Many Organization around the world were victims of malicious "WannaCrypt" software last week. Seeing businesses and individuals affected by cyber attacks such as this is painful. Our teams have worked relentlessly over the last few days to take all possible actions to protect our customers.
Here are a few things for your reference (from Microsoft):
- If you are using Windows Vista, 7, 8.1 & 10: In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Those who have Windows Security Update enabled are protected against attacks on this vulnerability.
- Activate Windows Defender: For customers using Windows Defender, we released an update earlier today which detects this threat as Ransom:Win32/WannaCrypt. As an additional “defense-in-depth” measure, keep up-to-date anti-malware software installed on your machines. Customers running anti-malware software from any number of security companies can confirm with their provider whether they are protected.
- If using older version of Windows: Customers running versions of Windows that no longer receive mainstream support may not have received the above mentioned Security Update released in March. Given the potential impact to customers and their businesses, we have released a Security Update for platforms in custom support only. Windows XP, Windows 8 and Windows Server 2003 Security Updates are broadly available for download now (see links below).
- Additional Steps to consider: This attack type may evolve over time, so any additional defense-in-depth strategies will provide additional protections. (For example, to further protect against SMBv1 attacks, customers should consider blocking legacy protocols on their networks). Some of the observed attacks use common phishing tactics including malicious attachments. Customers should use vigilance when opening documents from untrusted or unknown sources.
For those organizations who have not yet applied the security update, we suggest you immediately deploy Microsoft Security Bulletin MS17-010.
~ You can also use best Free Internet security softwares like 360 Total Internet Security, Avast Anti Virus, Comodo Internet Security, etc. software to protect your PC from this types of Attacks. But it always better to use Paid version of Internet Security suite insted of free one because they not offer support or latest updates.
~ WannaCrypt Attacks @ Wikipedia.org
Cisco Systems’ Talos threat intelligence service says that in accordance with known best practices, any organization that has SMB publically accessible via the Internet (ports 139, 445) should immediately block inbound traffic.