Officials sent out a mass email to staff and students warning about a new virus that has recently plagued Microsoft Windows-based computers across the country.
Dubbed CryptoLocker, the virus is hidden in seemingly safe email attachment and, once opened, locks access to files contained on the infected hard drive.
Doug Ooley, director of information security services at Boise State, said antivirus software used to protect university networks has blocked CryptoLocker from infecting any campus computers so far.
However, some university employees haven’t been so fortunate with personal machines.
“We haven’t seen anybody fall victim to this on campus. We have had reports from individuals who have had problems with their computers at home,” Ooley said.
Once a computer’s files have been encrypted, victims are given a time frame, typically 72-100 hours, in which they must pay those responsible for the virus in order to unlock their files.
“Obviously, you really don’t want to pay the money that they are asking. Typically, it’s between $100-$300,” Ooley said.
Ooley said the CryptoLocker virus is one of the most complicated he and colleagues have seen.
“The really interesting thing about CryptoLocker is that it is using a different attack vector, meaning once the virus has been downloaded, they are actually using a military-grade encryption on documents within the computer,” Ooley said. “They are typically not this sophisticated.”
So far, experts have been unsuccessful at deciphering the code to CryptoLocker and highly complicated viruses like it.
“At this point in time, they haven’t been able to crack the encryption,” Ooley said.
This means victims have one option if they want to gain access to their files again and, according to Ooley, it isn’t a great one.
“The only way an individual can get access to the content in their computer is to get the public key they (hackers) create once the virus encrypts the document,” Ooley said. “However, there is absolutely no guarantee that if you pay the money, you will get your key.”
Ooley stated he has heard of incidents in which individuals who pay the appointed ransom are given access to their files.
“There are reports that people are getting the keys sent out, but again, there’s no guarantee,” Ooley said.
According to Ooley, the creators of CryptoLocker and similar viruses are aren’t located outside of the country.
“I think that almost all of this kind of activity probably happens offshore, outside of the United States,” Ooley said.
Ooley and others in OIT are charged with ensuring the safety of Boise State’s networks and viruses are a common issue.
“When we are sifting through the network traffic coming into the university, we see many (virus) hits each week that we repel,” Ooley said.