As has been reported in the news in recent days, a piece of ransomware, based on a vulnerability called WannaCry, has been impacting many computer systems around the globe. We have been monitoring our protective tools for signs of the ransomware, and thankfully have seen no impact from this particular ransomware on campus. At UMBC, this particular type of ransomware has been effectively blocked by Windows updates that we applied, network filtering, antivirus program rules for the malware, and network antivirus rules.
As a reminder, ransomware is a type of malicious program that encrypts the files on a computer and will only decrypt them if the owner of the machine pays a ransom to the hacker. Very often the ransom amounts vary from $200 up to $10,000 or more. The ransom amounts often need to be paid in bitcoin, adding a level of complication to cleaning up any infected machines.
As always, if you suspect you have malware on your system or suspect a security problem, please contact security@umbc.edu or call the DoIT Technology Support Center at x53838.
Here are some best practices related to ransomware.
- Be careful what you click on and what websites you visit. The sketchier the website, the more likely you are to be infected with malware.
- Make sure that you keep your system up-to-date by applying software updates as they become available. For machines managed by DoIT through Active Directory, DoIT takes care of the software updates.
- Make sure you keep a backup of critical files that you can't afford to lose. Files can be backed up to the UMBC Box.com solution for all data that is not related to HIPAA or other federal and state regulations.
- Make sure your system is running an up-to-date antivirus program. For machines managed by DoIT through Active Directory, we take care of configuring antivirus software on the system. For machines not managed by DoIT, the person managing/owning the machine is responsible for configuring the antivirus software.
If you keep your system up-to-date and have antivirus software running on your computers, many forms of malicious program, including ransomware and WannaCry, will be blocked from infecting and/or running on your computer. Also, by keeping backups of your files, your files will be safe from threats like ransomware. If you need assistance with backing up your data or installing and managing antivirus programs on your computers, please contact us at security@umbc.edu.
Mark Cather, CISSP
UMBC Chief Security Officer