Protect Yourself From Ransomware With These Simple Steps

In the past couple of weeks, the “WannaCry” Ransomware attack has become the most widespread cyber-attack of its kind in history, affecting more than 300,000 Windows computers around the world. While a security researcher (who wants to remain nameless) was able to halt the spreading by registering an obscure website that was hardcoded in the Ransomware, new versions of the software have already been created without the flaw exploited before. Therefore the only way to fight this malware is to protect yourself. And we felt it was important to help you, given the scale of the threat.

So what does this mean for you?

The following are steps you can take to protect yourself and your network:

1. Keep network and devices patched and up-to-date.

New vulnerabilities are frequently found in common software programs such as Microsoft, Adobe, Flash, or Java; and because of this constantly need to be updated. It’s critical to patch and update systems and applications when these patches become available. This particular threat exploits Windows-based systems that are missing a critical security patch.

2. Replace out-of-support software and operating systems.

Software vendors release new versions, which makes many of the older versions unsupported. Using an old software that is no longer supported greatly heightens your vulnerability to cyber-attacks.

3. Have A Business-Class Image Backup both On-Premise and In The Cloud.

This can foil the most aggressive (and new) ransomware attacks. If files are backed up, you don’t have to pay a crook to get them back.  Especially if this is with the most modern of backup systems which will protect what’s already been backed up.  Please note that most file-level backups DO NOT protect against these types of threats.

4. Install MS17-010.

One way the SMB flaw – targeted to install WannaCry ransomware – can be fixed is for organizations and individuals to install the MS17-010 fix issued by Microsoft in March. It is critical that you install all available OS updates to prevent getting exploited by the MS17-010 vulnerability. Any systems running a Windows version that did not receive a patch for this vulnerability should be removed from all networks.

5. Install emergency Windows patch.

Recently Microsoft has issued one-off security fixes for three operating systems that it no longer supports: Windows XP, Windows Server 2003 and Windows 8. If you use any of these operating systems, they need this emergency patch immediately. Otherwise, remove it from your network until it is patched.

6. Have a system in place to ensure patching.

Ensure that patching can be kept continuously up-to-date and can roll out emergency ‘zero-day’ patches as they are made available. The ability to see what level of patching each computer and server has in place is a must. Just because you attempt to install a patch on your network, doesn’t mean it is fully installed.  Some errors go unnoticed, or computers get overlooked without a proven process  to ensure these security measures are fully functional.

7. Anti-Malware and Firewalls.

Make sure all computers and servers have up-to-date and monitored Anti- Malware installed, and the firewall’s firmware is up-to-date and has active threat protection installed.

8. Make sure everyone on the network is educated and informed.

The user should not click or open anything until they verify with the sender that it is legitimate. If the link cannot be confirmed to be legitimate, type in the web address manually on a separate window to see where the link was planning on taking you. Users should also be cautious when clicking on ads, even on well-established websites. Most ads are put out by and ad service agency that put out too many ads to check each add for malware. If you are truly interested in the product being advertised manually check the web addressed in the same way as discussed before. Also, there are programs to proactively ‘test’ your computer users to make sure they aren’t taking actions in web or email that could jeopardize your organization’s cyber-health. The outcomes of these testing programs then can be targeted, very specific user security training.

These practices are something that should already be regularly done by your network, but at a time like this it is more important than ever to follow these procedures. Stay on top of updates for your software and applications and make sure everyone is informed and equipped on safe procedures. If you have any questions or concerns please feel free to contact us on our website.



Groff NetWorks provides IT support and managed services for Troy, Albany, and Schenectady businesses at a price that doesn’t break the bank.