Malware Threat Prompts Immediate Attention to IT Best Practices

In May, a massive cyberattack impacted 100 countries, infecting Windows-based computers with malicious software (malware) that required payments in the form of bitcoin to unlock victims’ devices. The attack focused on government agencies, hospitals, and universities.

In response, the Mount Sinai Health System Information Technology (IT) team strongly recommended that the research community be extremely vigilant when opening email attachments or downloading content from the internet. Ransomware attacks are typically caused by downloading software or downloading a malicious email attachment.

Our IT team provided the following best practices:

  • Since the attack, all centrally-managed IT Windows-based laptops should have been brought on to campus and connected to the Mount Sinai network to enable patches to be installed and ensure that the systems are rebooted, and
  • All Windows-based workstations and servers should have been rebooted to ensure the patching efforts have been completed.
  • Please be aware that additional filters on our email servers have been activated and may cause 4-5 minute delay in delivery of external messages that contain attachments.
  • Any critical data on a local hard-drives (which is not advised) should be encrypted and backed up on a virtual drive.
  • Health and Human Services (HHS) has indicated that scammers were posing as IT personnel and contacting unsuspecting users, asking them to provide remote access to “fix the bug” reported in the media. Mount Sinai IT will not contact users directly by phone to address this issue.
  • Please forward any suspicious email to ITSecurityRisk@mountsinai.org.

For additional questions please contact our central IT help desk at 212-241-4357 or on campus visit ASC-IT within Annenberg Floor 11.