Measures of bitcoin virus in different countries

Internet security once again because of a large-scale outbreak of computer viruses and caused everyone's attention: bit virus. The emergence of this virus will make the computer's documents locked, hackers to coerce ransom, and most of the places are important units. For example, Chinese universities and British hospitals. The data of these units are very important. Most of the time, the school is not only an ecational unit, many key universities also undertake a lot of scientific research tasks. From a certain point of view, it also shows that hackers are very selective and targeted

from this point of view, Microsoft's vulnerability supplement is targeted and prescient, and the possible vulnerabilities should be supplemented in time

from the user's point of view, this virus attack is different from the previous one. In the past, it is generally in the form of camouflage and loading to ince customers to take the initiative to download. And this time the virus is mostly spread through the LAN, as long as you boot, the virus will invade. The document cannot be opened normally

if this virus attack has any inspiration for us to use computers and pay attention to Internet security, I think it can be inspired from at least two aspects: the first is to strengthen the security of computer systems, such as using official patches to repair vulnerabilities in time; the other is to install regular anti-virus software, update it in time, and strengthen the firewall

At present, the wanna series of blackmail viruses have been controlled to a certain extent, but the virus is constantly fighting against the upgrade. The effective prevention of this wanna blackmail virus can be avoided through the following actions

one is to temporarily close the port. Windows users can use firewall to filter personal computers, and temporarily turn off 3389 remote login on ports 135, 137 and 445 (if they don't want to turn off 3389 remote login, at least turn off the smart card login function), and pay attention to update security procts for defense, so as to minimize the risk of computer attack

The second is to update the released security patches of windows in time. When the ms17-010 vulnerability was first exposed in March, Microsoft had provided security updates for win7, win10 and other systems; After the outbreak of this incident, Microsoft also quickly released a special patch for Windows XP and other systems that had not provided official support before

The third is to use "blackmail virus immune tool" to repair. Users download the offline version of Tencent computer manager "blackmail virus immunity tool" through other computers, and the files to a safe and non-toxic U disk; Then turn on the designated computer when WiFi is turned off, the network cable is unplugged and the network is disconnected, and back up important files as soon as possible; Then use the offline version of "blackmail virus immunity tool" to fix the vulnerability with one click through USB flash disk; Network can be normal use of the computer

Fourthly, using the "file recovery tool" to recover. Users who have been infected with the virus can use the computer manager - file recovery tool for file recovery, with a certain probability of recovering your documents

in addition, enterprise network administrators can use the "Administrator Assistant" to detect the security of computer equipment. Tencent's anti-virus laboratory security team, after tackling key technical problems, launched a computer housekeeper "Administrator Assistant" diagnostic tool for vulnerable enterprise customers on the evening of the 14th. The enterprise network administrator only needs to download the diagnostic tool and input the IP or device name of the target computer to diagnose whether the target computer is infected with blackmail virus; Under the guidance of the diagnosis report, the health equipment that has not been patched can be patched and defense can be arranged in time

note: in the near future, Windows users should try to avoid visiting high-risk web pages. At the same time, if they are unfortunately poisoned, they should not pay ransom. They can contact the security manufacturer to help recover valuable data, or they can completely eliminate the virus by formatting the hard disk

1. many countries suffered from network attacks

< / OL >

on May 12, many countries around the world suffered from large-scale network attacks. After the computers of the attackers were locked, they were required to pay bitcoin to unlock. The spread of malware began in the UK. At present, no hacker organization has claimed the attack

According to a report released by Kaspersky laboratory, a Russian network security enterprise, on the 12th, it was found that 74 countries and regions around the world had suffered the attack, and the actual scope may be wider. The agency said that in the 20 most attacked countries and regions, Russia was far more vulnerable than other victims, and Chinese mainland ranked fifth. p>

Hello, we are doing network information security ecation, called 15pb information security ecation. Let me tell you how the network security personnel should improve themselves in view of this incident:

1. analyze the principle and infection mechanism of the virus, and make targeted protective measures to ensure that similar incidents do not happen again

2. do more work on software vulnerability mining, check and repair defects, and improve the system as much as possible. Try not to give hackers a chance to attack

3. involves the knowledge of the bottom layer. If you know how to assemble and disassemble, you will master the principles of these viruses. Can better do the maintenance of information security. If you want to improve your technology, go down and understand the basic principles

4. there are two forms of enterprise security work: bottom security and web security. Web is basically the user of security tools and scripts, and the bottom security personnel make these tools and scripts. You can see for yourself how to choose

< / OL >