- Perform regular Staff Awareness specifically on spotting Phishing Emails
- Have a robust Patch Management Processes. Ensure all Microsoft Windows systems have Microsoft Critical Updates applied quickly – they are marked as critical for a reason!
- Have Anti-Virus running on all Microsoft Windows systems, with AV definitions kept up-to-date
Security in Depth
There are further security risk-reducing steps like filtering web traffic, ensuring data is regularly backed up, security monitoring, and network segmentation, but the above three are the most simple and most effective in terms of prevention against this type of attack, especially within the SMB space where security budgets are limited. Expect further versions of the WannaCry ransomware.
The Reasons Behind this Advice
This is a Security Bloggers Network syndicated blog post authored by Dave Whitelegg. Read the original post at: IT Security Expert Blog