çŸä»£ã®å€§éœåžã®ã€ã³ãã©ã¯ãéè·¯äžã®ãããªã«ã¡ã©ãã倧èŠæš¡ãªæ°Žåçºé»æãç é¢ã«è³ããŸã§ãã¢ãã®ã€ã³ã¿ãŒããã ããã€ã¹äžã«æ§ç¯ãããŠããŸããããã«ãŒã¯ãæ¥ç¶ãããŠããããããããã€ã¹ããããã«å€ããããã䜿çšã㊠DDoS æ»æãå®è¡ããããšãã§ããŸãã
åæ©ã¯éåžžã«ç°ãªãå ŽåããããŸããããšãã°ãããã«ãŒã¯æ¿åºãäŒæ¥ããå ±é ¬ãåŸãããšãã§ããŸãããæã«ã¯æ¥œããã§éå²ããããã ãã®ç¯çœªè ã§ããå ŽåããããŸãã
ãã·ã¢ã§ã¯ãè»ããéèŠã€ã³ãã©æœèšãã«å¯Ÿãããµã€ããŒæ»æã®å¯èœæ§ã«ã€ããŠãŸããŸãç§ãã¡ãæããããŠããïŒäž»æš©ã€ã³ã¿ãŒãããã«é¢ããæ³åŸãæ¡æãããã®ã¯ãå°ãªããšã圢åŒçã«ã¯ãŸãã«ãããé²ãããã ã£ãïŒã
ãã ããããã¯åãªããã©ãŒè©±ã§ã¯ãããŸãããã«ã¹ãã«ã¹ããŒã«ãããšã2019 幎äžåæãããã«ãŒã¯ã¢ãã®ã€ã³ã¿ãŒããã ããã€ã¹ã 100 åå以äžæ»æãããã®ã»ãšãã©ã Mirai ãããããããš Nyadrop ããããããã䜿çšããŸãããã¡ãªã¿ã«ããã·ã¢ã¯ãã®ãããªæ»æã®ä»¶æ°ã§ã¯ç¬¬XNUMXäœã«ãããªãïŒè¥¿åŽå ±éæ©é¢ã«ãã£ãŠããã·ã¢ã®ããã«ãŒããšããäžæ°å³ãªã€ã¡ãŒãžãäœãããŠããã«ããããããïŒãäžäœXNUMXäœã«ã¯äžåœããã©ãžã«ãããã«ã¯ãšãžãããå
¥ã£ãŠãããã¢ã¡ãªã«ã¯XNUMXäœã«éããªãã
ã§ã¯ããã®ãããªæ»æãããŸãæéããããšã¯å¯èœã§ãããã?ãŸããããã€ã¹ãå°ãªããšãåºæ¬ã¬ãã«ã§ä¿è·ããæ¹æ³ã«ã€ããŠã®è³ªåã«å¯ŸããçããèŠã€ããããã«ããã®ãããªæ»æã®ããç¥ãããã±ãŒã¹ãããã€ãèŠãŠã¿ãŸãããã
ããŒãã³ã¢ããã¥ãŒãã
ããŒãã³ã»ã¢ããã¥ãŒã»ãã ã¯ãäººå£ 10 äžäººæªæºã®ã©ã€ãã«ã㯠(ãã¥ãŒãšãŒã¯å·) ã®çºã«ããããã®é«ãã¯ããã 2013 ã¡ãŒãã«ãå¹ ã¯ XNUMX ã¡ãŒãã«ãè¶ ããŸããã XNUMX 幎ãç±³åœã®è«å ±æ©é¢ã¯ãã ã®æ å ±ã·ã¹ãã ã«æªæã®ãããœãããŠã§ã¢ãæ€åºããŸããããã®åŸãããã«ãŒã¯çãã ããŒã¿ã䜿çšããŠæœèšã®éå¶ã劚害ããããšã¯ãªãã£ãïŒãããã修埩äœæ¥äžã«ãã ãã€ã³ã¿ãŒãããããåæãããããã§ããïŒã
ããŠãã³ ã¢ããã¥ãŒã¯ã措氎æã«ã¯ãªãŒã¯è¿ãã®å°åã®æµžæ°Žãé²ãããã«å¿ èŠã§ãããããŠããã ã®æ±ºå£ã«ããç Žå£çãªåœ±é¿ã¯ããåŸãŸãããææªã®å Žåãå·æ²¿ãã®ããã€ãã®å»ºç©ã®å°äžãæ°Žã§æµžæ°Žããã§ãããããããã¯æŽªæ°ŽãšããåŒã¶ããšã¯ã§ããŸããã
ãã®åŸãããŒã«ã»ããŒãŒã³ããŒã°åžé·ã¯ãããã«ãŒããã®æ§é ç©ããªã¬ãŽã³å·ã«ããåãååã®å¥ã®å€§ããªãã ãšæ··åããå¯èœæ§ããããšç€ºåãããããã¯å€ãã®èŸ²å Žã®çæŒã«äœ¿çšãããŠããã倱æãããšå°å
äœæ°ã«é倧ãªæ害ãäžããå¯èœæ§ããããŸãã
ããã«ãŒãã¡ã¯ãåŸã§å€§èŠæš¡ãªæ°Žåçºé»æãç±³åœã®éé»ç¶²ã®ãã®ä»ã®èŠçŽ ã«é倧ãªäŸµå ¥ãè¡ãããã«ãåã«å°ããªãã ã§èšç·Žãè¡ã£ãŠããå¯èœæ§ããããŸãã
ããŒãã³ã»ã¢ããã¥ãŒã»ãã ãžã®æ»æã¯ã46人ã®ã€ã©ã³äººããã«ãŒãXNUMX幎ãããŠæåè£ã«å®è¡ããéè¡ã·ã¹ãã ãžã®äžé£ã®ãããã³ã°ïŒDDoSæ»æïŒã®äžç°ãšããŠèªèãããããã®éãåœå æ倧æã®éèæ©é¢XNUMX瀟ã®æ¥åãäžæãããæ°åäžã®é¡§å®¢ã®éè¡å£åº§ãå°éãããã
ã€ã©ã³äººã®ãããã»ãã£ã«ãŒãžæ°ã¯åŸã«ãéè¡ãšããŠãã³ã»ã¢ããã¥ãŒã»ãã ã«å¯Ÿããäžé£ã®ããã«ãŒæ»æã®çœªã§èµ·èšŽãããã圌ã¯ãã ã®ãç©ŽããèŠã€ããããã« Google Dorking æ³ã䜿çšããããšãå€æããïŒãã®åŸãå°å ãã¹ã³ãã Google 瀟ã«å¯ŸããŠéäžç ²ç«ãå ããïŒãããããã»ãã£ãºãªæ°ã¯ç±³åœã«ããªãã£ããã€ã©ã³ããç±³åœãžã®åŒãæž¡ãå¶åºŠãååšããªããããããã«ãŒãã¯å®éã®å眰ãåããªãã£ãã
2.ãµã³ãã©ã³ã·ã¹ã³ã®ç¡æå°äžé
25 幎 2016 æ XNUMX æ¥ããµã³ãã©ã³ã·ã¹ã³ã§å ¬å ±äº€éæ©é¢ã®ãã¹ã販売ãããã¹ãŠã®é»å端æ«ã«ããããªãã¯ãããã³ã°ãããŸããããã¹ãŠã®ããŒã¿ã¯æå·åãããŠããŸããããšããã¡ãã»ãŒãžã衚瀺ãããŸãããéœåžäº€éå±ã«å±ãããã¹ãŠã® Windows ã³ã³ãã¥ãŒã¿ãŒãæ»æãããŸãããæªæã®ãããœãããŠã§ã¢ HDDCryptor (Windows ã³ã³ãã¥ãŒã¿ãŒã®ãã¹ã¿ãŒ ããŒã ã¬ã³ãŒããæ»æããæå·åããŒã«) ãçµç¹ã®ãã¡ã€ã³ ã³ã³ãããŒã©ãŒã«å°éããŸããã
HDDCryptor ã¯ãã©ã³ãã ã«çæãããããŒã䜿çšããŠããŒã«ã« ããŒã ãã©ã€ããšãããã¯ãŒã¯ ãã¡ã€ã«ãæå·åããããŒã ãã©ã€ãã® MBR ãæžãæããŠã·ã¹ãã ãæ£ããèµ·åã§ããªãããã«ããŸããéåžžãåŸæ¥å¡ãé»åã¡ãŒã«ã®ããšããã¡ã€ã«ã誀ã£ãŠéãè¡çºã«ãã£ãŠæ©åšãææãããã®åŸãŠã€ã«ã¹ããããã¯ãŒã¯å
šäœã«åºãããŸãã
æ»æè ã¯å°æ¹èªæ²»äœã«ã¡ãŒã«ã§é£çµ¡ããããå§ãã [ã¡ãŒã«ä¿è·] ïŒã¯ããã€ã³ããã¯ã¹ã§ãïŒããã¹ãŠã®ããŒã¿ã埩å·åããããã®éµãå ¥æããã«ã¯ã100 ãããã³ã€ã³ (åœæãçŽ 73 äž XNUMX ãã«) ãèŠæ±ãããŸãããããã«ãŒã¯ãŸãã埩å ãå¯èœã§ããããšã蚌æããããã«ãXNUMX ãããã³ã€ã³ã§ XNUMX å°ã®ãã·ã³ã埩å·åããããšãææ¡ããŸãããããããæ¿åºã¯XNUMXæ¥ä»¥äžããã£ãã«ãããããããç¬èªã«ãŠã€ã«ã¹ã«å¯ŸåŠãããã·ã¹ãã å šäœã埩æ§ããŠããéãå°äžéã®ä¹è»ã¯ç¡æã«ãªããŸããã
ãä»åã®æ»æã«ããä¹å®¢ãžã®åœ±é¿ãæå°éã«æããããã®äºé²çãšããŠæ¹æå£ãéæŸããããšåžåºå ±æ åœã®ããŒã«ã»ããŒãºæ°ã¯èª¬æããã
ç¯çœªè ãã¯ãŸãããµã³ãã©ã³ã·ã¹ã³éœåžäº€éåºãã30GBã®å éšææžã«ã¢ã¯ã»ã¹ãããšäž»åŒµãã24æé以å ã«èº«ä»£éãæ¯æãããªãå Žåã¯ãªã³ã©ã€ã³ã«æŒæŽ©ãããšçŽæããã
ã¡ãªã¿ã«ãã®17幎åã«ãåãå·ã§ããªãŠããé·è掟å»çã»ã³ã¿ãŒã襲æãããããã®åŸãããã«ãŒã«ã¯ç é¢ã®ã³ã³ãã¥ãŒã¿ ã·ã¹ãã ãžã®ã¢ã¯ã»ã¹ãå埩ããããã« XNUMX ãã«ãæ¯æãããŸããã
3. ãã©ã¹ç·æ¥èŠå ±ã·ã¹ãã
2017幎23æããã©ã¹ã§ã¯ååŸ40æ156åã«911åã®ç·æ¥ãµã€ã¬ã³ã鳎ãé¿ããåœæ°ã«ç·æ¥äºæ ãç¥ããããããã XNUMX æéåŸã«é»æºãåãããšãã§ããŸããããã®éãXNUMXãµãŒãã¹ã«ã¯å°å äœæ°ããæ°å件ã®èŠå ±ãå¯ããããïŒäºä»¶ã®æ°æ¥åãXNUMXã€ã®åŒ±ãç«å·»ããã©ã¹å°åãééããæ°è»ã®å®¶å±ãç Žå£ãããïŒã
2007 幎ã«ãã©ã¹ã«ç·æ¥éå ±ã·ã¹ãã ãèšçœ®ããããã§ãã©ã« ã·ã°ãã«ãããµã€ã¬ã³ãäŸçµŠãããŸãããåœå±ã¯ã·ã¹ãã ãã©ã®ããã«æ©èœãããã«ã€ããŠè©³ããã¯æããã«ããªãã£ããããããŒã³ãã䜿çšãããšè¿°ã¹ãããã®ãããªä¿¡å·ã¯éåžžããã¥ã¢ã«ããŒã³å€éåšæ³¢æ° (DTMF) ãŸãã¯ãªãŒãã£ãªåšæ³¢æ°ã·ãã ããŒã€ã³ã° (AFSK) ã䜿çšããŠæ°è±¡ãµãŒãã¹ãéããŠãããŒããã£ã¹ããããŸãããããã¯ã700 MHz ã®åšæ³¢æ°ã§éä¿¡ãããæå·åãããã³ãã³ãã§ãã
åžåœå±ã¯ãæ»æè ãèŠå ±ã·ã¹ãã ã®ãã¹ãäžã«æŸéãããé³å£°ä¿¡å·ãé²é³ãããããåçããïŒå žåçãªãªãã¬ã€æ»æïŒãšç€ºåããããããå®è¡ããã«ã¯ãããã«ãŒã¯ç¡ç·åšæ³¢æ°ãæ±ãããã®ãã¹ãæ©åšãè³Œå ¥ããã ãã§ãããå°éåºã§åé¡ãªãè³Œå ¥ã§ããŸãã
調æ»äŒç€Ÿãã¹ãã£ãŒãŠã®å°é家ãã¯ããã®ãããªæ»æãå®è¡ãããšããããšã¯ãæ»æè ãåžã®ç·æ¥éå ±ã·ã¹ãã ãåšæ³¢æ°ãã³ãŒãã®éçšã培åºçã«ç 究ããããšãæå³ããŠãããšææããã
ãã©ã¹åžé·ã¯ç¿æ¥ãããã«ãŒãçºèŠããŠåŠçœ°ãããããµã¹å·ã®ãã¹ãŠã®èŠå ±ã·ã¹ãã ãææ°åãããšã®å£°æãçºè¡šãããããããç¯äººã¯æ±ºããŠèŠã€ãããŸããã§ããã
***
ã¹ããŒãã·ãã£ã®æŠå¿µã«ã¯æ·±å»ãªãªã¹ã¯ã䌎ããŸãã倧éœåžã®å¶åŸ¡ã·ã¹ãã ããããã³ã°ãããå Žåãæ»æè ã¯äº€éç¶æ³ãæŠç¥çã«éèŠãªéœåžãªããžã§ã¯ããå¶åŸ¡ããããã«ãªã¢ãŒã ã¢ã¯ã»ã¹ãååŸããŸããããŒã¿ããŒã¹ã®çé£ã«ããªã¹ã¯ã䌎ããŸããããŒã¿ããŒã¹ã«ã¯ãéœåžã€ã³ãã©å šäœã«é¢ããæ å ±ã ãã§ãªããäœæ°ã®å人ããŒã¿ãå«ãŸããŸããéå°ãªé»åæ¶è²»ãšãããã¯ãŒã¯ã®éè² è·ãå¿ããŠã¯ãªããŸãããæ¶è²»é»åãå«ãããã¹ãŠã®ãã¯ãããžãŒã¯éä¿¡ãã£ãã«ãšããŒãã«çµã³ã€ããŠããŸãã
IoTããã€ã¹ææè ã®äžå®ã¬ãã«ã¯ãŒãã«è¿ã¥ããŸã
2017 幎ãTrustlook 㯠IoT ããã€ã¹ææè ã®ã»ãã¥ãªãã£ã«é¢ããæèã¬ãã«ã«é¢ãã調æ»ãå®æœããŸãããåçè ã® 35% ããããã€ã¹ã®äœ¿çšãéå§ããåã«ããã©ã«ã (å·¥å Žåºè·æã®) ãã¹ã¯ãŒããå€æŽããŠããªãããšãå€æããŸããããŸãããŠãŒã¶ãŒã®åæ°ä»¥äžã¯ãããã«ãŒæ»æãã身ãå®ãããã«ãµãŒãããŒã㣠ãœãããŠã§ã¢ããŸã£ããã€ã³ã¹ããŒã«ããŠããŸããã IoT ããã€ã¹ææè ã® 80% ã¯ãMirai ããããããã«ã€ããŠèããããšããããŸããã
åæã«ãã¢ãã®ã€ã³ã¿ãŒãããã®çºå±ã«äŒŽãããµã€ããŒæ»æã®æ°ã¯å¢å ããäžæ¹ã§ãããããŠãäŒæ¥ãåºæ¬çãªã»ãã¥ãªãã£èŠåãå¿ããŠãã¹ããŒããããã€ã¹ã賌å
¥ããäžæ¹ã§ããµã€ããŒç¯çœªè
ã¯äžæ³šæãªãŠãŒã¶ãŒããéã皌ãæ©äŒããŸããŸãå¢ããŠããŸããããšãã°ãææããããã€ã¹ã®ãããã¯ãŒã¯ã䜿çšã㊠DDoS æ»æãå®è¡ããããä»ã®æªæã®ããã¢ã¯ãã£ããã£ã®ãããã· ãµãŒããŒãšããŠäœ¿çšãããããŸãããããŠããããã®äžæå¿«ãªåºæ¥äºã®ã»ãšãã©ã¯ã次ã®ç°¡åãªã«ãŒã«ã«åŸãã°é²ãããšãã§ããŸãã
- ããã€ã¹ã®äœ¿çšãéå§ããåã«å·¥å Žåºè·æã®ãã¹ã¯ãŒããå€æŽããŠãã ãã
- ä¿¡é Œã§ããã€ã³ã¿ãŒããã ã»ãã¥ãªã㣠ãœãããŠã§ã¢ãã³ã³ãã¥ãŒã¿ãŒãã¿ãã¬ãããã¹ããŒããã©ã³ã«ã€ã³ã¹ããŒã«ããŸãã
- è³Œå ¥ããåã«ãã調ã¹ãŠãã ãããããã€ã¹ã¯å€ãã®å人ããŒã¿ãåéãããããã¹ããŒãã«ãªã£ãŠããŸããã©ã®ãããªçš®é¡ã®æ å ±ãåéãããããæ å ±ãã©ã®ããã«ä¿åããã³ä¿è·ããããã第äžè ãšå ±æããããã©ãããèªèããŠããå¿ èŠããããŸãã
- ããã€ã¹ã®è£œé å ã® Web ãµã€ãã§ãã¡ãŒã ãŠã§ã¢ã®ã¢ããããŒããå®æçã«ç¢ºèªããŠãã ãã
- ã€ãã³ã ãã°ãç£æ»ããããšãå¿ããªãã§ãã ãã (äž»ã«ãã¹ãŠã® USB ããŒãã®äœ¿çšç¶æ³ãåæããŸã)ã
åºæïŒ habr.com