Smith College Admission Academics Student Life About Smith news Offices
  Home > Offices > Information Technology Services > TARA > Viruses > CryptoLocker Ransomware  
   Reset Password     Smith Directory    Smith Portal   Server Status  Smith Software

Getting Started
25Live Scheduling
Account Forms
Active Directory
Admin Systems*
File Transfer
Google Apps
   Smith Mail
Internet Browsers
   Backup & Restore
   Related Apps
   Other Info
Microsoft Office
Microsoft Windows
Mobile Devices
Smith Network
Smith Portal
Standard Software
Terminal Emulators
Viruses & Spyware
Web Development
Wireless Access

*Smith login required



CryptoLocker ransomware, released in September 2013, affects Windows computers by encrypting all your files (including files on network drives and any attached external drives), then requiring you to pay for the decryption key. It is most commonly spread via email attachments or by visiting infected web sites.

Happily, Gmail blocks messages with executable attachments, which protects Smith Mail users from this method of attack. This means that the risk to Smith users from CryptoLocker is low, but the consequences if you are hit can be painful.

What CryptoLocker does

If you are hit, you probably won’t know it until the damage is done and you see a red screen informing you that your files have been encrypted. The CryptoLocker software gives you 72 hours to pay for the decryption key. The encryption is strong, which means there is no way to decrypt the files without that key.

At this point, you have two options: Pay the ransom (typically $300-$500 US) and get the decryption key, though there’s no guarantee you will actually get the key. Or, you can recover your files from backups (you have those, right?), from previous versions, or from shadow files if they are available.

What YOU can do to protect yourself

Follow the "best practices" below to protect your computer and your files from a multitude of potential disasters:

  1. Never open an email attachment you weren't expecting.

  2. Never click a link in a message from a sender you don't recognize.

  3. Never respond to any email requesting your password.

  4. Make and keep regular backups of your important files. If possible, keep copies of your files in two locations, and back them up to a third location. For more information, see:

  5. Keep your browser and application software as up-to-date as possible with the latest security patches. (Note that the browser you use for BannerWeb and Banner INB may need to remain at a lower version.) To check the status of each web browser you use:

    1. Open the browser you wish to check.

    2. Go to:

    3. Click the Launch a quick scan now link.

    4. The system will check to see if your browser, plugins, and related software are all up-to-date.

More about Gmail's built-in protections

Note that some protection against CryptoLocker is already built in to Smith Mail because, as a security measure to prevent potential viruses, Gmail doesn't allow you to send or receive executable files. Here is the list of executable file types that can't be sent or received :

.ade, .adp, .bat, .chm, .cmd, .com, .cpl, .exe, .hta, .ins, .isp, .jse, .lib, .lnk, .mde, .msc, .msp, .mst, .pif, .scr, .sct, .shb, .sys, .vb, .vbe, .vbs, .vxd, .wsc, .wsf, .wsh

Messages containing the file types listed above are automatically bounced back and returned to the sender. Gmail won't accept these file types even if they're sent in a zipped format. Here are some examples of zipped formats:

.zip, .tar, .tgz, .taz, .z, .gz, .rar

For more information, see:

For more about how CryptoLocker works and how to prevent and remove it, see:

Back to top >



Copyright © 2015 Smith College Information Technology Services  |  Stoddard Hall   |  Northampton, MA 01063
413.585.4487  |  Questions or comments?  Send us email
 |  Last updated June 30, 2014

DirectoryCalendarCampus MapVirtual TourContact UsSite A-Z