I-Ransomware, njengezinye izinhlobo ze-malware, ishintshe futhi yashintsha eminyakeni edlule. Kusukela kuma-locker alula avimbela abasebenzisi ukungena ngemvume kuya kubaphangi "bamaphoyisa" abasongela isinyathelo sezomthetho ngokwephula umthetho oqanjiwe, sishintshe saba yi-ransomware. Le malware ibethela amafayela kuma-hard drive (noma ama-drive aphelele) futhi ifuna isihlengo hhayi sokubuyisela ukufinyelela ohlelweni, kodwa ukuqinisekisa ukuthi ulwazi lomsebenzisi alusulwa, aluthengiswa ku-darknet, noma luboniswe esidlangalaleni ku-inthanethi. Ngaphezu kwalokho, ukukhokha isihlengo akuqinisekisi ukuthola ukhiye wokususa ukubethela. Futhi cha, lokhu kuyinto yesikhathi esidlule, kodwa kusalokhu kuyisongo esiphuthumayo.
Njengoba kunikezwe impumelelo yabaduni kanye nenzuzo yalolu hlobo lokuhlasela, ochwepheshe bakholelwa ukuthi ukuvama kwabo kanye nobuhlakani babo kuzokhula kuphela esikhathini esizayo. Ngokusho kwe-Cybersecurity Ventures, ngo-2016, i-ransomware yahlasela izinkampani cishe kanye njalo ngemizuzwana engama-40. Ngo-2019, leli zinga landa laba kanye njalo ngemizuzwana eyi-14, kanti ngo-2021, imvamisa izokhuphuka ibe ukuhlaselwa okukodwa njalo ngemizuzwana eyi-11. Kubalulekile ukuqaphela ukuthi isidingo sesihlengo (ikakhulukazi ekuhlaselweni okuqondiwe ezinkampanini ezinkulu noma engqalasizinda yedolobha) ngokuvamile siphansi kakhulu kunomonakalo obangelwe ukuhlaselwa. Isibonelo, ukuhlaselwa kukaMeyi ezakhiweni zikahulumeni eBaltimore, eMaryland, e-US, kwabangela umonakalo ongaphezu kwalokho. , ngenani lesihlengo elishiwo abaduni be-inthanethi elingamadola ayizinkulungwane ezingama-76 ngokulingana kwe-bitcoin. , eGeorgia, ngo-Agasti 2018, kwabiza idolobha u-$17 million, kanti isihlengo sasidingeka u-$52.
Ochwepheshe beTrend Micro bahlaziye ukuhlaselwa kwe-ransomware ezinyangeni zokuqala zika-2019, futhi kulesi sihloko, sizoqokomisa izitayela ezibalulekile ezilindelekile engxenyeni yesibili.
I-Ransomware: Idokhumenti Emfushane
Umqondo we-ransomware ucacile egameni lawo: ngokusongela ngokubhubhisa (noma, ngokuphambene nalokho, ukushicilela) ulwazi oluyimfihlo noma olubalulekile, abaphangi bafuna isihlengo ukuze bathole ukufinyelela kabusha. Kubasebenzisi abavamile, ukuhlasela okunjalo akujabulisi, kodwa akubalulekile: usongo lokulahlekelwa iqoqo lomculo noma izithombe zeholide zeminyaka eyishumi edlule aluqinisekisi ukukhokhwa kwesihlengo.
Isimo sihluke ngokuphelele ezinhlanganweni. Umzuzu ngamunye wokungasebenzi kwebhizinisi ubiza imali, ngakho-ke ukulahlekelwa ukufinyelela ohlelweni, izinhlelo zokusebenza, noma idatha kufana nokulahlekelwa yinkampani yesimanje. Yingakho ukuhlaselwa kwe-ransomware kuye kwashintsha kancane kancane eminyakeni yamuva kusuka ekuhlaselweni kwamagciwane kuya ekunciphiseni umsebenzi kanye nokushintshela ekuhlaselweni okuqondiwe ezinhlanganweni ezimbonini lapho amathuba okukhokhwa kwesihlengo kanye nobukhulu besihlengo buphezulu kakhulu. Okwamanje, izinhlangano zifuna ukuzivikela ezinsongweni ngezindlela ezimbili eziyinhloko: ngokuthuthukisa izindlela zokubuyisela ngempumelelo ingqalasizinda kanye nedathabheyisi ngemva kokuhlaselwa kanye nokusebenzisa izinhlelo zokuphepha kwe-cyber ezithuthuke kakhulu ezithola futhi zisuse ngokushesha i-malware.
Ukuze ihlale isesimweni samanje futhi ithuthukise izixazululo ezintsha kanye nobuchwepheshe bokulwa ne-malware, i-Trend Micro ihlaziya njalo imiphumela yezinhlelo zayo zokuphepha kwe-inthanethi. Ngokusho kwe-Trend Micro , isimo ngokuhlaselwa kwe-ransomware eminyakeni yamuva nje sibukeka kanje:
Ukukhetha Isisulu ngo-2019
Kulo nyaka, izigebengu ze-inthanethi ngokusobala sezikhethe kakhulu ekuqondisweni kwazo: ziqondisa izinhlangano ezingaphephile kakhulu futhi ezizimisele ukukhokha imali eningi ukuze zibuyisele ngokushesha ukusebenza okuvamile. Yingakho, kusukela ekuqaleni konyaka, kuye kwaqoshwa ukuhlaselwa okuningana ezikhungweni zikahulumeni kanye nokuphathwa kwamadolobha amakhulu, okuhlanganisa iLake City (isihlengo: $530) kanye neRiviera Beach (isihlengo: $600). .
Ihlukaniswe ngokwezimboni, izimbangela eziyinhloko zokuhlasela yilezi ezilandelayo:
— 27% — izakhiwo zikahulumeni;
— 20% — ukukhiqizwa;
— 14% — ukunakekelwa kwezempilo;
— 6% — ukuhweba ngokuthengisa;
— 5% — imfundo.
Izigebengu ze-inthanethi zivame ukusebenzisa i-OSINT (ubuhlakani bomthombo ovulekile) ukulungiselela ukuhlaselwa nokulinganisa inzuzo yalo. Ngokuqoqa ulwazi, baqonda kangcono imodeli yebhizinisi lenhlangano kanye nezingozi zodumo ezingabangelwa ukuhlaselwa. Abaduni be-hacker bafuna nezinhlelo ezibalulekile kanye nezinhlelo ezingaphansi ezingahlukaniswa ngokuphelele noma zikhutshazwe kusetshenziswa i-ransomware, okwandisa amathuba okuqoqwa kwe-ransomware. Okokugcina kodwa okungabalulekile, isimo sezinhlelo zokuphepha kwe-inthanethi siyahlolwa: akukho sizathu sokuqalisa ukuhlaselwa enkampanini ochwepheshe be-IT abanekhono elikhulu lokuyixosha.
Lo mkhuba uzohlala ubalulekile engxenyeni yesibili ka-2019. Abaduni bazothola izindawo ezintsha lapho ukuphazamisa izinqubo zebhizinisi kuholela ekulahlekelweni okukhulu (isb., ezokuthutha, ingqalasizinda ebalulekile, kanye namandla).
Izindlela zokungena nokutheleleka
Le ndawo nayo iyashintsha njalo. Amathuluzi athandwa kakhulu ahlala ewubugebengu bokweba imininingwane ebucayi, izikhangiso ezinonya kumawebhusayithi, amakhasi ewebhu anegciwane, kanye nokuxhaphaza. Kodwa-ke, "umhlanganyeli" oyinhloko ekuhlaselweni uhlala ngumsebenzisi/isisebenzi, ovula la mawebhusayithi futhi alande amafayela kusuka kuzixhumanisi noma ama-imeyili, okube sekudala ukutheleleka okwengeziwe kwenethiwekhi yonke yenhlangano.
Kodwa-ke, engxenyeni yesibili ka-2019, la mathuluzi azokwenezelwa yilokhu okulandelayo:
- ukusetshenziswa okusebenzayo kokuhlaselwa kobunjiniyela bezenhlalo (ukuhlasela lapho isisulu senza ngokuzithandela izenzo ezifunwa yi-hacker noma sinikeza ulwazi, sikholelwa, isibonelo, ukuthi sixhumana nommeleli wabaphathi benhlangano noma iklayenti), okwenza kube lula ukuqoqwa kolwazi mayelana nabasebenzi emithonjeni etholakala emphakathini;
- ukusetshenziswa kweziqinisekiso ezibiwe, njengokungena ngemvume namaphasiwedi ezinhlelo zokuphatha ezikude, ezingathengwa ku-darknet;
- ukugenca kanye nokungena okungokoqobo, okuzovumela abagebengu ukuthola izinhlelo ezibalulekile endaweni futhi bakhubaze ukuphepha.
Izindlela zokufihla ukuhlaselwa
Ngenxa yentuthuko kwezokuphepha kwe-inthanethi, okuhlanganisa nemizamo ye-Trend Micro, ukuthola imindeni yakudala ye-ransomware kuye kwaba lula kakhulu eminyakeni yamuva nje. Ukufunda komshini kanye nobuchwepheshe bokuhlaziya ukuziphatha kusiza ekutholeni i-malware ngaphambi kokuba ingene ohlelweni, okuphoqa abaduni ukuba bathuthukise ezinye izindlela zokufihla ukuhlaselwa kwabo.
Njengoba kakade kwaziwa ochwepheshe bezokuphepha kwe-IT, ubuchwepheshe obusha bobugebengu be-inthanethi buhlose ukunciphisa ama-sandbox okuhlaziya amafayela asolisayo nezinhlelo zokufunda komshini, ukuthuthukisa i-malware engenamafayela, nokusebenzisa isofthiwe enelayisensi ethelelekile, okuhlanganisa isofthiwe evela kubathengisi bezokuphepha kwe-inthanethi kanye nezinsizakalo ezahlukahlukene ezikude ezinokufinyelela kunethiwekhi yenhlangano.
Iziphetho nezincomo
Sekukonke, kungashiwo ukuthi engxenyeni yesibili ka-2019, kunethuba elikhulu lokuhlaselwa okuqondiwe ezinhlanganweni ezinkulu ezikwazi ukukhokha imali enkulu kubagebengu be-inthanethi. Kodwa-ke, abagebengu be-inthanethi abahlali bethuthukisa izixazululo zabo zokugenca kanye ne-malware. Abanye, njengethimba elidumile le-GandCrab, elivele selivele Njengoba sebethole cishe amaRandi ayizigidi eziyi-150, bayaqhubeka nokusebenza besebenzisa imodeli yeRaaS (ransomware-as-a-service), efana nama-antivirus kanye nezinhlelo zokuphepha kwe-cyber. Lokhu kusho ukuthi kulo nyaka, ukusatshalaliswa kwe-ransomware kanye nama-cryptolockers aphumelelayo kwenziwa hhayi ngabadali babo kuphela, kodwa futhi "nabaqashi" babo.
Esimweni esinjalo, izinhlangano kumele zivuselele njalo izinhlelo zazo zokuphepha kwe-inthanethi kanye nezinhlelo zokubuyisa idatha uma kwenzeka kuhlaselwa, njengoba okuwukuphela kwendlela ephumelelayo yokulwa ne-ransomware ukugwema ukukhokha isihlengo nokuphuca ababhali bayo umthombo wemali engenayo.
Source: www.habr.com
