Search This Blog

Saturday, May 13, 2017

Last Line of Defense Against WannaCry Ransomware -Part 1

Oh no!

On 12 May 2017, WannaCry began affecting computers worldwide. After gaining access to the computers, the ransomware encrypts the computer's hard disk drive, then attempts to exploit the SMB vulnerability to spread to random computers on the Internet, and "laterally" between computers on the same LAN.

This virus demand $300 for decryption.


Please don't pay them!

Next, do you think having an antivirus is sufficient to protect your environment?
No!
No!
No!
Well, i don't agreed on it. Nowaday malware is smart and none antivirus can guarantee 100% protection. But i don't say that antivirus is NOT require.

Antivirus program is a MUST.

But you still need to look at other vulnerability such as Microsoft operating system vulnerability especially on older version.

All of these play an important roles:- antivirus, operating system, firewall, network security,etc.

Let me share some of content that I've have presented recently on how to avoid "Ransomware attack".

Here is the guidelines on how to avoid ransomware attack:
0. Antivirus must have. :) Almost all antivirus vendors have already been added signatures to protect against this latest threat. Make sure you are using a good antivirus, and keep it always up-to-date.
1. Keep Windows up to date. 
On March 14 Microsoft published a security update that fixes this vulnerability and it is available through Windows Update. 

Please install all the latest Windows updates on all of your PCs, laptops and VMs as soon as possible.

2. Perform a threat analysis with your security team

3. Train staff on cyber security practices on:
a. Not opening attachments or links from unknown sources
b. Inform employees if a virus reaches the company network.

4. Backup all information every day

5. Backup all information to a secure, offsite location

Apply 3-2-1 rule to ransonware protection

3- Ensure you have at least three copies of your data
2- Use at least two different media to store the backup
1- Keep at least one copy of your backup offsite & offline

It's better safe than sorry.

My journey protection on my laptop start by installing Veeam Agent for Windows (VAW) -Workstation Edition. Then, perform backup on my entire computer & protect my important files including Dropbox to External hard disk. It is not safe to put backup on local disk & my shared folder.

VAW has CryptoLocker(ransomware trojan) protection. It will eject external hard disk once backup completed. In case your laptop is infected by WannaCry, then you know where to get a safe copy from.





I've followed step 0-5 & feel more secured .
 How about you? Are you protected?


Protect your laptop/server before ransomware attack. If you're interested to read more, please check out on recent ebook which consist of 40 pages : "Conversational Ransomware Defense Survival".
Click on below image to download free ebook.


We will look on virtualization protection against ransomware on - Part 2 - Click here

Stay Tuned!