Ransomware Update from JLab's IT Division
May 15, 2017
Sent on behalf of the IT Division
SUBJECT: Ransomware Update from IT Division
CONTACT: Help Desk, x7155, firstname.lastname@example.org
A twist on the cyber criminal's tool of choice to extort money from people has recently been detected. It is known as "Wannacry" and it is a particularly nasty form of ransomware. More details can be found in this news article, at: http://www.nbcnews.com/news/us-news/blockbuster-wannacry-malware-could-just-be-getting-started-experts-n759356
Jefferson Lab has been actively researching the impact this malware could have on us since last week. At this time, we believe we are in a good security position with limited exposure to the virus. Patches mitigating part of the problem were sent out in March and we're actively looking for any infections. So far, the code is only targeting Windows systems, but this could change at any time.
In order to ensure that patches have been effectively installed, some Windows system may have to be remotely rebooted. The computer center will contact you before doing so if possible. Please ensure any JLab-owned, home-based computers or offsite JLab laptops have been patched and rebooted ASAP. If you need assistance to determine this, you may contact the IT Division Helpdesk at x7155 or email@example.com. Please note that the Helpdesk option is only available for JLab owned computers.
Unfortunately, this attack can succeed via several other methods. A phishing email or an infected website can both introduce the malware onto a user's computer. As always, the general advice to be careful about opening email and visiting unknown websites is very applicable here.
If you notice anything strange with the operation of your computer, or see a Windows notification advising you of a problem, notify the IT Division Helpdesk, as soon as possible.