Cyber attacks: what you need to do now

Posted on 15 May 2017

We need you to take action now to protect University data from malware.

On Friday 12 May 2017 computer malware spread across many networks, encrypting files and demanding a ransom. This global problem affected the NHS, German railways, Renault's car production and many more. The malware was disabled on the same day, so the original is no longer spreading but other versions exist. The virus exploits unpatched Windows machines, and affects both current versions of the operating system (eg Windows 7, Windows 10) and old, out of date versions such as XP.

At the University we've seen three machines infected so far; fortunately they were only infected after the malware was deactivated, so no data was lost. Data has been lost to other malware in the past, when important data was only stored on one device, and not copied to shared filestore or Google Drive.

Protecting against malware

Our managed Windows desktop service had the necessary patch applied last month (April 2017), but if you have not restarted your managed machine since then, it will be vulnerable until it is rebooted.

If you use an unmanaged device running Windows 7 or later, ensure that automatic updates are enabled. Once patches are installed and it's restarted, it can't be infected by this malware or variants of it.

If you run an older version of Windows (XP or Server 2003), your machine should already be on the Windows XP subnet. If it isnt, or if you're not sure that it is, please contact IT support for advice.

Actions needed now

In IT Services we are watching the situation carefully, but we can only stop malware like this from causing serious damage if you play your part: