Ngenkathi abashisekayo belindele ngomdlandla ukwethulwa ngobuningi kwamanethiwekhi esizukulwane sesihlanu, izigebengu zama-inthanethi zihlikihla izandla, zilindele amathuba amasha okwenza inzuzo. Naphezu kwayo yonke imizamo yabathuthukisi, ubuchwepheshe be-5G buqukethe ukukhubazeka, ukuhlonza okuyinkimbinkimbi ngenxa yokuntula isipiliyoni ekusebenzeni ezimweni ezintsha. Sihlole inethiwekhi encane ye-5G futhi sahlonza izinhlobo ezintathu zobungozi, esizoxoxa ngazo kulokhu okuthunyelwe.
Into yokufunda
Ake sicabangele isibonelo esilula - imodeli yenethiwekhi yekhempasi ye-5G engeyona eyomphakathi (Inethiwekhi Engeyona Eyomphakathi, i-NPN), exhunywe emhlabeni wangaphandle ngokusebenzisa iziteshi zokuxhumana zomphakathi. Lawa amanethiwekhi azosetshenziswa njengamanethiwekhi ajwayelekile esikhathini esizayo esiseduze kuwo wonke amazwe ajoyine umjaho we-5G. Indawo engaba khona yokuthumela amanethiwekhi alokhu kucushwa amabhizinisi "ahlakaniphile", amadolobha "ahlakaniphile", amahhovisi ezinkampani ezinkulu nezinye izindawo ezifanayo ezinezinga eliphezulu lokulawula.
Ingqalasizinda ye-NPN: inethiwekhi evaliwe yebhizinisi ixhunywe kunethiwekhi yomhlaba wonke ye-5G ngokusebenzisa iziteshi zomphakathi. Umthombo: Trend Micro
Ngokungafani namanethiwekhi esizukulwane sesine, amanethiwekhi e-5G agxile ekucutshungulweni kwedatha yesikhathi sangempela, ngakho ukwakheka kwawo kufana nephayi elinezingqimba eziningi. Ukwendlalela kuvumela ukusebenzisana okulula ngokumisa ama-API okuxhumana phakathi kwezendlalelo.
Ukuqhathaniswa kwezakhiwo ze-4G ne-5G. Umthombo: Trend Micro
Umphumela uba ukukhuphuka kwamakhono okuzenzakalela kanye nezikali, ezibalulekile ekucubunguleni amanani amakhulu olwazi oluvela ku-inthanethi Yezinto (IoT).
Ukuhlukaniswa kwamazinga akhiwe ezingeni le-5G kuholela ekuveleni kwenkinga entsha: izinhlelo zokuphepha ezisebenza ngaphakathi kwenethiwekhi ye-NPN zivikela into kanye nefu layo eliyimfihlo, izinhlelo zokuphepha zamanethiwekhi angaphandle zivikela ingqalasizinda yazo yangaphakathi. I-traffic phakathi kwe-NPN namanethiwekhi angaphandle ibhekwa njengephephile ngoba ivela ezinhlelweni ezivikelekile, kodwa empeleni akekho oyivikelayo.
Ocwaningweni lwethu lwakamuva Sethula izimo ezimbalwa zokuhlaselwa kwe-cyber kumanethiwekhi e-5G axhaphazayo:
- Ukuba sengozini kwekhadi le-SIM,
- ubungozi benethiwekhi,
- ubungozi besistimu yokuhlonza.
Ake sibheke ukuba sengozini ngakunye ngemininingwane eyengeziwe.
Ukuba sengozini kwekhadi le-SIM
I-SIM khadi iyidivayisi eyinkimbinkimbi futhi enesethi yonke yezinhlelo zokusebenza ezakhelwe ngaphakathi - I-SIM Toolkit, STK. Enye yalezi zinhlelo, i-S@T Browser, ingasetshenziswa ngokwethiyori ukubuka amasayithi angaphakathi omqhubi, kodwa ekusebenzeni sekuyisikhathi eside ikhohliwe futhi ayizange ibuyekezwe kusukela ngo-2009, njengoba le misebenzi manje yenziwa ngezinye izinhlelo.
Inkinga ukuthi Isiphequluli se-S @ T siphenduke saba sengozini: i-SMS yesevisi elungiselelwe ngokukhethekile igebenga i-SIM khadi futhi iyiphoqe ukuthi ikhiphe imiyalo edingwa ngumgebengu, futhi umsebenzisi wefoni noma idivayisi ngeke abone lutho olungajwayelekile. Ukuhlasela kwaqanjwa futhi inikeza amathuba amaningi kubahlaseli.
Ukuhlasela kwe-Simjacking kunethiwekhi ye-5G. Umthombo: Trend Micro
Ikakhulukazi, ivumela umhlaseli ukuthi adlulisele idatha mayelana nendawo yobhalisile, isihlonzi sedivayisi yakhe (IMEI) kanye nombhoshongo weselula (I-ID yeselula), kanye nokuphoqa ifoni ukuthi ishaye inombolo, ithumele i-SMS, ivule isixhumanisi isiphequluli, futhi uvale ngisho ne-SIM khadi.
Kumanethiwekhi e-5G, lobu bungozi bamakhadi we-SIM buba yinkinga enkulu uma kubhekwa inani lamadivayisi axhunyiwe. Nakuba , kumanethiwekhi esizukulwane sesihlanu kusenjalo . Futhi njengoba yonke into isebenza kanje, awukwazi ukulindela ukushintshwa okusheshayo kwamakhadi akhona e-SIM.
Ukusetshenziswa okunonya kokuzulazula. Umthombo: Trend Micro
Ukusebenzisa i-Simjacking kukuvumela ukuthi uphoqe i-SIM khadi kumodi yokuzula bese uyiphoqa ukuthi ixhume embhoshongweni weseli olawulwa umhlaseli. Kulokhu, umhlaseli uzokwazi ukushintsha izilungiselelo zekhadi le-SIM ukuze alalele izingxoxo zocingo, ethule uhlelo olungayilungele ikhompuyutha futhi enze izinhlobo ezihlukahlukene zokuhlasela esebenzisa idivayisi equkethe i-SIM khadi eyonakele. Okuzomvumela ukuthi enze lokhu iqiniso lokuthi ukusebenzisana namadivayisi ekuzuleni kwenzeka ngokudlula izinqubo zokuphepha ezithathwe kumadivayisi akunethiwekhi "yasekhaya".
Ubungozi benethiwekhi
Abahlaseli bangashintsha izilungiselelo ze-SIM khadi esengozini ukuze baxazulule izinkinga zabo. Ukukhululeka okuhlobene nokucatshangelwa kokuhlasela kweSimjaking kuvumela ukuthi kwenziwe ngokuqhubekayo, kuthathwe ukulawula kwamadivayisi amasha, kancane nangesineke () ukusika izingcezu zenetha njengezingcezu zesalami (). Kunzima kakhulu ukulandelela umthelela onjalo, futhi kumongo wenethiwekhi eyinkimbinkimbi ye-5G, cishe akunakwenzeka.
Ukwethulwa kancane kancane kunethiwekhi ye-5G kusetshenziswa ukuhlasela okuphansi nokuphansi + kwe-Salami. Umthombo: Trend Micro
Futhi njengoba amanethiwekhi e-5G engenazo izilawuli zokuphepha ezakhelwe ngaphakathi zamakhadi we-SIM, abahlaseli bazokwazi kancane kancane ukusungula imithetho yabo ngaphakathi kwesizinda sokuxhumana se-5G, besebenzisa amakhadi we-SIM athunjiwe ukweba izimali, ukugunyaza ezingeni lenethiwekhi, ukufaka i-malware nokunye. imisebenzi engekho emthethweni.
Okukhathaza kakhulu ukuvela kwezinkundla zabaduni bamathuluzi enza ngokuzenzakalelayo ukuthwebula amakhadi e-SIM kusetshenziswa i-Simjaking, njengoba ukusetshenziswa kwamathuluzi anjalo kumanethiwekhi esizukulwane sesihlanu kunikeza abahlaseli cishe amathuba angenamkhawulo okukhulisa ukuhlasela nokuguqula ithrafikhi ethenjwayo.
Ukuhlonza ubungozi
I-SIM khadi isetshenziselwa ukukhomba idivayisi kunethiwekhi. Uma i-SIM khadi isebenza futhi inebhalansi ephozithivu, idivayisi ngokuzenzakalela ithathwa njengesemthethweni futhi ayibangeli ukusola ezingeni lamasistimu okubona. Ngaleso sikhathi, ukuba sengozini kwe-SIM khadi ngokwayo kwenza lonke uhlelo lokuhlonza lube sengcupheni. Izinhlelo zokuphepha ze-IT ngeke zikwazi ukulandelela idivayisi exhunywe ngokungemthetho uma ibhalisa kunethiwekhi isebenzisa idatha yokuhlonza eyebiwe nge-Simjaking.
Kuvela ukuthi i-hacker exhuma kunethiwekhi nge-SIM khadi egqekeziwe ithola ukufinyelela ezingeni lomnikazi wangempela, njengoba izinhlelo ze-IT zingasahloli amadivayisi adlule ukuhlonza ezingeni lenethiwekhi.
Ukuhlonza okuqinisekisiwe phakathi kwesofthiwe nezendlalelo zenethiwekhi kwengeza enye inselele: izigebengu zingadala ngamabomu "umsindo" wezinhlelo zokutholwa kokungena ngokuqhubekayo zenze izenzo ezihlukahlukene ezisolisayo egameni lamadivayisi asemthethweni athunjiwe. Njengoba amasistimu okuthola ngokuzenzakalelayo asekelwe ekuhlaziyweni kwezibalo, imikhawulo ye-alamu izokhula kancane kancane, iqinisekise ukuthi ukuhlasela kwangempela akuphendulwa. Ukuchayeka isikhathi eside kwalolu hlobo kukwazi ukushintsha ukusebenza kwayo yonke inethiwekhi nokudala izindawo eziyizimpumputhe zezibalo zamasistimu okubona. Izigebengu ezilawula izindawo ezinjalo zingahlasela idatha ngaphakathi kwenethiwekhi namadivayisi aphathekayo, zibangele ukunqatshelwa kwesevisi, futhi zidale okunye ukulimala.
Isixazululo: Ukuqinisekiswa Kobunikazi Okuhlanganisiwe
Ukuba sengozini kwenethiwekhi ye-5G NPN efundisiwe kuwumphumela wokuhlukaniswa kwezinqubo zokuphepha ezingeni lokuxhumana, ezingeni lama-SIM khadi namadivayisi, kanye nasezingeni lokuzulazula phakathi kwamanethiwekhi. Ukuxazulula le nkinga, kuyadingeka ngokuhambisana nesimiso se-zero trust () Qinisekisa ukuthi amadivayisi axhumeka kunethiwekhi aqinisekiswa ngaso sonke isikhathi ngokusebenzisa ubunikazi obuhlanganisiwe kanye nemodeli yokulawula ukufinyelela ().
Umgomo we-ZTA uwukugcina ukuphepha ngisho nalapho idivayisi ingalawulwa, ihamba, noma ingaphandle kwe-perimeter yenethiwekhi. Imodeli kamazisi ehlanganisiwe iyindlela yokuphepha ye-5G ehlinzeka ngesakhiwo esisodwa, esingaguquki sokuqinisekisa, amalungelo okufinyelela, ubuqotho bedatha, nezinye izingxenye nobuchwepheshe kumanethiwekhi e-5G.
Le ndlela iqeda ithuba lokwethula umbhoshongo "ozulazulayo" kunethiwekhi futhi uqondise kabusha amakhadi e-SIM athunjiwe kuwo. Amasistimu e-IT azokwazi ukubona ngokugcwele ukuxhumeka kwamadivayisi angaphandle futhi avimbe ithrafikhi engamanga edala umsindo wezibalo.
Ukuze uvikele i-SIM khadi ekuguqulweni, kuyadingeka ukwethula abahloli bobuqotho abengeziwe kuyo, okungenzeka basetshenziswe ngendlela yohlelo lwe-SIM olusekelwe ku-blockchain. Uhlelo lokusebenza lungasetshenziselwa ukuqinisekisa amadivaysi nabasebenzisi, kanye nokuhlola ubuqotho be-firmware nezilungiselelo zekhadi le-SIM kokubili lapho uzulazula nalapho usebenza kunethiwekhi yasekhaya.
Sifingqa
Isixazululo sezinkinga zokuphepha ze-5G ezikhonjiwe singathulwa njengenhlanganisela yezindlela ezintathu:
- ukuqaliswa kwemodeli ehlanganisiwe yokuhlonza nokulawula ukufinyelela, okuzoqinisekisa ubuqotho bedatha kunethiwekhi;
- ukuqinisekisa ukubonakala okugcwele kwezinsongo ngokusebenzisa ukubhaliswa esabalalisiwe ukuze kuqinisekiswe ukufaneleka nobuqotho bamakhadi e-SIM;
- ukwakhiwa kwesistimu yokuphepha esabalalisiwe ngaphandle kwemingcele, ukuxazulula izinkinga zokusebenzelana namadivayisi ekuzuleni.
Ukuqaliswa okungokoqobo kwalezi zinyathelo kuthatha isikhathi nezindleko ezinkulu, kodwa ukuthunyelwa kwamanethiwekhi e-5G kwenzeka yonke indawo, okusho ukuthi umsebenzi wokuqeda ubuthakathaka udinga ukuqala khona manje.
Source: www.habr.com