Be aware of malware and cyber attacks

What can YOU do to avoid being victimized by malware attacks?

You may be aware that the University of Calgary has sustained a severe malware attack within their computing infrastructure.

The University of Alberta’s IT and security, in conjunction with many other Canadian Universities stand in solidarity with our colleagues in Calgary. We have reached out to offer any support and assistance needed.

Do be aware that this can happen to any academy as no other University is immune or impervious to malware attacks, such as but not limited to ransomware.

What can YOU do to avoid being victimized by malware attacks?

1) Do NOT click on any links or open attachments within unsolicited or suspicious emails.

If in doubt contact the supposed sender first to confirm legitimacy.

2) If you suspect you are in the midst of a malware attack immediately SHUT DOWN your computer and contact your local IT and/or IST.

  • In addition, if the computer under attack is network wired connected then UNPLUG the computer from the network if possible.
  • Finally, ensure your computer has been properly assessed and remedied of the malware/compromise before you resume using it (confirm this with your IT support).

3) Ensure you and your area have adequate backup management.

  • Ensure your electronic files are stored on a department or faculty based file-share that in turn is adequately BACKED UP on separate system.
  • Ensure your electronic files are NOT solely stored on a local computer.
  • Inquire with your local IT and/or IST to ensure adequate backup management is in place for your electronic files.

4) Be AWARE and ALERT to the types of malware and social engineering techniques used by attackers such as:

  • Attackers may impersonate someone you know or in your contacts (and the email will appear to come from that person you know),
  • Attachments may have an enticing file name such as resume, invoice, or a salary related item,
  • Links will appear to be part of a formal IT or business process, for password resets for example.

5) Ensure you COMPLETE the Annual Acknowledgement and Online Privacy and Security Training that is mandatory for all faculty and staff.

Information and awareness on preventing cyber attacks is provided in training, which can be found here.

6) Ensure adequate and appropriate security controls are in place on YOUR computer, such as but not limited to antivirus protection, personal firewall, auto-execute is disabled, and local administrator privileges are not enabled.

Contact your local IT and/or IST to confirm adequate security controls are on your computer.

Contact IST:

780–492–9400
ist@ualberta.ca


Thank you for you diligence.
Gordie

— — — — — — — — -
Gordie Mah — Chief Information Security Officer (CISO), Office of the Vice-Provost and Associate
Vice-President (Information Services and Technology)

780.492.8607 | gordie@ualberta.ca