Georgia Southern warns students about recent ransomware attack

Matthew Enfinger

A widespread ransomware cyber-attack known as “WannaCrypt” could continue at the beginning of the work week on Monday.

As stated in a Georgia Southern security alert, the ransomware campaign that began on Friday has affected various organizations with reports of tens of thousands of infections in as many as 74 countries, including the United States, United Kingdom, Spain, Russia, Taiwan, France and Japan. The software can run in as many as 27 different languages.

According to the nytimes.com, a cybersecurity researcher known only as MalwareTech discovered a “kill switch” that halted the outbreak. However, MalwareTech believes that second wave could follow.

“Version 1 of WannaCrypt was stoppable but version 2.0 will likely remove the flaw. You’re only safe if you patch ASAP,” MalwareTech said in a tweet.

The attack comes in via a phishing email that then encrypts the computer, not allowing the user to access data on it without paying a fee. This can also spread to the R drive and H drive and encrypt files on these drives.

To protect yourself from these attacks, GS advises students:

· Do not open any e-mail you have any doubts about.

· Do not respond to questions asking for any personal information.

· Do not click on any link inside of the e-mail, or copy and paste it into your browser.

· Do not open attachments contained in suspicious e-mail.

· Do not provide personal information via e-mail, web or phone.

· Make sure your anti-virus and operating system are up to date and active.

Students can send phishing emails to [email protected] For more information on Phishing and Ransomware, visit its.georgiasouthern.edu/infosec/2016/10/24/ransomware/ or its.georgiasouthern.edu/infosec/2016/10/14/phishing-emails-and-you/.

If you receive a suspicious email, contact IT Support at (912) 478-2287 or go to the MyTechHelp online at mytechhelp.georgiasouthern.edu. If you think you may have a computer with this ransomware, please remove the computer from the network and contact information security at their email, [email protected] or by calling (912) 478-1592.