The Federal Bureau of Investigation (FBI) and other federal and state agencies have advised Cornell’s information security team and Cornell University Police that there is a serious risk of cyberattacks emanating from Russia. The Cybersecurity and Infrastructure Security Agency (CISA) issued a “Shields Up” advisory to all U.S. organizations in response to active and successful cyberattacks against the Ukrainian government, as well as potential cyberattacks against its allies.

While the current focus of the attacks has been Ukraine, we have been warned that all U.S. organizations, including those in higher education, are at risk. Malicious actors are constantly probing for IT systems that are not adequately protected.

All faculty and staff are urged to ensure that their laptops, computers, and other devices are protected as quickly as possible, specifically:

1. Make sure your Cornell-owned laptops, computers, and devices are enrolled in Certified Desktop. Ask your IT staff if you don’t know. Certified Desktop comes with anti-malware to stop most cyberattacks, backup and recovery software (so if you are attacked, you can get your data back), and security patches to prevent cyberattacks.  
2. Use Cornell Office 365 (Outlook), which automatically provides protection through Two-Step Login to prevent others from using your NetID password and through Safe Attachments to block malicious software sent via email.  
3. Avoid using a personal computer or personal email accounts for your Cornell work. If you must use a personal email account on your Cornell computer, open attachments with caution, and always verify with the sender via a new message or phone call if you are not expecting an attachment or if the email looks suspicious. Follow these recommended security practices for your personally owned computers and devices.  
4. Protect your administrative or research servers. Work with your IT service group representative to ensure that your servers are secure. Follow best practices in alignment with University Policy 5.10, including limiting internet exposure where possible, harden and patch regularly, enable Two-Step Login, implement anti-malware, and ensure backups are conducted frequently and stored offline.

How Does a Computer Become Infected or Hacked?

Malicious software (malware) can infect a computer, device, or other systems through email attachments or links, infected websites, and vulnerabilities in older (unpatched) versions of Windows and Mac operating systems. On servers, cyberattackers can exploit protocol vulnerabilities and exposures. Some cyberattacks are so severe that they easily spread to other computers on a network if adequate protections aren’t in place.

Please reach out to the IT Security Office at itsecurity@cornell.edu with any questions you may have.