Ransomware Alert: Petya

Posted in Announcements

Ransomware ALERT

What’s going on?

There’s a new ransomware threat out there. It’s called Petya and it’s very similar to Wanna Cry, the ransomware that recently spread through over 150 countries back in May.

Petya is spread by taking advantage of the same vulnerability in the Windows operating system that allowed WannaCry to spread so easily.  It’s imperative that the Microsoft security updates for all versions of Windows have been applied to University and personal computers.

Are we at risk?

Same rules apply. The campus technology managers at Georgetown University are working diligently to verify that our computers are appropriately updated, and to identify and remediate any unprotected University workstations that may be on our network.  Anyone using a personal Windows computer should take steps to ensure that you are protected. Please note that Mac operating systems have not been assocated with this vulnerability.

Who is affected:

Any Windows computer without Windows update MS17-010.

What to do:

Make sure that all Microsoft updates are applied to your computer. (Beware of bogus ransomware removal sites and tools, and do not download from any site other than the official Microsoft Technet site)

Other Tips:

Read emails very carefully and DO NOT CLICK ON QUESTIONABLE LINKS OR ATTACHMENTS even from known sources.
If you receive an email with links or attachments, always verify with the sender that the email is legitimate.
Back-up any data from your computer to another storage location – including Box or Google Drive.

Spreading of this ransomware strain starts through phishing or junk email messages. A spam email is sent containing a malicious link or a malicious document. Once a target activates the malware by either clicking the link or opening the document the malware will hold the computer hostage until a ransom is paid. It does this by encrypting all of the files on the system with an encryption key.

Once your computer is infected, your data is lost if you do not have a back-up; even if you agree to pay the Bitcoin ransom, there’s no guarantee that the decryption key will work.

If you are using a University-managed computer, you can expect an emergency update to be applied to your workstation, even if you already have the patch installed.  Please follow the instructions – including re-booting your computer to allow the updates to apply to your computer.

*You can contact the University Help Desk to get assistance with checking your Microsoft patch level and installing the appropriate patch.*