IT Security Update - May 2016

Patrick Phelan's picture

First off, UCSF IT would like to take this opportunity to congratulate UCSF faculty, staff, and students for attaining the highest compliance rate in the entire UC system in completing the new UCOP-mandated security training.

Your continued vigilance to cyber security threats is important– in the past two months alone, at least two major hospital systems have had their medical record and IT systems shut down for days because of security attacks involving “ransomware.” Ransomware is a type of malware that restricts access to the infected computer system, and demands that the user pay a ransom to the malware operators to remove the restriction. Hospitals have been particularly vulnerable to this class of malware.

At UCSF we’ve taken a number of precautions, but this is a good opportunity to remind everyone to run up-to-date antivirus software, keep your software updated, install BigFix, don’t open unexpected attachments, and don’t fall prey to phishing.

To help monitor for these and other sophisticated attacks on our network, UCSF is implementing FireEye, a security technology that helps identify malicious behavior on the network so IT can contain threats as quickly as possible. FireEye is a great complement to existing security controls, and will help defend against the types of sophisticated, targeted attacks that are unfortunately becoming increasingly frequent.