wannacry is a ransomware.
how to protect yourself
One of the key reasons the Trojan erupted so quickly is that it transmits itself using an exploit, entering through a known Windows vulnerability with no user intervention (mistakes) needed. And once one computer is infected, the malware attempts to spread itself to all other systems in the local network.
Therefore, the very first action to take is to repair the vulnerability. System administrators need to take the following steps:
- Install the Microsoft patch. It’s available not only for Windows 10, but for earlier versions as well: Windows 8, 7, Vista, even Windows XP and Server 2003. This patch closes the vulnerability that the ransomware uses to infect the systems within the local network.
- If, for whatever reason, installing the patch is not possible, close port 445 using the firewall. That will block the worm’s network attack to prevent the infection. However, this measure should be viewed strictly as a stopgap. Closing this port will stop a number of important network services, so it isn’t a true solution.
- Make sure that all systems in your network are protected. This point is vital: If you haven’t patched every system or closed the 445 port, one infected computer may infect all the others.
- You may also use the free Kaspersky Anti-Ransomware Tool, which reliably protects from cryptomalware. It can also be used along with other antimalware solutions; it’s compatible with most known security solutions and does not interfere with their operation.
- Always take backups. Move your business files offline.