Best Practices Compilation for WannaCry Ransomware - By NASSCOM and DSCI

File uploaded by NASSCOM Community Admin on May 15, 2017
Version 1Show Document
  • View in full screen mode

It has been reported that a new ransomware named as "Wannacry" is spreading widely and globally. Please refer link for CERT-In Advisory: http://www.cyberswachhtakendra.gov.in/alerts/wannacry_ransomware.html  

Wannacry encrypts the files on infected Windows systems. This ransomware spreads by using a vulnerability in implementations of Server Message Block (SMB) in Windows systems. This exploit is named as ETERNALBLUE. The ransomware called WannaCrypt or WannaCry encrypts the computer's hard disk drive and then spreads laterally between computers on the same LAN. The ransomware also spreads through malicious attachments to emails.

In order to prevent infection, users and organizations are advised to apply patches to Windows systems as mentioned in Microsoft Security Bulletin MS17-010.

https://technet.microsoft.com/library/security/MS17-010/

Given the impact of #WannaCry, Microsoft has released SMB patch update for unsupported Windows Versions - XP, Vista, 8, Server 2003, 2008 etc.

http://www.catalog.update.microsoft.com/Search.aspx?q=KB4012598

Outcomes