Global Ransomware Attack Advisory

We are posting this message regarding the WannaCry ransomware exploit that swept Asia and Europe this weekend, and also struck some US companies. We belive this message makes clear the steps you should take in securing your data.

Subject: Global Cyberattack

As you may be aware, a global ransomware attack, launched on Friday, May 12, has had a major impact on the operations of many organizations around the world. So far, the University of Chicago and the University of Chicago Medicine have avoided any issues, however, new variants of the original attack malware are now circulating. We are asking your help in minimizing any damage by ensuring that any Windows computers or servers you use or manage are secure.

The malware exploits a weakness in all versions of the Windows operating system. Microsoft issued a patch for this in March of this year for all versions of Windows except Windows XP and Windows Server 2003. This means that Windows computers from version 7 and Windows Server 2008 onwards that are configured to automatically apply security updates for Windows should be protected from this attack. A patch for Windows XP and Windows Server 2003 is also now available. 

Action required: If you have a Windows computer that might not be configured to update automatically, please find the Settings app and look for Update and Security (Windows Update in the Control Panel on some versions of Windows). Ensure that updates are configured to happen automatically, and select “check for updates” to secure it immediately. More detailed instructions are also provided at the end of this message.

The coordinated IT security teams at the University, the Biological Sciences Division (BSD), and the medical center are taking this threat very seriously. Many steps have already been taken to mitigate this threat, and we continue proactive assessment of University, BSD, and medical center systems to look for weaknesses and monitor for signs of infection. Some systems may be temporarily unavailable while we continue to take steps to protect our systems.

Since we cannot be certain that the measures we’ve activated will fully prevent any damage, we ask your help out of an abundance of caution.

Consult with your preferred local or national news outlets for the latest information on the global impact of this attack. If you have any questions, please feel free to reach out to one of the University’s IT security teams:

security@uchospitals.edu

security@bsd.uchicago.edu

security@uchicago.edu

 

Thank you,

Erik Decker, CSPO, University of Chicago Medicine

Plamen Martinov, CISO, Biological Sciences Division Research and Academic Enterprise

Tom Barton, CISO, University of Chicago

 

Detailed instructions for securing Windows computers:

Windows 10

  • Tap or click on the Start menu, followed by Settings. 
  • Once there, choose Update & security, followed by Windows Update on the left.
  • Check for new Windows 10 updates by tapping or clicking on the Check for updates button.
  • In Windows 10, downloading and installing updates is automatic and will happen immediately after checking or, with some updates, at a time when you're not using your computer.

Windows Vista, Windows 7, Windows 8, Windows 8.1

  • Open the Control Panel.
  • If using Small icons view, click on the Windows Update option. If using the Category view, click on the System and Security option, then click on the Windows Update option.
  • Windows Update will check for any available updates for your computer. If any updates are found, you should be able to view the available updates. It is highly recommended that you first install all important updates and service packs that are available. In some cases, you may only be able to do a few important updates or service pack updates each time, if some updates are dependent on other updates being installed first.

Windows XP and earlier

  • Visit http://windowsupdate.microsoft.com. For this page to work, you must view it in Internet Explorer.
  • On the Microsoft Windows Update page, select the option Scan for updates. If prompted to install a plug-in, click Yes. Not installing this plug-in will prevent you from scanning for updates.
  • After Windows Update has completed scanning, you should be able to view the available updates for your computer. It is highly recommended that you first install all critical updates and service packs that are available. In some cases, you may only be able to do a few critical updates or service pack updates each time.
  • Although Microsoft does provide some driver updates for hardware devices, it is important to realize that they will not have all the latest drivers. You may want to consider updating the drivers directly from your computer manufacturer. See the computer drivers page for a listing of computer hardware manufacturers and a link to their drivers page.
  • Note: Whenever you are prompted to reboot the computer, do so. Rebooting is an important step and in some cases may be required several times before you have installed all the Windows updates available. After the computer has rebooted, make sure to visit the Windows update page again to make sure all the files you need are downloaded.