WannaCry Ransomware: Protect Yourself with These Steps
By Rick Cantrell
By now much of the world has heard about the WannaCry Ransomware attack that hit Friday afternoon and continued to wreak havoc globally into the weekend. Following are details of this threat and what you can do to protect yourself.
The WannaCry Ransomware exploit is attacking a known vulnerability in SMBv1 on Microsoft products. In order to protect yourself, be sure to keep all Windows systems up to date using Microsoft Update. All current systems that are supported by Microsoft have had the patch available since March 14, 2017. If you have patched systems since this date, you should be protected.
Legacy systems that are no longer in support, (Windows 8, Windows XP and Windows 2003) do have an update available from Microsoft that will address the vulnerability as well even though these system are out of service life.
Steps you should take to protect yourself from Wannacry Ransomware:
- Update all systems using the provided link below
- Keep Anti-Virus software up to date and download the latest definitions immediately
- Consider the use of an Endpoint Detection and Response (EDR) solution such as Adlumin, Carbon Black, Crowdstrike, Sentinel One, or Cylance
- Backup your data to protect your information; save the backups off the network or in the cloud
- Scan all email attachments
- Educate employees on the malware infection through phishing and not open emails with suspicious attachments
- Subscribe to managed security services (MSSP) which provides patch management, vulnerability management, and 24×7 monitoring
- Perform penetration testing at least once yearly to determine if you may be susceptible to attack.
- Perform routine phishing assessments, at least quarterly to measure the effectiveness of training and mitigations
Below is the Wannacry Ransomeware Security Bulletin explaining the vulnerability and where to download the patch for each Operating System that you may be running.