Hi All,
Just wanted to share some information on Wannacry Ransomware.
WannaCry
ransomware is a malware that is spreading rapidly using the exploit
found in Microsoft Windows called EternalBlue. It encrypts the files on
the hard disk and ask for the payment to decrypt it.
How are these attacks initiated?
The WannaCry attacks are initiated using a SMBv1 remote code execution in Microsoft Windows OS.
Does it attack Linux/Mac OS?
No. Linux and Mac OS are not vulnerable to this specific attack.
How it spreads?
· Via email/social media attachment /file downloads
· Unpatched Windows machines in the local network
· Executing massive scanning on Internet IP addresses to find and infect other vulnerable computers.
How can we prevent this attack?
Sysadmin team has started updating patches to fix this vulnerability for Windows OS.
Do’s
· Scan all attachments before opening
· Have a backup of your important documents on different location
· MS Office macro’s should be disabled
· Keep your OS updated.
Don’ts
· Don’t open attachments from unknown contacts
Don’t opens files on USB without scanning