UCL Information Services Division


Monday 15 May 2017 - Cyber Threat

15 May 2017

As you will have seen from the news over the weekend, many organisations across the world, including the NHS, have been hit by a large cyber-attack.

It seems this may have started when someone opened a malicious "phishing" email which enticed them to click on a link or open an attachment. Following the link, or opening the attachment, on a Windows computer allowed a malicious program (called "ransomware") to encrypt their files and those of their colleagues. The ransomware then demanded a payment to the attacker before the files could be unencrypted and made available to the owner again. We understand the program was able to spread to other Windows computers by direct transmission across networks by exploiting a vulnerability in unpatched and older versions of Windows.

UCL managed systems such as desktop@ucl and sync’n’share use modern versions of Windows and are automatically patched but individual PCs are still vulnerable if a link in a phishing email is clicked or an attachment opened.  Other UCL systems are being checked. 

We urge you to be vigilant and not to open emails that are unexpected, unusual or suspicious in any way. If you experience any unusual computer behaviour, especially any warning messages, please contact your IT support immediately and do not use your computer further until advised to do so.