How to Protect Your Network From Ransomware in Windows 7/8/10?
What is Ransomware?
Recent days, you must be threatened by a Ransomware virus named WannaCry cyber attack. Why the Ransomware so bloodcurdling? Ransomware is a malware virus that prevents victim from accessing their operating system, either by locking the system's screen or by locking the users' files unless a ransom is paid. You have to pay the ransom if you want to get the decryption key. At this time, the WannaCry Ransomware exploits the EternalBlue (a flaw of Microsoft’s software) to spread rapidly across networks locking away files. After infecting the Ransomware virus, it will detect your essential files, encrypt your files and delete your original files, so it’s quite hard to recover your important data. Regardless of Ransomware or WannaCry virus, they take the Network as the carrier. Thus, how to protect your network from Ransomware?
Why should you protect your network?
The Ransomware will infect all the computers on the same network, like home network, enterprise LAN, campus network. Once your computer infected, other PCs on the same LAN will be infected quickly, causing more damage for a large scale of data. Considering the harmfulness of Ransomware, you should prevent Ransomware attacks with effective actions to keep your network and data safe.
How to protect your network from Ransomware?
In order to avoid the dilemma of data loss, there are some measures recommended by experts to protect your computer against WannaCry Ransomware, you can refer to these tips:
1. Make sure you have installed the latest updates in your Windows OS, or install the Microsoft Security Bulletin MS17-010, which is released by Microsoft to repair the EternalBlue vulnerability, you can verify if the MS17-010 is installed.
2. Cut off the network before booting your computer.
The WannaCry Ransomware virus can’t access and encrypt your files without network. Then install and run anti Ransomware software to prevent Ransomware virus.
3. Block Windows 445/137/138/139 port.
What is the 445/137/138/139 port used for? The 445 port is used for offering shared access to files, printers, serial ports, and other sorts of communications between nodes on a network. Ports 137, 138 and 139 are for NetBIOS, NetBIOS stands for Network basic input output system and is used in Windows for its file and printer sharing. Thus, you can block 445 port with these steps:
Press Win+R combination, and input "cmd" in the dialog, choose Run as administrator.
Input netsh advfirewall set allprofile state on and press Enter.
Input netsh advfirewall firewall add rule dir=in action=block protocol=TCP localport=445 name="Block_TCP-445" and press Enter.
Besides, you can disable NetBIOS over TCP/IP (block 137, 138, 139 ports) support in Windows 7/8/10:
Click Start, and then click Control Panel.
Under Network and Internet, click View network status and tasks.
Click Change adapter settings.
Right-click Local Area Connection, and then click Properties.
In the following items list, double-click Internet Protocol Version 4 (TCP/IPv4), click Advanced, and then click the WINS tab.
Click Disable NetBIOS over TCP/IP.
After disabling these ports, you can prevent the Ransomware effectively.
4. Backup data regularly in case of lock screen or data loss caused by Ransomware attack.
Under that condition, you can try AOMEI Backupper Free to backup your system, files, hard disk and partitions. It’s designed for Ransomware especially for WannaCry Ransomware. You might want to download it free. If you’re infected, the backup may be the best way to recover your critical data.
AOMEI Backupper Free offers you two best protection against WannaCry Ransomware: I Want to Backup Data (if not infected), Create Bootable Media (create bootable media to boot your computer under WinPE environment if infected, then you can backup system/files/disk/partition without Ransomware virus.)
Here is how to protect your network from Ransomware with Disk Backup feature:
Install and launch the program, connect your removable drive (like external hard drive, USB drive, CD/DVD, etc.) to your computer. Select I Want to Backup Data in its main interface.
Choose Disk Backup under Backup panel.
Input Task Name, select the disk you want to backup in the Step1 and choose the removable disk as destination in the Step2.
Tips: Make sure you have ticked Schedule to backup data regularly.
Press Start Backup to prevent Ransomware attacks.
5. Configure firewalls to block access to known malicious IP addresses.
6. Don’t visit unsafe, malicious website or click email attachment that you’re not pretty sure its sender.
7. Enable strong spam filters to prevent phishing emails from reaching you.
Compared with these solutions to protect your network from Ransomware, the proactive Ransomware backup strategy could be the best way to block Ransomware. If infected with Ransowmare virus, you can also protect your data in case of data loss. Hope you can benefit a lot from this article.