Banner Image
Home / Blog / 12 Tips to Help Prevent WannaCry Ransomware

12 Tips to Help Prevent WannaCry Ransomware

May 16 2017

On Friday, the world experienced the wrath of a well-coordinated ransomware attack, known as WannaCrypt. The attack caused Britain's NHS to cancel surgeries, a wide array of Russian and Chinese private and public institutions to be crippled most of the day, and the rest of the world to recoil in shock.

This Ransomware is hitting all types of organisations big and small. In this blog post we give some simple steps which can keep your company more protected against this type of attack. 

Back Up Your Data

The best way to defeat ransomware is to have a regularly updated backup of your files. If your system is attacked by ransomware,you can easily restore your files to an earlier version


Show Hidden File Extensions

In Windows settings, enable the option to see full file extensions. This way, suspicious files will be easier to spot. Cryptolocker is often packaged with a file that has the extension ".PDF.EXE"


Filter .EXE Files in Email

Set a filter in your email program to deny emails with attachments that have two file extensions, with the last one being executable (".EXE"). If you want to receive executab files with someone you trust, use ZIP files or cloud services instead (remember to password-protect your files).


Disable Running Files in "App Data" and "Local App Data" Folders

Using intrusion prevention software, set up a Windows rule to disallow executable files from running in the App Data or Local App Data folders. Be sure to exclude any legitimate software that you have set to run from App Data folder from this rule.


Disable RDP

Cryptolocker frequently targets machines using Remote Desktop Protocol (RDP), a Windows utility that lets others access your system remotely. If you don't need to use RDP, disable it to protect your desktop from malware attacks.


Update Your Software or Apply Patches 

Malware programs often depend on people running outdated versions of software with known vulnerabilities, which can be exploited to gain access to your system. Keeping your software updated drastically reduces the potential for these malicious programs to infect your system.


Don’t enable macros

A lot of ransomware is distributed in Office documents that trick users into enabling macros. Microsoft has just released a new tool in Office 2016 that can limit the functionality of macros by preventing you from enabling them on documents downloaded from the internet


Be very careful about opening unsolicited attachments

Most Windows ransomware in recent months has been embedded in documents distributed as email attachments. If some attachment seems suspicious to you, don’t open it.


Don’t give yourself more login power than necessary

Don’t stay logged in as an administrator any longer than necessary. Avoid browsing, opening documents or other regular work activities while logged in as administrator.


Train all employees in your business

Often the users within a company can be your weakest link if you don’t train them how to avoid booby-trapped documents and malicious emails


Segment the company network

Separate functional areas with a firewall, e.g., the client and server networks, so systems and services can only be accessed if really necessary.


Use a Trusted Anti-Virus Suite

Since malware programs are frequently updated with new definitions to avoid detection, it's important to have both a firewall and anti-virus software. If a malicious code is so new that it happens to go undetected by your anti-virus software, it will be caught by the firewall.


View our webinar on the Threat Landscape for Companies by clicking link below. 

View our Webinar


Share this: