WannaCry: what U of T community should know about the malware attack

Currently, no incidents of malware have been reported to U of T's information security team since the WannaCry attack began on Friday.

WannaCry targets unpatched Microsoft Windows computers and then locks the machine’s contents from the user – pending the payment of a ransom amount. WannaCry propagates by identifying and infecting other unpatched machines on a network.

Read U of T Professor Deepa Kundur's Op-ed on WannaCry

What U of T is doing:

Defences are in place at multiple network locations/gateways to block incoming attacks.

The information security team is constantly scanning the university networks to identify unpatched equipment, primarily using outdated and unsupported operating systems such as Windows XP, and to notify appropriate administrators about the need to patch the devices.

What you should do:

• Be careful with e-mail messages. Do not open any messages with offers that are too good to be true. Beware of messages from the CRA about your income tax refund for example, or banks asking for your credentials, or to have you open an attachment.
• Keep your devices up-to-date. Install security updates and patches, particularly those identified as being “critical.” Consider ALL your devices, not just machines used at work. 
• Maintain backups. The existence and integrity of data and system backups is critical to protecting your data and maintaining availability in case of a compromised device. If you are unsure as to whether your devices are backed up, check with your local IT team.

For additional information and support, please contact your local IT team. Additional resources are available from the information security department and at the security awareness site.