May 15, 2017

Cybersecurity Alert-Ransomware Attack

Protect against ransomware
(iStock image)

Last Friday, a global “ransomware” cyberattack was launched that has now reached computers in 150 countries, including the U.S. The cyberattack continues to present an ongoing threat for computers and systems that have not yet been protected.

Ransomware is a type of malicious software that infects a computer and restricts users’ access to files on the computer until a ransom is paid to unlock it. The software spreads by “phishing,” luring unsuspecting users to click on infected email attachments and links in emails to launch the attack. Out-of-date systems are particularly vulnerable to ransomware.

Since Friday evening, VUIT, VUMC IT and Health IT have been installing a software update on centrally managed systems to protect against this cyberattack. Clinical workstations are now protected. However, office workstations, as well as laptops and home computers using Microsoft’s operating software that have not been updated and restarted continue to be vulnerable to attack.

We need your help to further protect our network and your files.

  1. Please reboot your office computer as soon as you can this morning. This will allow any computers we have tried to update to complete the update process.
  2. We have asked LAN managers and IT support providers to be “on call” for any questions you have about your computer, in case you are not sure if it is protected. Contact your local IT support provider if you are not using a Clinical Workstation (CWS) or Administrative Workstation (AWS), or if you are unsure about the type of workstation you are using.
  3. If you are responsible for managing your own computer, ensure that it is updated. You should search for and click Windows Update to install any recent updates.
  4. Back up your data so you can recover your system if it is infected.

To protect VUMC IT and VUIT systems, all members of the VUMC community are urged never to click on links or download files in emails unless you know with certainty that they are intended for you.

When an email looks suspicious please take a moment to:

  • Contact the VUMC IT Help Desk at 615-343-4357 (343-HELP) and follow their direction on reporting the suspicious email.
  • Contact the sender (if you know them) to verify whether they sent the message; otherwise please contact the VUMC IT Help Desk.

What to do in the event of a Cyberattack: If any Vanderbilt computer or system becomes compromised through a cyberattack, immediately disconnect the system from the network either by removing the network cable or by turning off the wireless connection. Notify the VUMC HELP Desk at 615-343-4357 (343-HELP) and request that a High Priority Incident be opened for VUMC IT Security Operations.