At High Speed IT Network Services LLC (HSIT) (www.hispeedit.com), an end-to-end security
solutions provider, offers security consultancy services, digital and network
security products that meet customer requirements, solution implementation
models, and a holistic, cost effective management and operation of security solutions.
Ø Network Security
: Firewall Solution (Cisco, Juniper, Sonicwall, Fortinet, &
Watchguard)
Ø
Endpoint Protection :
1.Antivirus (McaFee, Kaspersky & Symantec)
2.Data Encryption,
3.Desktop Firewall.
4.Patch updation
2.Data Encryption,
3.Desktop Firewall.
4.Patch updation
5.USB
Protection
May/12/2017 saw the biggest ever cyber attack in Internet history
(yes, bigger than the Dyn DDoS). A ransomware named WannaCry stormed
through the web, with the damage epicenter being in Europe.
Ransomware has been a growing trend for the past two years, and this is just a culmination, a grand reveal to the wider world of just how big of a threat it is. But we’ve been writing about this for a while now.
According to Symantec, ransomware attacks are
continuing to escalate worldwide as they provide a lucrative business for
criminals. The company has identified over 100 new 'malware families' over the
last year, more than triple the amount seen previously, as well as a 36 percent
increase in ransomware attacks globally.
High Speed IT Network Services LLC (HSIT) Engineers suggest the Firewall/Network Security as per your needs and requirements.
For any assistance : www.hispeedit.com
Call 0566127073 /
025554789
info@hispeedit.com
Ransomware is a malicious software that encrypts the files and locks device, such a computer, tablet or smartphone and then demands a ransom to unlock it.
Recently, a dangerous ransomware named 'Wannacry' has been affecting the computers worldwide creating the biggest ransomware attack the world has ever seen. This has affected computers all over the world.
What is WannaCry Ransomware?
WannaCry ransomware attacks windows based machines. It also goes by the name WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY.It leverages SMB exploit in Windows machines called EternalBlue to attack and inject the malware.
Solutions:
Please install the patch
All versions of windows before Windows 10 are vurnerable to this attack if not patched for MS-17-010.
After a system is affected, it encrypts the files and shows a pop up with a countdown and instructions on how to pay the 300$ in bitcoins to decrypt and get back the original files. If the ransom is not paid in 3 days, the ransom amount increases to 600$ and threatens the user to wipe off all the data. It also installs DOUBLEPULSAR backdoor in the machine.
What can you do to prevent infection?
Microsoft has released a Windows security patch MS17-010 for WinodwsØ machines. This needs to be applied immediately and urgently.
Remove Windows NT4, Windows 2000 and Windows XP-2003 from production environments.Ø
Block ports 139, 445 and 3389 in firewall.Ø
Avoid clicking on links or opening attachments or emails from people you don't know or companies you don't do business with.Ø
SMB is enabled by default on Windows. Disable smb service on theØ machine by going to Settings > uncheck the settings > OK
Make sure your software is up-to-date.Ø
Have a pop-up blocker running on your web browser.Ø
Regularly backup your files.Ø
Install a good antivirus and a good antiransomware product for better security.Ø
File Names:
• @Please_Read_Me@.txt
• @WanaDecryptor@.exe
• @WanaDecryptor@.exe.lnk
• Please Read Me!.txt (Older variant)
• C:\WINDOWS\tasksche.exe
• C:\WINDOWS\qeriuwjhrf
• 131181494299235.bat
• 176641494574290.bat
• 217201494590800.bat
• [0-9]{15}.bat #regex
• !WannaDecryptor!.exe.lnk
• 00000000.pky
• 00000000.eky
• 00000000.res
• C:\WINDOWS\system32\taskdl.exe
For any help / assistance or guidance reach www.hispeedit.com; info@hispeedit.com
OR
Call 025554789 / 0566127073
Please send this important message to all your computer users
