At 12:25 +1200 15/5/17, Paul Bolger wrote:
>Also interesting over here (NZ) that the media spent the weekend reporting
>the attack, but didn't bother to tell people how to avoid being attacked
>themselves when they returned to work this morning.
The only Staysmart Alert that's arrived so far (dated Sun, 14 May 2017 07:48:57
+1000) is valueless ('something's going on ... be careful'). The reasonable
expectation of an ACORN is that it will actually grow; but this service seems
as juvenile now as when it was launched.
You'd hope that individual IT Directors / CSOs did some homework by Sunday
evening at the latest, and had an urgent email in every employee and
contractor's mailbox before BoB today. And is there enough information
available to have detection running on enterprise front-ends?
Below is a rather late one, which arrived c. 10:30 Monday, which is not BoB
even for university academics.
And it doesn't include information on which patch-package, of which date,
affecting which software, is the one that matters
That's too detailed to be in the body of such emails. But surely a sufficient
proportion of people have someone nearby who 'knows more than the rest of us',
and is a reference-point who can take some load off the central services area?
________________
From: ITU Service Management Office <s...@unsw.edu.au>
To: #All Staff <all.sta...@unsw.edu.au>, #All Students
<all.stude...@unsw.edu.au>
Subject: UNSW IT Security Alert: Ransomware "WannaCry"
Date: Mon, 15 May 2017 00:17:37 +0000
What is happening?
There has been widespread media reports of an IT security ransomware threat
called "WannaCry" over the weekend. This software targets Windows based PCs by
exploiting a security limitation for which protection measures have been
published for quite some time.
This ransomware does not target Apple or Linux PCs.
Am I affected?
UNSW has not yet seen any evidence of WannaCry targeting University systems and
our IT security teams remain on high alert as the situation continues to evolve.
We have put into place measures that protect UNSW owned PCs and individual
personal windows computers whilst they are using the UNSW data networks. We
cannot protect personal windows computers on home or public networks.
UNSW is continually updating our security protection systems to reduce the
possibility of attacks such as these upon systems within the UNSW technology
networks.
What should I do if I think I have been affected?
If you believe your device has been targeted please contact the IT Service
Centre via phone (+612 9385 1333) or email
<mailto:itservicecen...@unsw.edu.au>itservicecen...@unsw.edu.au.
How can I minimise the chance of an attack on my computer?
Whilst this ransomware attack is well publicised, there are cyber security
threats every day.
The most common threats target email accounts, system login accounts and simple
passwords. Ensure you have a secure password. Passwords must be changed every 6
months, be at least 8 characters long and include a combination of Upper and
Lowercase letters, and Non-alphanumeric and Unicode character (e.g: !@#$%^).
To change your current zPass, please visit the UNSW Identity Manager website.
This can be accessed by visiting the UNSW IT website and selecting 'Manage your
zPass & UniPass'.
Other good security IT practices are to:
- keep the operating system up to date,
- apply Microsoft security updates when they are released and utilise a
reputable Anti-Virus package.
Service Management Office | UNSW IT | <mailto:s...@unsw.edu.au>s...@unsw.edu.au
--
Roger Clarke http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916 http://about.me/roger.clarke
mailto:roger.cla...@xamax.com.au http://www.xamax.com.au/
Visiting Professor in the Faculty of Law University of N.S.W.
Visiting Professor in Computer Science Australian National University
_______________________________________________
Link mailing list
Link@mailman.anu.edu.au
http://mailman.anu.edu.au/mailman/listinfo/link
