U.S. universities race to contain WannaCry ransomeware, officials say
At least five U.S. colleges have been affected by the global ransomware virus known as “WannaCry,” according to EdScoop’s affiliate CyberScoop.
The Massachusetts Institute of Technology, Trinity College, the University of Washington, North Dakota State University and the University of Maine confirmed Tuesday that computers connected to their networks were infected by the virus.
“We had a handful of computers that were compromised but it didn’t spread,” University of Washington News Office Director Victor Balta told CyberScoop’s Chris Bing. “Normal operations were not affected in any way, but obviously we’re paying attention to this.”
The five schools are among the first known cases of U.S.-based educational institutions becoming victims of the WannaCry ransomware campaign. CyberScoop obtained a list of IP addresses with WannaCry infections that included more than a dozen machines at U.S. higher education institutions. Not all of the schools responded to requests for comment.
MIT reported that approximately 100 computers were affected by the attack and stated that the school’s IS&T department is working with members of the university community to secure devices across the 50,000 device network.
The ransomware exploits a vulnerability in older versions of Microsoft Windows by using malicious computer code thought to once belong to the NSA. The worm is able to infect entire computer networks running unpatched versions of Windows without manual transmission, making it especially threatening to large institutions.
Working through a remote command execution vulnerability, WannaCry encrypts and locks files and extorts the user for a payment in bitcoin in exchange for regaining access. Since the initial release of WannaCry on Friday, over 300,000 computers have been infected worldwide, with the most damaging impact witnessed in Europe.