UITS gives out information regarding recent cyberattacks

UConn's UITS has released information on recent worldwide cyberattacks. (Jason Jiang/The Daily Campus)

The University of Connecticut’s University Information Technology Services (UITS) sent out an email warning students of an attack involving ransomware that infected computers and critical systems worldwide on May 12.

“The main ransomware programs, WannaCrypt and WannaCry, and their variants, infect computers by exploiting a vulnerability in the Microsoft Windows operating system,” the email said. “The malicious software then encrypts the contents of a computer and holds the information hostage until a payment is received.”

These cyberattacks have not affected any UConn computers, said Jason Pufahl, UConn’s Chief Information Security Officer.

UITS has been studying UConn’s wired and wireless networks to identify potential weaknesses and has been working with the school’s IT community to resolve those vulnerabilities, according to the email.

“We are also conducting ongoing vulnerability scans of hosts on our wireless networks and communicating directly to any individual that may be vulnerable,” Pufahl said.

The email recommended that members of the UConn community whose computers run Microsoft Windows stay up to date on all of their security patches. Information on how to update a Windows operating system to address this specific vulnerability can be found at security.uconn.edu, according to the email.

“Attackers often utilize known vulnerabilities for their exploits. Ensuring your computing devices have the most current security patches applied is critical and one of the simplest ways to protect yourself and your data,” Pufahl said.

He also encouraged students to be aware of phishing attacks, stating that attackers often send fraudulent email hoping to trick people into providing their credentials so that they can simply log into services without complicated exploits.

“Maintaining long, unique passwords for each website or company is also good security practice,” Pufahl said.

The attack affected a total of 200,000 computers worldwide, according to a CNBC article published on May 19.

The vulnerability in Microsoft’s Windows XP operating system was originally discovered by the NSA to spy on users. While Microsoft had released a fix for the bug in March many users had not updated their software, according to the article.

UITS encourages students to contact their local IT or the UITS Help Center at helpcenter@uconn.edu or 860-486-4357 if they need assistance.


Gabriella Debenedictis is a staff writer for The Daily Campus. She can be reached via email at gabriella.debenedictis@uconn.edu.