Following on from Friday's breaking news regarding the ransomware attack that has hit 74 countries worldwide, we wanted to make you aware of some steps that we are taking and answer some questions you may have.
We have had a team in place over the weekend and are presently working on the following:
- Disabling SMB Version 1 – which was the service (part of the operating system) that the recent virus exploits. (You may have noticed some security warnings this morning as we checked this was not affected)
- Checking that all critical patches released by Microsoft as a result of this attack have been applied. All other patches are applied automatically as they are released from Microsoft.
- We have double checked that are firewalls and web filtering are on the latest release from the suppliers.
- We have been restarting servers overnight to ensure the new patches are loaded and a team will be logging on and testing these throughout the day. (You may have noticed additional updates when you logged on to the system this morning)
- The College stopped running the Windows XP operating system over two years ago
Please be assured that we are doing everything we can to keep our systems safe and secure but we must reiterate again how critical it is that you remain vigilant, particularly when logging in to systems for the first time after the weekend. Apologies if this has caused you any inconvenience today.
Here are a few tips to remember:
- Be on guard for suspicious emails
- Do not click on suspicious links
- Do not open any suspicious attachments
- Do not open any files from USB pen drives
- If you have ANY doubts please check with IT Services