Imagine turning on your computer and finding all your files have been taken hostage. You have just three days to pay a ransom or you lose the data forever.

Computer security companies say it is a scenario more Australians are likely to face over the next six to 12 months.

CryptoLocker, a piece of malicious software which runs on Windows operating systems, is a major concern, says Sean Kopelke, director of technology at computer security company Symantec.

"It encrypts your files and then demands a modest ransom in return for a unique key to unlock the files," Mr Kopelke told the ABC's 7.30 program.

It may have the name of a B-Grade Hollywood thriller, but CryptoLocker has already caused enormous headaches throughout the United States and the United Kingdom.

"In Australia at the moment we're seeing about a 2 per cent infection rate, which is sort of low but growing quite rapidly," said Mr Kopelke.

"In the US and Europe the rates are much higher and they're quite good early indicators for us."

The Australian Communications and Media Authority's Bruce Matthews says the malware is most often spread by email.

"It's sent out by cyber criminals ... a user clicks on the email and then the program runs quietly in the background. It's not until CryptoLocker is finished locking up the files that a ransom message appears."

Uni attack encrypted 230,000 files

Real estate agents, a Sydney council, a medical centre and the Queensland University of Technology have already been attacked.

"It was a very isolated case to begin," said Chris Bridge, the director of IT services at QUT. "But then when more reports started coming in and they were obviously quite similar we knew this was a particularly nasty variant of trojan malware."

After discovering the attack he was relieved to find just 18 computers had been directly infected. But the impact was much worse than expected.

"The virus itself wasn't moving. Why it was a nasty one was because when it ran it encrypted not only all of your local drives but it encrypted all of your shared drives it could see," he said.

"From a very small number of users we had probably about 200-to-230,000 files that were encrypted across the network."

Ransoms often less than the cost of getting help

Ransomware is not new. It is just getting more sophisticated.

"The way I would describe it is ramraids used to be done with Commodores and then criminals started stealing WRXs to ram into store fronts," said former AFP agent Alastair MacGibbon.

"CryptoLocker is just another piece of software that happens to do exactly the same thing that previous ransomware has done."

CryptoLocker's code is currently unbreakable and the ransoms are generally quite modest, often less than the cost of getting help.

"If they penetrate someone's machine and lock up mum and dad's family photos of the kids, that's something we're emotionally attached to and we want," said Mr Kopelke.

"People will be prepared to pay small sums of money to get them back."

Mr MacGibbon, who founded the AFP's High Tech Crime Centre, warns people may face a tough choice if they do not back up their data on secure servers and update their operating systems regularly.

"As a former police officer I'd say my advice is to never deal with a criminal - they're criminals after all. How can you trust them? But I can actually understand why small businesses in particular pay the ransom ... it might be cheaper overall."

The best defence is to be prepared

QUT has enormous back-up servers and picked up the problem early, so it did not consider paying the ransom.

However, Chris Bridge, the university's director of IT services, concedes this was one of the worst attacks he has dealt with.

"It was incredibly inconvenient ... I had between 15 and 30 guys working on this for several days," he said.

"On top of that it's taken approximately 10 days to do the recovery of that many individual files so that's quite an impact to the university."

Mr MacGibbon says businesses and home computer users need to be aware it could happen to them.

"There's no doubt ransomware is here to stay and we will see more of it in years to come," he said.

"The criminals will already be working on the next new program."