Several things that must be considered for the prevention of new Lockbit ransomware variants as of March 2020, including:
Close SMB1 Windows
Run PowerShell on Windows as Administrator
Run the command below
Disable-WindowsOptionalFeature -Online -FeatureName smb1protocol
Select N if you do not want to restart now
Select Y if you want to restart now
You must restart the server for the function to take effect
Windows Update
Open Windows Update panel
Make sure to set Automatic updates and automatic install updates
Start > Control Panel > System & Security > Windows Update > Check for updates
Install Windows Update (critical update priority)
Wait for it to finish
Schedule server restart outside office hours (usually above 18.00 WIB)
Windows User
Make sure Windows user Administrator is disabled
Make sure the Windows user password uses a combination of letters, numbers, symbols, uppercase and lowercase letters. at least 10 characters long.
