ProHoster > Ibhulogi > Ulawulo > Uphila kwaye ulungile: iintsholongwane ze-ransomware ngo-2019

Uphila kwaye ulungile: iintsholongwane ze-ransomware ngo-2019

Uphila kwaye ulungile: iintsholongwane ze-ransomware ngo-2019

Iintsholongwane zeRansomware, njengezinye iintlobo ze-malware, ziyaguquka kwaye zitshintshe ngokuhamba kweminyaka - ukusuka kwizitshixo ezilula ezithintele umsebenzisi ekungeneni kwinkqubo, kunye "namapolisa" e-ransomware esongela ukutshutshiswa ngenxa yokwaphulwa komthetho, size kwiinkqubo zokufihla. Ezi malware zifihla iifayile kwii-hard drives (okanye ii-drives ezipheleleyo) kwaye zifuna intlawulelo kungekhona ukubuyisela ukufikelela kwinkqubo, kodwa ngenxa yokuba ulwazi lomsebenzisi aluyi kucinywa, luthengiswe kwi-darknet, okanye luvezwe eluntwini kwi-intanethi. . Ngaphezu koko, ukuhlawula intlawulelo akuqinisekisi konke ukufumana isitshixo sokucofa iifayile. Kwaye hayi, oku "sele kwenzekile ikhulu leminyaka eyadlulayo", kodwa kusesisongelo sangoku.

Ngenxa yokuphumelela kwabahlaseli kunye nenzuzo yolu hlobo lohlaselo, iingcali zikholelwa ukuba ukuphindaphinda kwabo kunye nobuchule buya kwanda kuphela kwixesha elizayo. Ngu inikiwe I-Cybersecurity Ventures, ngo-2016, iintsholongwane ze-ransomware zahlasela iinkampani malunga nemizuzwana engama-40, ngo-2019 oku kwenzeka kanye ngemizuzwana eyi-14, kwaye ngo-2021 ukuphindaphinda kuya kunyuka ukuya kuhlaselo olunye rhoqo ngemizuzwana eyi-11. Kuyafaneleka ukuba uqaphele ukuba intlawulelo efunekayo (ngokukodwa ekuhlaselweni okujoliswe kuyo kwiinkampani ezinkulu okanye iziseko zedolophu) ngokuqhelekileyo ijika ibe ngamaxesha amaninzi ngaphantsi komonakalo obangelwa ukuhlaselwa. Ngaloo ndlela, uhlaselo lukaMeyi kwizakhiwo zikarhulumente eBaltimore, eMaryland, eUnited States, lwabangela umonakalo ongaphezu komlinganiselo. $18 yezigidi, kunye nexabiso lentlawulelo elibhengezwe ngabaduni ukuba li-76 lamawaka eedola kwi-bitcoin elinganayo. A uhlaselo kulawulo lwaseAtlanta, eGeorgia, idle i-2018 yezigidi zeerandi esi sixeko ngoAgasti 17, kunye nentlawulelo efunekayo yee-52 zeerandi.

Iingcali ze-Trend Micro zihlalutye uhlaselo zisebenzisa iintsholongwane ze-ransomware kwiinyanga zokuqala zika-2019, kwaye kweli nqaku siza kuthetha malunga neendlela eziphambili ezilindele ihlabathi kwisiqingatha sesibini.

Intsholongwane yeRansomware: idosi emfutshane

Intsingiselo yentsholongwane ye-ransomware icacile kwigama layo: ukusongela ukutshabalalisa (okanye, ngokuchaseneyo, ukupapasha) ulwazi oluyimfihlo okanye oluxabisekileyo kumsebenzisi, abahlaseli bayisebenzisela ukufuna intlawulelo yokubuyisela ukufikelela kuyo. Kubasebenzisi abaqhelekileyo, uhlaselo olunjalo alunandi, kodwa alubalulekanga: isoyikiso sokulahlekelwa yingqokelela yomculo okanye iifoto ezisuka eholideyini kule minyaka ilishumi idlulileyo akuqinisekisi ukuhlawulwa kwentlawulelo.

Imeko ibonakala ihluke ngokupheleleyo kwimibutho. Yonke iminithi yokunciphisa ishishini ixabisa imali, ngoko ke ukulahleka kokufikelela kwinkqubo, izicelo okanye idatha yenkampani yanamhlanje ilingana nelahleko. Kungenxa yoko le nto ugxininiso lohlaselo lwe-ransomware kwiminyaka yakutshanje luye lwatshintsha ngokuthe ngcembe ukusuka kwi-shelling virus ukuya ekunciphiseni umsebenzi kunye nokufudukela ekuhlaselweni okujoliswe kuko kwimibutho ekwiindawo zomsebenzi apho ithuba lokufumana intlawulelo kunye nobukhulu bayo bukhulu. Ngapha koko, imibutho ifuna ukuzikhusela kwizisongelo ngeendlela ezimbini eziphambili: ngokuphuhlisa iindlela zokubuyisela ngempumelelo iziseko zophuhliso kunye nogcino-lwazi emva kohlaselo, kunye nokwamkela iinkqubo zokhuselo lwe-cyber zanamhlanje ezifumanisa kwaye zitshabalalise ngokukhawuleza i-malware.

Ukuhlala ngoku kwaye uphuhlise izisombululo ezitsha kunye netekhnoloji yokulwa ne-malware, i-Trend Micro ihlala ihlalutya iziphumo ezifunyenwe kwiinkqubo zayo ze-cybersecurity. Ngokutsho kweTrend Micro Inethiwekhi yoKhuseleko lweSmart, imeko ngohlaselo lwe-ransomware kwiminyaka yakutshanje ijongeka ngolu hlobo:

Uphila kwaye ulungile: iintsholongwane ze-ransomware ngo-2019

UKhetho lwexhoba ngo-2019

Kulo nyaka, abaphuli be-cybercriminal baye bakhetha ngokucacileyo ngakumbi ekukhetheni kwabo amaxhoba: bajolise kwimibutho engakhuselwanga kwaye izimisele ukuhlawula imali eninzi ngokukhawuleza ukubuyisela imisebenzi eqhelekileyo. Kungenxa yoko, ukususela ekuqaleni konyaka, uhlaselo oluninzi sele lubhalwe kwizakhiwo zikarhulumente kunye nolawulo lwezixeko ezikhulu, kuquka iLake City (intlawulelo - i-530 yeedola zaseMelika) kunye neRiviera Beach (intlawulelo - i-600 yeedola zase-US) eFlorida, eU.SA.

Yaphulwe ngumzi mveliso, abona bantu bahlaselayo bajongeka ngolu hlobo:

β€” 27% - ii-arhente zikarhulumente;
β€” 20% - imveliso;
- 14% - unyango lwezempilo;
- 6% - urhwebo lokuthengisa;
β€” 5% - imfundo.

Izigebenga ze-Cybercriminal zihlala zisebenzisa i-OSINT (umthombo wolwazi woluntu) ukulungiselela uhlaselo kunye nokuvavanya inzuzo yayo. Ngokuqokelela ulwazi, bayiqonda ngcono imodeli yeshishini lombutho kunye neengozi zegama ezinokuchaphazeleka kuhlaselo. Abahlaseli baphinde bajonge ezona nkqubo zibalulekileyo kunye ne-subsystems ezinokuthi zibekwe zodwa okanye zikhubazwe kusetyenziswa iintsholongwane ze-ransomware - oku kwandisa ithuba lokufumana intlawulelo. Okokugqibela kodwa kuncinci, imeko yeenkqubo zokhuseleko lwe-cybersecurity iyavavanywa: akukho sizathu sokuqalisa ukuhlaselwa kwenkampani eneengcali ze-IT ezikwaziyo ukuyigxotha ngokusemandleni aphezulu.

Kwisiqingatha sesibini se-2019, lo mkhwa uya kuhlala ufanelekile. Abahlaseli baya kufumana imimandla emitsha yomsebenzi apho ukuphazamiseka kweenkqubo zoshishino kukhokelela kwilahleko enkulu (umzekelo, ukuthutha, iziseko ezingundoqo, amandla).

Iindlela zokungena kunye nokusuleleka

Iinguqu nazo zihlala zisenzeka kule ndawo. Ezona zixhobo zidumileyo zihlala ziyinkohliso, iintengiso ezikhohlakeleyo kwiiwebhusayithi kunye namaphepha e-Intanethi awosulelekileyo, kunye nokuxhaphaza. Ngexesha elifanayo, "i-accomplice" ephambili ekuhlaselweni kusengumsebenzisi wabasebenzi ovula ezi ndawo kwaye akhuphe iifayile ngeekhonkco okanye kwi-imeyile, ebangela ukusuleleka ngakumbi kwinethiwekhi yombutho wonke.

Nangona kunjalo, kwisiqingatha sesibini sika-2019 ezi zixhobo ziyakongezwa ku:

  • ukusetyenziswa okusebenzayo ngakumbi kohlaselo kusetyenziswa ubunjineli bezentlalo (uhlaselo apho ixhoba ngokuzithandela lenza izenzo ezifunwa yi-hacker okanye inika ulwazi, ekholelwa, umzekelo, ukuba unxibelelana nommeli wolawulo okanye umxhasi wombutho), eyenza lula ukuqokelelwa kolwazi malunga nabasebenzi kwimithombo efumanekayo eluntwini;
  • ukusetyenziswa kweziqinisekiso ezibiweyo, umzekelo, ukungena kunye neephasiwedi kwiinkqubo zokulawula ezikude, ezinokuthengwa kwi-darknet;
  • ukukhwabanisa ngokomzimba kunye nokungena okuya kuvumela abahlaseli be-site ukuba bafumane iinkqubo ezibalulekileyo kwaye boyise ukhuseleko.

Iindlela zokufihla ukuhlaselwa

Enkosi kwinkqubela phambili ye-cybersecurity, kubandakanya i-Trend Micro, ukufunyanwa kweentsapho ze-ransomware zakudala kube lula kakhulu kwiminyaka yakutshanje. Ukufunda ngoomatshini kunye netekhnoloji yohlalutyo lokuziphatha kunceda ukuchonga i-malware ngaphambi kokuba ingene kwinkqubo, ngoko ke abahlaseli kufuneka beze nezinye iindlela zokufihla uhlaselo.

Sele yaziwa ziingcali kwicandelo lokhuseleko lwe-IT kunye nobuchwepheshe obutsha be-cybercriminals zijolise ekunciphiseni iibhokisi zesanti zokuhlalutya iifayile ezikrokrelayo kunye neenkqubo zokufunda koomatshini, ukuphuhlisa i-malware engenafayili kunye nokusetyenziswa kwesoftware enelayisensi eyosulelekileyo, kubandakanya isoftware evela kubathengisi be-cybersecurity kunye neenkonzo ezahlukeneyo ezikude kunye nokufikelela uthungelwano lombutho.

Isiphelo kunye neengcebiso

Ngokubanzi, sinokuthi kwisiqingatha sesibini se-2019 kukho amathuba aphezulu okuhlaselwa okujoliswe kuyo kwimibutho emikhulu ekwazi ukuhlawula iintlawulo ezinkulu kwii-cybercriminals. Nangona kunjalo, abahlaseli abasoloko bephuhlisa izisombululo zokuqhekeza kunye ne-malware ngokwabo. Abanye babo, umzekelo, iqela elidumileyo leGandCrab, esele likhona yayeka imisebenzi yayo, emva kokufumana malunga ne-150 yezigidi zeedola zase-US, qhubeka nokusebenza ngokwe-RaaS scheme (i-ransomware-as-a-service, okanye "i-ransomware viruses njengenkonzo", ngokufaniswa ne-antivirus kunye neenkqubo zokukhusela i-cyber). Okokuthi, ukuhanjiswa kwe-ransomware eyimpumelelo kunye ne-crypto-lockers kulo nyaka akwenziwanga kuphela ngabadali babo, kodwa kunye "nabaqashi".

Kwiimeko ezinjalo, imibutho kufuneka ihlaziye rhoqo iinkqubo zabo ze-cybersecurity kunye nezicwangciso zokubuyisela idatha kwimeko yokuhlaselwa, kuba ekuphela kwendlela esebenzayo yokulwa neentsholongwane ze-ransomware akuyikuhlawula intlawulelo kunye nokunciphisa ababhali babo umthombo wenzuzo.

umthombo: www.habr.com

Yongeza izimvo