WannaCry-ransomware:: How protect your devices.

Discussion in 'Technology' started by Fireblade115, May 13, 2017.

  1. Most of you (I hope) have heard about this 'Ransomware Malware'.
    if you don't know what this is or if you have no clue what I'm talking about, please check out the links at the end of this post.

    What can you do against it?
    To protect you against this WannaCry runtime, it is important to tighten up the Windows vulnerability as quickly as possible with the MS17-010 update. For those who keep their computer up to date, there's basically no problem.

    Microsoft has also decided to release a security update for operating systems that have been unsupported for a long time, due to the ransomware aggressiveness. The patch in question, KB4015298, is also available for Windows XP, Windows XP Embedded, Windows Server 2003, and Windows Server 2008. Windows 10 was not vulnerable to itself.

    It is also advisable to have good and current anti-virus software on your computer(s). That does not always have to cost you a lot of money: there are also free solutions. And please make sure that they are always running at the latest versions.

    There is more I could say about this, but I wanted to get this out, as I didn't see any talk of this on the forums.

    Stay safe and take care!

    Ransomware Malware: https://en.wikipedia.org/wiki/Ransomware
    In the news: https://www.google.be/search?q=ransomware#tbm=nws&q=ransomware+WannaCry
  2. Doubt it. Isn't it a worm? A worm spreads itself in various ways. Microsoft did patch it in an update and I also heard something about the tor domain being shutdown or purchased by someone.

    Fun thing, here in the Netherlands we have a company that was hit by it too. The company maintains a large amount of parking meters and such. People enter the garage and all they see is that ransomeware on the screen :D
    In some garages people could even park for free because the meters didn't work anymore
    • Funny Funny x 1
  3. Choco


    Not necessarily. Someone on Twitter found the domain that all the data was being sent to, registered the domain, and then created a void to where all the data is just ignored. Sooooo, yea it's not spread anymore but as @ExplosiveNight mentioned, for those that already have the worm, it's still present and active. I don't remember the Twitter user's name, but he definitely saved tens of thousands of people from this ransomware as well
    EDIT: His handle is @MalwareTechBlog
  4. They might have found a 'kill switch' which doesn’t stop the malware from spreading, but at least prevents it from activating the code that encrypts and ransoms your data.

    There are a lot of machine that do not receive weekly updates, heck not even monthly or yearly updates. How well are these devices protected you figure? If Microsoft even issues a patch for old, unsupported versions of Windows, you get how serious this situation really is.
  5. #MacGang
    • Agree Agree x 1
    • Funny Funny x 1
  6. electronicboy

    IRC Staff

    There are other variants of it still out there that work even with that domain registered, as well as cases where sys-admins heavily restrict their networks that such a domain would automatically be blacklisted by their firewalls. Also, you have to remember that not everybody updates their PCs, heck, people are still running XP!

    Also, macs have viruses and malware too, it's generally just much less of a target. The *nix separation of processes and privileges also greatly helps in the security that you see on linux, which even that has issues...
    • Agree Agree x 1
  7. thanks I never thought keeping my system up to date would help security.

    that was my attempt at mocking this thread yet it fails at that and instead mocks the hundreds of corporations and government officials who failed to simply keep their systems up to date.
  8. You know it's bad when Microsoft releases a patch for an operating system that they discontinued 3 years ago
  9. When you can laugh at all the Mac haters
    • Like Like x 1
  10. Backup your data while you can
    Patch as soon as possible, don't ignore our tech guy recommendations, please DO patch
    turn off smbv1 if you can.
    Get a firewall and block everything incoming that you don't need, and make a tight exception for what you do need to let in.
    Certainly block ports 139 and 445.
  11. Stop trashing on windows. Windows is a great OS, security flaws are inevitable. I'm sure there are plenty of security issues in Mac OS, but nobody cares enough to exploit it.
    • Funny Funny x 2
  12. electronicboy

    IRC Staff

    The bug was present in all versions of windows from XP -> 8.1, it's hard to say that in all cases it was blatent disregard from the company, there are many things that people ignore when it comes to actually keeping updated. Windows 8.1 is still in mainline support, even with latest patches to antivirus and all of that, there is no guarantee that you're secure. heck, sometimes it's even 100% unviable to upgrade a system when you consider the fact that some computers are connected to older hardware/systems that work perfectly fine and do a job that isn't really easy to replace by other solutions without large expenditure which can't always be justified.

    Heck, the power systems in most hospitals that people visit these days have PLCs that are far beyond their service life, yet are perfectly fine, and these systems are now hooking up to the network to provide various features... Replacing a large switchboard with an upgraded system, especially for critical infrastructure, isn't really all that is viable. "Oh yes, your hospital is going to have no power for a few days while we replace the switch gear"

    Heck, Sophos, highly reputable in the enterprise world, ended up taking their page down about the support that they provide to the NHS in the downfall that occurred.
    • Like Like x 1
  13. Can we keep the pc superrace discussion out of this topic? If you want to talk linux or mac, or compare them, start your own thread. It honestly helps nobody.
  14. Anyone saw that article where North Korea might be linked to all this?