WannaCry Ransomware and How to Defend Against It

Security researchers believe this widespread global ransomware attack is the result of a vulnerability called "EternalBlue" that came out of the NSA exploit dump by Shadow Brokers.

Here are a few simple steps to take to protect yourself against the WannaCry ransomware:

1 - Patch ALL Windows machines in your environment immediately. The EternalBlue vulnerability was patched by Microsoft back in March as part of MS17-010.

2 - Maintain up-to-date backups of files and regularly verify that the backups can be restored.

3- Ransomware attacks target shared network drives and cloud backups. This scenario makes it hard to retrieve the information in case of a ransomware attack. Therefore, do not rely on backup only - you must consider a protection mechanism.

4 - Ransomware is often delivered through the exact same channels as other types of malware: spear-phishing and malicious drive-by. Educate users to refrain from clicking on suspicious links, downloading email attachment and downloading software from dodgy resources.

5 - Install a ransomware detection and prevention tool. Small businesses and individuals should install Cybereason RansomFree. It is a free ransomware protection tool for PCs running Windows 7, 8, 10 and Windows Servers running 2008 R2 and 2012 R2. Download RansomFree here: https://ransomfree.cybereason.com