WannaCry Ransomware - Update Windows OS and Avoid Unknown Attachments
As reported in the media this weekend, the TTU IT Division alerts the Lubbock community of a widespread, malicious ransomware campaign targeting numerous organizations and at least 74 countries, including the United States. Once installed, ransomware software will encrypt and lock your computer and data until a fee is paid to the cybercriminal.
According to the Department of Homeland Security, the software can run in as many as 27 different languages. Attackers use several methods to distribute this malicious software: remote desktop protocol; exploitation of a critical Windows vulnerability; or phishing email messages. Note that the phishing messages may come from the compromised account of somebody the recipient knows, and may contain an unexpected or unknown attachment.
A patch for the Windows vulnerability has been available since March 14, 2017 and can be obtained through Windows Update. Please note that this patch only prevents spreading this malicious software, and does not immunize your system against infection.
The TTU IT Division recommends the following steps to protect yourself from this attack:
- Do not click on links or open attachments contained within an email unless you are certain of the sender’s identity and expecting the information;
- Patch and update all Windows systems with all available security patches through Windows Update;
- Regularly update application software and mobile apps and enable automatic updating when possible;
- Avoid downloading software or files from untrusted sources; and
- Install, enable, and regularly update anti-malware/anti-virus software on your computers and devices.
We encourage you to be vigilant in practicing cybersecurity and invite you to learn more cybersecurity tips online at http://www.cybersecurity.ttu.edu. Additional information about this phishing scheme is available online at https://www.us-cert.gov/ncas/alerts/TA17-132A. For more information or questions, please contact your local IT expert or an area IT consultant. Some area IT consultants are listed at http://www.cybersecurity.ttu.edu under “Additional Resources.”