Notice: dramatic increase in ransomware attacks on campus

Dr. Phillip Romig, III sent out an email to campus on 22 Nov 2016 asking for caution regarding  email attachments.


FROM:  Phillip Romig III
SUBJECT: Notice: dramatic increase in ransomware attacks on campus
TO: undisclosed recipients

Campus Community,

CCIT would like to remind everyone to be extra vigilant regarding email attachments. Over the last 10 days the campus has seen a significant increase in malicious email making its way past traditional anti-spam and anti-virus measures and successfully infecting systems across campus. These most recent attacks have predominantly taken the form of “ransomware masquerading as typical email attachments. If activated these attacks can very quickly render all the files a user might have access too unusable, including those on remote or shared filesystems, unless a large ransom is paid.

All types of files are at risk and none can of themselves be considered safe – Microsoft Office, PDF, ZIP, pictures, audio or video may all contain malicious code. There are also no easy clues that might identify an email as malicious. Many of the recent attacks have been sent from legitimate senders – by utilizing compromised accounts the criminals can send the malicious email from accounts with recognizable domain names like, or even

The best way to protect yourself and your files is to be skeptical of any email you receive, particularly those that you were not expecting. We strongly recommend calling and verifying the authenticity of a document with the sender before opening any attachment. If you have any question, CCIT is always happy to inspect a file for you before you open it.

If you suspect that your system might be infected please disconnect your computer from the network and shut it down immediately. This can help prevent further damage to your or other person’s documents.

As always, please contact our security team using CCIT¹s helpdesk ( if you have any questions or concerns at all.

You can always verify email sent by CCIT by checking the webpage to confirm that the email came from us.

Thanks Phil

Phillip R. Romig, Ph.D.
Colorado School of Mines
Director CCNI and CISO
(303) 273-3866