Since Friday, May 12, malicious software named WannaCry has spread around the world in a massive cyberattack that has affected Windows computers in hospitals, government agencies and businesses.

While no reports of infected computers have arisen at the UO, the university is taking action to protect the campus community. The university's Information Security Office — a unit within Information Services, the UO's central information technology department — is working directly with the directors of campus IT units to make sure the Windows computers across campus are secure from this threat.

WannaCry is a form of malware called ransomware. When it infects a computer, it encrypts files, making them unusable, and demands a ransom to unlock the files. Windows computers that are not up to date on security updates from Microsoft are vulnerable to infection.

In addition to keeping Windows computers up to date using the Windows Update tool, other important steps for students and employees to take at work and at home are to always save backups of files somewhere other than on their computers and never click suspicious links or open attachments in unexpected email messages.

In some circumstances, one step the UO Information Security Office may be required to take to prevent the spread of malware is to quarantine vulnerable computers, preventing them from using the campus network and putting other computers at risk of infection. To regain network access in these cases, the computer user would need to secure their computer by following online instructions or by contacting the IT staff in their department.

Anyone with questions can contact IT staff in their department or the Technology Service Desk at techdesk@uoregon.edu or 541-346-4357.

—By Nancy Novitski, University Communications