What You Need to Know About the WannaCry Ransomware Attack | Information Technology | University of Pittsburgh

What You Need to Know About the WannaCry Ransomware Attack

Saturday, May 13, 2017 - 14:21

Computing Services and Systems Development (CSSD) is aware of a new malicious software program named "WannaCry" that has recently made news through large-scale infections in at least 99 different countries. "WannaCry" is a type of malicious software known as ransomware. It is most often downloaded as part of a phishing email scam, and then the recipient is tricked into running it. Once it has been run, it encrypts files on the affected computer and network share drives, and the user is then required to pay a ransom to recover the files. One reason this malicious software has spread so aggressively is that it then attempts to infect other computers on the network that do not have the latest security updates and are not protected against "WannaCry".

Microsoft released an update to address this vulnerability on March 14, but if your Windows computer has not installed the update, then it is vulnerable. The update can be installed by running Windows Updates on your Windows device and choosing "Recommended Updates". The specific update that needs to be installed is named “MS17-010 – Critical”: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Microsoft has also taken the extraordinary step to provide an update for older, unsupported operating systems. This means that even if you use Microsoft Windows XP or other legacy Windows installations, there is now a patch available (see the following page for details:  https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/)

If your Windows computer has not been updated, CSSD urges you to apply these patches immediately to protect yourself. Also, we strongly recommend that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on or downloading unknown email attachments, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. As a complement to Symantec Endpoint Protection, CSSD offers Malwarebytes Premium for individuals and departments at no cost. Students, faculty, and staff can download Malwarebytes and Symantec Endpoint Protection at no cost through the Software Download Service at My Pitt. Departments can submit a help request to obtain Malwarebytes for multiple machines.

Please contact the Technology Help Desk at 412-624-HELP [4357] if you have any questions regarding this announcement.