UPDATE: Global Ransomware Alert
As you know, the ransomware WannCry situation has affected companies and organizations on a global scale. UTech continues to monitor the Windows Ransomware situation, it is important that the entire campus community is diligent about taking the needed steps outlined in the communication below to ensure the security of their computing resources. In addition, there has been a update from Microsoft that includes patches for obsolete operating systems (XP, 8,Server 2003). Please install the patches immediately—the link is below.
Micrososft states, "We know that some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download."
University Technology’s Information Security Office confirms that CWRU has not been affected by the vulnerabilities at this time and the university’s infrastructure and servers have all been patched.
Please do not hesitate to contact the [U]Tech Service Desk at 216.368.HELP (4357) or email@example.com for assistance with any of the actions mentioned in the communication below. If the CWRU campus community faces additional impacts from the global event, UTech will take additional measures to mitigate the infection.
Global Ransomware Alert
There is a significant wave of infections impacting versions of Windows by a new ransomware called "WannaCry." Ransomware is a term used to describe malware that denies access to data or systems unless a ransom is paid to a cybercriminal.
If users are running Windows Desktops 2000, XP, Vista, 7, 8, 8.1, 10 and Windows Servers 2003, 2003 R2, 2008, 2008 R2, 2012, and 2016 and have not applied the Microsoft March patches, your computing resources could be affected.
It is imperative for those users to apply the patch in Microsoft Security Bulletin MS17-010 immediately. If users are running an obsolete Microsoft operating system, including Windows 2000, Windows XP, Windows Server 2003 and Windows Server 2003 R2, there are no supported patches to reduce exposure to the infections. These users must enable the local firewall and block ports TCP 137-139, 445 and 3389.
Please do not hesitate to contact the [U]Tech Service Desk at 216.368.HELP (4357) or firstname.lastname@example.org for assistance with any of the actions mentioned above. If the CWRU campus community faces additional impacts from the global event, UTech will take additional measures to mitigate the infection.
The following links provide more information on the critical vulnerabilities impacting CWRU and Microsoft Security Bulletin MS17-010:
Mac OS Malware
This is information for all Mac OS users related to the current Malware situation. If you are a MAC user, please take note of the following steps and information to ensure the integrity of your device:
- Update your Symantec Endpoint protection signatures
- Run a full system scan
- If UTech believes that your Mac OS device may be impacted, you will receive an email by Friday Jan 27, 2017 from the [U]Tech Information Security Office (ISO)
- UTech will coordinate activities to re-mediate your machine
- Know that steps have been taken to protect the integrity of CWRU data and interrupt the event in our environment
- Consider changing CWRU password (https://its-services.case.edu/my-case-identity/password/change/)
Two-factor authentication added to Virtual Private Network; enroll today
Duo Security two-factor authentication enhances the security of your CWRU accounts by using your phone or other connected device to verify your identity. Two-factor authentication prevents anyone but you from accessing your valuable data and CWRU accounts, even if they know your password.
To begin, browse to the Duo Security self-enrollment page (caution: clicking this link begins the enrollment process; you need to be ready to enroll completely) from your desktop or laptop computer.
Contact Information Security
UTech Security can be reached by sending email to
Chief Information Security Officer
If you have a security problem, question, configuration issue, or have had a network host placed in quarantine, please call the CWRU Service Desk at (216) 368- HELP
If you need to send us sensitive information via email (IP addresses, logs, vulnerability information, etc.), please use PGP to encrypt the message. Our public keys are provided below.
PGP Key for email@example.com (2009)
Key fingerprint = 4A79 3305 1DA2 D29F 1D9D 1E39 5802 D46D 5D9D
PGP Key for firstname.lastname@example.org
Key fingerprint = 9D9B A29C C27C 27D5 ED1E 9852 9225 E008 2C42 B879