WannaCryptor cyber attack update (10:00 15/5/2017)

Imperial IT systems not currently affected by cyber-attack

Our College IT systems so far appear to be unaffected by the cyber-attack thanks to the robust IT system and protective measures we have in place.

However we should all remain as vigilant as ever and continue to be careful about suspicious emails, links, and documents.

Staff and students are requested to update their Windows operating system by following the instructions in the "Check Windows has the latest security updates" tab below.

As you may have heard in the news, IT systems across the NHS have been subjected to a cyber-attack  and malicious software known as ‘WannaCryptor’, leading to computers and data being locked up and held for ransom.

The attack has infected large numbers of computers across the NHS in a matter of hours in part due to its ability to spread quickly within networks from PC to PC.

Imperial College ICT staff have worked around the clock over the weekend checking all systems  to ensure  necessary security updates have been installed and anti-virus software is up to date

Whilst College systems are protected we know that emails are a point of vulnerability for all organisations and we need you to read and follow the information detailed in this message and remain vigilant at all times.

What is Ransomware?

Ransomware is a particularly nasty type of malware that encrypts files to make them unreadable and demands money to release it.

How do I know if I’ve been infected by Ransomware?

If your computer becomes infected, a message will be displayed on your screen informing you that files are encrypted, examples as follows:

Encrypted filesEncrypted files 2

What to do

What do I need to do?

If you see a message similar to the above, power off your device immediately and inform the ICT Service Desk on the number below.  Do not wait to shut down in the normal manner. If you are using a College cluster PC, switch off the computer at the wall or remove the power cable.

How can I prevent myself becoming infected by Ransomware?

Your vigilance is essential, if you receive an email that you are not sure about or looks suspicious – DO NOT reply or forward the email, click on any links, open any attachments, or provide personal security information, instead immediately contact the ICT service desk on 020 7594 9000.

For those working regularly with colleagues in NHS Trusts and partner organisations, pay particular attention to any messages received and contact  the ICT service desk if you have been notified that others have been affected by the ransomware attack.

Check Windows has the latest security updates

Windows 7

Go to Start -> Control Panel -> System and security (top left)

Next click Windows Update

Check Windows updateCheck that it says Windows is up to date

Windows is up to dateIf it says Windows is up to date check the Updates were installed: If the updates were installed in May, your computer is protected. If it is before May click Check online for updates from Windows Update.

If there is no date Click View Update History and check for the most recent update. If it is May then your computer is protected.

If the last update was before May click OK to return to the previous screen then click Check online for updates from Windows Update.

Windows 10

Go to Start ->  Settings (cog wheel)

Cog wheelThen to Updates and Security (bottom right)

Windows settingsThe top of the page should show Your Device is up to date

Your device is up to dateIf it says Windows is up to date check the Updates were installed: If the updates were installed in May, your computer is protected. If it is before May click Check online for updates from Windows Update.

If there is no date Click View Update History and check for the most recent update. If it is May then your computer is protected.

If the last update was before May click OK to return to the previous screen then click Check online for updates from Windows Update.

What else do I need to know?

Whilst ICT has been able to protect and update College managed machines, about half the devices on the network are personally owned laptops, tablets and smartphones.  Please make sure that you apply all security patches and update virus protection software on such devices before connecting them at College.

In order to further protect College systems, blocks on certain kinds of network traffic have been put in place.  These may prevent personal devices from connecting to some resources, especially file shares.  If you are unable to connect to a resource you normally use, contact the ICT Service Desk for assistance.

If you see anything suspicious please contact the ICT Service Desk  on 020 7594 9000 immediately for advice. See ICT's Be Secure website for more on Avoiding Scams and Malware.