Dont WannaCry? 8 Tips to Protect Your Environment from the Latest Ransomware Attack | Forum

Topic location: Forum home » General » General Chat
World news
World news May 16
The massive ransomware attack – called WannaCry, WCRY or WannaCrypt – that began in Europe is still causing devastating rippling effects as far as Japan and China. To date, it’s locked thousands of computers in more than 150 countries and has hit more than 300,000 computers.
The good news is that, so far, the list of victims in the U.S. is very small. But, that’s not to say that you shouldn’t be wary. With only a small adaptation new waves of the WannaCry ransomware could impact U.S. systems just as quickly.
For WannaCry, specifically, there was a “kill switch” that was used to stop the worm from spreading. Even so, many experts say that the game will continue with potentially larger impact. The best way to be protected is to put up a great defense.
Consider these eight critical protection steps and keep WannaCry away:

Patch and Update with Vigor. Think of your IT infrastructure like your house. Would you leave your doors wide open for anyone to step inside? No. Letting your environment go unpatched is like leaving your door agape. Instead, make patching a systematic process for all of your systems. Specifically, for WannaCry protection, be sure your Microsoft OS is current on every server and endpoint. There have been many claims that the root cause of this attack is from the MS17-010 SMBv1 update not being applied following its release back in March. Not applying this update will most certainly leave your environment exposed. If you haven’t applied it yet, disable the Windows SMB (Server Message Block) and plan to update it as soon as possible.
2. Scan for Vulnerabilities . Even if you lock your doors, you may have other easy ways to break into your house, like open windows, lost keys or a careless child. The same holds true with your IT environment. By using a sophisticated solution to scan your systems and networks for unknown and lurking vulnerabilities, you’ll know what additional safeguards you need to implement to fend of future attacks.
3. Protect your Endpoints. Endpoint systems are the most vulnerable to cyber attacks. Not only are they roaming, often beyond the security of your firewall, they are operated by end users who aren’t exceptionally knowledgeable about the best security practices. Be sure all endpoint systems are patched, updated and protected with antivirus software with the most current virus definitions.
4. Employ Least Privilege Practices. To further protect endpoints, as well as servers, use policy control that allows you to apply just the right level of granular administrative rights without negatively impacting the user experience or workflow. As such, users have access to just what they need, and nothing further. This can help to prevent unexpected threats from gaining deeper system access. They will only be able to penetrate what that user has access to.
5. Enable Application Whitelisting. Taking policy control a step further, employ application whitelisting technology. It can ensure that only approved “whitelisted” software can run on specified systems. Using this approach, intrusive malware such as WannaCry would not be able to execute because it wouldn’t have been named as an allowed whitelist software.
6. Backup Systems, Consistently . In the event ransomware successfully penetrates your systems, be sure to have comprehensive backup strategies that will enable a complete recovery – without fail. That means that you need to follow secure practices for your backup operations so that ransomware isn’t able to “hop” and infect your backup systems as well. Employ a backup strategy that builds security gaps between your network and backups to prevent ransomware from encrypting your backup files.
7. Assure Business Continuity . To take your data protection a step further, leverage business continuity solutions that can allow you to fail over your production environment to a secure, malware-free, copy of your environment, while you’re cleansing your infrastructure from ransomware infection. Sophisticated, cloud-based solutions can help. They will enable you to continue business operations, without interruption, during your recovery efforts.
8. Train Your Employees. Finally, but perhaps most important of all, train, train, train your employees. Reports show that 90% of ransomware infections start with email phishing. Every employee must be aware of the risk of email attachments and unknown links. They should also be informed not to execute software that has been downloaded from the internet, unless it’s first been approved by internal IT processes. Even URLs from trusted sources should be suspect. Train employees to watch for these items and to report – immediately – anything that appears suspicious. With ransomware, every second counts.

WannaCry won’t be the last wave of ransomware we fear, so take steps now to be prepared. To help, select a trusted advisor like Veristor that is able to help you chart a course for a secure and impenetrable infrastructure. We can help you map out a security strategy optimized for your environment, and your business, that will build a protective fortress around your environment – end to end. Then, instead of crying, you’ll have the peace of mind that your systems are as secure as possible when the next attack hits.