Advertising banner:
 
 Protect your organisation from the latest ransomware attackPostmark
Home • General • Protect your organisation from the latest ransomware attack
 
From:Monday, May 15, 2017 11:49 AM +0200
Subject:Protect your organisation from the latest ransomware attack 
To:
Cc:
Last Friday there were reports of a widespread Ransomware attack, named WannaCry. Ransomware has been around for a couple of years and is delivered through different attack vectors (e-mail attachments, websites, ...)

What makes this attack different is that is uses a SMBv1 vulnerability in Windows and is attacked directly from the Internet by using a vulnerability in Windows on TCP port 445: MS17-010 (https://technet.microsoft.com/en-us/library/security/ms17-010.aspx) requiring no user interaction. This exploit made this attack very successful.

All organisations are advised to block ports 139 and 445 from Internet to their public IP ranges. Most organisations do not allow direct access on port 445 from the Internet so for some organisations this attack would not cause any harm but can't hurt to double check.

All organisations are advised to deploy MS17-010 as soon as possible. Microsoft even provided hotfixes for the unsupported Windows XP, Windows 8 and Windows Vista. (http://www.securityweek.com/microsoft-issues-emergency-patch-response-massive-ransomware-outbreak)

As for every malware attack, the general guidelines remain the same:

> Install the latest patches on your workstations and servers
> Make sure Antivirus is always up to date
> Use an Anti-Spam solution with the latest security features (Advanced Threat Detection)
> Train your colleagues not to trust all email they receive

Hope this helps you prevent a very unpleasant surprise :-)


With kind regards,

Eurodesk Brussels Link office


kraszuk.eu