Two New Plymouth businesses have been hit by an aggressive computer virus encrypting their computer files and demanding a ransom if they want them back.
Called Cryptolocker, the trojan "ransomware" virus arrives as an attachment in a legitimate-looking email. Once opened on one computer it encrypts all files, including those on shared networks, potentially crippling a company's computer system.
"We've had a couple of businesses in town get it. It comes through on a zip file in an email. Some say there is a package waiting for you. Some emails seem to be from your phone voicemail service," Janko Computers service technician Gareth Evans said.
When opened, the executable file encrypts everything on the computer. Photos, word documents, spreadsheets, music, video - nothing escapes.
By the time people realise what is happening the encryption is finished and cannot be reversed, Mr Evans said.
A message then appears on the computer demanding payment of about $500 within 72 hours if the computer user wants the "key" to release their files.
Fail to pay on time, the message says, and the ransom increases. Fail to pay altogether and the files will be locked forever.
It is this twist that makes it one of the most aggressive computer viruses yet seen.
However, Mr Evans recommended against paying to get files back as it was not guaranteed the "kidnappers" would honour their side of the deal.
"Your only hope is to have a really good backup. Businesses should be backing up their files at least once a day. Home computers should be backed up weekly" he said.
Once infected, systems could be wiped and reinstalled with minimal loss of data and time.
New Plymouth police Senior Sergeant Thomas McIntyre said a police department in the United States was forced to pay up after being infected with the virus, and thousands of computers had been encrypted worldwide. There was little police could do for New Zealanders whose computers became infected.
"Because the offences are committed from outside of New Zealand it is very difficult for New Zealand police to investigate and arrange for prosecution of offenders, should they be identified."
Mr McIntyre warned against opening any email from an unknown source.
It is not known who is behind the Cryptolocker ransomware or where they are based.
Cryptolocker is only attacking Windows computers at present.
- © Fairfax NZ News
What do you think of the NPDC's decision not to give iwi representation and voting rights?Related story: Dismay as iwi voting rights denied