WannaCry – How to protect yourself and what to look for?

Posted: Friday, 16 June 2017 @ 15:18

Last month, the IT Community was hit by a destructive attack. WannaCry is a Ransomware infection, that exploits a hole in the Windows SMB (Server Message Block) protocol. This was patched in March this year (Security Update MS17-010) so if your PCs have updates enabled, you will probably be protected.

Why were big organisations such as the NHS hit?

Primarily, they currently use that are no longer supported, (or patched), by Microsoft, e.g. Windows XP, (support ended in April 2014) and Windows Server 2003, (supported ended in July 2015). This happens because organisations have software that cannot run on modern OS’ (Operating Systems e.g. Windows 7), so instead migrating away from the software, Trusts continue to run old operating systems. If you are infected, disconnect everything from the network. This can prevent the infection go across the network and cause more damage. Kaspersky has a tool that you can use to remove the ransomware.

Ransomware Removal

Microsoft has released a patch for legacy operating systems such as Windows XP and Windows Vista. The KB that you would need to be looking for in Windows Updates would be KB4012598.

Additional Steps

1)      Enable Windows Updates and wherever possible, set it to automatically install updates. If you are a business customer, we would recommend a patching policy that has security updates tested and rolled out, In a matter of days.

2)      Backup your PCs. This is the most effective defense if having your files backed up. So, if you are infected, you can roll back to before the infection, and to protect your machines.

3)      Be vigilant: Don’t click attachments in emails unless you are 100% sure that it is genuine.

4)      Local Firewalls – Make sure that they are enabled on every PC.

5)      Corporate Firewalls: Block all inbound TCP 139 and TCP 445 traffic.

6)      Run up-to-date Antivirus and Anti-Malware.

7)      Do NOT pay the ransom, don’t engage with the perpetrators.

©2024 Davis IT Services Support Ltd  | 
Website Design
  By Zarr