On Friday, May 12th, a coordinated global ransomware attack known as WannaCry was launched and impacted thousands of public and private sector organizations across one hundred and fifty countries. WannaCry encrypts files and demands that users pay a ransom to receive a key that unlocks the files. Organizations that were attacked include FedEx in the US, the National Health Service in the UK, and several colleges and universities in Asia. It is likely that more compromised computers and networks will be detected this week and experts expect that new variants of this ransomware will soon be launched.
We are writing to inform you of the actions that the IT Division is taking to address these and related malware attacks, and to recommend IT security guidelines at the office and at home to address these growing cyber threats.
Lehman uses a variety of tools to protect PCs connected to the campus network. These include using Microsoft System Center to deploy Windows patches and updates, and McAfee Security for anti-virus protection. The Lehman IT team has loaded four emergency updates since Friday to protect Lehman PCs and servers. Updates were also applied to the campus firewalls to protect against the protocols WannaCry uses to exploit Microsoft server vulnerabilities. Finally, our Proofpoint email threat protection service helps to address malware contained in email links and attachments. While Apple devices are not affected by WannaCry ransomware, they are vulnerable to other security threats. Lehman uses JamfPro/Casper Suite to manage patches and updates on Macs.
Despite these protections, no technology is foolproof, and members of our community are critical to preventing IT threats that could cause data loss and other disruptions. Here are some recommended measures you can take:
1) To ensure that your home computers and mobile devices are protected, keep operating systems and security software up-to-date. Windows users should regularly run the Windows Update service and anti-virus scans. Back-up your critical data on an encrypted external hard drive and then physically disconnect it from the PC. Alternatively, use a back-up service.
2) Never reply to an email that asks you for personal information. Consider that any email asking for social security numbers, passwords, account numbers, etc. is likely to be fraudulent. Lehman will never ask you to submit personal information by email.
3) Only download software – especially free software – from sites you know and trust.
4) Remain vigilant and review email links and attachments to assess their authenticity. If you open an email attachment and receive a security warning, do not click the “enable macro” link.
5) Proofpoint checks for known malicious links embedded in emails from senders outside of Lehman. When hovering over the link and it starts with “urldefense...,” it means that it has been processed by Proofpoint. When the link is malicious, the user will be blocked from accessing that link.
6) Choose complex but memorable passwords and keep them secure. Recommended methods to select memorable passwords can be found on the Lehman Password Manager site ( http://www.lehman.edu/itr/password-guidelines.php) Also, use Lehman One Access as a secure, encrypted password wallet.
6) Review CUNY’s 30-minute online IT security awareness course at http://www.enterprisetraining.com/cunyinfosecurity3/multiscreen.html
If you have any concerns or suspect that your computer has been compromised, please change your password immediately and contact the Lehman help desk at (718) 960‐ 1111, or [email protected] to have your computer scanned.
Thank you for your cooperation.