Skip to main content

IT News

Ransomware circulating: Send suspicious emails to DefendYourData@mail.wvu.edu

Information Technology Services urges faculty, staff and students to be wary of any suspicious emails asking you to open an attachment, regardless of whether the sender is a name you recognize. A global ransomware attack – dubbed Wanna Decryptor or WannaCry -- is under way.

Ransomware encrypts all files on an infected machine, as well as other systems on the network that machine shares. The hackers are then demanding hundreds of dollars in bitcoin to release the files. ITS advises against paying the ransom, as there is no guarantee your data will be released.

If you inadvertently launch the ransomware on a WVU machine and see a padlock or threatening message about your files being encrypted, immediately power off the computer and call ITS at 304-293-4444. ITS does not support personal computers.

The ransomware is taking advantage of a Windows vulnerability that Microsoft has fixed, but only on newer operating systems. Microsoft no longer updates older versions of Windows, but many people may still use this software on personal machines.

ITS-supported machines at WVU will soon or may already have the Microsoft patch. ITS has contacted the colleges and departments that are not centrally supported and will work with them to protect their machines.

Please forward any suspicious-looking emails as an attachment to defendyourdata@mail.wvu.edu. To download the latest virus protection for free, go to freeav.wvu.edu.