fbpx

< Back to Thought Leadership

7 Steps To Protect Your Information From Wannacry Attackers

WannaCry (aka WannaCrypt) is the latest ransomware (a type of malware or malicious program) that encrypts files on workstations (laptops/desktops) and servers, then demands ransom money in order to decrypt the files. Unless the victim pays the ransom, they are prevented from restoring their data, systems and operations. WannaCry uses a very well-known vulnerability found in the Windows operating system that stayed unpatched in many computers, even though Microsoft released the security update for this vulnerability in March of 2017.

WannaCry detedcted screenshot: Ooops, your files have been enctypted!

This latest attack has threatened a large number of users and is expected to cost businesses almost $4 billion across the globe. Protect yourself and your business by following the 7 steps below to prevent the WannaCry ransomware from attacking your computers:

1. Install the Windows security patch MS17-010 in your computers.

This patch addresses the EternalBlue vulnerability that was made public in January of this year with the patch published in March. Any systems running a Windows version that did not receive a patch should be removed from all networks. You can get this patch either through the automatic Windows updates or at https://technet.microsoft.com/en-us/library/security/ms17-010.aspx. Microsoft has also issued tactical patches for operating systems no longer supported including Windows XP, Windows Server 2003, and Windows 8.

2. Disable SMBv1.

If it is not possible to apply either patch, disable SMBv1. Refer to guidance from Microsoft for doing so.

3. Block SMBv1.

Block SMBv1 ports on network devices – UDP 137, 138 and TCP 139, 445.

4. Enable automatic updates in Windows.

If you have enabled automatic updates in your Windows PC, you won’t have to worry about manually installing the security patches. You can enable the automatic updates simply by running the Windows Update Minitool. This tool works for all the versions of Windows.

5. Back up your files every day.

Ransomware, such as WannaCry, encrypts your files and then decrypts them after you pay. You should keep a backup of all of your important files so that you can recover them even if your system becomes a victim of ransomware attack.

6. Install/update antivirus software on Windows-powered systems.

If you have installed a good antivirus software in your PC, it will usually detect and stop the ransomware before it begins to infect your system.

7. Shut Down.

If none of these options are available, shut down your computer. Propagation can be prevented by shutting down vulnerable systems.

WannaCry was initially spread because employees/individuals clicked on something within a spam email message. The best defense for minimizing the risk is constant employee awareness and education regarding safe and unsafe computing practices.

If you would like to discuss WannaCry or cyber security concerns in general, please feel free to contact Tom Skoog, Blue & Co.’s IT Risk and Advisory services leader at tskoog@blueandco.com.

Read More Thought Leadership Articles Like what you read? Subscribe to our newsletter. Click Here.

 

Can't Itemize? Maximize Your Above The Line Deductions

Can’t Itemize? Maximize Your Above The Line Deductions

The limitations on itemized deductions have gotten a lot of attention under the new Tax Cuts and Jobs Act (TCJA). More individuals will take advantage of the standard deduction instead of itemizing due to the deduction almost doubling. While the TCJA law made changes to itemized deductions, it left most of the above the line […]

Learn More
Board Member Financial Literacy and Stewardship

Board Member Financial Literacy and Stewardship

Not-for-profit board members are responsible for providing guidance and direction to ensure that a given organization is proactively working towards achieving its mission and strategic vision. Part of this responsibility includes securing and managing financial resources to allow the organization every opportunity and capital resource needed in order to move in the right direction of […]

Learn More
Reminder: Annual gift tax returns are due April 15th

Reminder: Annual gift tax returns are due April 15th

If you made any large gifts to your children, grandchildren, or other heirs last year, it’s important to determine if you are required to file a 2018 gift tax return or if filing a gift tax return would be beneficial even if it isn’t required. Filing Requirements Generally, you must file a gift tax return […]

Learn More