How to protect yourself from the WannaCry ransomware

Stuart Sumner
clock • 2 min read

Security tips from the experts on how to defend systems from the ransomware that has taken down parts of the NHS and many other organisations

Security firm Bitdefender has produced a list of best practise tips to help organisations defend themselves against the WannaCry ransomware.

This is the malicious code which recently hit large parts of the NHS, and other organisations including Nissan and Telefonica.

Many experts believe that the malware attacks systems by exploiting a known flaw in Microsoft Windows SMB Server, MS17-010, thought to have been used by the NSA in the past.

Security firm Bitdefender suggests that WannaCryptor is one of the biggest threats that both end users and companies have had to face recently. 

A spokeperson from Bitdefender explained that the ransomware can move itself around networks, once it has found a way in.

"Because the list of vulnerable Windows PCs can be found through a simple internet scan and the code can be executed remotely, no interaction from the user is needed. Once the PC is infected, it acts like a worm, it replicates itself in order to spread to other computers.

The firm analysed the malicious software, and found that the wormable component is based on the EternalBlue exploit that had been leaked out in a data dump allegedly coming from the NSA.

"This strain of malware is one of the few that combine the aggressive spreading mechanism of a cyber-weapon, with the irreversible destructive potential of ransomware. Up until now, more than 120,000 computers worldwide have been infected.

"The CVE07-010 vulnerability affects almost all versions of the Windows operating system, including those who are not actively supported anymore, such as Windows XP, Windows Vista and Windows Server 2003. Because of the extremely high impact, Microsoft has decided to issue patches for ALL operating systems, including the unsupported ones. If your operating system does not have the specific hotfix installed, then you are vulnerable and need to update immediately," continued the spokesperson.

The firm concluded with the following advice:

What you can do to stay protected?
  1. Disable the 'Server Message Block' service on the computer if patching is impossible
  2. Install the patch
  3. Back up your data on offline hard drives. The ransomware malware will encrypt files on external drives such as a USB thumb drive, as well as any network or cloud file stores
  4. Patch and Update your software and make sure you have all Windows updates on your machine.
  5. Use a reputable security suite https://www.av-comparatives.org/wp-content/uploads/2017/04/avc_factsheet2017_03.pdf

Related Topics

You may also like
ICO publishes new tech guidance for healthcare providers

Health

ICO publishes new tech guidance for healthcare providers

Regulator aims to ensure transparency on personal data use

clock 16 April 2024 • 2 min read
UK business falling short on cybersecurity warns government report

Threats and Risks

UK business falling short on cybersecurity warns government report

A staggering 78% of businesses lack a formal incident response plan

clock 10 April 2024 • 3 min read
Multiple China-linked groups attacking Ivanti vulnerabilities

Threats and Risks

Multiple China-linked groups attacking Ivanti vulnerabilities

Patches have been made available by Ivanti

clock 08 April 2024 • 2 min read
Stuart Sumner
Author spotlight

Stuart Sumner

View profile
More from Stuart Sumner

The Metaverse is 'a grand folly' say CIOs and Zuckerberg's actions are 'terrifying'

'Whole world of complexity' for energy companies to deliver on government promises, says energy CTO

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Hacking

Roku reports cyber breach impacting 576,000 accounts
Hacking

Roku reports cyber breach impacting 576,000 accounts

Compromised data was used to make unauthorised purchases in fewer than 400 cases

Dev Kundaliya
clock 15 April 2024 • 2 min read
Dutch chipmaker Nexperia falls victim to cyberattack
Hacking

Dutch chipmaker Nexperia falls victim to cyberattack

Hackers posted dozens of confidential documents on dark web

Dev Kundaliya
clock 15 April 2024 • 2 min read
Apple warns users of 'mercenary spyware'
Hacking

Apple warns users of 'mercenary spyware'

Highly targeted message sent to users in 92 countries

Penny Horwood
Penny Horwood
clock 11 April 2024 • 1 min read