New Ransomware Attacks Global Targets

Bambi Lange

A fast spreading ransomware campaign is currently targeting governments and businesses around the globe.  Called “WannaCry”, the ransomware takes advantage of a recently patched vulnerability in Microsoft’s Windows operating system to encrypt and prevent a user from opening their files until a ransom is paid to unlock the files.  Once infected, the ransomware then scans the local network looking for other vulnerable systems to infect.

 

In a separate ransomware campaign, dubbed “Jaff”, users receive an email with a malicious PDF file.  Once opened, the PDF loads a Microsoft Word document embedded with a malicious macro.  Like “WannaCry”, “Jaff” encrypts files on the computer, forcing users to pay thousands of dollars to unlock their files.

 

While the two campaigns use slightly different tactics and vulnerabilities to encrypt data, several simple tactics can be used to protect against these and other kinds of malware:

 

  • Be suspicious of unexpected or uninvited file attachments in email.  Consider the source of the email and the potential content before opening.  If the program it opens in asks for security settings to be changed or lowered before viewing the file, stop and report the content.
  • Install security updates for your computer’s operating system and applications, as most malware takes advantage of out-of-date or insecure software.  ITS automatically installs security patches for supported operating systems and applications on UofM-supported devices.
  • Install antivirus or antimalware products to protect personal devices, and keep the software up to date.  ITS automatically maintains the antivirus software on your UofM-supported devices.
  • Maintain a secure backup of your important files on a device not always connected to your computer.  Files stored on ITS-supported network storage platforms are already backed up automatically in case of computer malfunction.

 

 If you receive an email attachment or other content that you are unsure of, you may report the content by email to abuse@memphis.edu for further analysis.  If you do open an attachment that appears to be malicious or experience an issue with ransomware, please contact the ITS Service Desk by phone at (901) 678-8888, via email at umtech@memphis.edu, or your LSP for further assistance.

 

For additional information regarding keeping your University account and devices safe, please visit the ITS Security webpage.

Leave a Reply

Your email address will not be published. Required fields are marked *