It’s Monday, how to avoid being infected with the WannaCry ransomware

The massive WannaCry attack targeted systems worldwide, according to the Europol the number of cyber attack hits 200,000 in at least 150 countries. The number of victims would rise on Monday when a large number of users will be back at work.

Europol Director Rob Wainwright told ITV’s Peston on Sunday program that we are facing an unprecedented attack.

“The global reach is unprecedented. The latest count is over 200,000 victims in at least 150 countries, and those victims, many of those will be businesses, including large corporations,” he said.

“At the moment, we are in the face of an escalating threat. The numbers are going up; I am worried about how the numbers will continue to grow when people go to work and turn (on) their machines on Monday morning.”

The WannaCry ransomware installs itself as a service and executes these two activities:

Below a few suggestions to protect your systems:

Against ransomware-based attacks keep your backup up to date.

• Install the Microsoft MS17-010 security updates published on March 14.
• Keep your antivirus software up-to-date.
• Disable, if not necessary, the Server Message Block (SMB) e Remote Desktop Protocol (RDP) services;
• To avoid being infected by other ransomware do not open links and attachments embedded in unsolicited email messages.

System administrators urge to apply security updates to the network devices used to protect their infrastructure and identify the threats (e.g. IPS/IDS).

Block any suspicious incoming traffic using SMB and RDP protocols.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – WannaCry ransomware, cybercrime)

[adrotate banner=”13″]