Preventive guidelines from Wannacry Ransomware
or any other cyber-attack
Previously I
shared around seven post on computer and web security, toady I am sharing this
post on latest hot topic Wannacry Ransomware
attack and prevention. You can use these guidelines as preventive steps for
any other cyber-attacks. Before sharing all steps, I will explain some security
terms related to cyberattack.
What is malware?
This is type
of virus(software) which is specifically designed to disrupt, damage, or gain
authorized access to a computer system.
What is Ransomware?
This is a
malicious software designed to block access to a computer system until a sum of
money is paid, Software uses cryptovirology
that blocks access to data until a ransom is paid and displays a message
requesting payment to unlock it.
What is cryptovirology:
Cryptovirology
is a field that studies how to use cryptography to design powerful malicious
software.
What is Wanna Cry Ransomware?
A type of
virus that infect computers, and then prevent the user from accessing the
operating system, or encrypts all the data stored on the computer,
The user
asks the ransom to pay a fixed amount of money, as opposed to decrypting files
or allowing access again to the operating system.
Top 10 Preventive Measures from
Wannacry malware or any other cyber-attack,
1. Keep
your computers updated
Most
cyberattacks targets out-of-date systems frequently, best example is WannaCrypt
ransomware worm.
a. Best preventive measure is keep your
computer updated.
b. Keep all security software’s updated,
if you are using any third-party security software/tool keep that updated.
c. Keep all your important software’s
updated.
Almost all
infected computers from Wannacry Ransomware are not updated with Microsoft latest
security update or using old XP,2003 operating systems.
Microsoft guidelines to prevent
Wannacry are,
To prevent infection, users and organizations are advised to
apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010.
https://technet.microsoft.com/library/security/MS17-010
For those using Windows Defender, please use following update
https://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt
2. Create
an internal policy
a. Create data and internet use policy
for your employees.
d. Cerate policy for employees to avoid
clicking spam and harmful links/fraudulent messages in email or using a poor
password.
e. Avoid using untrusted videos and
attachments from emails and websites.
f.
Ensure
integrity of the codes /scripts being used in database, authentication and
sensitive systems, check regularly for the integrity of the information stored
in the databases.
g.
Restrict
users install and run unwanted and not trusted software applications.
h.
Make
policy for remote connections and least privileged users.
3. Regular important data and files backup
Keep your files backed up regularly and
periodically, that includes important database, software, files/documents backup.
4. Security software and required security
tools
Its
recommended to use Firewalls, network security tools and anti-virus software’s.
5. Safe web browsing and external data policy
a. Block harmful and not trusted website
in your network or computer.
b. Follow safe practices when browsing
the web. Ensure the web browsers are secured enough with appropriate content
controls.
c. Deploy web and email
filters on the network, Scan all emails, attachments, and downloads both on the
host and at the mail gateway with a reputable antivirus solution.
d.
Implement
strict External Device (USB drive) usage policy.
6. Employee awareness, education and knowledge
sharing about information and data security
a.
Be aware of fraudulent and fake advertise/spam e-mail messages
that use names like popular services such as PayePal like PayPal,google like
gogle or use popular service names without commas or excessive characters.
b. Educate employee about data security
and security flaws.
c. Educate people how to use your
business system and company data.
d. Restrict execution of not trusted
powershell /WSCRIPT, executable code and Disable macros in MS Office products.
7. Hire security experts
a. There is not a single software\tool
available in market with 100% secure, invest in security experts that helps to
prevent your business from security risks.
b. One of the best ways for you to
discover if there are any holes or security risks present in your
infrastructure is to hire a security consultant.
8. Create strong passwords and change them
frequently
a. Change your password frequently never
use the same password for all your accounts, if you are doing that then you are
inviting for attack.
b. Try to
create complex and unique passwords that combine numbers, symbols and other
factors to ensure it is safe and secure.
9. Security review on your applications
a. Review your web/mobile application security
frequently.
b. Penetration and full security testing
is must for your web and mobile applications.
10. Ensure and confirm external
links and messages
a.
Never click on
a link that you do not trust on a web page and websites, never click links from
social media that you do not trust.
b.
If you receive
a message from your friend with a link, ask him before opening the link to
confirm, (infected machines send random messages with links).
References:
https://answers.microsoft.com/en-us/windows/forum/windows_10-security/wanna-cry-ransomware/5afdb045-8f36-4f55-a992-53398d21ed07
http://www.business2community.com/cybersecurity/8-ways-businesses-can-prevent-cyber-attacks-01251164#CdjMTEc9iYyq2pqu.97
http://www.cyberswachhtakendra.gov.in/alerts/wannacry_ransomware.html
https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/#sm.001pbez1210y9d1510v9ukijwjrbf