Eastern Michigan University

Ransomware - Cryptolocker

Ransomware is a type of malicious software that holds a victim's computer or data hostage in an effort to extort money from him or her. This has been an emerging threat over the past year; but, in most of those earlier cases, the computer could be easily restored by an I.T. professional without paying the ransom.


In the past few months, a new type of ransomware has emerged that is referred to as Cryptolocker. When a computer is infected with Cryptolocker, the software quietly begins encrypting all of the computer's images, office documents, and other important files with a secret key that is held by the malware author. Once the encryption completes, the victim is presented with a screen requesting the ransom and a countdown timer at which point the data will no longer be recoverable. Without the key, there is little that can be done to decrypt the data; and, it has been reported that individuals who have paid the ransom have not always been able to decrypt their data.

Cryptolocker image











What Can You Do to Stay Safe?

  • Cryptolocker is usually distributed through email attachments. Never open an attachment that you were not expecting. This is especially important for files with an EXE or MSI extension.
  • Running up-to-date antivirus software is always highly recommended. It could stop this virus before it gets the chance to encrypt your data.
  • Always backup your important data off of your computer. In the event of a Cryptolocker infection, backups are the only sure way to recover all of your data.

How is EMU Keeping You Safe?

  • Every email delivered to an EagleMail account is scanned for known viruses by our Cisco Ironport email security system. Known viruses and all windows executable (.EXE) files are removed.
  • Our advanced firewalls and DNS firewalls can help prevent these viruses from being downloaded on the campus network; and, if they are downloaded, the firewalls can prevent them from starting the encryption process by blocking their access to their command and control servers.
  • Every EMU-owned computer comes with a copy of McAfee Antivirus which is constantly being updated through McAfee ePolicy Orchestrator

The Bottom Line

There is no guaranteed protection. These viruses are constantly evolving, and so safeguards like firewalls and antivirus software have to keep catching up. But, if you play it safe and Think before you Click. Post. Type. and run regular backups of your important data, then you should be safe online.


Division of Information Technology

118 Pray Harrold

Ypsilanti, MI 48197

Phone: 734.487.3141

Fax: 734.481.9290