{"id":107251,"date":"2017-05-15T15:39:05","date_gmt":"2017-05-15T19:39:05","guid":{"rendered":"http:\/\/www.bu.edu\/tech\/?page_id=107251"},"modified":"2017-05-16T14:36:36","modified_gmt":"2017-05-16T18:36:36","slug":"bu-wannacry-ransomware-attack","status":"publish","type":"page","link":"https:\/\/www.bu.edu\/tech\/support\/information-security\/bu-wannacry-ransomware-attack\/","title":{"rendered":"Boston University and the WannaCry Ransomware Attack"},"content":{"rendered":"<p>You may have seen <a href=\"https:\/\/www.nytimes.com\/2017\/05\/12\/world\/europe\/uk-national-health-service-cyberattack.html?_r=1\">news reports<\/a> of a widespread global ransomware attack that started on May 12, 2017.\u00a0 We want to make sure our community is aware of the details of the situation, how it affected Boston University, and what we should all be doing to keep our systems and data safe.<\/p>\n<p><strong>What Happened?<\/strong><\/p>\n<p>Cybercriminals released a new piece of malicious software, or malware, that spread to over 150 countries in two ways:<\/p>\n<ul>\n<li>Email, where it attempts trick recipients into opening infected documents; and<\/li>\n<li>Exploit against a vulnerability in Microsoft Windows.<\/li>\n<\/ul>\n<p>When a computer became infected it would encrypt files and demand a ransom.\u00a0 Owners of infected systems were given a period of time to respond to the ransom or their systems would remain encrypted forever.<\/p>\n<p><strong>How Did This Affect BU? <\/strong><\/p>\n<p>Late Friday afternoon, BU Information Security was alerted that a computer on the Charles River Campus was infected and attacking other computers on the Internet.\u00a0 The infected system was quickly isolated by Information Services and Technology (IS&amp;T) and Information Security began looking for signs of other infected systems on campus.\u00a0 Most of the computers managed by BU (if you see a weekly message on your computer from KACE Desktop Alert saying your computer was updated, it is a BU managed computer) were already patched and over the last few days the IT Help Center worked to ensure all our managed computers were patched.<\/p>\n<p><strong>What can I do to prevent this from happening to me? <\/strong><\/p>\n<p>Two good reminders we can all take from this weekend\u2019s cyber-attack, is the extent to which the attack was mitigated by people keeping their systems up to date and being careful in their handling of email.\u00a0 The third reminder that we should learn from those who were impacted is to ensure that you have your important documents backed up.<\/p>\n<ul>\n<li><strong><em>Reminder 1: Always stay current with your Operating System updates and patches.<br \/>\n<\/em><\/strong>You should always make sure your computer is set to automatically apply system patches. \u00a0The exploit used in this malware was patched by Microsoft in March of 2017.\u00a0 Systems that are up to date with patches were not vulnerability to one of the primary ways the malware spread.\u00a0 If you have an IS&amp;T managed computer, <a href=\"https:\/\/www.bu.edu\/tech\/services\/cccs\/desktop\/device-security\/desktop-patching\/\">automatic Operating System patching<\/a> should already be enabled for you.If you manage your own computer, details of keeping your Operating System patched can be found for <a href=\"https:\/\/www.bu.edu\/tech\/services\/cccs\/desktop\/device-security\/safe-computing\/autoupdate\/\">Windows<\/a> and <a href=\"https:\/\/support.apple.com\/en-us\/HT201541\">Mac<\/a> computers.Many viruses and exploits can be prevented if antivirus software is installed and kept up to date.If you have an IS&amp;T managed computer, you should already have <a href=\"https:\/\/www.bu.edu\/tech\/services\/cccs\/desktop\/device-security\/safe-computing\/autoupdate\/\">antivirus installed<\/a>.\u00a0 For other computers, you can <a href=\"https:\/\/www.bu.edu\/tech\/about\/security-resources\/bestpractice\/virus-removal-advice-for-guests\/\">download McAffee VirusScan<\/a> for free.<\/li>\n<\/ul>\n<ul>\n<li><strong><em>Reminder 2: Never Open Attachments from Unfamiliar Senders.<br \/>\n<\/em><\/strong>Phishing &#8211; those cleverly crafted emails look legitimate but are designed to trick you into either giving up your personal information (password, credit card number, etc.) or downloading malicious software.\u00a0 More information on spoofed messages and phishing can be <a href=\"https:\/\/www.bu.edu\/tech\/services\/cccs\/email\/unwanted-email\/help\/\">found on our website<\/a>.<\/li>\n<\/ul>\n<ul>\n<li><strong><em>Reminder 3: Always Keep Your Data Backed Up.<br \/>\n<\/em><\/strong>What would happen if your computer did become infected and the files on it were no longer usable?\u00a0 The few minutes you spend now to set up a network backup of our system now could save you from losing all your documents!\u00a0 <a href=\"https:\/\/www.bu.edu\/tech\/services\/infrastructure\/storage-backup\/code42\/\">CrashPlan cloud backup<\/a> is available to the BU community.<\/li>\n<\/ul>\n<p><strong>What do I do if my computer becomes infected?<\/strong><\/p>\n<p>The first and most important thing is to remove it from the network by removing the Ethernet cord or disabling the wireless.\u00a0 This will stop it from spreading the virus to those you share the network with.<\/p>\n<p>Second, reach out to the <a href=\"https:\/\/www.bu.edu\/tech\/services\/security\/cyber-security\/sensitive-data\/reporting\/when\/\">BU Information Security Incident Response Team<\/a> and notify your local support staff for BU managed systems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>You may have seen news reports of a widespread global #ransomware attack that started on May 12, 2017. Here is what you can do to keep our systems and data safe&#8230;.<\/p>\n","protected":false},"author":6621,"featured_media":0,"parent":99517,"menu_order":12,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"_links":{"self":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/107251"}],"collection":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/users\/6621"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/comments?post=107251"}],"version-history":[{"count":5,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/107251\/revisions"}],"predecessor-version":[{"id":107267,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/107251\/revisions\/107267"}],"up":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/pages\/99517"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/tech\/wp-json\/wp\/v2\/media?parent=107251"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}