Smashing Security #021: WannaCry – Who’s to blame?

Graham Cluley

Ss episode 21 thumbnail

Smashing Security podcast: "WannaCry - Who's to blame?"

The WannaCry ransomware has struck! But before we tackle that subject, and who we should blame for one of the highest profile malware attacks for years, we discuss how HP has been unwittingly capturing the keystrokes of its laptop users. Then we briefly discuss what might be the worst cinema date in history, before rounding things off with a discussion of hackers extorting money out of movie studios.

All this and more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by special guest Paul “Pob” Baccas.

Smashing Security #021: 'WannaCry - Who's to blame?'

Listen on Apple Podcasts | Google Podcasts | Other... | RSS
More episodes...

Hosts:

Graham Cluley – @gcluley
Carole Theriault – @caroletheriault

Guest:

Paul Baccas – @pobicus

Show notes:

Sponsor: Recorded Future

This episode of Smashing Security is made possible by the generous support of Recorded Future – the real-time threat intelligence company whose patented machine learning technology continuously analyzes technical, open, and dark web sources to give organizations unmatched insight into emerging threats.

Sign up for free daily threat intelligence updates at recordedfuture.com/intel.

Thanks to Recorded Future for their support.

Follow the show:

Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.

Remember: Subscribe on iTunes or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Graham Cluley Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and is an international public speaker on the topic of computer security, hackers, and online privacy. Follow him on Twitter at @gcluley, or drop him an email.

One Reply to “Smashing Security #021: WannaCry – Who’s to blame?”

  1. People concerned about WannaCry, and the security conscious in general, should disable SMB v1 in Windows. I'm not sure why this wasn't recommended in the podcast. This can be done by home users as well as corporate users. You should not disable v2 or v3.

    https://blogs.technet.microsoft.com/staysafe/2017/05/17/disable-smb-v1-in-managed-environments-with-ad-group-policy/

    This is so simple there is no reason not to do it. It's a case of ticking a box in Windows Features (appwiz.cpl)!

    My recommendation to avoid infection by WannaCry is to update to MS17-010, disable SMB v1, and ensure you're using decent Internet Security software (AV + Firewall). Updating to MS17-010 alone won't prevent infection if you download any dodgy software / enable macros.

    Microsoft recommend that you block "all versions of SMB at the network boundary by blocking TCP port 445 with related protocols on UDP ports 137-138 and TCP port 139, for all boundary devices."

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Never miss a thing. Sign up for the free GCHQ newsletter from Graham Cluley.
GET EMAIL UPDATES