WannaCry Ransomware Guidance (fast publish)

Posted on Posted in Security

I’m currently working with a client at a ~5,000 seat site to combat a WannaCry ransomware outbreak. I’ve put together some draft high level information on the malware, mitigation strategies and high level removal guidance.

It’s really rough at the minute (I’ve been helping recover services, conducting vulnerability scans, configuring honeytraps, collecting samples, setting up sinkholes and advising on remedial strategies so I’ve not had much time to polish this yet)

WannaCry Ransomware Mitigation Techniques 0.3

I’ll re-visit this once I’ve had more time (and sleep!)

[update 1.1 – I’ve added in network (firewall/routers/switches) ACL’s as a mitigation strategy as I’d forgotten to list this]

Leave a Reply

Your email address will not be published. Required fields are marked *