Kuedza kweCybercriminals kutyisidzira maIT masisitimu ari kuramba achibuda. Semuenzaniso, pakati pemaitiro atakaona gore rino, zvakakosha kucherechedza pazviuru zvee-commerce masaiti kuba data rako pachako uye kushandisa LinkedIn kuisa spyware. Uyezve, matekiniki aya anoshanda: kukuvadzwa kubva kumhosva dzecyber muna 2018 kwakasvika .
Iye zvino vaongorori kubva kuIBM's X-Force Red chirongwa vakagadzira humbowo hwepfungwa (PoC) inogona kunge iri nhanho inotevera mukushanduka kwecyber mhosva. Inonzi , uye inosanganisa nzira dzehunyanzvi nedzimwe nzira dzechinyakare.
Mashandiro anoita ngarava dzehondo
Washipping inoshandisa komputa inosvikika, isingadhure uye ine simba rakaderera kuita kure kure kurwiswa munzvimbo yepedyo yeakabatwa, zvisinei nenzvimbo yevapari vecyber ivo pachavo. Kuti uite izvi, kadhi kadiki kane modem ine 3G yekubatanidza inotumirwa sepasuru kuhofisi yeanobatwa netsamba yenguva dzose. Kuvapo kwe modem kunoreva kuti mudziyo unogona kudzorwa kure.
Nekuda kweiyo yakavakirwa-mukati isina waya chip, mudziyo unotsvaga network dziri pedyo kuti itarise yavo network packet. Charles Henderson, mukuru weX-Force Red kuIBM, anotsanangura kuti: "Tikangoona 'hondo yedu' ichisvika pamusuwo wepamberi, mukamuri yetsamba kana nzvimbo yekudonhedzera tsamba, isu tinokwanisa kutarisa kure kure uye kushandisa maturusi kungoita kana kurwisa kunetiweki isina waya yemunhu akabatwa."
Kurwisa kuburikidza nehondo
Kana iyo inonzi "hondo yehondo" yave mukati mehofisi yemunhu akabatwa, mudziyo unotanga kuterera data pakiti pamusoro peiyo wireless network, iyo inogona kushandisa kupinda mukati metiweki. Inoteererawo maitiro emvumo yemushandisi kuti abatanidze kune akabatwa Wi-Fi network uye inotumira iyi data kuburikidza nenharembozha kune cybercriminal kuti akwanise kudhirodha ruzivo urwu uye atore password kune akabatwa Wi-Fi network.
Uchishandisa iyi isina waya yekubatanidza, anorwisa anogona ikozvino kufamba-famba netiweki yemunhu akabatwa, achitsvaga masisitimu ari munjodzi, data iripo, uye kuba ruzivo rwakavanzika kana mapassword emushandisi.
Kutyisidzira nekugona kukuru
Sekureva kwaHenderson, kurwiswa kwacho kune mukana wekuva kubira, kunoshanda mukati kutyisidzira: haina mari uye iri nyore kuita, uye inogona kuenda isingaonekwe nemunhu akabatwa. Uyezve, munhu anorwisa anogona kuronga kutyisidzira uku kubva kure, iri kure kure. Mune mamwe makambani uko huwandu hukuru hwetsamba uye mapakeji zvinogadziriswa zuva nezuva, zviri nyore kufuratira kana kusateerera kune diki package.
Chimwe chezvinhu chinoita kuti kurwiswa kwehondo kuve kuve nengozi zvakanyanya ndechekuti inogona kunzvenga chengetedzo yeemail iyo munhu anenge abatwa akaiswa panzvimbo yekudzivirira malware uye kumwe kurwiswa kunopararira kuburikidza nezvinamatidzwa.
Kudzivirira bhizinesi kubva mukutyisidzira uku
Tichifunga kuti izvi zvinosanganisira kurwisa kwemuviri vector iyo isina kutonga, zvingaite sekuti hapana chinogona kumisa kutyisidzira uku. Iyi ndeimwe yeaya kesi apo kungwarira neemail uye kusavimba zvakabatanidzwa mumaemail hazvishande. Zvisinei, pane zvigadziriso zvinogona kumisa kutyisidzira uku.
Mirairo yekudzora inobva muchikepe chehondo pachacho. Izvi zvinoreva kuti maitiro aya ari kunze kwesangano reIT system. kumisa otomatiki chero maitiro asingazivikanwe muIT system. Kubatanidza kune anorwisa mirairo uye control server uchishandisa yakapihwa "warship" inzira isingazivikanwe kuchengetedzwa, saka, nzira yakadaro ichavharwa, uye hurongwa hucharamba hwakachengeteka.
Parizvino, ngarava yehondo ichiri chiratidzo chepfungwa (PoC) uye haishandiswe mukurwiswa chaiko. Nekudaro, hunyanzvi hwekugara hwematsotsi e-cyber zvinoreva kuti nzira yakadai inogona kuitika munguva pfupi iri kutevera.
Source: www.habr.com