Block SMB access to the Internet, which runs over TCP ports 137, 139, 445 and UDP

ports 137, 138.

Apply the Microsoft patch for the MS17-010 SMB vulnerability dated March 14, 2017.
Filter and monitor email for phishing attacks, watching for inbound executable and
macro-enabled attachments.
Utilize least privilege by giving users access only to the resources they need to
conduct their jobs to contain damage from a compromised user account.
Reduce and restrict full administrative privileges. Segregate administrative
accounts from system administrators and from the user accounts they use to read
email and surf the web. Also, restrict common administrative access to TCP ports
such as 22, 23, and 3389.
Configure internal access controls to contain infection contagion within the
networks. Block or restrict SMB (TCP ports 137, 139, 445 and UDP ports 137, 138).
Send internal flash bulletins to users regarding this outbreak, warning them to
beware of attachments as well as cautioning them not to bring in possible infected
outside devices (teleworkers, vendors, home computers) to the office network.
Perform and test backups regularly.