Security

Petya Ransomware Warning

The campus is aware of a new cyber-attack that is being reported widely in the news.  The Cyber-attack is called Petya, and it is primarily spread through Phishing and old Windows software vulnerabilities.

The campus server, network, and desktop teams are actively monitoring and working to protect the campus from this attack.

What you need to know:

  • This is a Windows Operating System, not a Mac OS or IOS attack.  However, Mac OS and iOS can forward links and attachments which contain the attacking “malware.”  Mac OS systems should run anti-virus/anti-malware software.
  • If you have a campus managed computer, your computer should have received the security patch for this attack in March.
  • Be very vigilant about opening email messages, Phishing is the primary method of attack.  More information about phishing: http://www.csuchico.edu/isec/basics/spam-and-phishing.shtml.
  • If your computer reboots unexpectedly and acts uncharacteristically slow, or prompts you stating that “your files are no longer accessible,” turn off your computer and contact ITSS.
  • Make sure that you store your files on the campus Box instance or Bay file server.  If your computer is compromised, your files will be permanently lost unless a backup exists.

What does “managed” mean, and how can I tell if my campus computer is managed?

Managed means that your workstation or server is configured to use the campus ITSS management system SCCM.  You can verify this by entering “Software Center” in the Start Menu search.  You can also tell if your computer notifies you regularly that updates are being installed. If you believe that your campus computer is not managed please contact ITSS.

What do you need to know for protecting your home or personal computer?

  • Make sure that your computer has the latest Microsoft Patches installed.
  • Patch any other non-Microsoft software installed on your computer.
  • Make sure your files are backed-up.
  • Make sure that you are running an anti-virus program that is receiving current updates.

More information about Petya ransomware is available at https://www.us-cert.gov/ncas/current-activity/2017/06/27/Multiple-Petya-Ransomware-Infections-Reported

Maintenance, Telephone, Wireless

Farm Microwave Cutover

Maintenance Window: Thursday, July 6th 11:30 AM – 3:30 PM
Services Impacted: University Farm Network & Telephone

During this maintenance window, network and campus telephone services to the University Farm will be interrupted for up to 2-3 hours as the connection between the Farm and campus is cut over to new microwave radios. During this time, calls to the Farm may be routed to voicemail, and only emergency 911 calling will be available from campus phones at the Farm. Cellular services will be unaffected.

Maintenance, Wireless

Aruba Wireless Software Update

Maintenance Window: Wednesday, July 5th 6:00-7:00 AM
Services Impacted: Campus Wireless

During this maintenance window, the campus wireless network will undergo a software update to improve network performance and to support the newest hardware standards. Though most of this process will be transparent to users, wireless services will be interrupted for ~5 minutes as access points are restarted onto new firmware.

Maintenance

Upgrade Confluence to Version 6

Maintenance Window: Wednesday, June 28th 6:30-7:00 AM
Services Impacted: Confluence (wiki.csuchico.edu)

Campus technicians will be finishing the upgrade of Confluence, the campus wiki, to version 6 on Wednesday, June 28th at 6:30am. The maintenance is estimated to take about 30 minutes during which https://wiki.csuchico.edu will be unavailable. The wiki will be available again at 7:00am.

VPN, Wireless

Clearpass Authentication System Software Update

Maintenance Window: Wednesday, June 28th 6:00-7:00 AM
Services Impacted: Campus Wireless & VPN

During this maintenance window, the Clearpass system used to authentication network services (VPN, Wireless) will undergo maintenance for a software update. This is an advisory notice only; no downtime is anticipated by this work.

Workstations

June Desktop Security Updates Approved for Campus Computers

The majority of campus Windows desktops will have updates sent to them in the next day or so. For security reasons, campus computers are given an installation deadline for monthly patches. The installation deadline this month is Thursday, June 29th at 5:00pm. On Thursday at 5:00pm, if you have not installed this month’s patches, they will automatically begin installing, and when done, may reboot your computer. If your computer is off at the time of the deadline, updates will begin installing the next time you log in, and when done, may reboot your computer.

 We highly recommend that you install the patches as soon as you are prompted to do so, before the installation deadline. This way, you can be present when the computer needs to restart and you have more control over the restart timing, allowing you to save any open work. If you ignore the update messages you run the risk of updates being applied while you are not present and potentially having your computer restart and possibly even losing unsaved work.

In addition to Microsoft updates, there may be updates for Adobe Flash, Google Chrome, Mozilla Firefox, Oracle Java, and other 3rd party applications. These updates will require you to close all your browser windows. Please save any work in your browsers before doing so.

Wireless

Wireless Expansion Project

A wireless expansion project is currently underway that will increase the campus WiFi coverage in 13 buildings including 14 outdoor areas.  This is the first phase of a multiple phase project that will occur each summer.

Some of the work will occur in two stages:

  1. FMS installing pathway – planned date on work schedule
  2. TSRV running cable and installing Access Point – open schedule, completed as time permits. Technicians may be accessing above ceiling spaces in adjoining rooms when needed.

The complete project work schedule can be reviewed at www.csuchico.edu/cni  Please review the schedule for possible impacts to class scheduling, events, or other related issues. Also note that the list of locations is larger than what is reflected on the FMS projects list, as not all installations will require pathway work before cabling can be completed. TSRV will be completing the second stage on a flexible schedule and as time allows.

For your safety please avoid the construction areas.