Essential WannaCry Mitigations

There have been many reports on the WannaCry attack (aka WannaCrypt, WannaCrypt0r 2.0, WannaDecryptor) since it broke out on Friday, May 12, 2017. Our support and professional services teams delivered notifications immediately on the following Monday to our managed services clients with detailed information for their environments, however, we want to ensure all of clients have fundamental information protect their environments.

What is WannaCry? This ransomware is encrypting infected systems and demanding payment to release control of the files.

How does it work? WannaCry takes advantage of vulnerabilities in Microsoft windows either through remote desktop protocol (RDP), or through exploitation of a critical Microsoft Server Message Block (SMB) vulnerability.

There are five essential WannaCry mitigations everyone should have in place:

Install MS17-010: One way the Server Message Block (SMB) flaw can be fixed is to install the MS17-010 fix. Any systems running Windows that did not receive a patch should be removed from all networks.

Install an emergency Windows patch: Microsoft issued one-off security fixes for three operating systems it no longer supports: Windows XP, Windows Server 2003 and Windows 8.

Disable SMBv1: NCSC says that if it’s not possible to apply either patch, then disable SMBv1, referring to guidance from Microsoft.

Block SMBv1: NCSC recommends that you block SMBv1 ports on network devices – UDP 137, 138 and TCP 139, 445.

Shut down: If none of the above options are available, pull the plug. If these steps are not possible, propagation can be prevented by shutting down vulnerable systems.

We urge you to take action on this attack; ISA is available to assist in any way possible.
Contact ISA Support: 1-877-591-6711 option 1, support@e-isa.com, or open a support case online.

Related Articles

Cookie Notice
We use cookies to offer you a better browsing experience, analyze site traffic, personalize content, and serve targeted advertisements. If you continue to use this site, you consent to our use of cookies.

Technology Partners

Thanks for reaching out, we’d love to hear from you. Fill out the form below and we’ll get back.

Become an Infinity Partner

Thank you for reaching out, we’d love to hear from you. Fill out the form below and we’ll get back to you within one business day.