Surely many of you have had a bad day because of WannaCry, the famous ransomware that has put everyone who works with computers on alert. Many of you may have been engulfed by computers with this malware, but most have not. But just because you have not been infected by WannaCry does not mean that you are safe.
EuroPol states that the waves of infection by this ransomware will continue to exist for the next few days and will be worse. For this reason, we are going to explain what steps to follow to avoid this ransomware or at least so that in case of infection, the damage is the least possible.
Hard drive backup
If we are not infected, what we have to do first of all is disconnect the network cable or wifi and make a backup or clone of our hard drive. We can do this at no cost thanks to tools such as Clonezilla. Once the copy is made, we have to save it on a totally clean pendrive. In the event that our computer becomes infected, using this backup will make our data available again.
Update antivirus
The next step would be update antivirus. All antivirus are being updated to find and fix this ransomware, but there are still some that are not. In any case, Microsoft has updated its antivirus, Microsoft Essentials, so with this tool we can find and solve the problem.
Update the operating system
Another step to take is to update the operating system. The essence of the WannaCry attack was due to computers that did not have an update that had come out last March. This update is known as KB4012598 and is available not only for Windows 7, 8, 8.1 and 10 but is also available for all older systems that are no longer supported, especially for Windows XP.
Close ports to prevent WannaCry from working
The WannaCry attack stems from a vulnerability in the SMB protocol. This means that WannaCry can take control of the computer and even the network to which the computers belong. So to prevent, we will use Microsoft's firewall tool to close port 445 / TCPThis will allow nothing to enter through this port but it will also cause certain programs that use this port to stop working.
Conclusion
With these four steps we can have a certain security against the WannaCry attack, however the main danger is still the human being, that is, no matter how many precautions we take, if the administrator or user does not know what they are doing, WannaCry will appear. That is why many of these measures are focused on prevention and not cure. In any case, updating the operating system is the most plausible and popular option of all. At least the one recommended by companies like Telefónica or Microsoft.