How Can We Stop Ransomware Like Wannacry #May 2017

May 30, 2017

A computer malware that has spread across 150 countries appears to be slowing down, with few reports of fresh attacks globally last week

In Euro, A spokesperson for police agency Europol said the situation “seems stable”. In Asia, where many offices closed before the WannaCry ransomware struck on Friday, the attack has been less severe than expected. The ransomware takes over users’ files, demanding $300 (£230) to restore them. However, only about $50,000 (£39,000) has been paid so far, according to Elliptic Labs which tracks illicit use of the internet currency Bitcoin. Now, #wanacry has been stopped!

 

In Asia, the spread was reportedly slowing, with banking systems largely unaffected:

  • Australia: At least eight businesses reported being locked out of their systems
  • South Korea: Four companies reported problems over the weekend. One cinema chain was unable to display trailers
  • Indonesia: Records at two hospitals were blocked
  • Japan: Both Nissan and Hitachi reported some units had been affected, but not seriously
  • China: Computers at nearly 30,000 institutions and organizations were affected, including government agencies and hospitals, Internet firm Qihoo 360 said. Some payment systems and government services affected, but less than feared

What is ransomware?

Ransomware is a type of malicious application that steals control of the user’s machine or data, then demands a payment from the user to restore normal access to the ransomed content or system. In a simple context, the exploit will be delivered to the victim by using the internet, over LAN, phishing email, freeware, other sources.

How can we stop cyber attacks like the WannaCry?

  • Keep your system Up-to-date: First of all, if you are using supported, but older versions of Windows operating system, keep your system up to date, or simply upgrade your system to Windows 10.
  • Using Unsupported Windows OS? If you are using unsupported versions of Windows, including Windows XP, Vista, Server 2003 or 2008, apply the emergency patch released by Microsoft today.
  • Enable Firewall: Enable firewall, and if it is already there, modify your firewall configurations to block access to SMB ports over the network or the Internet. The protocol operates on TCP ports 137, 139, and 445, and over UDP ports 137 and 138.
  • Disable SMB: Follow steps described by Microsoft to disable Server Message Block (SMB).
  • Keep your Antivirus software up-to-date: Virus definitions have already been updated to protect against this latest threat.
  • Backup Regularly: To always have a tight grip on all your important files and documents, keep a good backup routine in place that makes their copies to an external storage device that is not always connected to your PC.
  • Beware of Phishing: Always be suspicious of uninvited documents sent an email and never click on links inside those documents unless verifying the source

 

Share: