City network infected by virus Friday, files recovered
Learn how to protect yourself, the City
The City suffered a computer virus infection Sept. 18. The network was hit with CryptoWall, the most advanced form of “ransomware” that exists. Once a computer gets infected by CryptoWall, the virus scans computers and entire networks (including Dropbox and other online storage) for data. The virus then encrypts everything it finds. It irrevocably changes the files so they can’t be used. The data is lost unless users pay a ransom to hackers for the key to unlock the data.
While there is no way to unlock the encrypted files without paying the ransom, IT contained the infection and then restored the City files from its daily backups.
How do these infections happen?
Information Technology is still investigating how the City network got infected, but there are three ways most Cryptowall infections start:
- A phishing email that includes malware disguised as PDFs. These PDFs appear to be invoices, purchase orders, bills, complaints or other business communications, but double-clicking on them, infects your computer with CryptoWall and starts the encryption process.
Protect yourself and the City
Safe internet practices provide the best protection against viruses like CryptoWall.
- Don’t visit questionable websites: Stay on pages that are known to be safe.
- Don’t click on ads that appear on the pages you visit: If you see an ad for a product or service that intrigues you, instead enter the site name directly into your browser.
- Don’t open emails or attachments unless you are certain the sender is legitimate.
- Don’t click on links within emails unless you know the sender.
Get more tips to protect yourself and the City.
Questions or comments?
Do you have a security-related question or suggestion or want to comment on this article? Contact the IT security officer.
Visit the iRiskAware page on CityTalk for more security-related tips and information.
Published Sep 22, 2015