There is a global cyberattack in progress. Early indications are that it’s a variant of Petya malware, described by the Internet Storm Center here. The current attack has already affected computers throughout the Heritage Valley Health System in Pennsylvania, as well as disrupting Merck’s computer network.
This attack is similar in some ways to last month's WannaCry ransomware attack, which disproportionately affected older Windows XP machines but had its greatest impact on far-more-numerous Windows 7 computers that were not up to date on security patches. The WannaCry attack crippled systems at prominent sites including FedEx, the UK National Health Service and Telefonica in Spain.
To date, these attacks have had limited impact on our systems; in part this is because of our diligent IT security practices. We actively update our computers from the server rooms to our desktops and laptops, and our IT support teams (like MNet, Bayview IT and IT@JH) share a set of institutional standards that include restricting user privileges over “administrative” functions (such as installing software) unless clearly justified. The latter is key to stemming the spread of computer worms, which often require “administrator” privileges to infected connected computers on the same network.
Please be vigilant for strange or unexpected email messages, avoid entering your JHED credentials unless you see that the website’s name ends in “johnshopkins.edu” or “jh.edu” and be very cautious about clicking links in emails (as you hover over links, be wary if the target URL is unfamiliar). Up-to-date software patches and antivirus software are important tools, but an unsuspecting user clicking the wrong link can have cascading effects.
-Stuart Ray, Vice Chair for Data Integrity & Analytics
