Hi !
The last couple of weeks was very busy for most of the Security Teams all around the globe. Windows 10, 8, 7, Vista and even XP, has been targeted by a couple of RansomWare attacks (WannaCry and Petya are the most popular ones). There is plenty of materials online about the source of the attack, and how the app works, so I won’t write about this.
I’ll go for the simple path and I’ll share a simple animation with the 3 simple steps you need to disable SMB File Sharing (link), which is the main entry point for this Ransomware attacks.
There are a couple of tutorials on this, this one link, is very useful for all the Windows versions affected.
If you are a Windows 10 user, the next big release Windows 10 Creators Update, will add an specific feature in the Security Center to avoid this types of attacks. This versio will be released on September.
Inside the Windows Defender Security Center, in the “Virus and Threat protection settings” section, we can find the option “Controlled folder access” which will allows us to enable this specific protection.
Windows Insiders users have this feature available in the Build 16232. And in a couple of months it will be available for all Windows 10 users.
The Hacker News teams have published a very complete article (link) about this new future feature.
Greetings @ Burlington
El Bruno
References
- Technet, Server Message Block overview
- The Windows Club, How to disable SMB
- The Hacker News, Windows 10 to Get Built-in Protection Against Most Ransomware Attacks