IT Alert: Recent fraudulent emails and ransomware targeting UBC

To: Faculty and staff in Vancouver and the Okanagan

If you are a manager of staff whose work is not computer-based, please print this email and display it in a common work area for them to review.

You may have seen the news that the University of Calgary has recently faced a ‘ransomware’ attack (you may also hear this described as phishing, malware, virus, etc.). UBC is subject to malware attacks on a daily basis and at times various types of ‘ransomware.’ These attacks often come in the form of email attachments, or links, that unsuspecting recipients open or click.

NEVER click on links or open attachments in an email regardless of how compelling the message is (bank warnings, income tax refund issues, random IT Service Desk warnings, secret admirers, etc.) if you are not specifically expecting an email from that person. As well, ensure your data is backed up nightly so that if there is a successful attack your data can be restored.

UBC uses technology to detect and block many of these emails. However, new versions of malicious software are being produced all the time, making it impossible to successfully detect and block all possible threats. We all need to be vigilant in protecting electronic information. ‘Ransomware’ can affect us all – including our critical research and teaching records.

Research-intensive universities, particularly those that engage in health research, are subject to ‘ransomware’ attacks that are activated by something as simple as clicking on an email link or opening an attachment. Once any one of us clicks on that link or attachment, a malicious program is automatically downloaded to our computer. All our files and any shared files on the network are then locked, encrypted and cannot be accessed. The only way to have the files unlocked is to pay a ‘ransom’ to the criminals who sent the fraudulent email. Your IT support staff can try to restore the files from a secure backup, where available, but days of productivity can be lost and often some functionality is never restored.

I would like to request that everyone remains diligent as some of the fraudulent emails appear to come from official UBC sources. If you are unsure, please contact the UBC IT help desk directly on 604 822 2008 or forward the email to security @ ubc.ca, without clicking on any of the links in the email.

Don Thompson
Deputy Chief Information Officer