Announcements

 

01/07/18

CPU chip flaw enables malware

Two new serious security vulnerabilities have been discovered in the microprocessors inside nearly all of the world’s computers and mobile devices. Devices running Microsoft Windows, Google Android, Google ChromeOS, Apple macOS using Intel and ARM processors are all affected.
The two flaws, called the Meltdown and Spectre, may allow attackers to use malicious programs to steal passwords, account information, encryption keys, or other sensitive data. Windows, Apple and other vendors have already released updates to address the Meltdown vulnerability.

Spectre, while more difficult to exploit, is unable to be fixed in software and will require manufacturers to create new hardware. It is important to watch for updates from manufacturers of your devices and operating system vendors.
The Meltdown and Spectre vulnerabilities affect many CPUs, including those from AMD, ARM, Intel, virtual CPUs, and the devices and operating systems running on them. There have been no reports of attackers exploiting the Meltdown vulnerability; however, security researchers have demonstrated various methods of exploitation.

Recommendations for personal computers and mobile devices or systems include:
Apply operating system updates as they become available. Microsoft, Apple and others have already released updates that begin to address the vulnerabilities and may release more as researchers learn more about the vulnerabilities and their possible impact. Please note that there are possible performance degradation impacts that will result from the Meltdown updates.

For questions or for assistance in determining the appropriate equipment for your needs, please contact us via email at helpdesk@diometuchen.org.


 

10/17/17

Response to Wi-Fi vulnerabilities (aka KRACK)

Dear Diocesan Members,

Today the Internet is buzzing with reports of newly discovered vulnerabilities in WPA2, a security protocol that protects the confidentiality of Wi-Fi network connections. A bad actor could exploit these weaknesses on an unpatched Wi-Fi network or client to read encrypted communication and in some cases, do additional harm such as change the content of communications and spread malware.

The diocesan Office of Information Systems has already patched wireless network infrastructure on the St. John Neumann Pastoral Center and is working with other locations to confirm that patching is comprehensive. However, other Wi-Fi networks, your home wireless network, and your client devices (computers, mobile devices, etc.) may still be vulnerable. It will take time for all vendors to create patches and even more time for those patches to be applied.

So what should you do?

As always, watch for updates, whether at work or home, and apply patches when available.

Exercise caution when using any untrusted Wi-Fi network. Look for the locked icon and/or "https:// " in URLs before submitting credentials or other sensitive information like credit card data.

Note that we are offering very little new advice. These, combined with other essential security best practices, will protect you from old threats and vulnerabilities as well as new ones.

Please follow the steps below to safeguard your identity, devices, and data:

Protect your user ID and password.

Configure your devices securely from the outset.

Stay up to date with software patches and don't delay restarting your computer after patches have been applied.

Verify the authenticity of links and unexpected attachments in an email before clicking.

Use a separate non-administrator account for day-to-day use.

Run anti-virus software with current malware signatures.

Have recoverable backups of your files and store them in a safe, off-line location.

Report concerns immediately - if you see something, say something.

Thank you for following these best practices and for partnering with us to keep the diocese and each other safe online.

Please feel free to email us if you have questions, concerns, or suggestions for how we can improve.

For questions or for assistance in determining the appropriate equipment for your needs, please contact us via email at helpdesk@diometuchen.org.

 


 

05/16/17

"WannaCry" Ransomware Attack

Dear Diocesan Members,

As you may have learned over the weekend, there is a world-wide ransomware attack known as “WannaCry” hitting the Internet.  More on ransomware below.  It has affected hundreds of thousands of computers in over 150 countries but you don’t have to be a victim.

You can greatly reduce your chances of being infected with any type of malware including ransomware by following the usual security best practices.

Stay up to date with software patches and don’t delay restarting your computer after patches have been applied.

Verify the authenticity of links and unexpected attachments in an email before clicking.

Use a separate non-administrator account for day-to-day use.  Malware generally can do more damage and spread faster with administrator privileges.

Run anti-virus software with current malware signatures.

Have recoverable backups of your files and store them in a safe, off-line location.

Ransomware is malicious software that is usually delivered via an email attachment, through a link directing you to download a shared document, or by visiting an infected website.  Recipients are tricked into running the malware which encrypts the files stored on their computer and any other networked storage like mapped drives.  Unless there is a restorable backup copy, the recipient’s only option to recover their files may be to pay the ransom.     

In the case of “WannaCry”, one infected computer can infect other vulnerable, unpatched computers on the same network without further user interaction.  This is one reason why “WannaCry” has spread so quickly.

If you receive suspicious email or suspect ransomware or other malware may be infecting your computer, disconnect and report as soon as possible to helpdesk@diometuchen.org.  The sooner we know, the sooner we can mitigate the impact to you and to the community.

As always, we appreciate your timely reports, suggestions for improvement, and continued support.