Even as I write this, I get the feeling that this blog series is too basic, but with the sheer number of attacks and recent news on this topic, it’s obvious ransomware basics are not common knowledge. We focused on backups in our first two installments, and now we are going to focus on patching. Yes, patching is essential for any computer. The past 30 years of computer development has proven that it is nearly impossible to produce a perfect operating system. Thus, patching is a way to fix vulnerabilities resulting from poorly-written code.
To give you some guidance on where to get patches and tools, I have made a list some key patches that you need to obtain from Microsoft:
Security update for Microsoft Windows SMB Server
Defeat WannaCry with Windows Defender Security Intelligence
Remove specific prevalent malware with Windows Malicious Software Removal Tool
There are also many other patches and tools that Microsoft has produced. The vulnerability that allowed WannaCry to happen had a patch released before the attack even began. What is the lesson here? Patch your systems before you are attacked.
As a general guide to patch management, here are some basic rules:
- Pay attention to emails announcing the release of new patches.
- Test patches ASAP.
- Implement critical patches immediately.
- Implement all patches after testing.
- Once a new strain of ransomware is announced, take proactive measures to help reduce the likelihood of you being infected.
Backing up files and applying patches is not rocket science. However, organizations need to perform patching basics to protect their computers, networks, and data.
Next week we will continue with our ransomware discussion by going over how to prepare your security against ransomware.