We want to alert Chemistry folks of a nasty piece of computer malware appearing on campus which will encrypt all of your files, then ask for a $300 ransom to decrypt them. Even if you pay the money, you aren’t guaranteed to get your files back. The only solution is to completely reinstall the computer to remove the malware and retrieve your files from your backup, if you maintain one.

ChemIT has seen a copy of “CryptoLocker” Ransomware on a user’s personal machine, and the files were not recoverable.

ChemIT works to minimize the possibility of these infections on machines it fully manages. The best way to avoid these issues on your personal computers and machines you manage are:

(1) Don’t click on links or attachments in unexpected emails.
(2) Keep your operating system and 3rd party applications updated (Adobe Reader, Adobe Flash, Java, etc.).
(3) Java – used for a small amount of web content
– Either update it to the latest version (currently ver 7 Update 45 )
– or get rid of it if you don’t need it.
(4) Maintain current antivirus software and run regular or scheduled full scans. Cornell provides Symantec antivirus software to everyone for free.
(5) Make sure you have backups of important files in a separate location.

While this specific malware is currently targeting Windows systems, similar threats have been seen on Windows, Macs, and even Linux and Android devices.

The Cornell IT Security Office has also issued a warning about this software – see
http://www.cit.cornell.edu/services/alert.cfm?id=2860

More from news reports:
http://www.theregister.co.uk/2013/10/18/cryptolocker_ransmware/
http://www.coindesk.com/cryptolocker-malware-demands-bitcoin-ransom/