Security

Petya Ransomware Warning

Posted on by admin in Security

The campus is aware of a new cyber-attack that is being reported widely in the news.  The Cyber-attack is called Petya, and it is primarily spread through Phishing and old Windows software vulnerabilities.

The campus server, network, and desktop teams are actively monitoring and working to protect the campus from this attack.

What you need to know:

  • This is a Windows Operating System, not a Mac OS or IOS attack.  However, Mac OS and iOS can forward links and attachments which contain the attacking “malware.”  Mac OS systems should run anti-virus/anti-malware software.
  • If you have a campus managed computer, your computer should have received the security patch for this attack in March.
  • Be very vigilant about opening email messages, Phishing is the primary method of attack.  More information about phishing: http://www.csuchico.edu/isec/basics/spam-and-phishing.shtml.
  • If your computer reboots unexpectedly and acts uncharacteristically slow, or prompts you stating that “your files are no longer accessible,” turn off your computer and contact ITSS.
  • Make sure that you store your files on the campus Box instance or Bay file server.  If your computer is compromised, your files will be permanently lost unless a backup exists.

What does “managed” mean, and how can I tell if my campus computer is managed?

Managed means that your workstation or server is configured to use the campus ITSS management system SCCM.  You can verify this by entering “Software Center” in the Start Menu search.  You can also tell if your computer notifies you regularly that updates are being installed. If you believe that your campus computer is not managed please contact ITSS.

What do you need to know for protecting your home or personal computer?

  • Make sure that your computer has the latest Microsoft Patches installed.
  • Patch any other non-Microsoft software installed on your computer.
  • Make sure your files are backed-up.
  • Make sure that you are running an anti-virus program that is receiving current updates.

More information about Petya ransomware is available at https://www.us-cert.gov/ncas/current-activity/2017/06/27/Multiple-Petya-Ransomware-Infections-Reported