19.6.2017
An announcement from BTK-USOM has been issued regarding the Petya malware that harms systems in various countries around the world and ways to protect against it.
In the announcement, it was reported that the Petya malware, which harms systems similar to the WannaCry malware, spreads using phishing emails and outdated services (SMB); the statement included: “The Petya malware is embedded into Office documents using a vulnerability in Microsoft Office software (CVE-2017-0199) and sent as attachments to fake emails. Like the WannaCry malware, the Petya malware encrypts the systems it infects, rendering them unusable, and demands Bitcoin to unlock the encrypted system.”
Ways to protect against the Petya malware were listed as follows in the announcement:
1- Applying the relevant updates (MS17-010 - https://technet.microsoft.com/en-us/library/security/ms17-010.aspx),
2- Using an up-to-date antivirus,
3- Disabling the SMB service when not in use,
4- Being cautious against phishing emails that arouse curiosity and not opening their attachments
are recommended.”
The announcement also stated, “Institutions affected by the relevant malware must promptly provide feedback to USOM by filling out the attached cyber incident evaluation form and sending it to [email protected].”
Contact addresses for the National Cyber Incident Response Center (USOM), which conducts detection and prevention activities for cyber threats originating from domestic and foreign sources within the country:
National Cyber Incident Response Center (USOM-TRCERT)
Tel: (0312) 586 53 05 / (0549) 779 87 85
Web: www.usom.gov.tr
E-mail: [email protected] / [email protected]
Social Media: https://twitter.com/trcert
RSS Feeds: http://www.usom.gov.tr/feeds.html