TRA issues advices on ransomware ‘Petya’; thousands of computers hacked globally


Staff Report

Abu Dhabi – The Telecommunications Regulatory Authority (TRA) on Wednesday advised the users to be aware of the updated version of the ransomware “Petya”, which started spreading globally on Tuesday and breached thousands of computers and servers around the world.
The breach disabled, encrypted, and locked users from accessing their computers without paying a sum of Bitcoin, and that’s when a group of hackers developed a new version of the ransomware “Petya” by exploiting the same gap in the operating system Windows, named ExyernalBlue in the SMBv1 protocol. This virus restarts the victim’s device, encrypts the Master File Table, and exchanges the Master Boot Record with a series of malicious software instructions that shuts down the device.

Earlier media reports revealed that Ransomware known as Petya seems to have re-emerged to affect computer systems across Europe, causing issues primarily in Ukraine, Russia, England and India, a Swiss government information technology agency said on Tuesday.

“There have been indications of late that Petya is in circulation again, exploiting the SMB (Server Message Block) vulnerability,” the Swiss Reporting and Analysis Centre for Information Assurance (MELANI) said in an e-mail.

It said it had no information that Swiss companies had been impacted, but said it was following the situation. The Petya virus was blamed for disrupting systems in 2016.

Russia’s top oil producer Rosneft said a large-scale cyber attack hit its servers on Tuesday, with computer systems at some banks and the main airport in neighboring Ukraine also disrupted.

TRA Advices

The TRA Computer Emergency Response Team (aeCERT) announced that there hasn’t been any reported cases of breach by this virus in the UAE.

To avoid exposure to the virus, the TRA advises individuals to follow these steps:
• Always keep a backup copy
• Avoid opening links and files from an unknown source
• Use the original anti-virus programs
• Update the software of your phone and computer constantly
• Avoid surfing untrusted sites

In case of exposure to the virus, the TRA advises the individuals to do the following:
• Do not obey the hackers, there is no guarantee that paying the ransom will lead to the decryption of the files.
• If the attacked device is the company’s computer, inform the Information Technology Department immediately.
• If the attacked device is your personal laptop, take it to the authorized agent.
• Don’t open any untrusted emails
• Update the software of all your personal devices