Most of people are aware about The WannaCry Ransomware Attack. Rasmoware will encrypt your files and make them inaccessible and demand a ransom payment to decrypt them.
The ransomware, known by the names “WCry”, “WannaCry” and “WannaCryptor”, targets a vulnerability in Windows SMB service that was patched in Microsoft bulletin MS17-010 in March this year. Once WannaCry enters a network, it can spread around to other computers on that same network, a typical trait of ransomware that maximizes the damage to companies and institutions.
WannaCry has infected more than 100 countries, bringing essential businesses to a halt. It is the biggest coordinated cyber attack of its kind, impacting numerous organisations.
Prevention is the best option to avoid such a attacks. I have listed below precaution to avoid such a attacks.
- Patched your system/server with microsoft MS17-010 update.
- Block the TCP port 445, 137, 138, 139 in firewall.
- Make sure you system is updated with latest antivirus definitions.
- Don’t open any mail in Spam or Mail which has come from Unknown Source.
- Download software only form OEM site.
- Turn on protected file sharing.
- Block the TCP port 445, 137, 138, 139 in firewall.
- Disable autorun (USB/USB).
- Turn on popup blocker in browser.
- Avoid giving unnecessary administrative rights to user.
For more information you may visit below sites.
- https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
- http://blog.talosintelligence.com/2017/05/wannacry.html
- https://www.symantec.com/security_response/writeup.jsp?docid=2017-051310-3522-99&tabid=3
