|Title||Start Date & Time||End Date & Time|
|Service Issue Reported: Networking - Engineering North tower - partial outage||Saturday, September 22, 2018 - 2:39pm|
|Service Restored: Youtube Age-Restricted Content Inaccessible From CU Network||Saturday, September 15, 2018 - 2:28pm|
|Service Maintenance Scheduled: Turnitin||Saturday, September 22, 2018 - 9:00am||Saturday, September 22, 2018 - 5:30pm|
|Service Maintenance Scheduled: Campus Solutions & Portals||Sunday, September 23, 2018 - 6:00am||Sunday, September 23, 2018 - 2:00pm|
|Service Maintenance Scheduled: F5 Content Switch||Thursday, September 27, 2018 - 6:30pm||Thursday, September 27, 2018 - 7:30pm|
|Service Maintenance Scheduled: Wi-Fi in Bear Creek Apartments||Tuesday, October 2, 2018 - 6:00am||Tuesday, October 2, 2018 - 7:30am|
OIT is monitoring reports of a large-scale active ransomware attack that leverages the MS17-010 vulnerability patched by Microsoft in March. The media have dubbed this new strain as Wanna Decryptor, Wannacry, or Wcry. We have reports that, in addition to the standard network ports used by SMB (UDP 137 & 138, TCP 137 & 139, and TCP 445), Wcry may be leveraging RDP to access and encrypt files. While the initial infection may be caused by a malicious email, once a system is compromised the worm can spread across the network.
Windows system administrators need to ensure that they have patched for MS17-010. Standard access control and backup practices will also help limit exposure to ransomware attacks by limiting the scope of files accessible to a compromised system and allow for recovery of data. OIT does not recommend relying solely on volume shadow copy service (VSS) as a failsafe for ransomware attacks as some strains of ransomware have been known to disable VSS.
If you have any questions, please contact the IT Service Center at 303-735-4357 (or 5-HELP from an on-campus phone) or email@example.com. IT Service Center Hours: https://oit.colorado.edu/support/it-service-center.
Important definitions for notice:
- Urgent: severity represents a broad threat to the entire campus community including remotely exploitable administrator or root type attacks.
- Severe: severity includes worms & web or email based exploits.
- Important: severity includes viruses and local exploits for commonly used services.
OIT has defined the following categories to describe the severity of security risks:
URGENT severity represents a broad threat to the entire campus community.
SEVERE severity included remote exploits and worms.
IMPORTANT severity includes virus and local exploits for commonly used services.