2. Kudzidziswa kwevashandisi mune zvekutanga zvekuchengetedza ruzivo. Phishman

Isu tinoenderera mberi nekukuzivisa iwe kune nyika inorwisa phishing, inodzidza izvo zvekutanga zveinjiniya yemagariro uye usakanganwa kudzidzisa vashandi vayo. Nhasi tine chigadzirwa chePhishman semuenzi. Uyu ndomumwe wevabatsiri veTS Solution, iyo inopa otomatiki sisitimu yekuyedza nekudzidzisa vashandi. Muchidimbu nezvepfungwa yake:

• Kuzivikanwa kwezvido zvekudzidziswa zvevashandi chaivo.

• Dzidzo dzinoshanda uye dzedzidziso dzevashandi kuburikidza neiyo portal yekudzidza.

• Flexible sisitimu yekushandisa otomatiki.

Product Sumo

The company Phishman Kubva 2016, anga achigadzira software ine chekuita nekuyedza uye kudzidzisa sisitimu yevashandi vemakambani makuru mumunda wecybersecurity. Pakati pevatengi kune vamiririri vakasiyana-siyana vemabhizimisi: mari, inishuwarenzi, kutengeserana, mashizha uye giants maindasitiri - kubva kuM.Video kusvika kuRosatom.

Suggested Solutions

Phishman anoshanda pamwe nemakambani akasiyana-siyana (kubva kumabhizimisi maduku kusvika kumakambani makuru), pakutanga zvakakwana kuva nevashandi gumi. Funga nezvemutemo wemitengo nemarezinesi:

1. Kune mabhizinesi madiki:

   Uye) Phishman Lite - vhezheni yechigadzirwa kubva ku10 kusvika kuvashandi ve249 nemutengo wekutanga werezinesi kubva ku875 rubles. Iine iwo makuru mamodule: kuunganidza ruzivo (kuyedza kutumira kwe phishing emails), kudzidziswa (3 yakakosha makosi ekuchengetedza ruzivo), otomatiki (kumisikidza yakajairika nzira yekuyedza).

   B) Phishman Standard - chigadzirwa vhezheni kubva 10 kusvika 999 vashandi vane mutengo wekutanga werezinesi kubva ku1120 rubles. Kusiyana neLite vhezheni, inokwanisa kuwiriranisa neyako kambani AD server, iyo module yekudzidzisa ine 5 makosi.

2. Kune bhizinesi hombe:

   Uye) Phishman Enterprise - mune iyi mhinduro, nhamba yevashandi haina kuganhurirwa, inopa yakazara nzira yekusimudza ruzivo rwevashandi mumunda wekuchengetedza ruzivo kumakambani echero saizi nekukwanisa kugadzirisa makosi kune zvinodiwa nemutengi uye bhizinesi. Kuwiriranisa neAD, SIEM, DLP masisitimu iripo kuunganidza ruzivo nezvevashandi uye kuona vashandisi vanoda kudzidziswa. Pane tsigiro yekubatanidza neiyo iripo dhizaini yekudzidza kure (LMS), kunyoreswa pachayo kune 7 basic IB makosi, mana epamberi uye matatu emitambo. Iyo zvakare inotsigira inonakidza sarudzo yekudzidzira kurwisa uchishandisa USB madhiraivha (flash makadhi).

   B) Phishman Enterprise+ -iyo yakakwidziridzwa vhezheni inosanganisira ese Enterpise sarudzo, zvinogoneka kugadzira ako ega ekubatanidza uye mishumo (nerubatsiro rwePhishman mainjiniya).

   Saka, chigadzirwa chacho chinogona kugadziridzwa zviri nyore kumabasa eimwe bhizinesi uye chakabatanidzwa mune iripo ruzivo rwekuchengetedza ruzivo masisitimu.

Nhanganyaya kuhurongwa

Kunyora chinyorwa, takaisa marongero ane anotevera maitiro:

1. Ubuntu Server kubva vhezheni 16.04.

2. 4 GB RAM, 50 GB hard disk space, 1 GHz kana inokurumidza processor.

3. Windows server ine basa reDNS, AD, MAIL.

Kazhinji, iyo seti ndeyeyero uye haidi zvakawanda zviwanikwa, kunyanya uchifunga kuti iwe kazhinji unotova neAD server. Panguva yekuendesa, chigadziko cheDocker chichaiswa, icho chinozogadzirisa otomatiki kuwana kune manejimendi uye yekudzidziswa portal.

Pasi pemuparadzi, yakajairika network dhayagiramu neFishman

Yakajairika network diagram

Tevere, isu tichajairana neiyo system interface, manejimendi sarudzo uye, hongu, mabasa.

Pinda kune manejimendi portal

Iyo Phishman Administration Portal inoshandiswa kubata rondedzero yemadhipatimendi nevashandi vekambani. Inotangisa kurwisa kutumira maemail e phishing (sechikamu chekudzidziswa), mhedzisiro inogadzirwa mumishumo. Iwe unogona kuenda kwairi neIP kero kana zita rezita raunotsanangura paunenge uchitumira sisitimu.

Mvumo pane Phishman portal

Akanaka majeti ane nhamba dzevashandi vako anozowanikwa kwauri pane iyo huru peji:

Phishman main page

Kuwedzera Vashandi veKudyidzana

Kubva pane huru menyu, unogona kuenda kune chikamu "Vashandi", uko kune runyoro rwevashandi vese vekambani vakaputswa nedhipatimendi (pamaoko kana kuburikidza neAD). Iine zvishandiso zvekutarisira data ravo, zvinokwanisika kuvaka chimiro zvinoenderana nehurumende.

User Control PanelKadhi rekugadzira vashandi

Sarudzo: kubatanidzwa neAD kunowanikwa, izvo zvinokutendera kuti uite otomatiki maitiro ekudzidzisa vashandi vatsva uye kuchengetedza huwandu hwehuwandu.

Kutanga kwekudzidziswa kwevashandi

Mushure mekunge mawedzera ruzivo nezvevashandi vekambani, zvinokwanisika kuvatumira kumakosi ekudzidziswa. Pazvinogona kubatsira:

• mushandi mutsva;

• kudzidziswa kwakarongwa;

• kukurumidza kosi (kune chiitiko cheruzivo, zvakakosha kunyevera).

Iyo rekodhi inowanikwa kune ese mushandi wega uye yedhipatimendi rese.

Kuumbwa kwekosi yekudzidzira

Pane zvingasarudzwa:

• gadzira boka rekudzidza (batanidza vashandisi);

• sarudzo yekudzidzira kosi (nhamba zvichienderana nerezinesi);

• kuwana (zvechigarire kana zvenguva pfupi nemazuva).

Zvinokosha!

Kekutanga mushandi anonyoresa mukosi, vanogashira email ine ruzivo rwekupinda yeKudzidza Portal. Iyo yekukoka interface itemplate, inowanikwa shanduko pakufunga kweMutengi.

Tsamba yemuenzaniso yekukokwa kunodzidza

Kana iwe ukadzvanya pane chinongedzo, mushandi anoendeswa kunzvimbo yekudzidzira, uko kufambira mberi kwake kunozorekodhwa otomatiki uye kuratidzwa muhuwandu hwePhishman maneja.

Mushandisi Akatangisa Kosi Muenzaniso

Kushanda nemaitiro ekurwisa

Iwo matemplate anotendera iwe kutumira yakanangwa yekudzidziswa phishing email ine tarisiro pasocial engineering.

Chikamu "Matemplate"

Matemplate ari mukati mezvikamu, semuenzaniso:

Tsvaga tebhu yeakavakirwa-mukati matemplate kubva kune akasiyana siyana

Iko kune ruzivo pamusoro peimwe neimwe yakagadzirira-yakagadzirwa templates, kusanganisira kushanda zvakanaka.

Muenzaniso we "Twitter Newsletter" template

Izvo zvakakoshawo kutaura kugona kuri nyore kugadzira yako matemplate: ingokopa zvinyorwa kubva mutsamba uye inozoshandurwa otomatiki kuita HTML kodhi.

Cherechedza:

kudzokera kuzvinyorwa 1 chinyorwa, saka taifanira kusarudza nemaoko template yekugadzirira phishing kurwisa. Phishman's Enterprise solution ine nhamba huru yeakasanganiswa matemplate, uye kune tsigiro yezvishandiso zviri nyore zvekugadzira yako. Pamusoro pezvo, mutengesi anoshingairira kutsigira vatengi uye anogona kubatsira kuwedzera akasiyana matemplate, ayo atinotenda kuti anowedzera kushanda nesimba.  

General setup uye rubatsiro

Muchikamu che "Settings", iyo Phishman system parameters inoshanduka zvichienderana nehuwandu hwekuwana hwemushandisi wezvino (nekuda kwezvirambidzo zvekugadzirisa, ivo vakanga vasina kukwana zvakakwana kwatiri).

Interface ye "Settings" chikamu

Ngatinyorei muchidimbu sarudzo dzekugadzirisa:

• network parameters (mail server kero, port, encryption, authentication);

• kusarudzwa kwehurongwa hwekudzidzisa (kubatanidzwa nedzimwe LMS kunotsigirwa);

• kugadzirisa kutumira uye kudzidzisa matemplate;

• dema rondedzero yemakero (mukana unokosha wekusabvisa kutora chikamu mune phishing mailings, semuenzaniso, kune vatungamiriri vekambani);

• manejimendi evashandisi (kugadzira, kugadzirisa maakaundi ekuwana);

• update (mamiriro ekuona uye kuronga).

Vatungamiri vachawana chikamu che "Rubatsiro" chinobatsira, chinokwanisa kuwana bhuku rekushandisa nekuongorora kwakadzama kwekushanda naPhishman, kero yebasa rekutsigira uye ruzivo nezve mamiriro ehurongwa.

Batsira chikamu chekubatanidzaRuzivo nezve mamiriro ehurongwa

Kurwiswa uye kudzidziswa

Mushure mekuongorora sarudzo dzekutanga uye masisitimu ehurongwa, tichaita kurwisa kwekudzidzira, nekuda kweizvi tichavhura chikamu che "Attacks".

Control panel interface "Attacks"

Mariri, tinogona kuona mhedzisiro yekurwiswa kwakatotangwa, kugadzira zvitsva, zvichingodaro. Ngatitsanangurei matanho ekutanga mushandirapamwe.

Attack kutanga

1) Ngatishevedze kurwisa kutsva "data leakage".

Tsanangura zvirongwa zvinotevera:

Kupi:

Sender → iyo yekutumira domain inotsanangurwa (nekuda, kubva kune mutengesi).

Phishing Forms → anoshandiswa mumatemplate kuyedza kuwana data kubva kune vashandisi, nepo chete chokwadi chekupinda chakanyorwa, iyo data haina kuchengetwa.

Dana kutumira → kutungamira kune peji kunoratidzwa mushure mekunge mushandisi afamba.

2) Padanho rekugovera, nzira yekurwisa yekuparadzira inoratidzwa

Kupi:

Attack type → inotsanangura kuti kurwiswa kuchaitika sei uye kwenguva yakareba sei. (Sarudzo inosanganisira isiri-uniform nhepfenyuro modhi, nezvimwewo)

Kutumira nguva yekutanga → tsanangura nguva yekutanga kutumira mameseji.

3) Padanho re "Zvinangwa", vashandi vanoratidzwa nedhipatimendi kana mumwe nemumwe

4) Mushure meizvozvo, tinoratidza matemplate ekurwiswa kwatokanganiswa nesu:

Saka, kuti titange kurwisa, taida:

a) gadzira template yekurwisa;

b) tsanangura nzira yekugovera;

c) sarudza zvinangwa;

d) sarudza iyo phishing email template.

Kuongorora mhedzisiro yekurwisa

Pakutanga tine:

Kubva kudivi remushandisi, meseji nyowani inoonekwa:

Kana yakavhurwa:

Kana iwe ukadzvanya pane chinongedzo, iwe unozokurudzirwa kuisa data kubva kune tsamba:

Mukufanana, isu tinotarisa huwandu hwekurwisa:

Zvinokosha!

Mutemo waPhishman ndewekunyatso kutevedzera zvinodzora uye zvehutsika zviyero, saka iyo data yakapinzwa nemushandisi haina kuchengetwa chero kupi, chokwadi chekudonha ndicho chakanyorwa.

Mishumo

Zvese zvakaitwa pamusoro zvinofanirwa kutsigirwa nenhamba dzakasiyana uye ruzivo rwese nezve chiyero chekugadzirira kwevashandi. Pane chikamu chakasiyana "Reports" chekutarisa.

Zvinosanganisira:

• Chirevo chekudzidziswa chinoratidza ruzivo nezvemibairo yekupedza kosi mukati menguva yekushuma.

• Chirevo chekurwisa chinoratidza mhedzisiro yekurwiswa kwe phishing (nhamba yezviitiko, nguva, nezvimwewo).

• Chirevo chekufambira mberi kwekudzidza chinoratidza kushanda kwevashandi vako.

• Chirevo pamusoro pesimba rekusagadzikana kwe phishing (muchidimbu ruzivo nezvezviitiko).

• Analytical report (kuita kwevashandi kune zviitiko zvisati zvaitika / mushure).

Kushanda neshumo

1) Ngatiite "Gadzira chirevo".

2) Rondedzera dhipatimendi / vashandi kuti vagadzire chirevo.

3) Sarudza nguva

4) Taura makosi ekufarira

5) Isu tinoumba mushumo wekupedzisira

Saka, mishumo inobatsira kuratidza nhamba mune iri nyore fomu uye kutarisa mhedzisiro yekudzidzira portal, pamwe nemaitiro evashandi.

Kudzidza otomatiki

Zvakaparadzana, zvakakodzera kutaura kugona kugadzira otomatiki mitemo inozobatsira vatariri kugadzirisa iyo logic yePhishman.

Kunyora otomatiki script

Kuti ugadzirise, enda kune "Mitemo" chikamu. Isu tinopihwa:

1) Taura zita uye isa nguva yekutarisa mamiriro acho.

2) Gadzira chiitiko chakavakirwa pane imwe masosi (Phishing, Kudzidziswa, Vashandisi), kana paine akati wandei, saka unogona kushandisa anonzwisisika opareta (AND / OR). 

Mumuenzaniso wedu, takagadzira mutemo unotevera: "Kana mushandisi akadzvanya pane yakaipa link kubva kune imwe yekurwiswa kwedu phishing, anozonyoreswa mukosi yekudzidzira, uye nekudaro, anogashira kukokwa neemail, uye kufambira mberi kuteverwa.

Sarudzo:

-> Pane tsigiro yekugadzira mitemo yakasiyana-siyana kubva (DLP, SIEM, Antivirus, Human Resources, nezvimwewo). 

Mamiriro ezvinhu: "Kana mushandisi akatumira ruzivo rwakadzama, ipapo DLP inotora chiitiko uye yotumira data kuPhishman, uko mutemo unotangwa: ipa kosi kune zvakavanzika zveruzivo mushandi."

Saka, maneja anogona kuderedza mamwe maitiro echinyakare (kutumira vashandi kudzidziswa, kuitisa kurwisa kwakarongwa, nezvimwewo).

Pane mhedziso

Nhasi tazivana neRussia mhinduro ye automating maitiro ekuyedza nekudzidzisa vashandi. Inobatsira mukugadzirira kambani kutevedzera Federal Law 187, PCI DSS, ISO 27001. Zvakanakira kudzidziswa kuburikidza nePhishman zvinosanganisira:

• Customization yemakosi - kugona kushandura zvirimo mumakosi;

• Branding - kugadzira dhijitari chikuva zvinoenderana nemaitiro ako emakambani;

• Shanda kunze kwenyika - kuisirwa pane yako server;

• Automation - kugadzira mitemo (zvinyorwa) zvevashandi;

• Kushuma - nhamba dzezviitiko zvekufarira;

• Rezinesi kuchinjika - rutsigiro kubva kune gumi vashandisi. 

Kana iwe uchifarira mhinduro iyi, unogona kugara uchibata kwatiri, isu tichabatsira kuronga mutyairi uye kubvunza pamwe nevamiriri vePhishman. Ndizvo zvese zvanhasi, dzidza wega uye dzidzisa vashandi vako, tokuona munguva pfupi!

Source: www.habr.com