Prevent Ransomware CyberAttacks – SMBv1 and SMBv2 vulnerability

The article explains how to prevent ransomware cyberattacks with SMB encryption

Prevent Ransomware CyberAttack with SMB Encryption

The WannaCrypt Ransomware attacks that impacted customers all over the world put the spotlight on SMB formally known as CIFS.

The initial infection occurred via a Word file, which, once opened, deployed the WCRY malware. Ransomware encrypted Windows machine’s files, and then used a remote vulnerability found in outdated SMB versions (SMBv1 and SMBv2) to distribute itself to other Windows machines on the same network. Ransomware spread at an estimated rate 5 million infected emails per hour, targeting home users to corporate networks.

In hindsight, the current ransomware disaster could have been avoided. For many years Microsoft has been pleading with customers to end using the old and vulnerable SMB1 protocol and upgrade to the encrypted SMB version. In his blog post, Ned Pyle, Microsoft Principal Program Manager, has explained the SMB1 security vulnerabilities and the lack of efficiency.

A similar warning had come on March 16, 2017 from the Department of Homeland Security in a security best practice article, which had advised users and administrators to disable the SMB1 protocol completely due to its security vulnerability.

Further to the above, Kaspersky Labs has reported that SMB2 is also a source of the latest Ransomware cyber-attacks.

The best way to ensure that your customer’s or your environment stays protected is to deploy the encrypted SMB3.1.1 protocol.

As a company dedicated to advancing the latest SMB protocols, Visuality Systems offers the NQ Family of products that support the latest encrypted SMB3.1.1 protocol for all operating systems under a commercial license and 24/7 support.

Lilia Wasserman, VP R&D, Visuality Systems

Lilia Wasserman, VP R&D, Visuality Systems

Share Via
Related Articles
Share Via
Table of Contents

Visuality systems uses technical, analytical, marketing, and other cookies. These files are necessary to ensure smooth operation of Voltabelting.com site and services and help us remember you and your settings. For details, please read our Privacy policy

Skip to content