News & Events-Computing Services ISO - Carnegie Mellon University

News & Events

Tuesday, May 16, 2017

Campus Response to "WannaCry" Ransomware Attack

Dear Members of the Carnegie Mellon Community,

As you may have learned over the weekend, there is a world-wide ransomware attack known as “WannaCry” hitting the Internet.  More on ransomware below.  It has affected hundreds of thousands of computers in over 150 countries but you don’t have to be a victim.

Friday, February 17, 2017

Confirming Legitimate Email: “Action Required: Launch of New Security Measure”​

Dear Members of the Carnegie Mellon Community,

Some of you have expressed concern about a suspicious link in a recent campus-wide email sent on 2/15/2017 with the subject “Action Required: Launch of New Security Measure.” We want to assure you that this email is legitimate. It is NOT a phishing email.

Thursday, October 20, 2016

National Cyber Security Awareness Month: Our Shared Responsibility

Dear Students,

October is National Cyber Security Awareness Month.  This year’s theme is “Our Shared Responsibility”.  Nothing could be more true when it comes to cyber security.

We all play a role in keeping our electronic information, applications, computers, and networks secure and working effectively.   Recent events remind us of the importance of reporting concerns, backing up data, remaining vigilant to scams, and other good security practices.

1.       In recent months we’ve seen an increase in the frequency and sophistication of phishing scams that led to the release of Andrew credentials.   When we discover compromised Andrew credentials, the ISO temporarily suspends access to the account until the account owner contacts the Help Center to reset their password.  Learning how to detect and avoid phishing is a contribution you can make to reduce the possibility of losing access as a result of a successful phishing attack.  Visit the ISO’s website to access and play the Anti-Phishing Phil and Phyllis phishing awareness games.

2.        Ransomware is hitting campus at an increasing rate.  Ransomware is one the fastest growing security threats.  Files stored on or accessible from the infected computer are encrypted and ‘held hostage’ until a ransom is paid.  Ransoms range over several hundreds of dollars.   Having a good backup is often the only way to recover but we’ve also had success recovering if the user was not logged in with administrator privileges.  Ransomware is typically delivered via email scams and malicious websites so take care while surfing, clicking, and opening attachments.

3.         In recent weeks Yahoo reported a breach to 500 million user accounts and passwords.  Yahoo’s breach is a good reminder to periodically change your passwords (the breach actually occurred in 2014), never reuse your Andrew ID or password, and avoid setting the same password recovery questions and answers across multiple systems.  Password managers can make this task much easier.  Visit the ISO’s website to learn more about them.  If you receive a breach notice or request to reset your password from a third party and you used your AndrewID and/or password to create the third party account, change your Andrew password immediately.

Finally, if you would like to learn more about these and other topics and initiatives, visit the ISO’s NCSAM web page and plan to join a discussion in Rangos 3, CUC on Monday, October 24, 2016 from 12:00-1:30 (pizza served at 11:30!). We’ll discuss how you can take even more responsibility by considering a career in cybersecurity and how to secure your Google Apps and personal accounts. Details are available at  Space is limited, so please register for “National Cyber Security Awareness Month: Our Shared Responsibility” via Handshake (

Thank you for sharing the responsibility for keeping our systems and data safe.


Mary Ann Blair
Director of Information Security
Information Security Office
Computing Services
Carnegie Mellon University
Phone: 412-268-8556
ISO Hotline: 412-268-2044

Tuesday, October 18, 2016

National Cyber Security Awareness Month: Our Shared Responsibility Conference

October is National Cyber Security Awareness Month, and this year’s theme is “Our Shared Responsibility”.   ISO is hosting a free mini-conference for faculty, staff and students on October 24, 2016 from 9:00 until 1:30 in Rangos 3. The morning session (9-11:30) is geared towards faculty and staff and begins with an opening by our VP of Operations, Dr Rodney McClendon and continues with emerging cyber threats, business continuity and disaster recovering planning, strengthening authentication, and improving password management with password managers.  The afternoon session (12-1:30) is geared towards students and includes discussion on careers in Cyber Security and securing Google Apps for Education.

Seating is limited, please register!

Tuesday, October 4, 2016

National Cyber Security Awareness Month (NCSAM)

October is National Cyber Security Awareness Month!  The Information Security Office has a few things we'd like to share with you, including information on two-factor authentication!  Vist us at MORE
Monday, October 3, 2016

National Cyber Security Awareness Month (NCSAM)

The Information Security Office has sent a massmail to staff, faculty and PhD students related to National Cyber Security Awareness Month and Our Shared Responsibility.  Details of this message are found by clicking through to the detailed content. MORE
Monday, July 18, 2016

Stay Alert for Email Scams and Ransomware

I am writing to alert you to a number of recent email-based scams and how they have impacted faculty and staff at Carnegie Mellon.

Earlier this year, I sent an alert about email scams, aka phishing attacks, targeting our community with the goal of collecting login ids and passwords.   (See “Campus Scam Alerts” on the ISO’s website under News & Alerts.)  We are now seeing unauthorized use of login ids and passwords gathered during those or similar phishing attacks to change direct deposit information in Workday.    No actual payroll losses have occurred thanks to collaborative response efforts but more than a dozen victims temporarily lost access to their Andrew account while the matter was being resolved.  

Email scams are also being used to deliver ransomware via malicious attachments or links to malicious websites. Ransomware is a particular type of malware that encrypts all of the files accessible to the infected computer before demanding that a ransom be paid to unlock them.   It is one of the fastest growing cyber threats. Without good backup copies of their electronic files, victims of ransomware are stuck paying the ransom or trying to reconstruct their files from other sources.

Tuesday, July 5, 2016

Significant: Symantec Products SYM16-008 & SYM16-010 and Symantec Endpoint Protection Phaseout

Critical security flaws have been discovered in the core components shared by nearly all of Symantec's enterprise and consumer anti-virus products. These security flaws can be exploited without user interaction when files are automatically scanned (e.g. on email receipt, web visit, file upload, etc...) Though no attacks have been reported, wormable malware exploits are highly likely.

Although Symantec has released security updates to fix these vulnerabilities, Computing Services has decided to accelerate our Symantec Endpoint Protection (SEP) phaseout plans. We will be recommending that users uninstall SEP and replace it with alternate anti-virus software.

Security Alerts RSS feed