Edu Attack
As we all know education is necessary part of life. And all we need it to make our life easy. But since few day ago on 12th May. There is an attack to a Tech Gaint Company Microsoft. Not only my country INDIA but all worldwide effects has been seen. Named WannaCry Ransomware Attack which target mainly Microsoft 7, Microsoft XP and encrypt data and then demands for ransom payments in Bitcoin Cryptocurrency. It uses EternalBlue exploit developed by US NSA issued by Microsoft two month before to remove underlying vulnerability for supported system.
Organizations that had not installed Microsoft's security update were affected by the attack.Those still running the older Windows XP were at particularly high risk because no security patches had been released since April 2014. However, the day after the outbreak Microsoft released an emergency security patch for Windows XP.
Organizations that had not installed Microsoft's security update were affected by the attack.Those still running the older Windows XP were at particularly high risk because no security patches had been released since April 2014. However, the day after the outbreak Microsoft released an emergency security patch for Windows XP.
After being attacked they demends $300 if payment is not done in 3 days then the amount is doubled and then after it is not paid in 7day of attack then your locked files get deleted. Recent updates says that 238 payments are done. According to Kaspersky Lab, the four most affected countries were Russia, Ukraine, India and Taiwan. It estimates that around 200,000 computers were infected across 150 countries. Many MNCs and Government DataBase were Affected by this attack.
 |
| This is what shown to people who is affected by this WannaCry attack |
Here is a list of Do’s and Don’ts which you should follow to keep your computer safe:
1. You need to immediately install the May Windows Update bundles.
2. In order to prevent the infection, users and organisations should apply relevant patches to Windows systems as mentioned in the Microsoft Security Bulletin MS17-aspxhttps://technet.microsoft.com/en-us/library/security/ms17-010.aspx
3.For further protect against SMBv1 attacks, customers should consider blocking legacy protocols on their networks
4.Uers should maintain an updated antivirus software, regularly check for integrity of the information stored on databases, to not open attachments in unsolicited e-mails, restrict users’ ability to install and run unwanted software applications, among various others.
5.Perform regular backups of all critical information to limit the impact of data or system loss.
6.CERT-In advisory: Block SMB ports on Enterprise Edge/perimeter network devices [UDP 137, 138 and TCP 139, 445] or Disable SMBv1. http://support.microsoft.com/en-us/help/2696547
7.Don’t open attachments in unsolicited e-mails, even if they come from people in your contact list, and never click on a URL contained in an unsolicited e-mail, even if the link seems benign. In cases of genuine URLs close out the e-mail and go to the organisation’s website directly through browser.
USE THESE TOOLS:
1. Tool (NoMoreCry) to prevent Wannacry Ransomware by CCN-CERT:
2. Sophos: Hitman.Pro
3. Malwarebytes Anti-Ransomware(formally Crypto Monitor)
4. Trendmicro Ransomware Screen Unlocker tool
5. Microsoft Enhanced mitigation and experience toolkit(EMET)
Be Alert and protect your PC from WannaCry Attack
Well written Harsh.
ReplyDeleteThanks prateek
Delete