Wannacry Ransomware Cyber Attack
MadTECH is taking the following steps to make sure there is no Wannacry Cyber attacks on clients machines:
Ensure that Windows updates are current. The exploit where Wannacry get's it's access was first patched by Microsoft in April, so as long as your last Windows update was at least in the April batch you will be secure. I have noticed on the servers there is Security Monthly Quality Rollup for Windows Sever is available for download.
If you have any older XP machines still in use, Microsoft has released the first updates for this flavour of operating system in more than three years. To download this update, go to the link found at the bottom of this madBLOG.
The XP update KB4012598 is a security update for Windows and runs as a Software Update Installation Wizard. You get the usual warnings, close other programs, and make sure your system is backed up etc. I have patched it onto one XP machine, and restarted to install and it seems to have caused no issues.
[caption id="attachment_2962" align="aligncenter" width="300"] First XP patch in three years for anyone unless paying for custom support from XP[/caption]
Make sure ESET is up to date, is joined to the LiveGrid Network, run manual scans, and make sure real time protection is on. To do this, go to advanced setup in ESET, Tools, then make sure ESET Live Grid is ticked (Participate in Live Grid). On servers it is in the same place, but it is called ThreatSense.Net
Once ESET is up to date, run the manual scans. If you can't, or if get an update issue like Update error 0x1106 , then try updating the application to that latest version. At MadTECH Computers, we try to keep ESET at version 7 or 8, as we find version 9 is causing system lag.
Of course the other thing we do is check the backups which we blogged and emailed about last week. All clients who didn't contact us with latest critical folders list are encouraged to any time. As part of being an IT service Company, we can do disaster recovery drills as well, and to provide documentation for Company Disaster Recovery Plan, which is recommended practice for companies with time-sensitive recovery of critical data. In simpler terms this means how long does it take to get my data back if it does get encrypted by ransomware?
Source for the XP patch: https://www.reddit.com/r/windows/comments/6ay3jg/windows_xp_sp3_wanacry_patch/