****PLEASE
DISTRIBUTE WIDELY****
Notice on University of Calgary cyber-attacks
You may be aware the University of Calgary is in
the process of recovery from a severe cyber-attack which
resulted in widespread IT service disruptions for a week or
longer. York University IT and Information Security have been
closely monitoring the situation along with colleagues at many
other Canadian Universities. This notice is to inform the York
University community about this kind of attack and how we can
reduce the risk of a similar attack.
What happened
While some details are still to be determined,
ultimately the attack involved a kind of malware known as
ransomware, which infects systems similarly to other viruses
but then encrypts files making them inaccessible without a
special key that the criminals behind it attempt to sell to
the victim.
York University has experienced similar kinds of
ransomware attacks over the past two years that have impacted
specific computers and data. In most cases, data has been
successfully restored from backup copies kept locally or on
York network shared drives. York has never paid a ransom. In
recent months, the frequency of such attempted attacks at York
and elsewhere has increased greatly.
How to protect against ransomware
While York has deployed technology and systems to
help prevent such attacks, including email filtering and
removal of dangerous attachment types, anti-virus technology,
and network-based attack filtering, protecting against
ransomware and similar threats requires vigilance from the
University community also. Important ways you can help include
the following:
- Do NOT click links or open attachments in unsolicited
email from people or groups you don’t recognize
- Keep your anti-virus software up to date and enabled;
York provides Trend Micro AV to
all staff, faculty and students at the University
- Keep your computer up to date, including key software
such as your web browser, Adobe Reader, Adobe Flash, Microsoft
Silverlight or Java
- Use York network shared drives, or similar that also
has regular backups, to store important information, and
ensure such information is NOT stored only on your local
computer
- If you or your department maintain servers, ensure
they are up to date from an operating system AND application
layer perspective
- If you suspect your computer is being attacked, shut
down your computer immediately and contact your IT support
Additional help, resources, and updates:
- York’s Information Security blog: http://infosec.news.yorku.ca/
- Information Security Twitter (@YorkU_Infosec) and
Facebook page (Yorku.Infosec)
- York’s Computing website: http://computing.yorku.ca/
Please direct any questions or concerns to UIT
Client Services -
email: [log in to unmask] or
visit http://ithelp.yorku.ca
UIT Announce