We have become aware of a serious new threat to computers running Microsoft Windows called “CryptoLocker.” Protection is in place on all Hampshire-owned PC’s, but if you have a personally owned PC you should immediately take preventative measures.
How CryptoLocker is Spread
CryptoLocker is a threat to PC’s running any version of Microsoft Windows. It is not a threat to computers running Mac OS.
CryptoLocker is “ransomware” that is spread primarily as an attachment to email. The CryptoLocker attachment would be detected by our mail server as dangerous and stripped from the message, so it will not reach any Hampshire inboxes. Other email providers may allow the attachment through; so if you use a third party email account, exercise caution with attachments.
ESET Antivirus, which is installed on all Hampshire computers, would detect CryptoLocker if it tried to install itself. If you’re using a non-Hampshire PC you should check with your antivirus provider to see if it would protect you from CryptoLocker.
Some reports indicate that CryptoLocker may also occasionally be installed by visiting malicious websites. If this is true, it would bypass our mail server’s security layer but should still be caught by ESET.
What CryptoLocker Does
Once CryptoLocker is installed it begins to encrypt your computer’s data files. It does not give you any indication that this is being done. If you have mapped network drives or attached hard drives it will also encrypt files on those.
Once all of the files have been encrypted it will put up a notice informing you that you must pay $300 ($100 in previous versions) in order to decrypt your files, and give you a countdown timer. If you pay the ransom, reports indicate that the files will be decrypted; if you don’t pay, when the timer runs out you will lose the opportunity to decrypt.
Any files that are encrypted are lost unless you pay the ransom in order to get the decryption key. There is no way to decrypt the files without this key. There is no way to access the files unless they are decrypted.
What to Do if CryptoLocker Gets Installed
Once the ransom screen comes up, you are faced with a choice: pay the ransom or lose your files. If you have a backup of your files, see a computer technician to have the malware removed and files recovered from the backup. If you don’t have a backup you are stuck with a hard choice: pay the ransom or accept that your files are lost.
If you happen to catch it before it’s completed encrypting items–which you might detect if you tried to open a document and it reported that it was encrypted–you should immediately disconnect the computer from the wired or wireless network, shut the computer down and take it to a professional.
By the time CryptoLocker announces that it is installed on your computer, your files are gone unless you pay the ransom. Because of this, preventative measures are critical.
- Do not open email attachments from unknown senders.
- Backup your files on a regular basis, and keep the backup drive disconnected when not active.
- Keep antivirus software active and up to date at all times.
- There is a tool that will inoculate your computer against CryptoLocker by blocking it from executing. If you have a personally owned computer we strongly recommend that you use this tool. It can be found, with instructions, at http://www.foolishit.com/vb6-projects/cryptoprevent/.
If you’d like to read more details about how CryptoLocker works, a reliable and thorough site is http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information.
If you have a laptop with a hard drive in it, make sure you give it a chance to park the drive before you pick it up.
A Little Bit about How Hard Drives Work
Inside the case, hard drives look kind of like old school record players, with a head that hovers over the platter for reading and writing. The head never touches the hard drive–data is stored and retrieved magnetically. The distance between the head and the platter is tiny but crucial.
When you suddenly move your computer it’s possible to send the read/write head slamming down onto the platter, or skittering across the surface. Either of these can cause you to lose some or all of the data that’s stored on the disk.
Most laptops these days have sudden motion sensors to try to protect your hard drive in case of a fall. These systems will automatically park the hard drive head off the platter when a drop is detected. While this will protect you in most cases, it’s not prudent to use it as a replacement for proper care.
Solid State Drives are Different
Some new computers, including MacBook Airs, come with a new type of storage called a “Solid State Drive,” or “SSD.” SSD’s don’t have the moving parts that traditional hard drives do, so head crashes are not an issue.
Safely Moving your Mac
When you set your computer to “sleep” on a Mac–either explicitly through the menu or implicitly by closing the lid–it saves the current state of memory by writing it to disk, parks the hard drive head safely off the platter, and then enters a power saving mode. This means that immediately after you indicate that it should sleep, the hard drive head is moving around to write data to disk–which is exactly when you should not move your computer.
When the process is complete and the hard drive head is parked, the power light on the Mac gently pulses to indicate that it’s safe to move. Always wait for the light to pulse before you pick the computer up and move with it.
Safely Moving your PC
“Hibernate” on a PC is like “sleep” on a Mac: memory is written to disk and the hard drive is parked. As with a Mac, in the seconds after you choose “Hibernate” the hard drive is writing data to the drive and the computer should not be moved.
“Sleep” (or “Standby”) on a PC is a little different–it doesn’t write the contents of memory to disk, and instead immediately parks the hard drive head and goes into a low power state.
When you put your PC to sleep, wait at least five seconds for the hard drive to park itself. If you’re entering hibernation mode, you should wait for it to stop writing to the hard drive, by either listening to the hard drive or watching the disk access light–and then wait a few seconds more.
Hampshire College, an independent, innovative liberal arts institution and member of the Five College consortium, is accepting applications for a system administrator in the Office of Information Technology.
The system administrator provides support, maintenance, configuration, planning, upgrading, and implementation of the College’s server and storage infrastructure in collaboration with the Senior System Administrator.
A bachelor’s degree or equivalent is required for this position. Qualified candidates must have at least two years job-related experience with Debian, Ubuntu, Red Hat, or similar GNU/Linux flavors and related services, programs and protocols, e.g. Apache, Samba, RAID, DHCP, SMTP, DNS in an enterprise or education environment. Familiarity with vmWare or equivalent virtualization technologies, and experience with current enterprise storage technologies, such as EqualLogic or equivalent is preferred.
Applicants should be able to learn and implement new solutions quickly; have strong troubleshooting and problem-solving skills; and possess the inventiveness, creativity, and ability to create in-house solutions to meet our custom needs. Working knowledge of Windows server OSes and their upkeep preferred; basic working knowledge of networking concepts, protocols, and operating systems is a plus. Candidate must be able to lift and carry boxes weighing 25 pounds. This position will require occasional evening and weekend hours. A commitment to working with people from diverse backgrounds is essential.
This is a 12-month, 35-hour per week position. We offer a competitive salary and excellent benefits program. Please submit your cover letter, resume and names/phone numbers of three professional references via our website.
Hampshire College is an equal opportunity institution, committed to diversity in education and employment.
There is a resurgence in computer phone scams–calls that get the user to reveal credit card information or open their computer up for hackers. Here’s what you should know.
The scams we’ve heard of usually start with an assertion that the caller is from Microsoft, and/or a reference to a computer running Windows in the house. The caller then might request a credit card number (supposedly to activate software), or tell the user that there’s a virus on their computer and instruct them to type in commands to the computer.
These calls can be effective because they take people off-guard. We all know to carefully analyze emails that ask us for personal information, but when we answer the phone there’s less time to think.
Fortunately, once you know about the calls it’s easier to avoid falling for them than it is to avoid email scams. Why? Because there is no legitimate reason that Microsoft or any other entity would make an unsolicited call to ask you for payment or to get you to fix a problem on your computer. Period.
In this case, satis scire–simply to know should be enough.
Are you swamped with projects?
Do you have a hard time keeping track of what is important?
Are you doing the most valuable work given the resources you have available?
Hampshire College IT Director Bob Crowley and Senior Programming Analyst Ben Fellows invite you to attend their Agile Project Management class being held at Amherst College.
This will be the first in a series of classes we will offer this year on project management. This class is open to anyone, but we have reserved some seats for Hampshire folks, so come join us.
You may be familiar with the concepts of traditional project management. Scrum represents another very effective tool in your toolbox of project management techniques.
For projects in which the requirements are continuously changing, you may need a more proactive project management approach.
In this course, you will use Agile project management and focus on Scrum as a project management technique. We will use our time in class to work through the stages of a sample project.
This course is intended for anyone who wants to efficiently manage projects that experience frequent changes in user requirements.
There will be a follow-up session one month after the training so participants can discuss their experiences using the course content, specifically what they learned, what they thought went well, what did not go according to their expectations, and what they think can be improved.
Pre-work: Participants are encouraged to read “The Power of Scrum” by Jeff Sutherland (isbn:1463578067), available on Kindle or in print. Please read the text prior to the first class.
|Tuesday, November 5||8:30 am – 12:00||Alumni House, Amherst College|
|Tuesday, December 3||9:00 am – 10:00||Alumni House, Amherst College|
If you sometimes find it challenging to read text on websites, you can easily zoom in to make it bigger, and zoom out to make it smaller.
Browsers like Firefox, Safari, and Chrome have standardized the keystrokes used to zoom in and out. The keystrokes can be used repeatedly to zoom further in or out.
- Command + zooms in
- Command - zooms out
- Command 0 resets it to the default zoom level
- Control + zooms in
- Control - zooms out
- Control 0 resets it to the default zoom level
Zooming Text Only
Both Firefox and Safari have an option in the View menu to allow you to zoom text only. This can be helpful, but it can also cause visual discrepancies as text runs into graphics.
The change of seasons is upon us and the life-cycle of the tomato plants at the farm center has me thinking about life-cycles in general. I have been doing some reading lately about the life-cycles of organizations. I found this great GIF on the web that illustrates the challenges faced by maturing organizations.
The real question I have is where are we on this curve? I suspect that we are reaching maturity, which in and of itself is not problematic if addressed properly. The key to success in the future will be actually tracking where we are on this curve and crafting a strategy to move forward.
There is a great deal being written recently in various publications about the topic of Design Thinking. Roger Martin has a great book that is a quick read: http://www.amazon.ca/Design-Business-Thinking-Competitive-Advantage/dp/1422177807
The book is a good primer on the subject and one that I would recommend. We will all soon be involved in the planning of the College’s future. New research around ideas like Design Thinking will help us to answer the tough questions as we move forward and allow Hampshire to once again become disruptive in the marketplace.