University Of Kentucky Officials Have Been Alerted To Ransomware Threat

From the University of Kentucky:

November 2, 2020

By Marci Adams

University of Kentucky Information Technology Services (ITS) has been alerted by the federal government about ransomware attacks that target health care organizations and higher education. These ransomware attacks often target someone through a malicious email file or attachment or through a phishing attack.

Protect Yourself Against Cybersecurity Attacks

It is always recommended to keep your operating system and software up to date with the latest upgrades and patches. Ensuring you have a backup of your files and data makes you less likely to lose them as a result of an attack. Many threats start by sending malicious email or phishing attacks. It is important to be aware of what to look for when it comes to malicious email and phishing attacks.

Malicious email like phishing or ransomware attacks may include the following:

• Poor syntax and/or grammar
• Sense of urgency or very little context
• An unspecified sender
• An external sender that does not match the name in the email
• Links that ask you to click onto a non-uky.edu address for “secure verification” or to "validate account"
• A fake reply address e.g., UKexecutive.uky.edu@gmail.com, UKexecutive@yahoo.com
• An offer that appears too good to be true
• Job offers that ask for money up front
• Attachments that you were not expecting or from unknown senders

Cybersecurity training is available in myUK Learning for those interested in further educating themselves on how to spot threats. Access these courses by following the steps at How do I access cybersecurity courses in myUK Learning?.

Also, enabling two-factor authentication for all available systems and software adds another layer of cybersecurity. For more information about Two-Factor Log-In at UK, visit www.uky.edu/its/CyberSafe.

What To Do If You’ve Fallen Victim to an Attack

Typically, you will know that you are the victim of a ransomware attack if you receive correspondence or a prompt that your files and data are being held until you pay a sum of money or bitcoin. If you believe your machine is compromised from a ransomware attack, it is important to notify ITS immediately by calling 859-218-HELP (4357). See What to do if I have Ransomware on my Computer for more instructions on what do to in the event of a ransomware attack.

If you receive an email that you believe to be malicious or phishing, follow the steps under “How to Report a Phishing Attack” at www.uky.edu/its/phishing. If you believe your account has been compromised, see What to do if your University of Kentucky Account Has Been Compromised in the Tech Help Center.

For more information about this surge of ransomware attacks, see the Cybersecurity & Infrastructure Security Agency (CISA)’s summary on their website. More information about cybersecurity at UK, visit www.uky.edu/its/CyberSafe. ITS Cybersecurity team is always available for questions or concerns at cybersecurity@uky.edu.

For 24/7 immediate assistance, please contact ITS Customer Services at 859-218-HELP (4357) or visit the Technology Help Center @ http://techhelpcenter.uky.edu. For assistance with non-urgent matters, email 218help@uky.edu.

This press release was produced by the University of Kentucky. The views expressed here are the author’s own.