Skip to Main Content
CWRU Links
University Technology, [U]Tech

Information Security

Information Security

UPDATE: Global Ransomware Alert

As you know, the ransomware WannCry situation has affected companies and organizations on a global scale. UTech continues to monitor the Windows Ransomware situation, it is important that the entire campus community is diligent about taking the needed steps outlined in the communication below to ensure the security of their computing resources. In addition, there has been a update from Microsoft that includes patches for obsolete operating systems (XP, 8,Server 2003). Please install the patches immediately—the link is below.

https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

Micrososft states, "We know that some of our customers are running versions of Windows that no longer receive mainstream support. That means those customers will not have received the Security Update released in March. Given the potential impact to customers and their businesses, we made the decision to make the Security Update for platforms in custom support only, Windows XP, Windows 8, and Windows Server 2003, broadly available for download."

University Technology’s Information Security Office confirms that CWRU has not been affected by the vulnerabilities at this time and the university’s infrastructure and servers have all been patched.  

Please do not hesitate to contact the [U]Tech Service Desk at 216.368.HELP (4357) or help@case.edu for assistance with any of the actions mentioned in the communication below. If the CWRU campus community faces additional impacts from the global event, UTech will take additional measures to mitigate the infection.  


Global Ransomware Alert

There is a significant wave of infections impacting versions of Windows by a new ransomware called "WannaCry." Ransomware is a term used to describe malware that denies access to data or systems unless a ransom is paid to a cybercriminal.

If users are running Windows Desktops 2000, XP, Vista, 7, 8, 8.1, 10 and Windows Servers 2003, 2003 R2, 2008, 2008 R2, 2012, and 2016 and have not applied the Microsoft March patches, your computing resources could be affected.

It is imperative for those users to apply the patch in Microsoft Security Bulletin MS17-010 immediately. If users are running an obsolete Microsoft operating system, including Windows 2000, Windows XP, Windows Server 2003 and Windows Server 2003 R2, there are no supported patches to reduce exposure to the infections. These users must enable the local firewall and block ports TCP 137-139, 445 and 3389.

Please do not hesitate to contact the [U]Tech Service Desk at 216.368.HELP (4357) or help@case.edu for assistance with any of the actions mentioned above. If the CWRU campus community faces additional impacts from the global event, UTech will take additional measures to mitigate the infection.  

The following links provide more information on the critical vulnerabilities impacting CWRU and Microsoft Security Bulletin MS17-010:

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

https://isc.sans.edu/forums/diary/Massive+wave+of+ransomware+ongoing/22412/


Mac OS Malware

This is information for all Mac OS users related to the current Malware situation. If you are a MAC user, please take note of the following steps and information to ensure the integrity of your device:

  • Update your Symantec Endpoint protection signatures 
  • Run a full system scan
  • If UTech believes that your Mac OS device may be impacted, you will receive an email by Friday Jan 27, 2017 from the [U]Tech Information Security Office (ISO)
  • UTech will coordinate activities to re-mediate your machine
  • Know that steps have been taken to protect the integrity of CWRU data and interrupt the event in our environment
  • Consider changing CWRU password (https://its-services.case.edu/my-case-identity/password/change/)
lock and code student on laptop

If you have a security problem, question, configuration issue, or have had a network host placed in quarantine, please call the [U]Tech Service Desk at (216) 368- HELP

Two-factor authentication added to Virtual Private Network; enroll today

duo security app in useDuo Security two-factor authentication enhances the security of your CWRU accounts by using your phone or other connected device to verify your identity. Two-factor authentication prevents anyone but you from accessing your valuable data and CWRU accounts, even if they know your password.

To begin, browse to the Duo Security self-enrollment page (caution: clicking this link begins the enrollment process; you need to be ready to enroll completely) from your desktop or laptop computer.

Need help along the way? Use these step-by-step instructions, watch the training videos or contact the Case Western Reserve UTech Service Desk at 216.368.HELP (4357).

Contact Information Security

by email

UTech Security can be reached by sending email to

security@case.edu
or
abuse@case.edu

Chief Information Security Officer

Thomas Siu
security@case.edu


Security Help

If you have a security problem, question, configuration issue, or have had a network host placed in quarantine, please call the CWRU Service Desk at (216) 368- HELP


PGP Keys

If you need to send us sensitive information via email (IP addresses, logs, vulnerability information, etc.), please use PGP to encrypt the message. Our public keys are provided below.

PGP Key for security@case.edu (2009)
Key fingerprint = 4A79 3305 1DA2 D29F 1D9D 1E39 5802 D46D 5D9D

PGP Key for thomas.siu@case.edu
Key fingerprint = 9D9B A29C C27C 27D5 ED1E 9852 9225 E008 2C42 B879