is particularly malevolent as it typically holds a person's files hostage.
One of the newest and most devastating forms of ransomware affecting terminals in the United States is CryptoLocker. The extortion program enters a person's computer, encrypts important files and then makes it impossible to use them. In the case of Sunnyside, the virus disabled the city's entire system, blocking access to digital files for more than a week and causing some permanent losses.
According to Max Technologies Owner Seth Shumway, a repair professional and business consultant, the CryptoLocker virus began showing up in Eastern Utah around two and a half weeks ago.
"I have seen more than 30 machines infected recently," he said. "Every infection came through email and every infection has been devastating. This is one of the worst viruses I have ever seen."
Shumway, a ten year computer repair professional, explained that CryptoLocker is different from known viruses in several ways, most notably because of the way it seeks out specific computer files and encrypts them.
"The infection finds personal files like word documents, photos and databases," said Shumway. "It goes after the files a person values most and locks them down."
Most versions of the virus ask for $300 to release the files However, Shumway, has seen some ask for as low as $60 and as much as $600.
Several area clients were infected by an email claiming to be from the Utah Transit System. The email states that there is a problem with the individual's account and directs them to a "helpful" link. Once the link is clicked, it's all over, said Shumway.
Several of those infected by the Cryptolocker virus have had success paying the ransom and obtaining a key that allows their files to be unencrypted.
"Nothing can be done once the encryption takes hold and after a certain amount of time, the password is erased, leaving the files locked down forever," he explained. "They don't give you a great amount of time to think over what is happening. When dealing with true CryptoLocker, there are many copycat viruses, the only way to retrieve your files is to pay the ransom."
To avoid paying for the kidnapping of your computer, Shumway recommends closely monitoring anything you open on the web. When it comes to emails, he cautioned residents to check the correspondence carefully.
"Even if the message comes from a person who regularly sends email to your inbox, check the content, spelling and the message," said Shumway. "If something seems like it's off, don't touch it."
Several online sources also recommend proactive protection techniques such as switching to a safer email provider such as Gmail. Keep anti-virus software up-to-date and run scan on a regular basis. Keep Java, Flash and the computer's operating system updated.