{"id":3191,"date":"2017-05-16T05:22:44","date_gmt":"2017-05-16T09:22:44","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=3191"},"modified":"2019-11-15T14:51:00","modified_gmt":"2019-11-15T11:51:00","slug":"wannacry-for-b2b","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/wannacry-for-b2b\/3191\/","title":{"rendered":"WannaCry: Hakk\u0131nda bilmeniz gereken her \u015fey"},"content":{"rendered":"<p>Beklenmedik \u015fekilde ortaya \u00e7\u0131kan fidye yaz\u0131l\u0131m\u0131 WannaCry t\u00fcm d\u00fcnyadan bireysel kullan\u0131c\u0131lar\u0131 ve i\u015f yerlerini ele ge\u00e7irdi. WannaCry hakk\u0131nda bilmeniz gereken temel bilgileri sizlerle ge\u00e7ti\u011fimiz g\u00fcn <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/wannacry-ransomware\/3181\/\" target=\"_blank\" rel=\"noopener\">payla\u015ft\u0131k<\/a>. Bu yaz\u0131m\u0131zda ise daha \u00e7ok kurumsal tarafa y\u00f6nelece\u011fiz. WannaCry\u2019\u0131n ne oldu\u011funu bilmek, nas\u0131l yay\u0131ld\u0131\u011f\u0131n\u0131 bilmek, ne gibi tehditler arz etti\u011fini bilmek ve nas\u0131l durduraca\u011f\u0131n\u0131 bilmek hayati ve \u00f6nemlidir.<\/p>\n<h2>\u015eu an ne yapmam laz\u0131m?<\/h2>\n<p>Bu Trojan\u0131n bu denli patlamas\u0131n\u0131n en b\u00fcy\u00fck sebebi Windows a\u00e7\u0131\u011f\u0131n\u0131 kullanarak bula\u015fmas\u0131 ve bilgisayarlara bula\u015fmas\u0131nda kullan\u0131c\u0131 hatas\u0131 olmas\u0131na gerek kalmamas\u0131d\u0131r. Ve bu zararl\u0131 yaz\u0131l\u0131m bir bilgisayara bula\u015ft\u0131\u011f\u0131nda a\u011fda bulunan b\u00fct\u00fcn bilgisayarlara da yay\u0131lmay\u0131 dener.<\/p>\n<p>Dolay\u0131s\u0131yla, yap\u0131lacak ilk \u015fey a\u00e7\u0131\u011f\u0131 kapatmakt\u0131r. Sistem y\u00f6neticileri \u015fu ad\u0131mlar\u0131 izlemelidir;<\/p>\n<ul>\n<li><a href=\"https:\/\/technet.microsoft.com\/en-us\/library\/security\/ms17-010.aspx\" target=\"_blank\" rel=\"noopener nofollow\">Microsoft\u2019un yay\u0131nlad\u0131\u011f\u0131 yamay<\/a>\u0131 y\u00fckleyin. Yama sadece Windows 10 i\u00e7in de\u011fil, Windows\u2019un <a href=\"https:\/\/blogs.technet.microsoft.com\/msrc\/2017\/05\/12\/customer-guidance-for-wannacrypt-attacks\/\" target=\"_blank\" rel=\"noopener nofollow\">eski s\u00fcr\u00fcmleri<\/a> i\u00e7in de (Windows 8, 7, Vista, hatta Windows XP ve Server 2003) yay\u0131nland\u0131. Bu yama, yerel a\u011fda \u00e7al\u0131\u015fan sistemlerin fidye yaz\u0131l\u0131m taraf\u0131ndan etkilenmemesi i\u00e7in var olan a\u00e7\u0131\u011f\u0131 kapatmaktad\u0131r.<\/li>\n<li>E\u011fer herhangi bir sebepten dolay\u0131 bu g\u00fcncellemeyi y\u00fcklemeniz m\u00fcmk\u00fcn de\u011filse, Firewall \u00fczerinden 445\u2019in portu kapat\u0131n. Bu worm\u2019\u00fcn a\u011f sald\u0131r\u0131s\u0131n\u0131 durdurarak bula\u015fmay\u0131 engelleyecektir. Ancak, bunun sadece ge\u00e7ici tedbir oldu\u011funu unutmay\u0131n. Bu portu kapatmak ayr\u0131ca bir\u00e7ok a\u011f servisini kapataca\u011f\u0131ndan, bunun \u00e7ok sa\u011fl\u0131kl\u0131 bir \u00e7\u00f6z\u00fcm olmayaca\u011f\u0131n\u0131 bilmelisiniz.<\/li>\n<li>A\u011f\u0131n\u0131zda bulunan t\u00fcm sistemlerin korunuyor oldu\u011fundan emin olun. Bu nokta hayati \u00f6nem ta\u015f\u0131r; E\u011fer t\u00fcm sistemlere yamay\u0131 ge\u00e7mediyseniz veya 445. Portu kapatmad\u0131ysan\u0131z, sadece tek bir bilgisayar bile di\u011fer bilgisayarlar\u0131 etkileyebilir.<\/li>\n<li>Ayr\u0131ca \u00fccretsiz fidye yaz\u0131l\u0131m\u0131m\u0131za kar\u015f\u0131 korunma arac\u0131m\u0131z olan Kaspersky Anti-Ransomware Tool\u2019u kullanabilirsiniz. Bu ara\u00e7 \u015fifreleme yaz\u0131l\u0131mlar\u0131na kar\u015f\u0131 g\u00fcvenilir bir \u00e7\u00f6z\u00fcmd\u00fcr. Ayr\u0131ca bu \u00e7\u00f6z\u00fcm di\u011fer g\u00fcvenlik \u00e7\u00f6z\u00fcmleri ile sorunsuz \u00e7al\u0131\u015fmaktad\u0131r ve \u00e7al\u0131\u015fmalar\u0131n\u0131 engellemez. \u0130ndirmek i\u00e7in <a href=\"https:\/\/go.kaspersky.com\/TR_Anti-ransomware-tool_soc.html?utm_source=smm_fb&amp;utm_medium=tr_kd_o_0517\" target=\"_blank\" rel=\"noopener nofollow\">t\u0131klay\u0131n<\/a>.<\/li>\n<\/ul>\n<h2><a href=\"https:\/\/go.kaspersky.com\/TR_Anti-ransomware-tool_soc.html?utm_source=smm_fb&amp;utm_medium=tr_kd_o_0517\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-3193\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2017\/05\/06013257\/Banner_1460x300_B2B_EN.jpg\" alt=\"\" width=\"1460\" height=\"300\"><\/a>Kaspersky Lab \u00e7\u00f6z\u00fcm\u00fc kullan\u0131yorsan\u0131z<\/h2>\n<p>Kullan\u0131c\u0131lar\u0131m\u0131z WannaCry dahil di\u011fer fidye yaz\u0131l\u0131mlar\u0131na kar\u015f\u0131 korumadad\u0131r. Ancak, yine de ekstra g\u00fcvenlik \u00f6nlemleri alman\u0131zda fayda var.<\/p>\n<ul>\n<li>Microsoft\u2019un yamas\u0131n\u0131 yapt\u0131\u011f\u0131n\u0131zdan emin olun.<\/li>\n<li>G\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fcz\u00fcn System Watcher \u2013 Sistem \u0130zleyici mod\u00fcl\u00fcne sahip oldu\u011funu ve bu mod\u00fcl\u00fcn a\u00e7\u0131k oldu\u011funa emin olun. Nas\u0131l kullanaca\u011f\u0131n\u0131z\u0131 \u00f6\u011frenmek i\u00e7in <a href=\"http:\/\/support.kaspersky.com\/10905\" target=\"_blank\" rel=\"noopener\">t\u0131klay\u0131n<\/a>.<\/li>\n<li>\u00a0E\u011fer yerel a\u011fda bulunan cihazlardan birinde bula\u015fma tespit edildiyse, kritik tarama ba\u015flat\u0131n. Bu tarama zaten otomatik olarak ba\u015flayacakt\u0131r ancak ne kadar erken davran\u0131rsan\u0131z o kadar iyi. Teorik olarak, zararl\u0131 yaz\u0131l\u0131m bilgisayar\u0131n\u0131za y\u00fcklenmi\u015f ama dosyalar\u0131 \u015fifrelemeye ba\u015flamam\u0131\u015f olabilir.<\/li>\n<li>E\u011fer tarama s\u0131ras\u0131nda MEM:Trojan.Win64.EquationDrug.gen bulunursa, temizleyin ve sistemi yeniden ba\u015flat\u0131n.<\/li>\n<\/ul>\n<h2>A\u011f\u0131n\u0131zda g\u00f6m\u00fcl\u00fc sistemler varsa<\/h2>\n<p>G\u00f6m\u00fcl\u00fc sistemler di\u011ferlerine oranlar WannaCry\u2019a daha fazla a\u00e7\u0131klar. \u00c7\u00fcnk\u00fc g\u00f6m\u00fcl\u00fc sistemlerin g\u00fcvenli\u011fi di\u011ferlerine nazaran daha \u00f6nemsiz g\u00f6r\u00fcl\u00fcyor. ATM\u2019lerin ve POS cihazlar\u0131n\u0131n g\u00fcvenli\u011fi i\u00e7in genelde \u00f6zel \u00e7\u00f6z\u00fcmler kullan\u0131l\u0131yor olmas\u0131na ra\u011fmen,\u00a0 bilgi terminallerinin g\u00fcvenli\u011fi g\u00f6zden ka\u00e7\u0131r\u0131l\u0131r. Bu tarz cihazlar\u0131 korumak ger\u00e7ekten servete mal olabilir, hele \u00f6zellikle \u015firket bu cihazlardan y\u00fczlercesine sahipse..<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Qpark jist fell victim of the WannaCry ransomware as well. <a href=\"https:\/\/t.co\/CkZX4xz89i\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/CkZX4xz89i<\/a><\/p>\n<p>\u2014 Rickey Gevers (@UID_) <a href=\"https:\/\/twitter.com\/UID_\/status\/863488909753364481?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">May 13, 2017<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><a href=\"https:\/\/eugene.kaspersky.com\/2012\/10\/03\/in-denial-about-deny-all\/\" target=\"_blank\" rel=\"noopener\">Default Deny<\/a> modunu \u00e7al\u0131\u015ft\u0131ran \u00e7\u00f6z\u00fcmler kullanman\u0131z\u0131 \u015fiddetle \u00f6neririz. <a href=\"https:\/\/www.kaspersky.com\/enterprise-security\/embedded-systems\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Embedded System Security<\/a> \u00fcr\u00fcn\u00fc g\u00f6m\u00fcl\u00fc sistemler i\u00e7in geli\u015ftirilmi\u015ftir ve son derece etkili koruma \u00e7\u00f6z\u00fcm\u00fcd\u00fcr.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Beklenmedik \u015fekilde ortaya \u00e7\u0131kan fidye yaz\u0131l\u0131m\u0131 WannaCry t\u00fcm d\u00fcnyadan bireysel kullan\u0131c\u0131lar\u0131 ve i\u015f yerlerini ele ge\u00e7irdi. WannaCry hakk\u0131nda bilmeniz gereken temel bilgileri sizlerle ge\u00e7ti\u011fimiz g\u00fcn payla\u015ft\u0131k. Bu yaz\u0131m\u0131zda ise daha \u00e7ok kurumsal tarafa y\u00f6nelece\u011fiz. WannaCry\u2019\u0131n ne oldu\u011funu bilmek, nas\u0131l yay\u0131ld\u0131\u011f\u0131n\u0131 bilmek, ne gibi tehditler arz etti\u011fini bilmek ve nas\u0131l durduraca\u011f\u0131n\u0131 bilmek hayati ve \u00f6nemlidir.<\/p>\n","protected":false},"author":700,"featured_media":3192,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1194,1727],"tags":[1228,1229,591,447,1226,241,1227],"class_list":{"0":"post-3191","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-deault-deny","10":"tag-exploits","11":"tag-fidye-yazilimi","12":"tag-ransomware","13":"tag-sistem-acigi","14":"tag-trojan","15":"tag-wannacry"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/wannacry-for-b2b\/3191\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/wannacry-for-b2b\/6024\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/wannacry-for-b2b\/4206\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/wannacry-for-b2b\/9160\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/wannacry-for-b2b\/10524\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/wannacry-for-b2b\/10338\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/wannacry-for-b2b\/16171\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/wannacry-for-b2b\/16544\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/wannacry-for-b2b\/6999\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/wannacry-for-b2b\/7324\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/wannacry-for-b2b\/6818\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/wannacry-for-b2b\/10180\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/wannacry-for-b2b\/15605\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/wannacry-for-b2b\/16544\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/wannacry-for-b2b\/16544\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/fidye-yazilimi\/","name":"Fidye Yaz\u0131l\u0131m\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/3191","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=3191"}],"version-history":[{"count":4,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/3191\/revisions"}],"predecessor-version":[{"id":7057,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/3191\/revisions\/7057"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/3192"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=3191"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=3191"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=3191"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}