Security Bulletin
Butte College takes internet security seriously. This bulletin has information on current issues, vulnerabilities, and recommendations to minimize the risk of a security breach.
New Email Security Implemented 7/6/2017
Ransomware and other malware exploits are on the rise. Just last week, another report of a worldwide attack for the Petya Ransomware exploit was announced. Ransomware is on the rise, and is a very serious threat to our systems and data. A primary method of spreading these malicious attacks is through email. To better protect you and the campus from these attacks, IT has added extra layers of security within our Office 365 email system for faculty, staff, and generic email accounts.
Visit http://gm4.washingtonlandforsale.net/services/itss/security/atp/index.html for additional information about our implementation of Office 365 Advanced Threat Protection.
WannaCry Ransomware Outbreak 5/15/2017
IT Services and Support is aware of a new malicious software program named "WannaCry" that has recently made news through large-scale infections in at least 99 different countries. "WannaCry" is a type of malicious software known as ransomware. It is most often downloaded as part of a phishing email scam, and then the recipient is tricked into running it. Once it has been run, it encrypts files on the affected computer and network share drives, and the user is then required to pay a ransom to recover the files. One reason this malicious software has spread so aggressively is that it then attempts to infect other computers on the network that do not have the latest security updates and are not protected against "WannaCry".
What IT is doing to protect the district:
-
All campus central IT servers were patched over the weekend
-
We are monitoring for suspicious campus computing traffic both on the network and wireless.
-
To mitigate threat to district faculty and staff computers and data, we will be:
-
Applying the recommended security patches and antivirus updates to all campus faculty and staff windows machines
-
We will be deploying this patch this as soon as we are able TODAY
-
Restart your computer as soon as you receive notification. Failure to do so will possibly result in an automatic restart
-
Please save your work early and often
How you can help protect the district and yourself:
-
Do not open ANY unexpected email or attachments, That’s right--NONE—do not open any messages you are not expecting. Call the person who sent it to you to verify its validity.
-
This threat uses emailed PDF files to infect. With some variants, it is reported that opening the email alone is enough to infect your computer.
-
Personally owned computers:
-
your computer must be up to date by turning on automatic updates. Visit http://support.microsoft.com/en-us/help/12373/windows-update-faq for more information
-
Accessing campus resources with a computer that is not up to date presents a great risk to the campus and your data and identity
If anyone suspects a possible infection, it should be treated as highest priority to contain the spread of this worm—contact User Support Services immediately at 895-2888.
What is Phishing?
Phishing is an online attempt to gain sensitive information (login info, credit card details, money, etc.) by pretending to be a trustworthy entity. Criminals can use phishing, spam and other malicious email to gain access to your personal and financial information, as well as sensitive university information and access to Butte College resources.
Malicious email typically:
- Use urgent language
- Ask for personal information such as passwords, bank account numbers, user names and/or credit card numbers
- May have grammatical, typographical, or other obvious errors
PHISHING ALERTS
- Date: 12/21/2016
- Sent From: Ileana Grecu
- See Details Here
- Date: 12/19/2016
- Sent From: Help Desk
- See Details Here
March 5, 2015 - Zip File Email Attachment Policy Change
In an effort to mitigate the spread of viruses and campus-generated spam, the following warning messages will be prepended to any email that has a .zip attachment or executable content. While not all content in .zip attachments is harmful, dropping malicious content into a .zip and then attaching it to an email is an easy way for attackers to spread viruses. Oftentimes the email message is believable enough to fool the recipient into clicking and installing the content in a .zip, or following instructions in a password protected .zip. This leads to infected machines and compromised accounts, and puts the district at risk for data theft and improper access to confidential data.
For the past month, we have been assessing the volume and nature of campus email that include .zip attachments. There is a reasonable amount of legitimate business that is transacted with .zip attachments, so we are opting for this strategy rather than blocking .zip attachments. These warning messages will serve as a caution for users who receive a potentially malicious email before we are able to assess and implement a block for that specific email should it be determined to be malicious.
We have tested these warnings on a variety of devices and mail clients with success, and this action is negligible in system or account impact, and in no way interferes with the delivery of the original message.
A message that contains an executable attachment or .zip containing an executable will have the following warning message prepended to the body of the email. Not all executable content is viral in nature—this message purely serves as a warning.
Example:
***********************************
WARNING--This message contains a .zip attachment. Zip files can contain viruses--open with caution.
If you were not expecting this message, even if sent from someone you know, contact the sender to verify its validity.
Delete this message if it is not valid.
---------------------
Butte College IT Services and Support
http://gm4.washingtonlandforsale.net/itss
Students: 530-895-2525 Faculty & Staff: 530-895-2888
***********************************
April 28, 2014 - Internet Explorer Security Vulnerability
Microsoft has discovered a vulnerability in all versions of Internet Explorer. If your system is attacked, the attacker could take complete control of your system.
Workarounds
If at all possible, do not use Internet Explorer. Google Chrome, Mozilla Firefox, Safari and Opera are all unaffected by this vulnerability. For work where Internet Explorer is required, perform the following steps:
Set Internet and Local intranet security zone settings to "High"
To raise the browsing security level in Internet Explorer, perform the following steps:
- On the Internet Explorer Tools menu, click Internet Options.
- In the Internet Options dialog box, click the Security tab, and then click Internet.
- Under Security level for this zone, move the slider to High. This sets the security level for all websites you visit to High.
- Click Local intranet.
- Under Security level for this zone, move the slider to High. This sets the security level for all websites you visit to High.
- Click OK to accept the changes and return to Internet Explorer.
Note If no slider is visible, click Default Level, and then move the slider to High.
Note Setting the level to High may cause some websites to work incorrectly. If you have difficulty using a website after you change this setting, and you are sure the site is safe to use, you can add that site to your list of trusted sites. This will allow the site to work correctly even with the security setting set to High.
If you have any questions or concerns, please contact User Support Services.
