Information Technology Services is addressing the vulnerability, referred to as KRACK (Key Reinstallation Attack). The vulnerability affects WiFi connectivity using the WPA2 encryption method. The hacker could use this vulnerability on an open, unencrypted network to retrieve confidential information including credit card information, social security numbers, bank account information, etc.
The K-State current Aruba infrastructure already has the protection in place for all of the vulnerabilities except for 802.11R, which is not enabled on our controllers at this time.
While protections are in place, K-Staters need to ensure that their devices (smartphones, laptops, etc.) have all the current patches and update as patches become available. This vulnerability also underscores the need for K-Staters to use the authenticated networks on campus including KSU Wireless, KSU Housing and Eduroam. When connecting from outside our network, K-Staters need to use the virtual private network (VPN).
The open KSU Guest wireless is unencrypted and should be avoided. The same is true when using open wireless networks at local restaurants, fast food operations, hotels, when shopping etc.
For assistance, contact the IT Help Desk at 785-532-7722.
K-State Information Technology Services rescheduled the border firewall replacement for 12:01-6 a.m. Monday, August 14. The university’s Polytechnic and Olathe campuses will experience the same outage as the Manhattan campus.
This will disrupt all campus connections to the internet and will impact anyone on the campus network attempting to connect to services off campus as well as anyone off campus trying to connect to services hosted on campus.
If you experience connectivity problems at or after 8 a.m on Monday morning, please contact the IT Help Desk at 785-532-7722 or by email — as available — at firstname.lastname@example.org. Updates will be posted periodically as available throughout the maintenance period to the IT Status Page.
The Dec. 22 email that appeared to be from President Myers is one more example of the need to be vigilant before responding to an email, clicking a link, or opening an attachment. The email appeared to be legitimate. A point of clarification though is communications from President Myers would more than likely be posted in K-State Today. Also when verifying the “reply to” email address, there was an additional “from” email address not associated with K-State (see the highlighted email below).
U.S. CERT (U.S. Computer Emergency Readiness Team) reminds us to remain on the alert and when in doubt, delete the email, avoid clicking on a link and do not open suspicious attachments. When in doubt, DELETE.
In response to the latest phishing scam, Information Technology Services and Communications and Marketing have:
- Blocked the URL for the email on the K-State network
- Sent the attachment to Trend Micro for analysis. The attachment was deemed malicious and Trend Micro is preventing the attachment from being downloaded.
- Posted notices about the scam throughout campus.
Since Jan. 1, Information Technology Services reported and blocked more than 2,100 phishing scams. However, before the blocks were in place, nearly 1,000 K-Staters shared their eID passwords.
Remember: You are responsible and the best line of defense to protect your identity, personal information and university resources. K-State will never ask for your eID password over the phone or in an email.
Attention: ITS staff will change the way K-State filters email on Thursday, Oct. 27. Specifically, email coming through k-state.edu or ksu.edu domains will be run through an email filtering process to reduce the amount of spam and phishing scams reaching your inbox. With the number of spam emails and phishing scams coming through to ksu.edu and k-state.edu addresses, we all need to change our practices.
Continue reading “Be aware of increase in university phishing scams”
Networking & Telecommunications Services needs to replace cable that was
damaged last year when the steam tunnels were flooded. While a fix has
been in place, the work occurring next weekend will permanently repair the cable. Repairs will occur outside of normal working hours and will only affect telephone lines and not data connections.
Work begins on Thursday, August 11 at 5 p.m. The first building to be repaired will be Anderson Hall. Service work will be completed during the evening and telephones in Anderson Hall will be back in operation by 8 a.m. Friday morning. Phone cable replacement will continue after 5 p.m. on Friday, August 12 and run through the weekend.
All phones should be operational by 8 a.m. Monday morning, August 15. If
users experience any outages after these repairs, please call the repair line at 532-7111. Updates will be posted on the www.ksu.edu/its/status page.
Buildings where phone cable will be repaired include:
Marianna Kistler Beach Museum of Art
Resource25 and Salina General Ledger applications were back online by midday Monday, July 11. The outage was due to disk drive failures. ITS worked through the weekend to troubleshoot and restore these systems.
An announcement in Monday morning’s K-State Today reported that DARS is scheduled for an upgrade and would be unavailable July 18 and 19. Because DARS was one of the applications that was offline last week, ITS decided to move forward with the upgrade and move to the converged infrastructure. DARS will continue to be offline. Our goal is to restore DARS to full service by July 13.
ITS staff appreciates the patience of campus while we worked with our vendor partners to troubleshoot and restore these important systems. The status of IT resources are posted on the ITS Status page.
K-State’s Information Technology Staff were well-represented at the Conference on Higher Education Computing in Kansas (CHECK) 2016 held at Washburn University on May 23-24.
Presenters and presentations included:
- Nick Brown, systems coordinator, and Andrew Kuehler, systems administrator, presented on “Simplifying and centralizing application management in windows”.
- Kathleen Adams, operations center staff, shared insights about “Phishing – not just for days at the lake!”
- Elizabeth Shannon, information security and compliance, presented “Whatddya mean I’m a service provider”.
For more information about CHECK 2016, visit the conference website.
“Locky” is a new “crypto-ransomware” type of malware that locks up your computer files and requires a monetary payment to unlock them. Locky is delivered via email as an invoice in a Word attachment.
Details from one ransomware email are shown below; this may be one of many variations.
Subject line: ATTN: Invoice J-98223146
Message: Please see the attached invoice (Microsoft Word Document) and remit payment according to the terms listed at the bottom of the invoice.
If you click on the attachment, you are encouraged to “enable macros”. If you comply and enable macros, malicious code is installed and the malware attack begins. The malware will begin to encrypt your files and attach the “Locky” extension. A ransom note is then left in every directory that has been infected, informing you to make a payment in order to unlock your files.
For specific details about the malware and what it will do to infected systems, see Trend Micro’s article “New Crypto-Ransomware Locky Uses Malicious Word Macros.”
If you receive a ransomware email, do NOT click on the attachment. Send the original email with full Internet headers to email@example.com, and delete the email. How to include full email headers is at k-state.edu/its/security/report/getheaders.html.
Late Wednesday, Oct. 28, Information Technology Services staff observed issues with KSIS after replacing a disk that the vendor said would be nondisruptive. Staff worked through the night to resolve the issue. KSIS was returned to service around 2:15 p.m. Thursday, Oct. 29.
Information Technology Services apologizes that the enrollment function was unavailable during this time.
The default setting for the number of surveys per user is 20, and it can be increased by request. If you need more, create a ticket in ServiceNow explaining why.
If you have any questions, contact the IT Help Desk, firstname.lastname@example.org, 785-532-7722.