Lapho "izigqoko ezimnyama" - ezihlelekile zehlathi lasendle le-cyberspace - ziphumelela ngokukhethekile emsebenzini wazo ongcolile, abezindaba abaphuzi bakhala ngenjabulo. Ngenxa yalokhu, umhlaba usuqala ukubheka ukuphepha kwe-inthanethi ngokungathi sína. Kodwa ngeshwa hhayi ngaso leso sikhathi. Ngakho-ke, naphezu kwenani elandayo lezehlakalo eziyingozi ku-inthanethi, umhlaba awukakavuthwa ukuze kuthathwe izinyathelo ezisebenzayo. Kodwa-ke, kulindeleke ukuthi esikhathini esizayo esiseduze, ngenxa "yezigqoko ezimnyama," umhlaba uzoqala ukuthatha ngokungathí sina i-cybersecurity. [7]

Ibi kakhulu njengomlilo... Amadolobha ake asengozini yokusha imililo eyinhlekelele. Kodwa-ke, naphezu kwengozi engaba khona, izinyathelo zokuzivikela azizange zithathwe - ngisho nangemva komlilo omkhulu eChicago ngo-1871, owabulala amakhulukhulu ezimpilo futhi wasusa amakhulu ezinkulungwane zabantu. Izinyathelo zokuzivikela eziqinile zathathwa kuphela ngemva kokuba kwenzeke inhlekelele efanayo futhi, eminyakeni emithathu kamuva. Kuyafana nange-cybersecurity - umhlaba ngeke uxazulule le nkinga ngaphandle kokuthi kube nezigameko eziyinhlekelele. Kodwa ngisho noma kwenzeka izenzakalo ezinjalo, umhlaba ngeke uyixazulule le nkinga ngokushesha. [7] Ngakho-ke, ngisho nesisho esithi: “Kuze kuvele isinambuzane, umuntu ngeke axoshwe,” asisebenzi neze. Yingakho ngo-2018 sigubhe iminyaka engama-30 yokungavikeleki okudlondlobele.

Ukudonsa phansi kweLyrical

Ukuqala kwalesi sihloko, engasibhalela ekuqaleni kumagazini we-System Administrator, kwaba yisiprofetho ngomqondo othile. Umagazini onalesi sihloko waphuma ngokoqobo usuku nosuku nomlilo odabukisayo esikhungweni sezitolo saseKemerovo "Winter Cherry" (2018, March 20th).

Faka i-inthanethi emizuzwini engama-30

Emuva ngo-1988, umthala odumile we-hacker L0pht, ukhuluma ngokugcwele ngaphambi komhlangano wezikhulu zaseNtshonalanga ezinethonya elikhulu, wathi: “Imishini yenu esebenza ngama-computer isengozini yokuhlaselwa yi-Internet. Futhi isoftware, nehardware, kanye nezokuxhumana. Abathengisi bazo abakhathazekile nakancane ngalesi simo. Ngoba umthetho wesimanje awuhlinzeki nganoma yisiphi isibopho sendlela yobudedengu yokuqinisekisa ukuvikeleka ku-inthanethi kwesofthiwe ekhiqiziwe kanye nehadiwe. Isibopho sokwehluleka okungase kube khona (noma kuzenzekela noma kubangelwe ukungenelela kwezigebengu zamakhompiyutha) sibhekene nomsebenzisi wezinto zokusebenza kuphela. Ngokuqondene nohulumeni wobumbano, akanawo amakhono noma isifiso sokuxazulula le nkinga. Ngakho-ke, uma ufuna i-cybersecurity, i-inthanethi akuyona indawo yokuyithola. Umuntu ngamunye kwabayisikhombisa abahlezi phambi kwakho angakwazi ukuphula i-inthanethi ngokuphelele futhi, ngokufanelekile, abambe ukulawula okuphelele phezu kwemishini exhunywe kuyo. Ngodwa. Imizuzu engama-30 yamakhiya aqoshiwe futhi sekuphelile. ” [7]

Izikhulu zanqekuzisa amakhanda kwacaca ukuthi ziyabuqonda ubucayi besimo kodwa azenzi lutho. Namuhla, iminyaka engu-30 impela ngemuva kokusebenza okudumile kwe-L0pht, umhlaba usakhungethwe "ukungavikeleki okudlangile." Ukugebenga imishini yekhompuyutha, exhumeke ku-inthanethi kulula kangangokuthi i-inthanethi, ekuqaleni eyayiwumbuso wososayensi abanengqondo nabashisekayo, kancane kancane iye yathathwa ochwepheshe abanengqondo kakhulu: abakhwabanisi, abakhwabanisi, izinhloli, amaphekula. Bonke basebenzisa ubuthakathaka bemishini yekhompuyutha ukuze bathole izinzuzo zezezimali noma ezinye. [7]

Abathengisi abakunaki ukuphepha kwe-inthanethi

Abathengisi ngezinye izikhathi, kunjalo, bazama ukulungisa okunye ukukhubazeka okuhlonziwe, kodwa bakwenza ngokunqikaza kakhulu. Ngoba inzuzo yabo ayiveli ekuvikelweni kubaduni, kodwa kusukela ekusebenzeni okusha abakunikeza abathengi. Njengoba begxile kuphela enzuzweni yesikhashana, abathengisi batshala imali kuphela ekuxazululeni izinkinga zangempela, hhayi ezicatshangelwayo. I-Cybersecurity, emehlweni abaningi babo, yinto ecatshangelwayo. [7]

I-Cybersecurity yinto engabonakali, engabambeki. Iba yinto ebonakalayo kuphela lapho kuphakama izinkinga ngayo. Uma beyinakekela kahle (basebenzise imali eningi ekuhlinzekeni kwayo), futhi azikho izinkinga ngayo, umthengi wokugcina ngeke afune ukuyikhokhela ngokweqile. Ngaphezu kwalokho, ngaphezu kokwandisa izindleko zezezimali, ukuqaliswa kwezinyathelo zokuzivikela kudinga isikhathi esengeziwe sokuthuthukiswa, kudinga ukukhawulela amakhono emishini, futhi kuholela ekunciphiseni kokukhiqiza kwayo. [8]

Kunzima ukukholisa ngisho nabakhangisi bethu ukuthi kungenzeka yini izindleko ezisohlwini, ingasaphathwa eyokuqeda abathengi. Futhi njengoba abathengisi besimanje banentshisekelo kuphela enzuzweni yokuthengisa yesikhashana, abazimisele neze ukuthatha isibopho sokuqinisekisa ukuvikeleka ku-inthanethi kokudaliwe kwabo. [1] Ngakolunye uhlangothi, abathengisi abacophelela kakhulu abaye banakekela ukuphepha kwe-cybersecurity kwemishini yabo babhekene neqiniso lokuthi abathengi bezinkampani bakhetha ezinye izindlela ezishibhile nezisebenziseka kalula. Lokho. Kusobala ukuthi abathengi bezinkampani abanandaba kakhulu ne-cybersecurity nabo. [8]

Ngokwalokhu okungenhla, akumangazi ukuthi abathengisi bavame ukungakunaki ukuphepha kwe-inthanethi, futhi babambelele kule filosofi elandelayo: “Qhubeka wakha, qhubeka uthengisa futhi unamathisele lapho kunesidingo. Ingabe isistimu iphahlazekile? Ulwazi olulahlekile? Isizindalwazi esinezinombolo zekhadi lesikweletu sebiwe? Ingabe bukhona ubungozi obubulalayo obuphawulwe kumishini yakho? Ayikho inkinga!" Abathengi bona kufanele balandele isimiso esithi: “Patch and pray.” [7]

Lokhu kwenzeka kanjani: izibonelo ezivela endle

Isibonelo esimangalisayo sokunganakwa kwezokuphepha ku-inthanethi ngesikhathi sokuthuthukiswa uhlelo lwebhizinisi lwe-Microsoft lokukhuthaza: “Uma weqa izikhathi eziwumnqamulajuqu, uzohlawuliswa. Uma ungenaso isikhathi sokuthumela ukukhishwa kokusungula kwakho ngesikhathi, ngeke kusetshenziswe. Uma ingasetshenziswa, ngeke uthole amasheya enkampani (ucezu lukaphaya oluvela enzuzweni ye-Microsoft). Kusukela ngo-1993, iMicrosoft yaqala ukuxhumanisa imikhiqizo yayo ne-Intanethi ngentshiseko. Njengoba lesi sinyathelo sisebenza ngokuhambisana nohlelo olufanayo lokukhuthaza, ukusebenza kwanwetshwa ngokushesha kunokuba ukuvikela bekungakwazi ukuhambisana nakho. Kuyajabulisa abazingeli abasengozini ye-pragmatic... [7]

Esinye isibonelo yisimo esinamakhompiyutha nama-laptops: awafiki ne-antivirus efakwe ngaphambili; futhi futhi azikuhlinzekeli ngokusethwa ngaphambilini kwamaphasiwedi aqinile. Kucatshangwa ukuthi umsebenzisi wokugcina uzofaka i-antivirus futhi asethe imingcele yokucushwa kokuphepha. [1]

Esinye, isibonelo esedlulele kakhulu: isimo nge-cybersecurity yemishini yokudayisa (amarejista emali, amatheminali e-PoS ezikhungo zokuthenga, njll.). Kwenzeka ukuthi abathengisi bemishini yokuthengisa bathengise kuphela lokho okuthengiswayo, hhayi okuphephile. [2] Uma kunento eyodwa abathengisi bezinto ezithengiswayo abanakekelwa ngayo ngokuya nge-cybersecurity, ukwenza isiqiniseko sokuthi uma kwenzeka isigameko esiyimpikiswano, umthwalo wemfanelo uwela kwabanye. [3]

Isibonelo esiyinkomba yalokhu kuthuthukiswa kwemicimbi: ukuthandwa kwezinga le-EMV lamakhadi asebhange, okuthi, ngenxa yomsebenzi onekhono wabakhangisi bamabhange, libonakale emehlweni omphakathi ongekho ezingeni lobuchwepheshe njengendlela ephephile "ephelelwe yisikhathi" amakhadi kazibuthe. Ngesikhathi esifanayo, isisusa esikhulu semboni yamabhange, eyayinomthwalo wemfanelo wokuthuthukisa izinga le-EMV, kwakuwukushintsha umthwalo wemfanelo wezigameko zokukhwabanisa (ezenzeka ngenxa yephutha lamakhadi) - ukusuka ezitolo kuya kubathengi. Nakuba ngaphambilini (lapho izinkokhelo zenziwe ngamakhadi kazibuthe), isibopho sezezimali sasisezitolo ngokungafani kwedebhithi/isikweletu. [3] Ngakho amabhange acubungula izinkokhelo athutha umthwalo wemfanelo kubathengisi (abasebenzisa amasistimu abo okubhanga akude) noma emabhange akhipha amakhadi okukhokha; ababili bokugcina, bona, badlulisela umthwalo kumnikazi wekhadi. [2]

Abathengisi bavimbela ukuphepha kwe-cybersecurity

Njengoba indawo yokuhlasela kwedijithali ikhula ngokungenakuvinjelwa—ngenxa yokuqhuma kwemishini exhunywe ku-inthanethi—ukugcina ithrekhi yalokho okuxhunywe kunethiwekhi yebhizinisi kuba nzima nakakhulu. Ngesikhathi esifanayo, abathengisi basusa ukukhathazeka ngokuphepha kwazo zonke izinto ezixhunywe ku-inthanethi kubasebenzisi bokugcina [1]: “Ukusindisa abantu abaminzayo kuwumsebenzi wabantu abaminza ngokwabo.”

Akukhona nje ukuthi abathengisi abanandaba ne-cybersecurity yendalo yabo, kodwa kwezinye izimo baphinde baphazamise ukunikezwa kwayo. Isibonelo, lapho ngo-2009 i-Conficker network worm iputshuza e-Beth Israel Medical Center futhi yangenwa ingxenye yemishini yezokwelapha lapho, umqondisi wezobuchwepheshe walesi sikhungo sezokwelapha, ukuze avimbele izigameko ezifanayo ukuthi zenzeke esikhathini esizayo, wanquma ukukhubaza umsebenzi wokusekela umsebenzi ezintweni ezithintwe isikelemu ezinenethiwekhi. Kodwa-ke, wayebhekene neqiniso lokuthi "imishini ayikwazanga ukuvuselelwa ngenxa yemikhawulo yokulawula." Kumthathe umzamo omkhulu ukuxoxisana nomthengisi ukuze akhubaze imisebenzi yenethiwekhi. [4]

I-Basic Cyber-Insecurity ye-inthanethi

UDavid Clarke, uprofesa we-MIT ohlakaniphile ogama lakhe lingu-Albus Dumbledore, ukhumbula usuku lapho uhlangothi olumnyama lwe-inthanethi lwembulwa ngalo emhlabeni. UClark wayengusihlalo wengqungquthela yezokuxhumana ngoNovemba 1988 lapho kuzwakala izindaba zokuthi isibungu sokuqala sekhompyutha emlandweni sasidabule izintambo zenethiwekhi. UClark ukhumbule lesi sikhathi ngoba isikhulumi esasikhona engqungqutheleni yakhe (isisebenzi senye yezinkampani ezihamba phambili zezokuxhumana) sathweswa icala ngokusabalala kwalesi sikelemu. Lesi sikhulumi, ngokushisa kwemizwelo, sathi singaqondile: “Nakhu ke! Kubukeka sengathi ngibuvalile lobu buthakathaka,” ukhokhele la mazwi. [5]

Kodwa-ke, kamuva kwavela ukuthi ukuba sengozini okwasabalala isikelemu esishiwo kwakungekona ukufaneleka kwanoma yimuphi umuntu. Futhi lokhu, uma sikhuluma ngokuqinile, kwakungeyona ngisho nokuba sengozini, kodwa isici esiyisisekelo se-intanethi: abasunguli be-intanethi, lapho bethuthukisa ingqondo yabo, bagxile kuphela esivinini sokudluliswa kwedatha kanye nokubekezelelana kwamaphutha. Abazibekelanga umsebenzi wokuqinisekisa ukuvikeleka ku-inthanethi. [5]

Namuhla, ngemva kwamashumi eminyaka kwasungulwa i-Internet—sekusetshenziswe amakhulu ezinkulungwane zezigidi zamaRandi emizamweni eyize yokuvikela i-Internet—i-Internet isengozini efanayo. Izinkinga zayo ze-cybersecurity ziya ziba zimbi minyaka yonke. Nokho, ingabe sinelungelo lokugxeka abasunguli be-inthanethi ngalokhu? Phela, ngokwesibonelo, akekho oyogxeka abakhi bemigwaqo esheshayo ngeqiniso lokuthi izingozi zenzeka “emigwaqweni yabo”; futhi akekho oyolahla abahleli bamadolobha ngeqiniso lokuthi ukugetshengwa kwenzeka “emizini yabo.” [5]

Indlela i-hacker subculture yazalwa ngayo

I-Hacker subculture yaqala ekuqaleni kwawo-1960, "kwi-Railway Technical Modeling Club" (esebenza ngaphakathi kwezindonga ze-Massachusetts Institute of Technology). Abathandi bekilabhu baklama futhi bahlanganisa ujantshi oyimodeli, omkhulu kangangokuthi wagcwala igumbi lonke. Amalungu ekilabhu ahlukaniswa ngokuzenzakalelayo abe amaqembu amabili: abenzi bokuthula nochwepheshe besistimu. [6]

Eyokuqala yasebenza nengxenye engenhla yemodeli, eyesibili - ngaphansi komhlaba. Abokuqala baqoqa futhi bahlobisa amamodeli ezitimela namadolobha: balinganisa umhlaba wonke nge-miniature. Lesi sakamuva sasebenza ekusekelweni kwezobuchwepheshe kukho konke lokhu kuthula: ubunkimbinkimbi bezintambo, amaswishi adluliswayo kanye nokuxhumanisa okutholakala engxenyeni engaphansi yemodeli - yonke into elawula ingxenye "ngaphezulu" futhi yondla ngamandla. [6]

Lapho kunenkinga yethrafikhi futhi othile eqhamuka nesixazululo esisha nesihlakaniphile sokuyilungisa, ikhambi lalibizwa ngokuthi “i-hack.” Kumalungu eqembu, ukusesha kwama-hacks amasha sekuyincazelo engaphakathi yempilo. Yingakho baqala ukuzibiza "ngabaduni." [6]

Isizukulwane sokuqala sabagebengu basebenzise amakhono atholwe eSimulation Railway Club ngokubhala izinhlelo zekhompyutha emakhadini ashaywayo. Kwathi lapho i-ARPANET (eyandulela i-inthanethi) ifika ekhempasini ngo-1969, abaduni baba ngabasebenzisi bayo abakhuthele kakhulu nabanekhono. [6]

Manje, emashumini eminyaka kamuva, i-inthanethi yesimanje ifana naleyo ngxenye “engaphansi” yomzila wesitimela oyimodeli. Ngoba abasunguli bayo babengabaduki abafanayo, abafundi be-"Railroad Simulation Club". Abaduni kuphela manje abasebenzisa amadolobha angempela esikhundleni sezithombe ezincane ezilingisayo. [6]

Ukuthi umzila we-BGP waba kanjani

Ekupheleni kweminyaka yama-80s, ngenxa yokwenyuka okufana ne-avalanche enanini lamadivayisi axhunywe ku-inthanethi, i-inthanethi yafinyelela emkhawulweni oqinile wezibalo owakhiwe kwenye yezivumelwano eziyisisekelo ze-inthanethi. Ngakho-ke, noma iyiphi ingxoxo phakathi konjiniyela bangaleso sikhathi yagcina iphenduke ingxoxo ngale nkinga. Abangane ababili nabo babefana: uJacob Rechter (unjiniyela wakwa-IBM) noKirk Lockheed (umsunguli weCisco). Ngemva kokuhlangana ngenhlanhla etafuleni lesidlo sakusihlwa, baqala ukuxoxa ngezinyathelo zokulondoloza ukusebenza kwe-intanethi. Abangane babhala phansi imibono eyavela kunoma yini etholakalayo - i-napkin egcotshwe nge-ketchup. Bese kuba owesibili. Bese kuba owesithathu. “Umthetho olandelwayo wama-napkins amathathu,” njengoba abasunguli bawo bencokola ngokuncokola—owaziwa emibuthanweni esemthethweni ngokuthi i-BGP (Border Gateway Protocol)—ngokushesha wenza izinguquko ku-inthanethi. [8]

Ku-Rechter kanye ne-Lockheed, i-BGP yayimane nje iyigebengu elivamile, elithuthukiswe emoyeni we-Model Railroad Club eshiwo ngenhla, isisombululo sesikhashana esasizoshintshwa maduze. Abangani bathuthukisa i-BGP ngo-1989. Namuhla, nokho, eminyakeni engama-30 kamuva, iningi lethrafikhi ye-inthanethi lisahanjiswa kusetshenziswa "iphrothokholi ye-napkin emithathu" - naphezu kwezingcingo ezikhulayo ezishaqisayo mayelana nezinkinga ezibucayi nge-cybersecurity yayo. Ukugebenga kwesikhashana kwaba ngenye yezimiso eziyisisekelo ze-inthanethi, futhi abathuthukisi bayo bafunda kokuhlangenwe nakho kwabo ukuthi "ayikho into ehlala njalo kunezixazululo zesikhashana." [8]

Amanethiwekhi emhlabeni jikelele ashintshele ku-BGP. Abathengisi abanethonya, amakhasimende acebile nezinkampani zokuxhumana ngokushesha zayithanda i-BGP futhi zayijwayela. Ngakho-ke, naphezu kwezinsimbi ezengeziwe zokuxwayisa mayelana nokungavikeleki kwale phrothokholi, umphakathi we-IT namanje awubonisi umdlandla wokushintshela kumishini emisha, evikeleke kakhulu. [8]

Umzila we-BGP ongavikelekile ku-Cyber

Kungani umzila we-BGP muhle kangaka futhi kungani umphakathi we-IT ungajahi ukuwushiya? I-BGP isiza amarutha enze izinqumo mayelana nokuthi angayihambisa kuphi imifudlana emikhulu yedatha ethunyelwa kunethiwekhi enkulu yemigqa yokuxhumana ephambanayo. I-BGP isiza amarutha akhethe izindlela ezifanele nakuba inethiwekhi ishintsha njalo futhi imizila edumile ivamise ukubhekana nokuminyana kwethrafikhi. Inkinga ukuthi i-inthanethi ayinayo imephu yomhlaba wonke yomzila. Amarutha asebenzisa i-BGP enza izinqumo mayelana nokukhetha indlela eyodwa noma enye ngokusekelwe olwazini olutholwe komakhelwane ku-inthanethi, abaqoqa ulwazi komakhelwane babo, njll. Nokho, lolu lwazi lungakhohliswa kalula, okusho ukuthi umzila we-BGP usengozini enkulu ekuhlaselweni kwe-MiTM. [8]

Ngakho-ke, imibuzo efana nale elandelayo ivame ukuvela: "Kungani ithrafikhi phakathi kwamakhompyutha amabili e-Denver ithathe umzila omkhulu wokuphambukela e-Iceland?", "Kungani idatha ye-Pentagon yahlukaniswa lapho idluliswa ngokuhamba e-Beijing?" Kukhona izimpendulo zobuchwepheshe emibuzweni efana nale, kodwa zonke zehlela eqinisweni lokuthi i-BGP isebenza ngokusekelwe ekuthembekeni: ukwethemba izincomo ezitholwe kumarutha angomakhelwane. Ngenxa yokwethenjwa kwephrothokholi ye-BGP, abaphathi bethrafikhi abangaqondakali bangaheha ukugeleza kwedatha yabanye abantu esizindeni sabo uma bethanda. [8]

Isibonelo esiphilayo ukuhlasela kwe-BGP yaseChina e-American Pentagon. Ngo-April 2010, isikhondlakhondla sezingcingo esiphethwe uhulumeni i-China Telecom sathumela amashumi ezinkulungwane zamarotha emhlabeni jikelele, okuhlanganisa ne-16 e-United States, umlayezo we-BGP obatshela ukuthi banemizila engcono. Ngaphandle kwesistimu engaqinisekisa ukufaneleka komlayezo we-BGP ovela e-China Telecom, amarutha emhlabeni wonke aqala ukuthumela idatha edlula e-Beijing. Kubandakanya ithrafikhi evela ePentagon nezinye izingosi zoMnyango Wezokuvikela wase-US. Ukunethezeka kwethrafikhi ehlelwe kabusha kanye nokuntuleka kwesivikelo esisebenzayo kulolu hlobo lokuhlasela kungolunye uphawu lokungavikeleki komzila we-BGP. [8]

Iphrothokholi ye-BGP ngokombono isengozini yokuhlaselwa okuyingozi nakakhulu ku-inthanethi. Esimeni lapho izingxabano zamazwe ngamazwe zidlondlobala ngokugcwele ku-cyberspace, i-China Telecom, noma esinye isikhondlakhondla sezokuxhumana, singazama ukufuna ubunikazi bezingxenye ze-inthanethi okungezona ezayo ngempela. Ukunyakaza okunjalo kungadida amarutha, okungadingeka ukuthi agxume phakathi kwamabhidi aqhudelanayo amabhlogo afanayo amakheli e-inthanethi. Ngaphandle kwekhono lokuhlukanisa uhlelo lokusebenza olusemthethweni kolungelona iqiniso, amarutha azoqala ukwenza izinto ngendlela engaqondakali. Ngenxa yalokho, sizobhekana ne-inthanethi elingana nempi yenuzi—ukubonisa ubutha obuvulekile, nobukhulu. Intuthuko enjalo ngezikhathi zokuthula okulinganiselwe ibonakala ingenangqondo, kodwa ngokobuchwepheshe ingenzeka. [8]

Umzamo oyize wokusuka ku-BGP uye ku-BGPSEC

Ukuphepha kwe-Cybersecurity akuzange kucatshangelwe lapho i-BGP ithuthukiswa, ngoba ngaleso sikhathi ama-hacks ayengavamile futhi umonakalo ovela kuwo wawunganaki. Abathuthukisi be-BGP, ngoba basebenzela izinkampani zokuxhumana futhi benentshisekelo yokuthengisa imishini yabo yenethiwekhi, babenomsebenzi ocindezela kakhulu: ukugwema ukuwohloka okuzenzakalelayo kwe-inthanethi. Ngoba ukuphazamiseka ku-inthanethi kungahlukanisa abasebenzisi, futhi ngaleyo ndlela kunciphise ukuthengiswa kwezinto zenethiwekhi. [8]

Ngemuva kwesigameko sokudluliswa kwethrafikhi yezempi yaseMelika e-Beijing ngo-Ephreli 2010, ijubane lomsebenzi wokuqinisekisa ukuphepha kwe-cybersecurity komzila we-BGP ngokuqinisekile kwashesha. Kodwa-ke, abathengisi bezingcingo babonise intshiseko encane yokuthwala izindleko ezihlobene nokuthuthela kuphrothokholi yomzila evikelekile ye-BGPSEC, ehlongozwe njengokumiselela i-BGP engavikelekile. Abathengisi basabheka i-BGP njengeyamukelekayo, naphezu kwezigameko eziningi zokuvinjwa kwethrafikhi. [8]

U-Radia Perlman, obizwa ngokuthi "Umama We-intanethi" ngokusungula enye iphrothokholi yenethiwekhi enkulu ku-1988 (unyaka ngaphambi kwe-BGP), wathola i-doctorate yesiprofetho e-MIT. U-Perlman ubikezele ukuthi iphrothokholi yomzila encike ekuthembekeni komakhelwane ku-inthanethi ayivikelekile ngokuyisisekelo. U-Perlman wakhuthaza ukusetshenziswa kwe-cryptography, engasiza ukunciphisa amathuba okwenziwa komgunyathi. Kodwa-ke, ukuqaliswa kwe-BGP kwase kugcwele ngokugcwele, umphakathi we-IT onamandla wawujwayele, futhi wawungafuni ukushintsha lutho. Ngakho-ke, ngemva kwezixwayiso ezicatshangelwe kahle ezivela ku-Perlman, Clark nabanye ochwepheshe bomhlaba abavelele, isabelo esihlobene somzila we-BGP ovikelekile we-cryptographically awukhulanga nhlobo, futhi kusengu-0%. [8]

Ukuzulazula kwe-BGP akukona ukuphela kobugebengu

Futhi ukuzulazula kwe-BGP akukona ukuphela kokugebenga okuqinisekisa umbono wokuthi "akukho okuhlala unomphela kunezixazululo zesikhashana." Ngezinye izikhathi i-inthanethi, esicwilisa emhlabeni wamaphupho, ibonakala inhle njengemoto yomjaho. Kodwa-ke, empeleni, ngenxa yama-hacks anqwabelene phezu komunye nomunye, i-inthanethi ifana ne-Frankenstein kune-Ferrari. Ngoba lawa ma-hacks (abizwa ngokusemthethweni kakhulu ama-patches) awalokothi athathelwe indawo ubuchwepheshe obuthembekile. Imiphumela yale ndlela imbi kakhulu: nsuku zonke nangehora, izigebengu zama-inthanethi zigebenga izinhlelo ezisengozini, zandisa ububanzi bobugebengu bamakhompuyutha ukuze bufinyelele ezilinganisweni ebezingacatshangwa ngaphambilini. [8]

Amaphutha amaningi axhashazwa abagebengu bamakhompuyutha aziwa isikhathi eside, futhi alondolozwe kuphela ngenxa yokuthambekela komphakathi we-IT ekuxazululeni izinkinga ezivelayo - ngama-hacks/amapeshi esikhashana. Ngezinye izikhathi, ngenxa yalokhu, ubuchwepheshe obuphelelwe yisikhathi bunqwabelana phezu komunye nomunye isikhathi eside, okwenza izimpilo zabantu zibe nzima futhi zibabeke engozini. Ungacabangani uma ufunda ukuthi ibhange lakho lakha indawo yalo phezu kwesisekelo sotshani nodaka? Ubungamethemba yini ukuthi uzokugcina imali yakho? [8]

Isimo sengqondo sokunganaki sikaLinus Torvalds

Kuthathe iminyaka ngaphambi kokuthi i-inthanethi ifinyelele kumakhompyutha ayo ayikhulu lokuqala. Namuhla, amakhompyutha amasha angu-100 nezinye izinto ezixhunywe kuyo njalo ngomzuzwana. Njengoba amadivayisi axhumeke ku-inthanethi aqhuma, kanjalo nokuphuthuma kwezindaba zokuphepha ku-inthanethi. Kodwa-ke, umuntu ongaba nomthelela omkhulu ekuxazululeni lezi zinkinga yilowo obuka ukuphepha kwe-inthanethi ngokudelela. Le ndoda ibizwe ngongqondongqondo, isiqhwaga, umholi wezomoya kanye nomashiqela onomusa. Linus Torvalds. Iningi lamadivayisi axhumeke ku-inthanethi asebenzisa isistimu yawo yokusebenza, i-Linux. Kuyashesha, kuyavumelana nezimo, kumahhala - I-Linux iya idume kakhulu ngokuhamba kwesikhathi. Ngesikhathi esifanayo, iziphatha ngokuzinza kakhulu. Futhi ingasebenza ngaphandle kokuqalisa kabusha iminyaka eminingi. Yingakho i-Linux ihlonishwa ngokuba yisistimu yokusebenza ehamba phambili. Cishe yonke imishini yekhompuyutha etholakala kithi namuhla isebenzisa i-Linux: amaseva, imishini yezokwelapha, amakhompyutha endizayo, ama-drones amancane, izindiza zezempi nokunye okuningi. [9]

I-Linux iphumelela kakhulu ngoba i-Torvalds igcizelela ukusebenza nokubekezelela amaphutha. Kodwa-ke, ubeka lokhu kugcizelela ngezindleko ze-cybersecurity. Ngisho njengoba i-cyberspace kanye nomhlaba wangempela ongokoqobo kuhlangana kanye nokuvikeleka ku-inthanethi kuba yinkinga yomhlaba wonke, u-Torvalds uyaqhubeka nokumelana nokwethula izinto ezintsha ezivikelekile ohlelweni lwakhe lokusebenza. [9]

Ngakho-ke, ngisho naphakathi kwabalandeli abaningi be-Linux, kunokukhathazeka okukhulayo ngobungozi balolu hlelo lokusebenza. Ikakhulukazi, ingxenye esondelene kakhulu yeLinux, i-kernel yayo, iTorvalds esebenza kuyo uqobo. Abalandeli be-Linux bayabona ukuthi i-Torvalds ayizithathi ngokungathi sína izindaba ze-cybersecurity. Ngaphezu kwalokho, uTorvalds uzungezwe abathuthukisi ababelana ngalesi simo sengqondo sokunganaki. Uma othile ovela embuthanweni wangaphakathi kaTorvalds eqala ukukhuluma ngokwethula izinto ezintsha eziphephile, uyathukwa ngokushesha. UTorvalds walichitha iqembu labasunguli abanjalo, elibiza ngokuthi “izinkawu ezishaya indlwabu.” Njengoba uTorvalds evalelisa kwelinye iqembu labathuthukisi abakhathalela ezokuphepha, wathi kubo, “Ningaba nomusa kangaka nizibulale? Umhlaba ubungaba yindawo engcono ngenxa yalokho. ” Noma nini lapho kufikwa ekungezeni izici zokuphepha, uTorvalds wayehlale emelene nakho. [9] I-Torvalds ngisho nayo yonke ifilosofi mayelana nalokhu, engenawo nohlamvu lomqondo ophusile:

“Ukuphepha okuphelele akutholakali. Ngakho-ke, kufanele kuhlale kucatshangelwa kuphela ngokuphathelene nezinye izinto eziza kuqala: isivinini, ukuguquguquka nokulula ukusetshenziswa. Abantu abazinikele ngokuphelele ekunikezeni isivikelo bayahlanya. Ukucabanga kwabo kulinganiselwe, kumnyama nokumhlophe. Ukuvikeleka ngokwako akusizi ngalutho. Ingqikithi ihlale kwenye indawo. Ngakho-ke, awukwazi ukuqinisekisa ukuphepha okuphelele, noma ngabe ufuna ngempela. Yiqiniso, kunabantu abanaka kakhulu ukuphepha kuneTorvalds. Kodwa-ke, laba bafana bamane basebenzela kulokho abazithandayo futhi banikeze ukuphepha ngaphakathi kohlaka oluhlobene oluncane oluchaza lezi ntshisekelo. Angiphinde. Ngakho abafaki sandla ekwandiseni ukulondeka okuphelele.” [9]

Ibha eseceleni: I-OpenSource ifana ne-powder keg [10]

Ikhodi ye-OpenSource ilondoloze izigidigidi zezindleko zokuthuthukisa isofthiwe, isusa isidingo semizamo eyimpinda: nge-OpenSource, abahleli banethuba lokusebenzisa izinto ezintsha zamanje ngaphandle kwemikhawulo noma inkokhelo. I-OpenSource isetshenziswa yonke indawo. Ngisho noma uqashe umthuthukisi wesofthiwe ukuthi axazulule inkinga yakho ekhethekile kusukela ekuqaleni, lo njiniyela cishe uzosebenzisa uhlobo oluthile lwelabhulali ye-OpenSource. Futhi cishe ezingaphezu kweyodwa. Ngakho, izici ze-OpenSource zikhona cishe yonke indawo. Ngesikhathi esifanayo, kufanele kuqondwe ukuthi ayikho isofthiwe emile; ikhodi yayo ishintsha njalo. Ngakho-ke, umgomo othi "ukusetha futhi ukhohlwe" awusebenzi ekhodini. Kubandakanya ikhodi ye-OpenSource: maduze noma kamuva inguqulo ebuyekeziwe izodingeka.

Ngo-2016, sabona imiphumela yalesi simo: umthuthukisi oneminyaka engu-28 ubudala "waphula" kafushane i-inthanethi ngokususa ikhodi yakhe ye-OpenSource, ayeyenze yatholakala esidlangalaleni. Le ndaba ikhomba ukuthi ingqalasizinda yethu ye-inthanethi intekenteke kakhulu. Abanye abantu - abasekela amaphrojekthi we-OpenSource - babaluleke kakhulu ekuyinakekeleni kangangokuthi uma, uNkulunkulu ekwenqabela, beshayiswa ibhasi, i-intanethi izophuka.

Ikhodi okunzima ukuyigcina kulapho ubungozi bokuphepha ku-inthanethi bucashe kakhulu. Ezinye izinkampani aziboni nokuthi zisengozini kangakanani ngenxa yekhodi okunzima ukuyigcina. Ubungozi obuhlobene nekhodi enjalo bungavuthwa bube inkinga yangempela kancane kakhulu: amasistimu abola kancane, ngaphandle kokubonisa ukwehluleka okubonakalayo ohlelweni lokubola. Futhi lapho behluleka, imiphumela iba yingozi.

Okokugcina, njengoba amaphrojekthi we-OpenSource evame ukuthuthukiswa umphakathi wabashisekeli, njengoLinus Torvalds noma njengabaduni be-Model Railroad Club okukhulunywe ngabo ekuqaleni kwesihloko, izinkinga ezinekhodi okunzima ukuyigcina azikwazi ukuxazululwa ngezindlela zendabuko (kusetshenziswa izinsiza zezentengiselwano nezikahulumeni). Ngoba amalungu aleyo miphakathi enza ngamabomu futhi akwazisa ukuzimela kwawo ngaphezu kwakho konke okunye.

Ibha eseceleni: Mhlawumbe izinsiza zezobunhloli nabathuthukisi be-antivirus bazosivikela?

Ngo-2013, kwaziwa ukuthi iKaspersky Lab yayineyunithi ekhethekile eyenza uphenyo lwangokwezifiso lwezigameko zokuphepha kolwazi. Kuze kube muva nje, lo mnyango wawuholwa owayengumphathi wamaphoyisa, uRuslan Stoyanov, owake wasebenza eMnyangweni wenhloko-dolobha "K" (i-USTM yoMqondisi Wezindaba Zangaphakathi EMoscow). Bonke abasebenzi balolu phiko olukhethekile lwe-Kaspersky Lab baphuma ezikhungweni zomthetho, okuhlanganisa neKomidi Lophenyo kanye ne-Directorate "K". [ishumi nanye]

Ekupheleni kuka-2016, i-FSB yabopha uRuslan Stoyanov futhi yambeka icala lokuvukela umbuso. Esimweni esifanayo, uSergei Mikhailov, ummeleli ophezulu we-FSB CIB (isikhungo sokuphepha solwazi), waboshwa, lapho, ngaphambi kokuboshwa, yonke i-cybersecurity yezwe iboshiwe. [ishumi nanye]

Ibha eseceleni: I-Cybersecurity iyaphoqelelwa

Ngokushesha osomabhizinisi baseRussia bazophoqeleka ukuthi banake kakhulu ukuphepha kwe-cybersecurity. NgoJanuwari 2017, u-Nikolai Murashov, ummeleli weSikhungo Sokuvikelwa Kolwazi Nokuxhumana Okukhethekile, wathi eRussia, izinto ze-CII (ingqalasizinda yolwazi olubucayi) zihlaselwe izikhathi ezingaphezu kwezigidi ezingu-2016 ngo-70. Izinhloso ze-CII zihlanganisa izinhlelo zolwazi zama-ejensi kahulumeni, amabhizinisi emboni yezokuvikela, ezokuthutha, imboni yezikweletu nezezimali, amandla, amafutha kanye nezimboni zenuzi. Ukuze abavikele, ngo-July 26, uMongameli waseRussia uVladimir Putin wasayina iphakethe lemithetho ethi “On the Safety of CII.” NgoJanuwari 1, 2018, lapho umthetho uqala ukusebenza, abanikazi bezikhungo ze-CII kumele basebenzise isethi yezinyathelo zokuvikela ingqalasizinda yabo ekuhlaselweni kwabaduni, ikakhulukazi, ukuxhuma ku-GosSOPKA. [12]

I-Bibliography

1. Jonathan Millet. I-IoT: Ukubaluleka Kokuvikela Amadivayisi Akho Ahlakaniphile // 2017.
2. URoss Anderson. Yeka ukuthi izinhlelo zokukhokha ze-smartcard zihluleka kanjani // I-Black Hat. 2014.
3. SJ Murdoch. I-Chip ne-PIN Yephukile // Izinqubo ze-IEEE Symposium Yokuphepha Nobumfihlo. 2010. pp. 433-446.
4. UDavid Talbot. Amagciwane Ekhompyutha “Adlangile” Kumadivaysi Ezokwelapha Ezibhedlela // Ukubuyekezwa kwe-MIT Technology (Digital). 2012.
5. UCraig Timberg. Isamba Sokungavikeleki: Ukugeleza Kwedizayini // I-Washington Post. 2015.
6. UMichael Lista. Wayengumgebenga osebenzisa izigidi zakhe ezimotweni, ezingutsheni nasemawashi—kwaze kwaba yilapho i-FBI ibamba. // I-Toronto Life. 2018.
7. UCraig Timberg. Isamba Sokungavikeleki: Inhlekelele Ebikezelwe - Futhi Inganakwa // I-Washington Post. 2015.
8. UCraig Timberg. Impilo ende 'yokulungisa' okusheshayo: Iphrothokholi ye-inthanethi kusukela ngo-1989 ishiya idatha engozini kubaduni // I-Washington Post. 2015.
9. UCraig Timberg. Ingqikithi Yokungavikeleki: Ingqikithi yengxabano // I-Washington Post. 2015.
10. Joshua Gans. Ingabe Ikhodi Yomthombo Ovulekile Ingenza Ukwesaba Kwethu Kwe-Y2K Ekugcineni Kufezeke? // I-Harvard Business Review (Idijithali). 2017.
11. Umphathi ophezulu weKaspersky uboshwe yiFSB // Izindaba. 2017. URL.
12. UMaria Kolomychenko. I-Cyber ​​​​intelligence service: I-Sberbank ihlongoze ukudala ikomkhulu lokulwa nabaduni // RBC. 2017.

Source: www.habr.com