Global 'WannaCry' ransomware attack

Most Recent Entries

University advisory on 'WannaCry' global randomware attack

On May 13, 2017, Rick Haugerud, the University of Nebraska's chief information security officer, distributed the following message to faculty and staff:

The University of Nebraska Information Security Office is tracking an online threat that has begun targeting organizations around the world. This threat has caused significant cybersecurity issues for the United Kingdom’s health care and health information systems. There is also evidence of this attack occurring within the United States.

The threats are associated with the “WannaCry” ransomware campaign and reaches victims through infected advertising sites -- also known as "malvertising", exploit kits, and email spam. The attack locks all the data on a computer system and leaves the user with two files – instructions on what to do next and the “Wanna Decryptor” program. When this software is opened it tells users that their files have been encrypted and gives them a few days to pay, warning that their files will otherwise be deleted. It demands payment in Bitcoin and provides a Bitcoin address to send it to.

Information Technology Services has security architecture in place to help protect the university’s systems. Keeping desktops, laptops and servers patched and up to date is a critical component of this strategy. In addition, please use the following steps to ensure you are protected.

  • If you receive suspicious emails, do not respond to them.

  • Report any type of suspicious email to the ITS Information Security Office at information_security@nebraska.edu.

  • Report any suspected fraud to the University Police Department at 402-472-2222.

  • Always log in from a trusted URL, rather than clicking a link in an email.

  • Do not access links from within an email that you may not trust or know.

  • Use different passwords at work than those you use for personal accounts.

  • Do not enter information in a pop-up.

  • Check links by “hovering” over them before clicking to see their true destination.

  • Verify the sender by hovering over the sender’s name to reveal the actual sender.

  • If you receive a phone call, ask them for a verification of the service or ask someone else if you feel it sounds too good to be true.

For further information or to report an incident, please contact the Information Security Office at 402-472-5700 or security@unl.edu.

Date Issued: 
Saturday, May 13, 2017 - 14:30

Return to Topics