By now you’ve probably heard about the largest-ever ransomware attack that hit the world a little over a week ago. It’s been dubbed WannaCry by the anti-malware community, and it held a little over 230 000 PCs to a 300 US dollar ransom, payable in the popular cryptocurrency, Bitcoin.
It affected a large number of big organisations, too; perhaps the best-known of these was the UK’s National Health Service (NHS), which still uses PCs powered by Windows XP and Windows 7 in some of its operations. Many of the health providers within the NHS were prevented from providing patient care while under attack.
Mutated code
While the spread of the initial strain of this ransomware has slowed somewhat, the code has mutated into a newer form and is still claiming victims as of this writing. Once a machine is infected, getting rid of the malware and saving the encrypted data is a task best left to experts.
In a case like this, prevention is definitely better than cure. To that end, ASUS sent us a friendly reminder that its “AiProtection” functionality is already protecting users of its high-end routers from such attacks.
IPS FTW
AiProtection has a commercial-grade “intrusion protection system” that’s powered by security giant Trend Micro’s Smart Home Network technology. It can prevent ransomware like WannaCry from taking advantage of things like open ports on the network, and it inspects every single packet of network data that flows through the router to detect and block any suspicious activity.
Trend Micro reported that last week, ASUS AiProtection blocked over a million individual ransomware attacks.
ASUS also recommends that all PCs on the network have the latest operating system patches installed. Part of the reason for WannaCry’s success is that it was able to infect un-patched Windows PCs. The threat was so severe that Microsoft released a patch for Windows XP even though it ended official support for the OS in 2014.
Enabled is best
Of course, as with any protective mechanism, for AiProtection to work it must be enabled via the router’s dashboard. Once it is, it keeps itself up to date on the latest malware signature and behavioural trends with daily updates that it downloads and installs automatically.
Here’s how to check if AiProtection is enabled, and if not, how to enable it:
- Point the default browser of any PC that’s connected to a qualifying ASUS router to http://router.asus.com.
- Click on the AiProtection tab and make sure these three features are enabled: Malicious Site Blocking, Vulnerability Protection, and Infected Device Prevention and Blocking. If they aren’t enabled, enable them by clicking the switch you’ll see next to each to “On”.
Lastly, it never hurts to make sure your router is running the latest firmware. To check that, click the Administration tab and then the Firmware Upgrade tab. Now click Check – if everything is current you’ll be notified that your firmware is fine; if not the router will download and install the latest firmware update automatically.
These are the routers that come with AiProtection:
- RT-AC5300
- RT-AC88U
- RT-AC3200
- RT-AC87U
- RT-AC68U
- RT-AC66U
- DSL-AC68U
- BRT-AC828