News and Announcements
Beware: New computer virus locks your files. Learn how to protect your device.
Recently, several campus computers have been infected with CryptoLocker, a Windows-based malware known as ransomware. We want you to know about the program, what we are doing to protect devices on our network, and how you can help. Although this virus currently affects only Windows devices, Mac users should also be aware of the problem.
Spread by email, CryptoLocker arrives as a link or attachment that must be clicked to activate. Once activated, CryptoLocker encrypts, or locks, files on your computer, on shared network drives such as the P drive, network file shares, and any external drives connected to your computer. Once your files are encrypted, you cannot access or read them. You will then receive a prompt requesting a payment to restore access to your files.
Anti-virus programs such as Symantec AntiVirus and Microsoft Security Essentials, if up-to-date, can detect the malware before it is activated. But once CryptoLocker is activated, the only way to restore your computer is from backup files or by paying ransom to regain access. We do not recommend that you pay ransom.
CUMC IT is working diligently to protect all computers and devices on our network; as part of our efforts, we have blocked access from the CUMC network to websites known to carry this malware.
Please review the following steps you can take to protect yourself from this and other malware.
Further details on this malware can be found at the United States Computer Emergency Readiness Team website: https://www.us-cert.gov/ncas/alerts/TA13-309A
- Be suspicious of links and attachments in email, particularly if from someone you don't know. Think before you click any link.
- Keep your anti-virus software up-to-date. Make sure you have anti-virus software installed and set to automatically update. Columbia University provides Symantec AntiVirus protection for both Windows and Mac. More information can be found at: http://www.cumc.columbia.edu/it/getting_started/viruses_spyware.html
- Keep your operating system up-to-date. Make sure you are running a vendor-supported version of your operating system and have the latest security patches installed. This applies to both Windows and Mac OSX. More information can be found at: http://www.cumc.columbia.edu/it/getting_started/updates.html
Macintosh OS 10.9 Not Yet Supported
Version 10.9 of the Macintosh operating system, also called Mavericks, has been released as of October 22nd as a free download from the App store. It is being tested for use with common CUMC resources and is not yet supported. Symantec Endpoint Protection has not yet been certified to run under Mavericks. As with any newly released operating system version, we advise that anyone who uses their computer for academic, research or work purposes at the Medical Center not upgrade or purchase a system with the new OS installed.
We will post announcements and update the Operating System Compatibility and Support page on the CUMC IT website as testing with resources such as wireless, printing and other applications used at CUMC are completed. Please be sure to also check with your department, school, or IT support staff before upgrading or ordering a computer with Mavericks installed to be sure that it will be compatible.
Old Proxy PAC URL Decommissioning
Due to the high number of hits to the old proxy web server, the decommissioning of the server is being postponed.
Please make every effort to test your systems and change your settings as soon as possible.
The web server that hosts the PAC file is on new, redundant web servers behind a load balancer. Users and systems that use the old PAC file for browser configuration and internet access will need to point their browser settings as per instructions on the Proxy Appliance Services page.
The old URL will no longer function when the old file is decommissioned; subsequently, internet access will not be possible for those systems with a private 10.x address. For those servers that use the VIP settings, these changes do not apply and nothing needs to change with your servers.
Software Tracks Missing Equipment
Software that attempts to locate missing laptops, phones and tablets should be used to provide extra security as well as the ability to recover valuable equipment. Recommended programs include:
Programs for Android and other devices can also be found on the Mobile Device Security page.
- PhoneHome - available for both Windows and Macintosh computers, this program is free to faculty, staff and students via a Columbia site license. Click the link for more information.
- Find my Mac/Phone - a free, native program for Macintosh computers, iPhones, iPads and iPod touch devices. Though it is pre-installed on current Apple equipment, it is not enabled by default.
Be sure to read all instructions before installing any program so you understand how it operates; security program features such as running undetected or requiring network connectivity to track may not be beneficial for all systems. We still highly recommend using a compatible recovery app on any equipment in addition to encryption. The portability and popularity of mobile equipment makes them highly susceptible to loss and theft.
Windows XP Support Ending
Microsoft is ending its support of Windows XP on April 8th, 2014. This means that Microsoft will no longer create or release security patches, updates, or other fixes for the operating system. Any computers still running Windows XP will be at high risk for exploit and compatibility issues.
Computers must regularly install current security updates to comply with CUMC policies and requirements.
To ensure that you do not violate this requirement, please start the process of upgrading any Windows XP computers as soon as possible. Windows 7 (Ultimate and Enterprise versions) have been vetted for security and compatibility with most programs used at CUMC.
For more information please see the following.
Archived News and Announcements for Fall 2013
Network Drive, Echo and Website Downtime Friday November 15th from 2am to 4am
Online HIPAA Training
Customer Data and Source Code Breach at Adobe
Network Drive and Website Downtime Friday October 11th from 2am to 5am
Social Engineering Phone Calls Received by Columbia Staff
CROWN Scheduled Downtime Saturday September 21st from 9pm through Sunday September 22nd 9am
Towers I, II and III and Bard Hall Intermittent Network Downtime Saturday September 21st from 9am to 5pm
Microsoft Critical Updates for September
Welcome New Students
Exchange Email System Upgrade
Archived News and Announcements for Summer 2013
Available Proxy Services
Windows XP Support Ending
July Microsoft and Adobe Flash Player Updates
Secure Email Gateway via Exchange
New Windows, Internet Explorer and Office Security Updates
Welcome New Students
Archived News and Announcements for Spring 2013
USB Drive Swap Program
Windows XP Support Ending
O Network Drive Migration
Network Drive, Echo and Website Downtime Tuesday April 30th at 1am
Starting at 7am on Sunday, April 21st, CUMC IT Server Support will start maintenance to install Microsoft security patches and updates.
Network Drive, Echo, SharePoint and Website Downtime Friday April 12th at 1:30am
IDX Centricity Business 5.0 Upgrade Fri April 5th from 6pm to Sat April 6th at 8am
ProofPoint Encryption Gateway Upgrade
CUMC Exchange Email Addresses Changed to Shortened Format
CROWN Downtime Saturday March 30th from 8pm to 9pm
CROWN Site Updated
SharePoint Downtime Monday March 25th from 6pm to 8pm
Network Drive, Echo, SharePoint and Website Downtime Friday March 22nd at 2am
Over 12 Million Victims of Identity Fraud in 2012
CROWN Login Failures
Please see above for an update to this announcement.
CROWN Downtime Friday March 8th at 7pm to Sunday March 10th at 9am
Encryption Walk in Period
CUMC Listserv Email Address Format Change
Endpoint Security Campaign
Windows 8 Released October 26th, Not Yet Supported
Archived News and Announcements for Winter 2012 -2013
Network Drive, Echo, SharePoint and Website Downtime Monday February 28th 12am
Java Critical Patch Update
Java Vulnerabilities Put Computers at High Risk for Exploit
Pharos Color Printer Restrictions
iPhone, iPad and iPod Hardware Repair Discounts
Network Drive, Echo, SharePoint and Website Downtime Saturday Dec 8th 12am
CUMC Email List Spam Issues
Information Security and Privacy Alert for Mobile Device Security
CourseWorks Lecture Recordings Issue on Windows
Archived News and Announcements for Fall 2012
Network Drive Maintenance Beginning Sat Oct 27th at 12am
Echo Recording Request Form Online
Network Drive, Echo, SharePoint and Website Downtime Wednesday October 17th from 2am to 3am
Social Engineering Phone Calls Reported at CUMC
Microsoft Announces Update for Minimum Certificate Key Length
Network Drive, Echo, SharePoint and Website Downtime Sunday September 16th from 2am to 4am
Bradford Registration Unavailable in Towers I-III and Bard Hall on Fri Sept 9th from 10-10:30am
Network Drive, Echo, SharePoint and Website Downtime Friday Sept 7th from 6pm to Midnight
Macintosh New OS Released July 25th, Not Yet Supported
SofTest for Class of 2016 Now Compatible With Mac OS 10.8
Starting at 8pm on Sunday, September 2nd, CUMC IT Server Support will start maintenance to install Microsoft Security updates and patches.
Archived News and Announcements for Summer 2012
Service Now Help Desk Ticketing Issue
Class of 2016 Computer Requirements for ExamSoft Testing Software
Information in this announcement has been updated, please see above for current details regarding ExamSoft requirements.
Columbia University Data Center Planned Outage Sat Aug 18th 6am to Midnight
Echo360 Classroom Recording downtime Tues Aug 14th and Wed Aug 15th from 8am to 5pm
SharePoint 2007 Sites Updated to 2010
Network Drive, SharePoint, ECHO and website downtime Sat Aug 4th 10:30pm to 11:30pm