Ransomware

Last updated: Nov. 13, 2020

In late October, Microsoft, the University's email provider, identified three unique ransomware threats targeting the education industry: FakeUpdates, Trickbot and Bazaloader. These threats are designed to exploit security vulnerabilities on your device, lock files on your computer and then demand you pay a ransom to regain access.


How can I protect myself against ransomware risks?

Endpoint protection

Antivirus software helps secure your devices and data against ransomware and malware. Computing and Technology Services (CTS) recommends installing Sophos Home edition on your personal devices to provide real-time protection against online threats.

Patches and updates

Installing current updates and patches on your device helps prevent cybercriminals from exploiting recent security vulnerabilities with ransomware attacks. Below are instructions for updating Windows 10 and macOS on personally-owned devices.

Install updates on Windows 10
  1. Click the search icon in the bottom left and type "settings" in the search box.
  2. Select Settings.
  3. Select Update & Security.
  4. Click Check for Updates.
  5. Install and apply recommended updates.
Install updates on macOS (Mojave or later)
  1. Open System Preferences.
  2. Select Software Update. Your device will automatically check for updates.
  3. If an update is available, click Update Now.

Multi-factor authentication (MFA)

Duo MFA adds an additional layer of security to your Duquesne and other online accounts. Employees are required to use Duo MFA and students are highly encouraged to enroll in Duo to secure their MultiPass account and personal information.

Watch out for phishing

While CTS provides email protection with Microsoft's Advanced Threat Protection for Office 365, phishing emails can still be delivered to your inbox. If you receive a suspicious message, do not click on any links, open any attachments or reply to the sender. Instead, please forward the email to the CTS Help Desk at help@duq.edu.


How is CTS protecting the University against ransomware risks?

Sophos Intercept X antivirus is installed on all University-managed computers. CTS will scan University-managed devices with Sophos antivirus and identify which ones need to be patched so that they are secure against recent vulnerabilities. Any devices left unpatched will lose access to the campus network. CTS will attempt to contact device owners prior to the loss of network access.


Need more information?

For more information about recent vulnerabilities, including CVE-2020-1472, please visit cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472.