connect. communicate. collaborate.
  • Home
  • Important Information Regarding Petya Ransomware

Important Information Regarding Petya Ransomware

June 29, 2017
 
You may have seen news reports today about a new ransomware variant called “Petya.” Below is information on Petya, how to spot a ransomware attack, what you should do to reduce your risk, and what the IT Security Office is doing to protect KU data and systems.
 
What is Petya?
Petya is ransomware. Data on infected computers (and any attached storage, such as KU “G:” drives, external USB drives, etc.) is encrypted and held for ransom. In this case, payment is demanded in the form of a partial Bitcoin.
 
What should you do if you think your computer is infected with ransomware? 
  • Call your departmental IT Support Staff or the IT Customer Service Center (785-864-8080) immediately so that they can begin coordinating with the IT Security Office.
  • DO NOT PAY THE RANSOM, especially in the case of Petya. The email address associated with ransom payments for Petya has been suspended, and you will not receive decryption keys to unlock your files.
How does Petya work? 
Petya exploits the same vulnerability (MS17-010) that WannaCry exploited. The patch for this vulnerability was released in March of 2017. Petya spreads two ways: 
  • Via email with an encrypted Word document attachment
  • Via the network in the fashion of a worm
What can I do to protect my computer and my data? 
  • Never open suspicious attachments or click links you receive in an unknown email, even “just to have a look.” The simple act of opening an attachment or webpage is frequently all it takes for your system to be infected.
  • Forward suspicious emails to abuse@ku.edu.
  • Reboot your computer daily to ensure all patches and updates are installed. KU IT automatically sends out patches to KU computers, but rebooting is an essential step.
  • On your home computer, make sure you have downloaded and installed the latest patches, and rebooted your computer to complete the process.
Have there been any Petya infections at KU? 
No. The IT Security Office did receive a message with the malicious attachment that spreads Petya. The recipient did the right thing by reporting it to abuse@ku.edu, and we were able to analyze the malware and extract details that allow us to better protect campus from infection.
 
What is the IT Security Office doing to protect KU? 
  • ITSO staff are analyzing samples as they are shared with us, so please continue to report suspicious emails to abuse@ku.edu. ITSO staff also are working with vendors, information sharing consortiums and the IT security community at large to gather more information to bolster our defenses.
  • Information Technology staff are working to ensure vulnerable systems are patched. If you have questions regarding patches on your computer, contact your IT Support staff.
Information security at KU is a shared responsibility, among all of us. By being aware of risks and being careful in your computing practices, you help protect yourself and your colleagues.
 
If you have questions or concerns, please contact your IT Support Staff or the IT Customer Support Center (itcsc@ku.edu or 785-864-8080).  

KU IT on Twitter  KU IT on Facebook  KU IT on Instagram

Technology Help

Call KU IT Customer Support

785-864-8080
Phone support

Email KU IT Customer Support

itcsc@ku.edu
Support via Email

Faculty/Staff Support

Faculty/Staff Support
Technology Support Centers

KU IT Knowledge Base

Knowledge Base
FAQs & More

Submit Help Ticket

Submit Help Ticket
Online Help

Call KU IT Customer Support

913-626-9619
Phone support

Email KU IT Customer Support

kuec_support@ku.edu
Support via Email

KU IT Knowledge Base

Knowledge Base
FAQs & More

Request Edwards IT Support

Request Edwards IT Support
Online Help

Comments or ideas on how we can serve you better? Send us your feedback!

One of 34 U.S. public institutions in the prestigious Association of American Universities
44 nationally ranked graduate programs.
—U.S. News & World Report
Top 50 nationwide for size of library collection.
—ALA
23rd nationwide for service to veterans —"Best for Vets," Military Times
KU Today