Petya: What the UofT Community Should Know About the Ongoing Malware Epidemic

Alex Dean Cybulski Blog, Good to know alerts from U of T

A massive malware outbreak known as Petya is currently infecting computer systems in numerous countries across the world. Petya targets un-patched Microsoft Windows computers and then locks (encrypts) the machine’s contents from the user – pending the payment of a ransom. At present, the e-mail address used to pay the ransom is disabled making it impossible to pay the criminals running this software in exchange for encrypted data. While it is never recommended that users pay a criminal to recover their files, this means that files encrypted by this malware are permanently irretrievable. Recent evidence even suggests that the malware was never designed to allow users to recover their files. Petya propagates by identifying and infecting other machines on a network, including those which are patched against the SMB vulnerability, making it critical that all systems be patched and up to date. What U of T is doing: Defenses are in place at multiple network locations/gateways to block incoming attacks. The information security team is constantly scanning the university networks to identify unpatched equipment, primarily using outdated and unsupported operating systems such as Windows XP, and to notify appropriate administrators about the need to patch the devices. What you should do: …

WannaCry Malware Advisory

WannaCry: What U of T community should know about the malware attack

Tamara Adizes Jacobs Good to know alerts from U of T

Originally published via U of T News: Currently, no incidents of malware have been reported to U of T’s information security team since the WannaCry attack began on Friday. WannaCry targets unpatched Microsoft Windows computers and then locks the machine’s contents from the user – pending the payment of a ransom amount. WannaCry propagates by identifying and infecting other unpatched machines on a network. What U of T is doing: Defences are in place at multiple network locations/gateways to block incoming attacks. The information security team is constantly scanning the university networks to identify unpatched equipment, primarily using outdated and unsupported operating systems such as Windows XP, and to notify appropriate administrators about the need to patch the devices. What you should do: Be careful with e-mail messages. Do not open any messages with offers that are too good to be true. Beware of messages from the CRA about your income tax refund for example, or banks asking for your credentials, or to have you open an attachment. Keep your devices up-to-date. Install security updates and patches, particularly those identified as being “critical.” Consider ALL your devices, not just machines used at work. Maintain backups. The existence and integrity of data and system backups is critical to …

This Tax Season: Protect Yourself Against Fraud

Tamara Adizes Jacobs Good to know alerts from U of T

A message from U of T’s Central Payroll Services It is tax time again and with that we see an increase in the number of fraudulent communications claiming to be from the Canada Revenue Agency (CRA). These include phishing emails, calls, texts or mail. Please be aware that the Canada Revenue Agency (CRA) does not: Send email with a link and ask you to divulge personal or financial information Ask for personal information of any kind by email or text message Request payments by prepaid credit cards Give taxpayer information to another person, unless formal authorization is provided by the taxpayer Leave personal information on an answering machine When in doubt, ask yourself the following: Did I sign up to receive online mail through My Account, My Business Account, or Represent a Client? Did I provide my email address on my income tax and benefit return to receive mail online? Am I expecting more money from the CRA? Does this sound too good to be true? Is the requester asking for information I would not provide in my tax return? Is the requester asking for information I know the CRA already has on file for me? You should never respond …