Lets get straight to the point. Are you vulnerable to this particular type of Ransomware program – WannaCry?
The answer to this question depends on your answers to the following:
Do you have Windows Computer which has been patched with latest updates from Microsoft?
Are you able identify Phishing Emails?
Do you have a valid Anti-Virus Subscription?
Do you have the Windows Firewall Turned ON and are you blocking the recommended ports?
If you answered YES, to all of the questions above then Kudos to you! You have everything in place to combat the malware but make sure you continue to follow your security best practice at work and home.
If you answered NO, to any of the questions above, then the exercise below is for you and it should take less than 10 minutes to complete. You can download this checklist, print it out and use it to secure all your Windows Computers. Lets get started.
What is WannaCry?
Wannacry (or WannaCrypt, WanaCrypt0r 2.0, Wanna Decryptor) is a ransomware computer worm that targets the Microsoft Windows operating system. The virus was used to launch the WannaCry ransomware attack on Friday, 12 May 2017. Infected computers display the ransom message, see below.
How does one get infected?
The malware is delivered as a Trojan through a loaded hyperlink that can be accidentally opened by a victim through an email by clicking on an attachment, clicking on an advertisement on a webpage or a cloud storage link such as Dropbox, Google drive or other services. Once it has been activated, the program spreads through the computer and locks all the files by encrypting them.
Securing your devices from WannaCry.
Download this Checklist here
Patch Windows Computers to the latest updates:
Windows 10 & Windows 8.1 Systems can be patched to the latest by simply turning ON your windows updates especially the MS17-010 security update released in March of 2017, that fixed this vulnerability. Read more here: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
To check for updates now, select the Start button, and then go to Settings > Update & security > Windows Update, and select Check for updates. If Windows Update says your device is up to date, you have all the updates that are currently available.
For older operating systems, please refer to this Microsoft Article.
Every computer needs a good End Point Protection or Antivirus (AV) Protection. Traditional Anti-virus software were good in the good old days. Today you need more advanced protection. It is worth investing your time into researching for a good AV.
We recommend the fully featured enterprise like End Point – Sophos.
You can download and read more about it here: http://www.scamstercentral.com/best-can-be-free-sophos-anti-virus-why-it-is-the-one-of-the-best/
Turn your Windows Firewall ON and block the recommended ports
- Enable firewall, and if it is already ON, modify your firewall configurations to block access to SMB ports over the network or the Internet. The protocol operates on TCP ports 137, 139, and 445, and over UDP ports 137 and 138.
You can watch the video here on how to configure the blocks on the specific ports.
Beware of Phishing Emails
Always be suspicious of uninvited documents sent an email and never click on links inside those documents. When in doubt, verify the email by speaking to the person who sent you the email. Become an expert in identifying the phishing email by reading this 5 Signs of Phishing.
Download this Checklist here