How Can EOS Switches Protect Against WannaCry Ransomware
Can anything be done with EOS switches to prevent the WannaCry Virus?
Friday 5/12/17, a coordinated cyberattack took place using a new type of ransomware called WannaCry, which is sometimes called WannaDecryptor. The malware attack originated through email which means once the Wannacry ransomware is activated it immediately starts an aggressive scan over TCP port 445 as well as SMB ports 139 and 445 to find devices with these ports open and then encrypting their data.
It is not practical to block this traffic because the protocol is used to access network resources, however, fishing attacks can be prevented by using the NAC assessment agent to verify devices have up to date software before they are allowed on the network.