On Friday 12th May 2017, more than 200,000 in 150 countries around the globe were struck with a ransomware attack using WannaCry – software that exploits a vulnerability in Windows to implement criminal ransomware. Ransomware is a malicious type of software that takes control of your systems and blocks access until a sum of money is paid. Ransomware is particularly venomous due to the way it aims to target organizations who cannot afford to be without their IT services and therefore heightens the possibility of the ransom being paid.
Although many systems are back up and running, officials have warned that organizations should brace themselves for further attacks this week on a significant scale, as over 1.3 million companies still appear to be at risk.
It is evident that the main cause of this attack was due to the vulnerability in the number of organizations running on outdated Windows systems. Although cyber attacks can happen on many levels, it is first vital to ensure that all systems are up to date and are still supported by the developer. Unfortunately, the events of last week served as a tough lesson in that many organization’s cyber security strategies are not robust enough, and further measures need to be put in place to beat cybercriminals.
Furthermore, human error remains the number one threat to cybersecurity for an organization, with many businesses not investing in the training of their staff to ensure they can detect against malicious email, web pages or links.
When it comes to checking your current system capabilities to protect against this and any future cybersecurity attack, Smoothwall’s Head of Product Phil Smith explains, “Smoothwall advocates the use of Bitdefender anti-malware detection as part of our solution. Bitdefender is a world-class and leading anti-malware provider, and has signatures to detect for WannaCry ransomware (see their statement here.)
“Smoothwall customers licensed for Anti-Malware will get signature updates every hour, ensuring their systems are up to date.
“Smoothwall customers should check that their filtering policies are set to scan for non-safe content (the default policy rules) to ensure they are protected. For customers that run the Smoothwall firewall, we would always recommend only opening ports that are absolutely necessary. Customers should check their firewall rules to ensure ports 445, 135, 137, 138 and 139 are blocked.”
A Smoothwall Knowledge Base article on how to protect against Ransomware can be found here. This includes advice on how to use your web filter, HTTP decrypt and inspect, anti-malware and firewall to give you a multi-layered approach to ransomware prevention.
For further help, videos that show how to configure the Smoothwall firewall can be found on the Smoothwall YouTube Channel.
If you’re interested in licensing Smoothwall’s Bitdefender anti-malware engine, please contact us today.
Our specially developed technologies deliver real-time Dynamic Content Analysis™ of web pages, all without impacting on the users’ experience.