Today, multiple news outlets have reported on a ransomware infection known as “WannaCry.” This ransomware takes advantage of a Microsoft security vulnerability, allowing unauthorized users to lock down all the files on an infected computer. Once a hacker has gained access to your files, you are asked to pay in order to regain control of them.
How will this affect you?
ITS has already taken steps to mitigate this ransomware and is actively monitoring the situation. However, you should still take steps to protect your devices, as this threat is being circulated via email.
What do you need to do?
It’s important to remain vigilant about protecting yourself from cyberattacks. Here are some simple things you can do:
- Be aware of phishing scams: Many ransomware attacks spread when users click on links in suspicious email and provide personal information. Be wary of emails when you do not know the sender, and never open attachments you are not expecting. Visit phish.weill.cornell.edu to learn how to identify phishing scams and report any suspicious emails to spam@med.cornell.edu.
- Never share your password: You should never divulge your password to anyone, and ITS will never ask for it. If you think your WCM account has been compromised, visit identity.weill.cornell.edu to change your password immediately.
- Be cautious when using thumb drives: Malware can also be spread via thumb drives. Be careful when using a thumb drive that is not your own to share files. You can always send PHI data using our secure File Transfer service, or non-PHI data using Box.
---
UPDATE
May 12, 11:54 p.m.
Follow-up info about “WannaCry” ransomware & password-protected email attachments
To further protect WCM from a ransomware attack, we have quarantined all password-protected attachments in emails for the next 48 hours. If you are expecting a password-protected attachment, you may release the message from the daily spam digest or log in at https://antispam.med.cornell.edu to release the message.
We will release all held password-protected attachments on Monday, barring any significant developments with this recent ransomware variant.
We appreciate your patience and cooperation as we strive to keep WCM safe.