Umfundisi othile waseJapane wabamangaza kanjani abaduni?
Okuqukethwe
Inani lezindlela zokufihla, zokufihla kanye nokudukisa isitha - noma ngabe ubugebengu be-inthanethi noma i-cyberwarfare - likhula ngokungenakuvinjelwa. Kungashiwo ukuthi namuhla abaduni akuvamile, ngenxa yodumo noma ibhizinisi, baveze abakwenzile.
Uchungechunge lokwehluleka kwezobuchwepheshe ngesikhathi somcimbi wokuvula wangonyaka odlule Ama-Olimpiki Wasebusika eKorea, kwaba umphumela wokuhlasela kwe-cyberattack. I-Guardian ibike ukuthi ukungatholakali kwewebhusayithi yeMidlalo, ukuhluleka kwe-Wi-Fi enkundleni yezemidlalo kanye namathelevishini aphukile ekamelweni lokushicilela kwaba umphumela wokuhlasela okuyinkimbinkimbi kakhulu kunalokho okwakucatshangwa ekuqaleni. Abahlaseli bathole ukufinyelela kunethiwekhi yabahleli kusenesikhathi futhi bakhubaza amakhompyutha amaningi ngendlela enobuqili kakhulu - naphezu kwezinyathelo eziningi zokuphepha.
Kwaze kwaba yilapho imiphumela yako ibonakala, isitha sasingabonakali. Lapho ukubhujiswa sekubonile, kwahlala kunjalo (1). Kube nemibono eminingana mayelana nokuthi ubani owenze lokhu kuhlasela. Ngokusho kokuthandwa kakhulu, imikhondo yaholela eRussia - ngokusho kwabanye abahlaziyi, lokhu kungase kube ukuziphindiselela ukususwa kwamabhanela ombuso waseRussia eMidlalweni.
Ezinye izinsolo zibhekiswe eNorth Korea, ehlale ibheke ukugcona umakhelwane wayo oseningizimu, noma iChina, okuyizwe elinamandla okugqekeza nokuvame ukuba phakathi kwabasolwa. Kodwa konke lokhu bekuwukudonswa kwemali kwabaseshi kunesiphetho esisekelwe ebufakazini obungephikiswe. Futhi kweziningi zalezi zimo, sigwetshwe kuphela kulolu hlobo lokuqagela.
Njengomthetho, ukusungula ubunikazi bokuhlaselwa kwe-cyber kuwumsebenzi onzima. Izigebengu azigcini nje ngokushiya imikhondo ebonakalayo, kodwa futhi zengeza izinkomba ezididayo ezindleleni zazo.
Kwaba kanje ukuhlaselwa kwamabhange asePoland ekuqaleni kuka-2017. I-BAE Systems, eqale yachaza ukuhlasela kwe-Bangladesh National Bank, yahlola ngokucophelela ezinye izici zohlelo olungayilungele ikhompuyutha eqondiswe kumakhompyutha emabhange asePoland futhi yaphetha ngokuthi ababhali bayo babezama ukuzenza abantu abakhuluma isiRashiya.
Izakhi zekhodi zaziqukethe amagama aseRashiya anokuguqulwa okungavamile - isibonelo, igama lesiRashiya ngendlela engavamile "iklayenti". I-BAE Systems isola ukuthi abahlaseli basebenzise i-Google Translate ukuzenza izigebengu zesi-Russian besebenzisa amagama esi-Russian.
May 2018 I-Banco de Chile uvumile ukuthi unezinkinga wabe esencoma ukuthi amakhasimende asebenzise izinsiza zokubhanga nge-inthanethi nezamaselula, kanye nama-ATM. Ezikrinini zamakhompiyutha atholakala eminyangweni, ochwepheshe bathola izimpawu zokulimala emikhakheni ye-boot yamadiski.
Ngemva kwezinsuku ezimbalwa zokuphequlula inetha, kwatholakala imikhondo eqinisekisa ukuthi inkohlakalo enkulu yamadiski yenzekile ngempela ezinkulungwaneni zamakhompyutha. Ngokusho kolwazi olungekho emthethweni, imiphumela yathinta abantu abayizinkulungwane ezingu-9. amakhompyutha namaseva angama-500.
Olunye uphenyo luveze ukuthi leli gciwane linyamalale ebhange ngesikhathi lihlaselwa. $ 11 wezigidineminye imithombo ikhomba isamba esikhulu nakakhulu! Ongoti bezokuphepha bagcine bephethe ngokuthi amadiski awonakele ekhompiyutha yasebhange ayemane nje efihlekile ukuze abagebengu bantshontshe. Nokho, ibhange alikuqinisekisi lokhu ngokusemthethweni.
Izinsuku zero zokulungiselela kanye namafayela aziro
Onyakeni odlule, cishe izingxenye ezimbili kwezintathu zezinkampani ezinkulu emhlabeni zihlaselwe ngempumelelo izigebengu zama-inthanethi. Ngokuvamile basebenzisa amasu asekelwe ekubeni sengozini kwezinsuku eziyiziro kanye nalokho okuthiwa. ukuhlaselwa okungenafayela.
Lokhu kutholwe umbiko we-State of Endpoint Security Risk olungiswe yi-Ponemon Institute egameni lika-Barkly. Womabili amasu okuhlasela ayizinhlobonhlobo zesitha esingabonakali esithola ukuduma kakhulu.
Ngokusho kwababhali balolu cwaningo, ngonyaka odlule nje kuphela, isibalo sokuhlaselwa kwezinhlangano ezinkulu emhlabeni sinyuke ngo-20%. Siphinde sifunda embikweni ukuthi isilinganiso sokulahlekelwa okutholwe ngenxa yezenzo ezinjalo silinganiselwa ku-$7,12 million lilinye, okuyi-$440 isikhundla ngasinye esihlaselwe. Lawa manani ahlanganisa kokubili ukulahlekelwa okuthile okubangelwa izigebengu kanye nezindleko zokubuyisela amasistimu ahlaselwe esimweni sawo sangempela.
Ukuhlasela okujwayelekile kunzima kakhulu ukumelana nakho, njengoba ngokuvamile kusekelwe ekubeni sengozini kwesofthiwe umkhiqizi nabasebenzisi abangabazi. Eyangaphambili ayikwazi ukulungiselela isibuyekezo sokuvikeleka esifanele, futhi lesi sakamuva asikwazi ukusebenzisa izinqubo zokuphepha ezifanele.
"Okungenani u-76% wokuhlaselwa okuyimpumelelo bekusekelwe ekuxhashazweni kobungozi bezinsuku eziyiziro noma uhlelo olungayilungele ikhompuyutha ngaphambilini olwalungaziwa, okusho ukuthi lusebenze ngokuphindwe kane kunamasu akudala ayesetshenziswa izigebengu ze-inthanethi," kuchaza abameleli be-Ponemon Institute. .
Indlela yesibili engabonakali, ukuhlaselwa okungenafayela, iwukusebenzisa ikhodi enonya ohlelweni usebenzisa "amaqhinga" ahlukahlukene (ngokwesibonelo, ngokufaka inzuzo kuwebhusayithi), ngaphandle kokudinga ukuthi umsebenzisi alande noma asebenzise noma yiliphi ifayela.
Izigebengu zisebenzisa le ndlela kaningi njengokuhlasela kwakudala ukuthumela amafayela anonya (njengamadokhumenti e-Office noma amafayela e-PDF) kubasebenzisi kuya ngokuya kancane kancane. Ngaphezu kwalokho, ukuhlasela kuvame ukususelwa ekubeni sengozini kwesoftware osekwaziwa kakade futhi okulungisiwe - inkinga ukuthi abasebenzisi abaningi abazibuyekezi izinhlelo zabo zokusebenza njalo ngokwanele.
Ngokungafani nesimo esingenhla, uhlelo olungayilungele ikhompuyutha alukubeki okusebenzisekayo kudiski. Kunalokho, isebenza kumemori yangaphakathi yekhompyutha yakho, okuyi-RAM.
Lokhu kusho ukuthi isofthiwe ye-antivirus evamile izoba nesikhathi esinzima ukuthola ukutheleleka okunonya ngoba ngeke ilithole ifayela elikhomba kukho. Ngokusebenzisa uhlelo olungayilungele ikhompyutha, umhlaseli angafihla ubukhona bakhe kukhompyutha ngaphandle kokuphakamisa i-alamu futhi abangele izinhlobo ezihlukahlukene zomonakalo (ukwebiwa kolwazi, ukulanda uhlelo olungayilungele ikhompuyutha eyengeziwe, ukuthola amalungelo aphezulu, njll.).
I-Fileless malware ibizwa nangokuthi (AVT). Abanye ochwepheshe bathi kubi kakhulu kune-(APT).
2. Ulwazi mayelana nesayithi eligqekeziwe
Lapho i-HTTPS Ingasizi
Kubonakala sengathi izikhathi lapho izigebengu zilawula khona indawo, zashintsha okuqukethwe kwekhasi eliyinhloko, zabeka ukwaziswa okukuyo ngombhalo omkhulu (2), azisekho unomphela.
Njengamanje, umgomo wokuhlasela ngokuyinhloko uwukuthola imali, futhi izigebengu zisebenzisa zonke izindlela ukuze zithole izinzuzo ezibonakalayo zezezimali kunoma yisiphi isimo. Ngemuva kokuthatha, amaqembu azama ukuhlala efihliwe isikhathi eside ngangokunokwenzeka futhi enze inzuzo noma asebenzise ingqalasizinda etholiwe.
Ukujova amakhodi anonya kumawebhusayithi angavikelwe kahle kungaba nezinjongo ezahlukahlukene, njengezezimali (ukwebiwa kolwazi lwekhadi lesikweletu). Kwake kwabhalwa ngakho Imibhalo yesiBulgaria yethulwe kusizindalwazi seHhovisi likaMongameli WeRiphabhulikhi YasePoland, kodwa akukwazanga ukusho ngokucacile ukuthi yayiyini inhloso yezixhumanisi zamafonti angaphandle.
Indlela entsha uma kuqhathaniswa yilena ebizwa, okungukuthi, izimbondela ezintshontsha izinombolo zekhadi lesikweletu kumawebhusayithi esitolo. Umsebenzisi wewebhusayithi esebenzisa i-HTTPS(3) useqeqeshiwe kakade futhi ujwayele ukuhlola ukuthi iwebhusayithi enikeziwe imakwe ngalolu phawu lwesici, futhi khona kanye ukuba khona kwengidi sekuwubufakazi bokuthi azikho izinsongo.
3. Ukuqokwa kwe-HTTPS ekhelini le-inthanethi
Kodwa-ke, izigebengu zisebenzisa lokhu kuthembela ngokweqile ekuvikelekeni kwesayithi ngezindlela ezihlukene: zisebenzisa izitifiketi zamahhala, zibeka isithombe-sithombe-mfanekiso ngendlela yokukhiya esizeni, futhi zijove ikhodi enegciwane kukhodi yomthombo wesayithi.
Ukuhlaziywa kwezindlela zokutheleleka kwezinye izitolo eziku-inthanethi kubonisa ukuthi abahlaseli badlulisele abashicileli bangempela bama-ATM emhlabeni we-inthanethi ngendlela ye-. Lapho wenza ukudluliselwa okujwayelekile kokuthenga, iklayenti ligcwalisa ifomu lokukhokha lapho libonisa khona yonke idatha (inombolo yekhadi lesikweletu, usuku lokuphelelwa yisikhathi, inombolo ye-CVV, igama nesibongo).
Ukukhokha kugunyazwe isitolo ngendlela yendabuko, futhi yonke inqubo yokuthenga yenziwa ngendlela efanele. Kodwa-ke, esimweni sokusetshenziswa, ikhodi (umugqa owodwa we-JavaScript wanele) ijovwa endaweni yesitolo, okubangela ukuthi idatha efakwe efomini ithunyelwe kuseva yabahlaseli.
Obunye ubugebengu obudume kakhulu balolu hlobo kwakuwukuhlasela isizindalwazi I-USA Republican Party Store. Phakathi nezinyanga eziyisithupha, imininingwane yekhadi lesikweletu yekhasimende yebiwa futhi yadluliselwa kuseva yesiRashiya.
Ngokuhlola ithrafikhi yasesitolo kanye nedatha yemakethe emnyama, kwanqunywa ukuthi amakhadi esikweletu antshontshiwe akhiqize inzuzo engu-$600 yezigebengu ze-inthanethi. amadola.
Ngo-2018, zebiwa ngendlela efanayo. umenzi wama-smartphone idatha yekhasimende le-OnePlus. Inkampani yavuma ukuthi iseva yayo yayinegciwane, futhi imininingwane yekhadi lesikweletu edlulisiwe yayifihlwe khona kanye esipheqululini futhi yathunyelwa ezigebengwini ezingaziwa. Kubikwa ukuthi i-data yabantu abangu-40 yabiwe ngale ndlela. amaklayenti.
Izingozi zemishini
Indawo enkulu futhi ekhulayo yezinsongo ze-inthanethi ezingabonakali yenziwe yizo zonke izinhlobo zamasu asuselwa kumishini yedijithali, kungaba ngama-chips afakwe ngokuyimfihlo ezingxenyeni ezibonakala zingenabungozi noma emishinini yezinhloli.
Ekutholakaleni okwengeziwe, okwamenyezelwa ngo-Okthoba nyakenye yi-Bloomberg, ama-spy chips amancane kumishini yezokuxhumana, kuhl. ezitolo ze-Ethernet (4) ezithengiswa yi-Apple noma i-Amazon zaba nomuzwa ngo-2018. Umzila uholele kuSupermicro, umkhiqizi wedivayisi eChina. Kodwa-ke, imininingwane ye-Bloomberg kamuva yaphikiswa yibo bonke abathintekayo - kusukela kumaShayina kuya e-Apple nase-Amazon.
4. Izimbobo zenethiwekhi ye-Ethernet
Njengoba kwenzeka, futhi engenazo izimila ezikhethekile, i-hardware yekhompiyutha "evamile" ingasetshenziswa ekuhlaselweni buthule. Isibonelo, kutholwe ukuthi isiphazamisi kuma-Intel processors, esisanda kubhala ngawo ku-MT, equkethe ikhono "lokubikezela" ukusebenza okulandelayo, iyakwazi ukuvumela noma iyiphi isoftware (kusuka kunjini yedatha kuya kuJavaScript elula ukuthi isebenze. esipheqululini) ukufinyelela isakhiwo noma okuqukethwe kwezindawo ezivikelekile zememori ye-kernel.
Eminyakeni embalwa edlule, sabhala mayelana nemishini evumela ukuthi ugebe ngasese futhi uhlole izinto zikagesi. Sichaze "ikhathalogi yokuthenga ye-ANT" enamakhasi angama-50 eyayitholakala ku-inthanethi. Njengoba uSpiegel ebhala, kuvela kuye ukuthi abezobunhloli abasebenza nge-cyber warfare bakhetha “izikhali” zabo.
Uhlu luhlanganisa imikhiqizo yamakilasi ahlukahlukene, kusukela kugagasi lomsindo kanye nedivayisi yokulalela engu-$30 LOUDAUTO iye ku-$40K. Amadola e-CANDYGRAM, asetshenziselwa ukufaka ikhophi yakho ye-GSM cell tower.
Uhlu aluhlanganisi i-hardware kuphela, kodwa futhi isofthiwe ekhethekile, njenge-DROPOUTJEEP, okuthi, ngemva kokuthi "ifakwe" ku-iPhone, ivumela, phakathi kwezinye izinto, ukubuyisela amafayela kwimemori yayo noma ukulondoloza amafayela kuyo. Ngakho-ke, ungathola uhlu lwamakheli, imilayezo ye-SMS, imilayezo yezwi, kanye nokulawula nokuthola ikhamera.
Ubhekene namandla kanye nokuba khona yonke indawo kwezitha ezingabonakali, ngezinye izikhathi uzizwa ungenakuzisiza. Yingakho kungewona wonke umuntu omangele futhi ohlekisayo isimo sengqondo sika-Yoshikaka Sakurada, ungqongqoshe obhekelele amalungiselelo emidlalo yama-Olympics e-Tokyo 2020 kanye nesekela lenhloko yehhovisi likahulumeni le-cybersecurity, okubikwa ukuthi akakaze asebenzise ikhompyutha.
Okungenani wayengabonakali ezitheni, engesona isitha kuye.
Uhlu lwamagama ahlobene nesitha se-inthanethi esingabonakali
Isofthiwe enonya eklanyelwe ukungena ngokuyimfihlo ohlelweni, idivayisi, ikhompuyutha, noma isofthiwe, noma ngokugwema izinyathelo zokuphepha ezivamile.
I-Bot – idivayisi ehlukile exhunywe ku-inthanethi, etheleleke ngohlelo olungayilungele ikhompuyutha futhi ifakwe kunethiwekhi yemishini efanayo ethelelekile. lokhu kuvame ukuba yikhompyutha, kodwa kungase futhi kube i-smartphone, ithebhulethi, noma okokusebenza okuxhunywe ku-IoT (njengerutha noma isiqandisi). Ithola imiyalelo yokusebenza evela kuseva yomyalo nokulawula noma ngokuqondile, futhi ngezinye izikhathi kwabanye abasebenzisi kunethiwekhi, kodwa njalo ngaphandle kolwazi noma ulwazi lomnikazi. zingafaka amadivayisi afinyelela kwesigidi futhi zithumele ogaxekile abafika ku-60 billion ngosuku. Zisetshenziselwa izinjongo zokukhwabanisa, ukuthola izinhlolovo ze-inthanethi, ukukhohlisa amanethiwekhi omphakathi, kanye nokusabalalisa ugaxekile kanye.
- ngo-2017, kwavela ubuchwepheshe obusha bezimayini ze-cryptocurrency ye-Monero kuziphequluli zewebhu. Umbhalo wakhiwe ku-JavaScript futhi ungashumeka kalula kunoma yiliphi ikhasi. Lapho umsebenzisi
ikhompuyutha ivakashela ikhasi elinjalo elinegciwane, amandla okwenza ikhompuyutha omshini wayo asetshenziselwa izimayini ze-cryptocurrency. Lapho sichitha isikhathi esiningi kulezi zinhlobo zamawebhusayithi, kulapho imijikelezo ye-CPU eyengeziwe kumishini yethu ingasetshenziswa isigebengu se-inthanethi.
- Isofthiwe enobungozi efaka olunye uhlobo lohlelo olungayilungele ikhompuyutha, njengegciwane noma umnyango ongemuva. ngokuvamile yakhelwe ukugwema ukutholwa yizixazululo zendabuko
i-antivirus, kuhl. ngenxa yokubambezeleka kokwenza kusebenze.
Uhlelo olungayilungele ikhompuyutha olusebenzisa ubungozi besofthiwe ukuze lufake engozini ikhompuyutha noma isistimu.
- kusetshenziswa isofthiwe ukuqoqa ulwazi oluhlobene nohlobo oluthile lokusetshenziswa kwekhibhodi, njengokulandelana kwezinhlamvu zamagama nezinombolo/ezikhethekile ezihlotshaniswa namagama athile
amagama angukhiye njengokuthi "bankofamerica.com" noma "paypal.com". Uma isebenzisa izinkulungwane zamakhompuyutha axhunyiwe, isigebengu se-inthanethi sinamandla okuqoqa ulwazi olubucayi ngokushesha.
- Isofthiwe enobungozi eklanyelwe ukulimaza ikhompuyutha, isistimu, noma idatha. Kuhlanganisa izinhlobo eziningana zamathuluzi, kuhlanganise Trojans, amagciwane, nezikelemu.
– umzamo wokuthola ulwazi olubucayi noma oluyimfihlo kumsebenzisi wezisetshenziswa ezixhunywe ku-inthanethi. Izigebengu ze-Cybercriminal zisebenzisa le ndlela ukusabalalisa okuqukethwe kwe-elekthronikhi kuhlu olubanzi lwezisulu, okubenza bathathe izinyathelo ezithile, njengokuchofoza isixhumanisi noma ukuphendula i-imeyili. Kulokhu, bazohlinzeka ngolwazi lomuntu siqu njengegama lomsebenzisi, igama-mfihlo, imininingwane yasebhange noma yezezimali noma imininingwane yekhadi lesikweletu ngaphandle kolwazi lwabo. Izindlela zokusabalalisa zifaka i-imeyili, ukukhangisa ku-inthanethi kanye ne-SMS. Okuhlukile ukuhlasela okuqondiswe kubantu abathile noma amaqembu abantu ngabanye, njengabaphathi bezinkampani, osaziwayo, noma izikhulu zikahulumeni ezisezikhundleni eziphezulu.
- Isofthiwe enobungozi ekuvumela ukuthi uthole ukufinyelela ngokuyimfihlo izingxenye zekhompyutha, isofthiwe noma uhlelo. Ivamise ukulungisa isistimu yokusebenza yehadiwe ngendlela yokuthi ihlale ifihliwe kumsebenzisi.
- uhlelo olungayilungele ikhompuyutha oluhlola umsebenzisi wekhompuyutha, lubambe izinkinobho, ama-imeyili, amadokhumenti, ngisho nokuvula ikhamera yevidiyo ngaphandle kolwazi lwakhe.
- indlela yokufihla ifayela, umlayezo, isithombe noma imuvi kwelinye ifayela. Thatha ithuba lobu buchwepheshe ngokulayisha amafayela ezithombe abonakala engenangozi aqukethe ukusakaza okuyinkimbinkimbi.
imilayezo ethunyelwe ngesiteshi se-C&C (phakathi kwekhompyutha nesiphakeli) elungele ukusetshenziswa okungekho emthethweni. Izithombe zingagcinwa kuwebhusayithi entshontshiwe noma imbala
kumasevisi wokwabelana ngezithombe.
Amaphrothokholi wokubethela/ayinkimbinkimbi kuyindlela esetshenziswa kukhodi ukufiphaza ukuhanjiswa. Ezinye izinhlelo ezisekelwe kuhlelo olungayilungele ikhompuyutha, njenge-Trojan, zibethela kokubili ukusatshalaliswa kwe-malware kanye nokuxhumana kwe-C&C (control).
iwuhlobo lohlelo olungayilungele ikhompuyutha olungaphindi oluqukethe ukusebenza okufihliwe. I-Trojan ngokuvamile ayizami ukusabalala noma ukuzijova kwamanye amafayela.
- inhlanganisela yamagama ("izwi") kanye. Kusho ukusebenzisa uxhumano lwefoni ukuze uthole ulwazi lomuntu siqu olubucayi njengezinombolo zebhange noma zekhadi lesikweletu.
Ngokuvamile, isisulu sithola inselele yomlayezo ozenzakalelayo ovela kothile othi umele isikhungo sezezimali, i-ISP, noma inkampani yobuchwepheshe. Umlayezo ungase ucele inombolo ye-akhawunti noma i-PIN. Uma uxhumano selucushiwe, luqondiswa kabusha ngesevisi kumhlaseli, obese ecela idatha yomuntu siqu eyengeziwe.
(BEC) - uhlobo lokuhlasela okuhloswe ngalo ukukhohlisa abantu enkampanini ethile noma inhlangano kanye nokuntshontsha imali ngokuzenza
kubuswa ngu. Izigebengu zithola ukufinyelela kusistimu yebhizinisi ngokuhlasela okuvamile noma uhlelo olungayilungele ikhompuyutha. Bese befunda uhlaka lwenhlangano yenkampani, izinhlelo zayo zezimali, kanye nesitayela se-imeyili yabaphathi kanye neshejuli.
Bheka futhi:
