Protect Your Business from Ransomware

As the second iteration of the ransomware strain impacting IT infrastructure around the globe is expected, we want to arm our customers with information to be best prepared.

Protect your infrastructure from ransomware today!

Get Started

Networks in many businesses and critical infrastructure like healthcare and finance across 150+ countries have been infected by the WannaCry ransomware worm, aka WanaCrypt, WannaCrypt or Wcry. We are observing this ransomware worm spread rapidly.

If you have not been infected, it is very important that you learn how to defend your systems. Netsurion is continually working to deliver more advanced threat protection for situations just like this.

While anti-virus and managed firewalls are essential, alone they are not enough. Netsurion SIEM-at-the-Edge was introduced earlier this year for this very reason.

WannaCry Ransomware

Recommended steps for prevention

  • Read the full situation background provided by EventTracker CEO, A.N. Ananth and bookmark it for further updates as the situation evolves.
  • Apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017.
  • Perform a detailed vulnerability scan of all systems on your network and apply missing patches ASAP.
  • Limit traffic from/to ports 139 and 445 to internal network only. Monitor traffic to these ports for out of ordinary behavior.
  • Enable strong spam filters to prevent phishing e-mails from reaching the end users and authenticate in-bound e-mail using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent e-mail spoofing.
  • Scan all incoming and outgoing e-mails to detect threats and filter executable files from reaching the end users.
  • Ensure anti-virus and anti-malware solutions are set to automatically conduct regular scans.
  • Manage the use of privileged accounts. Implement the principle of least privilege. No users should be assigned administrative access unless absolutely needed. Those with a need for administrator accounts should only use them when necessary.
  • Configure access controls including file, directory, and network share permissions with least privilege in mind. If a user only needs to read specific files, they should not have write access to those files, directories, or shares.
  • Disable macro scripts from Microsoft Office files transmitted via e-mail. Consider using Office Viewer software to open Microsoft Office files transmitted via e-mail instead of full Office suite applications.
  • Malware, Ransomware, and the Next Big Threat

    September 21, 2017

    Imagine the lost revenue for a major retailer if they needed to shut down all of their stores for a few days, or even a few hours, especially over the busy holiday season. The impact would be devastating.

    Read More
  • Protecting Against Ransomware Attacks: What Every Business Needs to Know

    July 11, 2017

    Ransomware attack frequency is at its height as there have been more than 4,000 ransomware attacks happening each day for over a year now. Follow these tips to help avoid a ransomware breach at your business.

    Read More
  • Is your brand truly secured?

    July 18, 2016

    So you have a big brand name that millions of consumers trust. You have hundreds to thousands of locations across the U.S…. and perhaps even globally. A big name means big money, so that huge chunk of change dedicated to security is definitely paying off in spades, right? All too often, the answer is a resounding “WRONG.”

    Read More