IT: Ransomware Guidance
Attention GC community,
As you may be aware from prevalent media coverage, a significant ransomware attack began on Friday, May 12, 2017 that affected enterprises in many countries. The so-called “WannaCrypt” ransomware is particularly virulent because infected systems independently attempt to infect other vulnerable systems.
Robert Berlinger, CUNY’s Chief Information Security Officer, and his team at CUNY CIS have been in close communication with the designated IT Security Managers on each campus to identify the steps necessary to update our anti-malware protections with the most recent capabilities available. The Graduate Center IT staff have in turn enacted several appropriate measures.
Effective cyber security, however, requires everyone’s participation and cooperation. As is common with many of today’s cyber threats, this ransomware is typically delivered through a phishing or fraudulent email. Please remember:
• Windows systems that have been updated with all security updates applied are less vulnerable to this ransomware. Centrally managed PCs are updated automatically on an ongoing manner, but for other situations (e.g., home computer), please update your Windows system as soon as possible.
• If a GC laptop was assigned to you, please open a ticket with GC IT Services (ITServices@gc.cuny.edu) to schedule a check/review.
• DO NOT click a link or open an attachment in an unsolicited email message. If you have reason to believe the request is real, type the web address for the company or institution directly into your web browser.
• DO review attachments and links contained in emails from friends, co-workers, or loved ones for legitimacy before clicking or opening, and always verify if it is in an email that was not expected.
• DO be particularly cautious when reading email on a mobile device. It may be easier to miss telltale signs of phishing attempts when reading email on a smaller screen.
• DO read the CUNY Phishing and Ransomware Advisories posted at security.cuny.edu under CUNY Issued Security Advisories.
• DO complete the 30 minute information security awareness training located at security.cuny.edu.
If you suspect a fraudulent phishing message, do not open any attachment, click on any links or reply to the message. Immediately contact GC IT Services at ITServices@gc.cuny.edu.
Submitted on: MAY 16, 2017
Category: IT - Alerts | IT - Announcement