Handling WannaCry: Guidelines from the National Cybersecurity Agency

Buzz

Ngày cập nhật gần nhất: 15/4/2026

Given the widespread spread of Ransomware Wanna Crypt, the National Cybersecurity Agency has recently issued instructions on the most effective ways to handle WannaCry malware up to the current time, ensuring computer users are informed and safeguarded.

According to the National Cybersecurity Agency under the Ministry of Information and Communications, there is currently a type of Ransomware malware known as Wanna Cry or Wanna Crypt that acts as spyware infiltrating computers, encrypting Word, Excel files, and other content to extort ransom from victims threatening to delete all such files. The cause lies in a vulnerability named Eternal Blue present in your Windows, which has only been addressed in recent versions of Windows 10.

As announced a few days ago, the EternalRocks malware was discovered when there was not yet a comprehensive solution for WannaCry. So far, several methods to eradicate EternalRocks have been instructed by experts for users. In case your computer is infected with EternalRocks, refer to the methods to eradicate EternalRocks for immediate implementation.

To check if your computer is infected with the WannaCry malware, refer to the article on checking WannaCry to manually check your system for WannaCry malware infiltration to better protect your important data.

To prevent WannaCry malware and eradicate WannaCry Ransomware, which may occur on your computer, besides the preventive measures against WannaCry that Mytour has mentioned, you should also follow the WannaCry handling method from the National Cybersecurity Agency - Ministry of Information and Communications, applicable to both individuals and organizations as follows.

Guide to handling WannaCry for computers

For individuals using computers

Dealing with Wannacry on Windows 10

Step 1: For those using Windows 10, the best way to handle Wannacry is to update Windows immediately to the Windows 10 Creators Update version. Refer to the article on upgrading to Windows 10 Creators Update to protect your computer and address the Eternal Blue vulnerability.

Step 2: If your computer has already been updated to Windows 10 Creators Update, don't forget to check for Windows updates. Microsoft has recently released a security update for Windows 10 Creators Update. First, open the Start Menu and search for 'Update' to access Windows Update.

Step 3: Here, the system will check for and download the latest update for your computer or laptop to address WannaCry and prevent it. After updating, remember to restart your computer.

Handling Wannacry on Remaining Windows XP, 7, 8 Versions

For users running older operating systems like Windows XP, 7, 8, Microsoft has not provided patches for the Eternal Blue vulnerability. To minimize the risk of encountering malware and deal with Wannacry on your computer, update your operating system to the latest version available.

- Download the patch for Windows XP Update SP2 64bit
- Download the patch for Windows XP Update SP3 32bit
- Download the patch for Windows XP Update SP3 Embedded 32bit

- Download the patch for Windows 7 Update 64bit
- Download the patch for Windows 7 Update 32bit

- Download the patch for Windows 8 Update 64bit
- Download the patch for Windows 8 Update 32bit

- Download the patch for Windows Server 2003 Update SP2 64bit
- Download the patch for Windows Server 2003 Update SP2 32bit

Dealing with Wannacry: Update Antivirus Software

The WannaCry malware is currently on the radar of major technology and security firms such as Kaspersky, Norton Antivirus, and AVG. Consequently, they are constantly monitoring the situation and providing updates for their software to help users handle WannaCry effectively.

Additional Considerations for Users

- Avoid clicking on unfamiliar links, links sent through Facebook, or any suspicious emails.
- Refrain from downloading unfamiliar files or attachments from emails if their source is unclear.
- Do not open links with HTA extensions or .exe files sent via messages.
- Remove Tor browsers from your computer system and refrain from downloading files.
- Avoid downloading Torrent links as they can easily install spyware.
- Develop a habit of regularly backing up data stored on your computer.

Dealing with WannaCry for Organizations, Businesses, Systems

For companies, organizations, or businesses using server networks, the impact of WannaCry infection can be more severe. Therefore, addressing the WannaCry malware is not solely the responsibility of administrators but of every member within the network.

The most crucial task for administrators is to close or temporarily disable services using ports 445, 137, 138, 139 on their computers.

Step 1: To close port 445, follow these steps: Press Windows + R keys, then type Regedit to access the Registry Editor.

Step 2: Next, navigate to Computer > HKEY_LOCAL_MACHINE > SYSTEM > CurrentControlSet > Services > NetBT > Parameters

In the Parameters section, you'll find a file named TransportBindName. Double-click to open the file.

Step 3: Delete all values in the Value data field of TransportBindName, then confirm OK to close.

Step 4: After that, restart your computer, open Command Prompt, and type Netstart -an. You will see that port 445 is no longer active.

For the remaining ports, we just need to disable NETBIOS using the following method:

Step 1: Open MenuStart, type 'control panel' to access Control Panel.

Step 2: Proceed to the Network and Internet section in Control Panel.

Step 3: Next, navigate to Change adapter settings which leads to Network Connections. Here, right-click on the network in use and select Properties.

Step 4: Double-click on Internet Protocol Version 4 or select Properties.

Step 5: In the General tab, choose Advanced for advanced settings.

Step 6: Switch to the WINS tab and select Disable NETBIOS over TCP/IP to close the remaining ports.

In addition to the above measures, administrators should note the following for better system security:

- Ensure prompt updating of server system upgrades and patches to prevent and handle WannaCry malware.
- Create snapshots with virtual servers as a precaution against attacks.
- Update antivirus software and use licensed software for maximum computer protection.
- Regularly backup database.
- Employ safety measures such as Firewall, IDS, IPS, SIEM for monitoring and protecting the system during this sensitive period.

These are temporary measures to help you deal with WannaCry malware during this critical period. If you want to learn more about WannaCry and what Ransomware WannaCrypt is, you can refer to our article on what WannaCry virus is.

Removing the WannaCry virus completely is currently not possible, but it can help clean your system to some extent. If you don't know how to do it, you can refer to the methods Mytour has introduced.

Currently, there are 2 tools available to help you detect whether your computer or laptop is infected with the WannaCry malware so you can back up your data: BKAV CheckWanCry and VNIST Scanner. Both tools are lightweight and will comprehensively scan your system to detect any dangerous malware, including WannaCry. If detected in time, you won't have to pay a ransom to retrieve your important data.

Frequently Asked Questions

What steps should I take to handle WannaCry malware effectively?

To handle WannaCry malware, first update your Windows operating system to the latest version, preferably Windows 10 Creators Update. Then, check for any security updates through the Windows Update feature. Additionally, update your antivirus software and avoid clicking on suspicious links or downloading unfamiliar files.

How can I check if my computer is infected with WannaCry malware?

Yes, you can check for WannaCry infection by using tools like BKAV CheckWanCry or VNIST Scanner. These lightweight tools scan your system for malware, helping you identify and back up your data if any threats are detected.

What are the preventive measures against WannaCry malware?

To prevent WannaCry malware, regularly update your operating system, maintain up-to-date antivirus software, and avoid opening suspicious emails or links. It's also essential to back up your data frequently to safeguard against potential ransomware attacks.

Is it necessary to update my antivirus software for WannaCry protection?

Yes, updating your antivirus software is crucial for effective WannaCry protection. Major security firms like Kaspersky and Norton are actively monitoring the situation and providing updates that can help you defend against this malware.

What should organizations do to protect against WannaCry infections?

Organizations should promptly close ports 445, 137, 138, and 139 on their networks. Regularly updating server patches, using firewalls, and conducting system backups are essential strategies to mitigate the risk of WannaCry infections.

Mytour's content is for customer care and travel encouragement only, and we are not responsible.

For errors or inappropriate content, please contact us at: [email protected]