Prevention of WannaCry Ransomware Threat - Session by CERT-In

Urgent Security Notification: Protection Against 

WannaCry ransomware Attack

There is a critical vulnerability (Microsoft Security Bulletin MS17-010) in various versions of Microsoft Windows (client as well as server) which is being used to spread ransom-ware across the globe.

The ransomware is spreading like wild fire infecting critical installations like healthcare globally. (Please also refer https://www.microsoft.com/en-us/security/portal/threat/encyclopedia/Entry.aspx?Name=Ransom:Win32/WannaCrypt ). The Ransomware in question has been identified as a variant of ransomware known as WannaCry (also known as 'Wana Decrypt0r,' 'WannaCryptor' or 'WCRY'). Such ransomware infection typically leverages social engineering or spam emails as a primary attack vector, tricking users into downloading and executing a malicious attachment.

Once infected with the WannaCry ransomware, victims are asked to pay up to $300 in order to remove the infection from their PCs; otherwise, their PCs render unusable, and their files remain locked.

First of all, if you haven't patched your Windows machines and servers against EternalBlue exploit (MS17-010), do it right now. Microsoft has just released an emergency security patch update for all its unsupported version of Windows, including Windows XP, Vista, Windows 8, Server 2003 and 2008 Editions.

You are advised to refer https://technet.microsoft.com/en-us/library/security/ms17-010.aspx and accordingly patch Microsoft Windows on urgent basis.

Prevention of WannaCry Ransomware Threat - Session by CERT-In

URL: http://webcast.gov.in/cert-in/

Please ensure that you are safe from this threat.