The following is an important announcement from the Executive Vice Chancellor and Provost’s Office and the Associate Vice Chancellor and CIO, Larry Conrad.
As you may be aware, today UCLA Health System announced that it was the victim of a major cybersecurity attack potentially affecting a large number of individuals. UCLA is the latest to fall victim to increasingly complex cyber threats that have become so prevalent. The unfortunate events announced today serve as an important reminder that we must all remain vigilant against serious cyber threats and that we all have a responsibility to safeguard institutional information.
Adequate response to these threats requires each department to be aware of and implement required safeguards to protect our Campus IT infrastructure and institutional information.
We would like to take this opportunity to remind the Campus of the following:
- Departments must identify all sensitive information within their area and must ensure that all computing devices and online services with this data have been protected with required safeguards. Computing devices include tablets, laptops, desktop, file servers, printers, web servers, and databases.
- Departments must ensure all computing devices connected to the campus network, even those without sensitive information, meet minimum safeguards. Compromised devices on the Campus network can be utilized to attack the devices hosting our most sensitive institutional information.
- Individuals who believe there may be sensitive information that has not been adequately protected should immediately inform their manager or supervisor.
Our Campus information security team will continue to monitor the UCLA incident and ensure we apply all relevant lessons to UC Berkeley.
Our Information Technology and Security teams continue to work diligently to help secure the Campus. Departments must work together with their IT support personnel to ensure computing devices and data have been appropriately protected.
Take action now by verifying with your IT support personnel that Campus safeguards are fully and appropriately implemented within your department. Campus IT support personnel may refer to the following policies as part of that discussion:
- https://security.berkeley.edu/mssnd (for any device connected to the Campus network)
- https://security.berkeley.edu/mssei (for sensitive information)
Thank you for your attention to this important matter.