WannaCrypt - Demo cách thức lây nhiễm & Phòng chống

Bài cập nhật về con virus tai quái này của Microsoft:
https://blogs.technet.microsoft.com/mmpc/2017/05/12/wannacrypt-ransomware-worm-targets-out-of-date-systems/

Demo cách thức lây nhiễm qua video & hình ảnh (nguồn từ Genk):
http://genk.vn/muon-biet-may-dinh-ransomware-wannacry-trong-nhu-the-nao-chung-toi-da-quay-video-thuc-te-cho-ban-xem-20170515111546648.chn

Cách phòng tránh:

To get the latest protection from Microsoft, upgrade to Windows 10. Keeping your computers up-to-date gives you the benefits of the latest features and proactive mitigations built into the latest versions of Windows.
.
We recommend customers that have not yet installed the security update MS17-010 do so as soon as possible. Until you can apply the patch, we also recommend two possible workarounds to reduce the attack surface:
.
Disable SMBv1 with the steps documented at Microsoft Knowledge Base Article 2696547 and as recommended previously
.
Consider adding a rule on your router or firewall to block incoming SMB traffic on port 445
.
Windows Defender Antivirus detects this threat as Ransom:Win32/WannaCrypt as of the 1.243.297.0 update. Enable Windows Defender Antivirus to detect this ransomware. Windows Defender Antivirus uses cloud-based protection, helping to protect you from the latest threats.
.
For enterprises, use Device Guard to lock down devices and provide kernel-level virtualization-based security, allowing only trusted applications to run, effectively preventing malware from running.
.
Use Office 365 Advanced Threat Protection, which has machine learning capability that blocks dangerous email threats, such as the emails carrying ransomware.

Đã rất lâu rồi mới gặp 1 con virus khai thác được lỗ hổng của Windows để tự chạy và tự lây lan qua môi trường mạng LAN (cả wire và wireless). Note lại làm kỷ niệm :)