Over this last weekend, we have seen a worldwide ransomware attack called WannaCry. This attack has infected Microsoft Operating systems around the world and is expected to create havoc for Microsoft Users and companies that use the Microsoft Operating systems.
There are a few things the average user can do to avoid becoming a victim of ransomware.
- Patch all of your Microsoft Windows machines and servers on a regular basis. This attack exploits the EternalBlue vulnerability described in exploit (MS17-010).
- Education is Key to help users avoid Phishing Emails and just as important, to be suspicious of ANY attachments they receive though email.
As a rule of thumb if you do not know who sent the email, do not open it.
- Ensure that users know what to do if they think they have become a victim.
- Disconnect from the network.
- Report the incident to management / Information Technology.
- Back up all your data to a safe location. If you do become a victim you need a way to get your data back. Paying the ransom does nothing (as there is no way to connect the bitcoin payment to who paid it), but cost you money. They will not unencrypt your data. Do not pay the ransom.
Lastly, ensure Anti-virus (Sophos, AVG, Windows Defender) and Anti-malware (Malwarebytes, Bitdefender) are installed and up to date.