16th May 2017
WannaCrypt Ransomware, What to do? A brief description of preventative measures against the recent randsomware epidemic.
The WannaCrypt ransomware (also known as WannaCry and Uiwix) has infected approximately 200,000 machines in over 150 countries.
The malware works by taking advantage of an exploit found in older versions of the Windows operating system, specifically the Server Message Block.
This has many people worried that they too will be infected, but there are several methods to prevent infection.
There was a security update,MS17-010, in March for those running supported Windows systems (ie; Windows Vista, Windows 7, Windows 8.1, Windows 10) as long as the system received this update then the risk of infection should be slim to none.
For those running a version of Windows that is not supported (ie; Windows 8, Windows Xp) there is a downloadable patch that should prevent infection. The required files are located at the end of this blog post.
For those who did not update Windows, simply turn off SMBv1, This link provides instructions as how to do so. It may also be beneficial to close TCP port 445.
It should be noted that under no circumstances should you pay the ransom!
In the scenario you are infected, have your machine wiped and rely on back-ups. This isn't the prettiest solution but it's better that relying on the good will of criminals.
If you require any more information please don't hesitate to contact us.