WannaCry Ransomware: Protect Yourself with These Steps

By Rick Cantrell

By now much of the world has heard about the WannaCry Ransomware attack that hit Friday afternoon and continued to wreak havoc globally into the weekend. Following are details of this threat and what you can do to protect yourself. Wannacry Ransomware

The WannaCry Ransomware exploit is attacking a known vulnerability in SMBv1 on Microsoft products. In order to protect yourself, be sure to keep all Windows systems up to date using Microsoft Update.  All current systems that are supported by Microsoft have had the patch available since March 14, 2017.  If you have patched systems since this date, you should be protected.

Legacy systems that are no longer in support, (Windows 8, Windows XP and Windows 2003) do have an update available from Microsoft that will address the vulnerability as well even though these system are out of service life.

Steps you should take to protect yourself from Wannacry Ransomware:

  1. Update all systems using the provided link below
  2. Keep Anti-Virus software up to date and download the latest definitions immediately
  3. Consider the use of an Endpoint Detection and Response (EDR) solution such as Adlumin, Carbon Black, Crowdstrike, Sentinel One, or Cylance
  4. Backup your data to protect your information; save the backups off the network or in the cloud
  5. Scan all email attachments
  6. Educate employees on the malware infection through phishing and not open emails with suspicious attachments
  7. Subscribe to managed security services (MSSP) which provides patch management, vulnerability management, and 24×7 monitoring
  8. Perform penetration testing at least once yearly to determine if you may be susceptible to attack.
  9. Perform routine phishing assessments, at least quarterly to measure the effectiveness of training and mitigations

Below is the Wannacry Ransomeware Security Bulletin explaining the vulnerability and where to download the patch for each Operating System that you may be running.

MS17-010

https://technet.microsoft.com/en-us/library/security/ms17-010.aspx


Comments are closed.