Wednesday, June 28, 2017

Recognize Symptoms and 5 Steps of Preventing the WannayCry Ransomware Virus - The WannaCry Ransomware Virus becomes the most talked-in week, whether on the website or on social media. A Malware that infects computers through this network has many casualties in various countries and did not escape in the country of Indonesia. As computer users and the Internet, of course, should be aware of this virus because it could endanger the data / files that exist in the computer. The perpetrator requested carbon copy 300 US dollars to the victim to return data / files that have been damaged / locked by Ransomeware WannaCry virus. Therefore, should be familiar with how the symptoms of this virus and prevention that can be done.
Kenali Gejala dan 5 Langkah Pencegahan Virus Ransomware WannaCry

Figure 1. Examples of computer infected with Ransomware WannaCry virus (Source: KOMINFO)

Recognize Symptoms of WannaCry Ransomware Virus
The spread of Ransomware WannaCry virus most commonly occurs through the Internet network media such as email, social media and websites. Generally, the spread of this virus begins when the user is sent an email that includes a link or document attachment. Next the user clicks the link / url / hyperlik / weblink careless or unknown security link. There is also a mention that this virus can also spread through applications / software. When the user installs an application and it turns out the application is a medium for incoming virus.

There are several symptoms of Ransomware WannaCry virus that is:
  1. The destruction of some existing application programs on the computer.
  2. Damage to the registry.
  3. Keyboard key functionality is off except the number keys.
  4. The locking of existing files.
  5. The emergence of messages from Ransomware WannaCry virus.

5 Prevention of WannaCry Ransomware Virus
Before the computer is exposed to a virus, it should prevent the computer from being injected with this dangerous virus. Some precautions can be done easily and the following 5 preventive steps:

#Step 1
Perform backups of important data (backup files) that are in the computer. This can be done continuously or using a certain period of time. Next, turn off the computer connection to the existing network (do this first before doing any other precautions). For users who in the network area had a victim of this virus then you should not join or connect with the network, because this virus can be transmitted to the computer connected to the network.
#Step 2
The next step of prevention in terms of the entry gap of this virus, namely by:
  • Turning off the Windows and SMB functions of Macros
    You can turn off the SMB function by searching for "Windows features", then uncheck "SMB 1.0 / CIFS File Sharing Support". Click the "Ok" button and restart the computer. Another way to turn off the SMB function is to search for "Power-Shell command", then when the command "Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol" and press "enter".
    As for how to disable Macros Windows, it can be done through an office application that is by click "File" - click Options - click Trust Center - then click Trust Center Settings - In Trust Center, click Macro Settings - select "disable all .... "-Click OK.
  • Blocking ports 139/445 & 3389
    Please follow the steps below:
    1. Run Control Panel
    2. Click "System and Security"
    3. Click "Windows Firewall"
    4. Click "Advanced Settings" on the left menu
    5. Click on "Inbound Rules"
    6.   Look on the right menu Click "New Rules"
    7. Select / Click "Port" and click "Next"
    8. Select / Click "TCP"
    9. Select / Click "Specific local ports:" fill / type: 139, 445, 3389
    10. Click "Next"
    11. Select / Click "Block the connection" and click "Next"
    12. Make sure the "Domain", "Private" and "Public" Options are selected (checked)
    13. Click "Next"
    14. Fill / type the name of the rule, eg: Block Port Ransomware
    15. Click "Finish".
Figure 2. How to Block SMB (Source: Rahard)

#There are 3
Furthermore, can be prevented through the operating system used. For Windows operating system can update security by installing patch MS17-010 which have been released by Microsoft Windows. For those who use genuine Windows, Patch MS17-010 can be downloaded through the official website Here.

#Step 4
After prevention through the operating system, then the next prevention of the update antivirus database to prevent Ransomware WannCry virus into the computer or use the tool of each antivirus for malware prevention of the website. Some discussion groups mention that some antivirus can do prevention like McAfee and SmadAV.

#Step 5
The last preventive step is by not clicking the link carelessly, ignore email messages that are not clear origin, and do not install applications carelessly.

The Ransomware WannaCry virus takes over the computer by turning off keyboard functions and locking the files. Take precautions to avoid virus attacks and not connected to a public internet network.

Source by Zonacerdas.

Best Sellers

Recognize Symptoms and 5 Steps of Preventing the WannayCry Ransomware Virus
4/ 5