WannaCry header

UAB’s cybersecurity protections have warded off “WannaCry” ransomeware. To date, this malicious software has had little effect at UAB because of security protections put in place by UAB IT. However, the UAB community should remain on guard to protect from future threats.

The ransomware attack using what’s been called WannaCry software has locked computers in more than 150 countries, exploiting vulnerabilities, and has already inspired similar attacks.  In a ransomware attack, malicious software can encrypt and block the data on your computer or device — and hackers can then demand payment in exchange for the return of access to your data. 

The UAB community must be aware of the risks to avoid being tricked into installing malicious software on their computers, which can then also spread to other computers on the network.

This kind of attack is not new — it is a new twist on an old crime — but the rapid worldwide spread of WannaCry heightened media attention.

Over the past year, UAB IT has been putting new protection methods in place that help guard against such cyber attacks.

Among the new defenses:

  • SCCM, or Microsoft System Center Configuration Manager, provides automated patch management to systems across campus. Patch management helps protect against potential malicious intrusion and allows the network to be monitored constantly — that way, immediate action can be taken if a patch has yet to be released when a vulnerability is discovered. Patch operating systems, software and firmware on devices. A centralized patch management system, like UAB’s SCCM, is the best way to manage system patching. SCCM patched many UAB systems against the WannaCry malware more than a month before the outbreak. Anyone who is not using SCCM is encouraged to contact AskIT to work with UAB IT staff to deploy it on their systems.
  • Default-deny is a new firewall posture implemented late last year to better protect against intrusions by external attackers. The posture, which is considered a best practice, means only approved network services are allowed. Everything else is denied to help protect the network — and UAB and employees’ and students’ data. This posture protected UAB’s systems from external WannaCry scans and infections.
  • PhishMe simulated campaigns and PhishMe Reporter tool have helped increase awareness of the dangers of phishing emails among UAB students, faculty and staff.  Phishing scams often take the form of fraudulent emails designed to trick users into revealing sensitive or protected information, such as usernames and passwords or bank information, but posting as a legitimate entity such as your bank, social media sites — or even the university president.
UAB faculty, staff and students are urged to remain vigilant against phishing attacks. To guard against phishing and ransomware attacks:

  • Be aware that you are a target.
  • Scrutinize links contained in emails, and do not open attachments in unsolicited emails.
  • Report any suspected phishing emails.
  • Keep all software on your computer up to date.
In an effort to better protect the UAB community from cyber threats, specifically the increasing number of phishing and malware attacks that students, faculty and staff are experiencing, UAB IT is enabling URL Filtering at the UAB internet connection. 

URL filtering technology starts by assigning each known website into different risk categories and can be configured to allow or prohibit access to these sites based on these categories. As part of this implementation, UAB IT will be protecting networked systems from access to the most dangerous categories, malware and phishing. The changes will be effective on May 20.

Users can test a site’s categorization here.

The upcoming change does not impact any servers or services located within the UAB Health System network.

If you have any specific technical questions, feel free to contact the Enterprise Information Security staff at 975-0842 or via email at datasecurity@uab.edu.
UAB IT will host two online town halls this month to explore alternative options for the UAB Dropbox service.

Town halls will be held at 2 p.m. Thursday, May 18, and at 9 a.m. Tuesday, May 23.

Join the May 18 town hall here, or call 205-996-0000 and enter conference ID 514784.

Join the May 23 town hall here, or call 205-996-0000 and enter conference ID 795562.

The current UAB Dropbox is nearing the end of life, or end of sustainability, and UAB IT will be evaluating options for replacing it or encouraging use of current cloud collaboration services. UAB IT will offer a survey following the town halls for members of the campus community to express their opinions about the options.
UAB IT's office for institutional cell phone service and support is moving to the TechConnect store, located at the Hill Student Center, effective Monday, May 8.

The cell phone office has been located in Cudworth Hall.

The new location is a better fit with the services already offered at the store, which provides sales and service for personal technology purchases for students, faculty and staff.

Hours of operation are Monday through Friday from 8 a.m. to 4 p.m. Appointments are encouraged and can be scheduled via e-mail to Ed Ramsey at eramsey@uab.edu.
Page 1 of 23