Current Threats
Recently, viruses that encrypt data have been a major threat.
Specifically, we are targeted by Ransomware attacks.
To set additional protection against ransomware at VŠE:
The basic protection is to use the latest antivirus. However, ransomware attacks are often led by frequently mutating code; a successful attack is led by a new mutation that the antivirus does not yet know.
As a supplementary protection for documents, the Informatics Centre therefore introduces a set of rules that define the allowed processes to overwrite documents. This protection applies to MS Office and PDF documents (with extensions doc, docx, xls, xlsx, ppt, pptx, pdf).
The set of allowed processes was created by long-term monitoring of activities over these types of documents and currently contains about 240 different processes; the occurrence of new ones is monitored daily, but recently it is minimal.
Despite these measures, it is possible that the antivirus will block legitimate operations. In case of problems, please contact the helpdesk on phone line 5846.
Antivirus activities can be monitored in the log file c:\ProgramData\McAfee\DesktopProtection\AccessProtectionLog.txt