An Indiana University official says the school has been targeted by the ransomware attack WannaCry that has locked thousands of computers in 150 countries.
Vice President for Research and Senior Fellow at the Center for Cybersecurity Research Fred Cate says the university has not detected any infected computers, but there have been efforts to infiltrate the virus into the IU network.
Ransomware is designed to encrypt a computer’s files so they are accessible to a user unless they pay a fee to get the files back.
Cate says there are two ways the ransomware can infect a computer: if the user clicks on a phishing link, like in an email, or if the system’s Microsoft software hasn’t been updated in a while.
“IU updates all its machines regularly,” Cate says. “Even if your own machine gets compromised, the malicious code shouldn’t be transferred to anyone else’s machine.”
NPR reports the virus that is taking advantage of the Microsoft vulnerability was developed by the National Security Agency.
Cate says the ransomware attacks are just some of hundreds of thousands that target the IU network every hour, so the university is well equipped to deal with the threat.
“There are a lot of pretty active defenses against those in general, so that even if a single machine falls victim, you don’t allow it to spread to the whole network,” he says.
For example, Cate says the university is already blocking emails that are recognized ransomware traps, and computers on the IU network are regularly updated.
Cate says Hoosiers should “absolutely” be concerned about this surge of cyber attacks.
“Our lives are increasingly completely run by computers,” he says. “They control our cars, they control almost everything we communication, what we watch, while we entertain ourselves. All of this is mediated by computers, and those computers at the end of the day just aren’t that secure.”
But Cate says there are simple steps anyone can take to protect their files from an attack, like updating software frequently and backing up files on an external hard drive so there’s no need to pay a ransom if someone encrypts your files