T&VS Security Services – Top3 Recommendations Following Global ‘WannaCry’ Ransomware Attack

Last Friday 12th May saw another largescale ransomware attack across the globe, crippling companies and critical government services including the National-Health-Service in the UK. The appropriately named ‘WannaCry’ ransomware targeted Microsoft users, encrypting files and requesting money to be unlocked.

How did this ransomware occur and why did it have such devastating effects? The actual security hole was part of a‘National-Security-Agency’ security toolkit that was leaked onlineby a group of hackers. It exploited Microsoft server message block (SMB) functionality, effecting all versions of windows operating system. The security hole was identified last week by Microsoft and patches issued to fix the issue. However,many users and organisations take a long time to ensure their devices are updated with latest patches, leaving a window of opportunity for the ransomware.

T&VS Security Services – Top3 recommendations to ensure you are protected from WannaCry:

  • Always ensure your Microsoft patches are up-to-date. The essential patch for the WannaCry is MS17-010 patch. This will give you 65% security.
  • Enable firewalls and disable the following ports 137,138,139,445. These are the ports this ransomware utilises.
  • Ensure Antivirus software up-to-date.

(Some of the above recommendations seem obvious but if they had been followed then the ransomware would not have been so prevalent.)

Recommendations to protect against future ransomware:

The following are general security best practice advice:

  • Stop using any unsupported windows Operating System. Always aim to regularly upgrade to the latest OS.
  • Disable Microsoft server message block (SMB)
  • Regularyperform a secure backup of data into the cloud. This will allow a quick restore of data if an attack does occur.
  • Always be aware of phishing attacks. Avoid vulnerable websites and emails.
  • Finally, we would recommend you increase security awareness and give training for end users on how to protect themselves going forward.

 

Let T&VS ensure you are protected going forward. Our security team will analyse your infrastructure for potential weaknesses and provide assistance in ongoing security measures. If you would like to know more, please see T&VS Security or contact us via email.

Join the T&VS webinar. T&VS experts will provide a simple step-by-step guide to the actions you can take now to ensure your systems are protected.

2017-05-19T06:31:05+00:00 19th May, 2017|Blog, Thought Leadership|
T&VS NEWSLETTER SIGN-UP
The T&VS newsletters inform you about industry news, events and information from T&VS. No spam, we promise and it is always easy to unsubscribe.
We never share your information. Read our Privacy Statement
Interested in Formal Verification?
Then why not attend the TVS Formal
Verification Bootcamp training?
The 2-day Formal Verification Bootcamp is for design and verification engineers looking to enhance their knowledge of formal verification and to learn how to write effective assertions to find and fix bugs. The course is a mix of presentations and hands-on development exercises.
Bootcamp Enquiry Form
If you are interested in receiving additional information on the course then simply email Mike Bartley (TVS CEO and Course Leader) by entering your details below.
Interested in SystemC?
FREE SystemC UVM Library Now Available
The TVS SystemC UVM library closely mimics UVM but gives users a license free UVM-based verification environment.
Have your product requirements been successfully tested and implemented?
Find out how asureSIGN can help you implement a successful Requirements Driven Verification and Test Strategy by visiting asureSIGN or enter your details and we will be in touch.
Course Dates and Pricing
To receive additional information, including course dates and pricing, please contact our training team who will be happy to help.
Download Request
Please complete the following form then click 'submit' to access the download.
Presentation Request
Please complete the following form then click 'submit' to gain access to the presentations.
DOWNLOAD REQUEST
Please complete the following form and then click 'submit' to gain access to the download.
FREE QA ASSESSMENTS
Did you get what you were looking?

Let the testing experts help. We will run a FREE QA assessment which will include our top 5 recommendations to help maximise your testing.