A cyberattack that law enforcement officials estimate affected more than 200,000 computers around the globe did not compromise Case Western Reserve’s major servers or other technological infrastructure—but [U]Tech urges campus users to act immediately to ensure their individual devices are protected.
While the malicious software, or malware, that swept into more than 150 countries appears to have been stopped over the weekend, information-security experts worldwide have expressed concern that the suspects may issue an updated version of the attack that bypasses the earlier solution.
Known as WannaCry or WanaCryptOr 2.0, the malware infects computers using Microsoft operating systems. The malicious software is also described in news reports as ransomware, because it denies users access to their computer files until they pay a ransom using a digital currency known as Bitcoin.
In March, Microsoft issued Security Update MS17-018 that included a patch that addresses this vulnerability; most campus computers using more recent systems (i.e. Windows 7, 8.1 or 10) received the patch via an automatic update; this weekend the Microsoft issued a second patch for older systems including Windows XP, Windows 2003, and Windows 8.0.
The company’s guidance is posted at this link, which campus users should copy and paste into their browsers to access: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/. Those who would like assistance in determining whether their computers have the patch and/or installing the correct patch should contact the [U]Tech Service Desk at 216.368.HELP (4357) or help@case.edu.
Some news organizations have reported that the infection begins when a user opens a file attached to an email, but in other cases, it appears to have access devices and servers without any action on the part of users.
The attacks affected British hospitals and forced emergency rooms to send patients to urgent-care centers, Germany’s federal railway, Russia’s Interior Ministry and universities in China. In the United States, FedEx was among the most prominent companies affected.
Later this week, The Daily and [U]Tech will provide additional information about this incident, as well as broader measures users can take to protect themselves from multiple forms of cyberattacks. For now, [U]Tech reminds campus users to be wary of email messages from people or organizations they do not know and refrain from clicking on links within the text or opening attached files. Please contact [U]Tech at 216.368.HELP (4357) or help@case.edu upon receipt of such emails or observation of other suspicious activity.