What is WannaCry?
The creators of WannaCry have taken advantage of the Windows exploit known as EternalBlue, which relies on a vulnerability that Microsoft patched in security update MS17-010, dated March 14 of this year. By using the exploit, the malefactors could gain remote access to computers and install the encryptor. After hacking a computer successfully, WannaCry attempts to spread itself over the local network onto other computers, in the manner of a computer worm. The encryptor scans other computers for the same vulnerability that can be exploited with the help of EternalBlue, and when WannaCry finds a vulnerable machine, it attacks the machine and encrypts files on it. Therefore, by infecting one computer, WannaCry can infect an entire local area network and encrypt all of the computers on the network. That’s why large companies suffered the most from the WannaCry attack — the more computers on the network, the greater the damage.
How to Protect yourself?
– Install system(Operating System and Driver) and application(Program) updates on all devices (Laptop/PC, Mobile, and Tablets) as soon as they become available.
– Install legitimate anti-virus software on all devices and keep it updated.
Buy from reputed brands which are fast enough to patch in event of such outbreaks ESET, Avast, Kaspersky and Trend Micro, VIPRE, Bullguard, AVIRA, AVG, Bitdefender.
– Always buy Internet Security Product line, which includes Anti-Virus plus Firewall. Do modify any settings on Windows Firewall let the Anti-Virus control your Firewall.
– Create regular backups of your important files to a device (such as an external hard drive or memory stick) that is not left connected to your computer as any malware infection could spread to that too.
– Keep changing your Banking credentials, PIN and E-Mails linked to your Finances every 30days. Always use a unique yet complex password for critical finance plus identity information.
– Install a secondary Malware scanner such as Malwarebytes Anti-Malware, which is a freemium as an additional scanner.
– Scan your Pen drive always whenever you insert in your PC. Always use two pen drives one for usage on 3rd Party and one for Home purposes.
– Avoid using Pirated Copies of Windows and Microsoft Office; the counterfeit copies do not receive updates often from Microsoft making your system vulnerable.
For Businesses and Organizations
– Ensure you are running the latest firmware on all Switches, Routers, Servers and PCs. If possible phase out EOL product line ASAP!
– Please keep only Ports open you require the public access from. Ensure you bind your RDP/SSH to access from a particular IP Address or Proxy only.
By Chinmay Khandekar
Security Analyst (CSpace Hostings / CSpace Web Solutions Pvt.Ltd)