M'ndandanda wazopezekamo[Bisani][Show]
Ransomware sichiwopseza chatsopano pa intaneti. Mizu yake imabwerera zaka zambiri. Chiwopsezochi changowonjezereka kukhala chowopsa komanso chopanda chifundo pakapita nthawi.
Mawu akuti "ransomware" adziwika kwambiri chifukwa cha kuphulika kwa zigawenga zapaintaneti zomwe zapangitsa mabizinesi ambiri kukhala osagwiritsidwa ntchito m'zaka zaposachedwa.
Mafayilo onse pa PC yanu adatsitsidwa ndikusiyidwa, kenako chinsalu chanu chimakhala chakuda ndipo uthenga mu Chingerezi chopunthwitsa umawonekera.
Ymuyenera kulipira chiwombolo kwa zipewa zakuda zapaintaneti ku Bitcoin kapena ma cryptocurrencies ena osatheka kuti mupeze chinsinsi chachinsinsi kapena kupewa kuti deta yanu yachinsinsi isatulutsidwe pa intaneti yamdima.
Koma ndi ochepa omwe angadziwe za ransomware-as-a-Service, mtundu wabizinesi wolinganizidwa bwino womwe ungathe kuchita izi (kapena RaaS).
M'malo mochita ziwopsezo okha, opanga ma ransomware amabwereketsa ma virus awo okwera mtengo kwa zigawenga zapaintaneti zomwe zili zokonzeka kuyika pachiwopsezo chochita ntchito za ransomware.
Kodi zonsezi zimagwira ntchito bwanji? Ndani amatsogolera utsogoleri ndi ndani amagwira ntchito ngati apakati? Ndipo mwina choyipa kwambiri, mungadzitetezere bwanji bizinesi yanu ndi inu nokha ku ziwawa zopuwala izi?
Pitilizani kuwerenga kuti mudziwe zambiri za RaaS.
Kodi Ransomware monga Service (RaaS) ndi chiyani?
Ransomware-as-a-service (RaaS) ndi mtundu wabizinesi wamabizinesi omwe amalola aliyense kulowa nawo ndikugwiritsa ntchito zida zoyambitsa ziwopsezo za ransomware.
Ogwiritsa ntchito a RaaS, monga omwe amagwiritsa ntchito mitundu ina yantchito monga software-as-a-service (SaaS) kapena nsanja-as-a-service (PaaS), amabwereketsa m'malo mokhala ndi ma ransomware.
Ndi makina otsika, pulogalamu-as-a-service attack vector yomwe imathandizira zigawenga kugula pulogalamu ya ransomware pa intaneti yamdima ndikuchita ziwopsezo za ransomware osadziwa kulemba.
Ma Email phishing schemes ndi njira yodziwika bwino yowukira pachiwopsezo cha RaaS.
Wozunzidwa akadina ulalo woyipa mu imelo ya wowukirayo, pulogalamu ya ransomware imatsitsa ndikufalikira pamakina omwe akhudzidwa, kulepheretsa ma firewall ndi mapulogalamu a antivayirasi.
Pulogalamu ya RaaS imatha kusaka njira zokwezera mwayi pomwe chitetezo cha wozunzidwayo chaphwanyidwa, ndipo pamapeto pake amagwira gulu lonse polemba mafayilo mpaka osafikirika.
Wozunzidwayo akadziwitsidwa za chiwembucho, pulogalamuyo idzawapatsa malangizo amomwe angalipire dipo ndipo (moyenera) apeze kiyi yoyenera ya cryptographic kuti asinthe.
Ngakhale chiwopsezo cha RaaS ndi chiwombolo sichololedwa, zigawenga zomwe zimamenya ngati izi zitha kukhala zovuta kuzigwira chifukwa amagwiritsa ntchito asakatuli a Tor (omwe amadziwikanso kuti ma onion routers) kuti apeze omwe akuzunzidwa ndikuwafuna kuti alipire chiwombolo.
FBI imati opanga pulogalamu yaumbanda akuchulukirachulukira akufalitsa mapulogalamu awo oyipa a LCNC (otsika code/no code) kuti asinthe ndalama zomwe apeza.
Kodi mtundu wa RaaS umagwira ntchito bwanji?
Madivelopa ndi Othandizana nawo amagwirizana kuti achite kuwukira kothandiza kwa RaaS. Madivelopa amayang'anira kulemba pulogalamu yaumbanda yapadera ya ransomware, yomwe pambuyo pake imagulitsidwa kwa ogwirizana.
Khodi ya ransomware ndi malangizo oyambitsa nkhanza amaperekedwa ndi opanga. RaaS ndiyosavuta kugwiritsa ntchito ndipo imafuna chidziwitso chochepa chaukadaulo.
Aliyense amene ali ndi mwayi wopezeka pa intaneti yamdima akhoza kulowa pakhoma, kujowina ngati wothandizana nawo, ndikuyamba kuwukira ndikungodina kamodzi. Othandizana nawo amasankha mtundu wa virus womwe akufuna kugawa ndikulipira pogwiritsa ntchito cryptocurrency, nthawi zambiri Bitcoin, kuti ayambe.
Wopanga mapulogalamu ndi othandizira amagawaniza zomwe amapeza pamene ndalama za dipo zimalipidwa ndipo kuukirako kukuyenda bwino. Mtundu wa njira zopezera ndalama umatsimikizira momwe ndalamazo zimagawidwira.
Tiyeni tione njira zingapo zabizinesi zosaloledwa.
Wothandizira RaaS
Chifukwa cha zinthu zosiyanasiyana, kuphatikiza chidziwitso cha gulu la ransomware, kuchuluka kwachipambano kwamakampeni, komanso kuchuluka kwa ntchito zomwe zimaperekedwa, mapulogalamu ogwirizana mobisa akhala amodzi mwa mitundu yodziwika bwino ya RaaS.
Mabungwe achifwamba nthawi zambiri amayang'ana achiwembu omwe atha kulowa mabizinesi pawokha kuti asunge nambala yawo ya ransomware mkati mwa zigawenga. Kenako amagwiritsa ntchito kachilomboka ndi chithandizo kuti ayambitse kuukira.
Komabe, wobera sangafune ngakhale izi chifukwa cha kukwera kwaposachedwa kwa maukonde amakampani ogulitsa pa intaneti yamdima kuti akwaniritse izi.
Obera omwe amathandizidwa bwino, osadziwa zambiri amayambitsa ziwopsezo zowopsa kwambiri kuti alandire phindu m'malo molipira mwezi uliwonse kapena pachaka kuti agwiritse ntchito nambala yachiwombolo (koma nthawi zina ogwirizana nawo angafunike kulipira kuti azisewera).
Nthawi zambiri, zigawenga za ransomware zimafunafuna achiwembu omwe ali ndi luso lotha kulowa mu network yamakampani ndikulimba mtima kuti achite sitiraka.
M'dongosolo lino, ogwirizana nthawi zambiri amalandira pakati pa 60% ndi 70% ya dipo, ndi 30% yotsalira mpaka 40% yotumizidwa kwa wogwira ntchito wa RaaS.
Kulembetsa kochokera ku RaaS
Mwanjira iyi, akazembe amalipira chindapusa cha umembala pafupipafupi kuti azitha kupeza ma ransomware, chithandizo chaukadaulo, komanso zosintha za virus. Mitundu yambiri yolembetsa yochokera pa intaneti, monga Netflix, Spotify, kapena Microsoft Office 365, ikufanana ndi izi.
Nthawi zambiri, olakwira chiwombolo amasunga 100% ya ndalama zomwe amalipiritsa ngati alipira ntchitoyo patsogolo, zomwe zitha kuwononga $ 50 mpaka mazana a madola mwezi uliwonse, kutengera wopereka RaaS.
Ndalama za umembalazi zikuyimira ndalama zochepa poyerekeza ndi malipiro anthawi zonse a dipo pafupifupi $220,000. Zachidziwikire, mapulogalamu othandizira amathanso kuphatikizira chinthu cholipira-kusewera, cholembetsedwa pamapulani awo.
Chilolezo cha moyo wonse
Wopanga pulogalamu yaumbanda atha kuganiza zopereka phukusi kuti alipire kamodzi ndikupewa kutenga mwayi wochita nawo ziwopsezo zapaintaneti m'malo mopeza ndalama mobwerezabwereza kudzera kulembetsa ndi kugawana phindu.
Zigawenga zapaintaneti pankhaniyi amalipira nthawi imodzi kuti apeze mwayi wopeza zida zachiwombolo moyo wawo wonse, zomwe atha kugwiritsa ntchito njira iliyonse yomwe akuwona kuti ndi yoyenera.
Ena ophwanya malamulo apakompyuta amatha kusankha kugula kamodzi ngakhale kuli kokwera mtengo kwambiri (madola masauzande masauzande a zida zapamwamba) popeza zingakhale zovuta kuti alumikizane ndi wogwiritsa ntchito wa RaaS ngati wogwiritsa ntchitoyo agwidwa.
Mgwirizano wa RaaS
Ma cyberattack omwe amagwiritsa ntchito ransomware amafunikira kuti wobera aliyense amene akukhudzidwayo akhale ndi luso lapadera.
Muzochitika izi, gulu linasonkhana pamodzi ndikupereka zopereka zosiyanasiyana pa ntchitoyi. Wopanga ma code a ransomware, owononga maukonde amakampani, ndi wolankhula Chingerezi amafunikira kuti ayambe.
Kutengera ndi udindo wawo komanso kufunika kwake mu kampeni, aliyense wotenga nawo mbali, kapena mnzake, angavomereze kugawa zomwe amapeza.
Momwe mungadziwire kuukira kwa RaaS?
Nthawi zambiri, palibe chitetezo cha ransomware chomwe chimagwira ntchito 100%. Komabe, maimelo achinyengo akadali njira yayikulu yomwe imagwiritsidwa ntchito pochita ziwopsezo za ransomware.
Chifukwa chake, kampani iyenera kupereka maphunziro odziwitsa anthu zachinyengo kuti awonetsetse kuti ogwira nawo ntchito amvetsetsa bwino momwe angawonere maimelo achinyengo.
Paukadaulo, mabizinesi atha kukhala ndi gulu lapadera lachitetezo cha pa intaneti lomwe limagwira ntchito yosaka zoopsa. Kusaka ziwopsezo ndi njira yopambana kwambiri yodziwira ndikupewa kuzunzidwa kwa ransomware.
Chiphunzitso chimapangidwa pochita izi pogwiritsa ntchito chidziwitso cha ma vector owukira. Hunch ndi data zimathandizira kupanga pulogalamu yomwe ingazindikire mwachangu chomwe chayambitsa kuwukira ndikuyimitsa.
Kuti muyang'anire kuphedwa kosayembekezereka kwa mafayilo, khalidwe lokayikitsa, ndi zina zotero pa intaneti, zida zosaka ziwopsezo zimagwiritsidwa ntchito. Kuti azindikire kuyesa kuwopseza kwa ransomware, amagwiritsa ntchito wotchi ya Indicators of Compromise (IOCs).
Kuphatikiza apo, mitundu yambiri yosaka ziwopsezo imagwiritsidwa ntchito, iliyonse yomwe imagwirizana ndi bizinesi yomwe mukufuna.
Zitsanzo za RaaS
Olemba a ransomware angozindikira kumene kuli kopindulitsa kupanga bizinesi ya RaaS. Kuphatikiza apo, pakhala pali mabungwe angapo owopseza omwe akuyambitsa ntchito za RaaS kufalitsa ransomware pafupifupi bizinesi iliyonse. Awa ndi ena mwa mabungwe a RaaS:
- Mdima: Ndi m'modzi mwa opereka RaaS otchuka kwambiri. Malinga ndi malipoti, zigawenga izi ndi zomwe zidayambitsa kuukira kwa Pipeline ya Atsamunda mu Meyi 2021. DarkSide akukhulupirira kuti idayamba mu Ogasiti 2020 ndipo idachita zambiri m'miyezi ingapo yoyambirira ya 2021.
- Dharma: Dharma Ransomware idawonekera koyamba mu 2016 pansi pa dzina la CrySis. Ngakhale pakhala pali mitundu ingapo ya Dharma Ransomware mzaka zonse, Dharma adawonekera koyamba mumtundu wa RaaS mu 2020.
- ndikuyenda: Mofanana ndi ena ambiri opereka RaaS, Maze inayamba mu 2019. Kuwonjezera pa kubisa deta ya ogwiritsa ntchito, bungwe la RaaS linawopseza kumasula deta poyera pofuna kuchititsa manyazi ozunzidwa. Maze RaaS idatsekedwa mu Novembala 2020, ngakhale zifukwa za izi zikadali zosamveka. Akatswiri ena, komabe, amakhulupirira kuti olakwa omwewo adapitilira pansi pa mayina osiyanasiyana, monga Egregor.
- KutumizaNdalama: Zakhala zikugwirizana ndi zochitika zingapo, kuphatikizapo imodzi mu 2020 yotsutsa chipatala ku Germany chomwe chinapha moyo wa wodwala.
- Ryuk: Ngakhale kuti RaaS inali yogwira ntchito kwambiri mu 2019, imakhulupirira kuti inalipo osachepera 2017. Makampani ambiri otetezera, kuphatikizapo CrowdStrike ndi FireEye, amatsutsa zonena za ofufuza ena kuti chovalacho chili ku North Korea.
- LockBit: Monga fayilo yowonjezera, bungwe limagwiritsa ntchito kubisa mafayilo ozunzidwa, ".abcd virus," yomwe inayamba mu September 2019. Mphamvu ya LockBit kuti ifalikire pa intaneti yomwe ikukhudzidwa ndi imodzi mwazinthu zake. Kwa omwe angakhale oukira, izi zimapangitsa kukhala RaaS yofunikira.
- Zoyipa: Ngakhale kuti pali othandizira angapo a RaaS, zinali zofala kwambiri mu 2021. Kuukira kwa Kaseya, komwe kunachitika mu July 2021 ndipo kunakhudza pafupifupi makampani a 1,500, kunagwirizanitsidwa ndi REvil RaaS. Bungweli likuyembekezekanso kuti ndilomwe lidayambitsa kuukira kwa JBS USA mu June 2021, pomwe wozunzidwayo adalipira $11 miliyoni. Zinapezekanso kuti zidayambitsa chiwombolo pa CNA Financial wothandizira pa cyber mu Marichi 2021.
Momwe mungapewere kuukira kwa RaaS?
Obera a RaaS nthawi zambiri amagwiritsa ntchito maimelo achinyengo omwe amapangidwa mwaluso kuti awoneke ngati odalirika kugawa pulogalamu yaumbanda. Njira yolimba yowongolera zoopsa yomwe imathandizira maphunziro odziwitsa zachitetezo kwa ogwiritsa ntchito kumapeto ndiyofunika kuti mutetezedwe ku RaaS.
Chitetezo choyamba komanso chabwino kwambiri ndikupanga chikhalidwe chamalonda chomwe chimadziwitsa ogwiritsa ntchito njira zamakono zachinyengo komanso zoopsa zomwe ziwopsezo za ransomware zimayimira pazachuma ndi mbiri yawo. Zoyambitsa pankhaniyi ndi izi:
- Kukweza mapulogalamu: Makina ogwiritsira ntchito ndi mapulogalamu nthawi zambiri amagwiritsidwa ntchito ndi ransomware. Kuti muthandizire kuyimitsa kuwukira kwa ransomware, ndikofunikira kusinthira pulogalamuyo pomwe zigamba ndi zosintha zimatulutsidwa.
- Samalani kusunga ndi kubwezeretsa deta yanu: Kukhazikitsa njira zosunga zobwezeretsera ndi kuchira ndi gawo loyamba, mwina, lofunika kwambiri. Deta imakhala yosagwiritsidwa ntchito kwa ogwiritsa ntchito pambuyo pa kubisa ndi ransomware. Zokhudza kubisa kwa data ndi wowukira zitha kuchepetsedwa ngati kampani ili ndi zosunga zobwezeretsera zomwe zingagwiritsidwe ntchito pochira.
- Kupewa phishing: Kubera anthu maimelo ndi njira yanthawi zonse yowukira pa ransomware. Kuukira kwa RaaS kumatha kupewedwa ngati pali mtundu wina wachitetezo cha imelo chotsutsana ndi phishing.
- Kutsimikizika kwazinthu zambiri: Otsutsa ena a ransomware amagwiritsa ntchito mbiri yakale, zomwe zimaphatikizapo kugwiritsa ntchito mawu achinsinsi omwe abedwa patsamba lina kupita kwina. Chifukwa chachiwiri chikufunikabe kuti mupeze mwayi, kutsimikizika kwa multifactor kumachepetsa mphamvu ya mawu achinsinsi omwe amagwiritsidwa ntchito mopitilira muyeso.
- Chitetezo cha XDR kumapeto: Chitetezo cha Endpoint ndi matekinoloje osaka ziwopsezo, monga XDR, amapereka gawo lina lofunikira lachitetezo ku ransomware. Izi zimapereka luso lodziwikiratu komanso kuyankha lomwe limathandizira kuchepetsa ngozi ya ransomware.
- Kuletsa kwa DNS: Ransomware nthawi zambiri imagwiritsa ntchito seva yamtundu wa command ndi control (C2) kuti igwirizane ndi nsanja ya woyendetsa RaaS. Funso la DNS nthawi zambiri limakhudzidwa ndi mauthenga ochokera pamakina omwe ali ndi kachilombo kupita ku seva ya C2. Mabungwe amatha kuzindikira pamene ransomware ikuyesera kuyanjana ndi RaaS C2 ndikuletsa kulumikizana ndi chithandizo cha DNS kusefa njira yachitetezo. Izi zitha kukhala ngati njira yopewera matenda.
Tsogolo la RaaS
Zowukira za RaaS zikhala zofala komanso zokondedwa pakati pa obera mtsogolomo. Kupitilira 60% ya ma cyberattack onse m'miyezi 18 yapitayi, malinga ndi lipoti laposachedwa, anali a RaaS.
RaaS ikukhala yotchuka kwambiri chifukwa chosavuta kugwiritsa ntchito komanso kuti palibe chidziwitso chaukadaulo chomwe chili chofunikira. Kuphatikiza apo, tiyenera kukonzekera kuwonjezereka kwa ziwopsezo za RaaS zomwe zimayang'ana zofunikira kwambiri.
Izi zikukhudza magawo azaumoyo, kasamalidwe, kayendedwe, ndi mphamvu. Obera amawona mafakitale ndi mabungwe ofunikirawa kukhala owonekera kwambiri kuposa kale, ndikuyika mabungwe ngati zipatala ndi mafakitale opangira magetsi kuti ayang'ane kuukira kwa RaaS monga magulidwe akatundu nkhani zikupitilira mpaka 2022.
Kutsiliza
Pomaliza, ngakhale Ransomware-as-a-Service (RaaS) ndi chilengedwe komanso chimodzi mwazowopsa zaposachedwa kwambiri za ogwiritsa ntchito digito, ndikofunikira kuchitapo kanthu zopewera kuthana ndi chiwopsezochi.
Kuphatikiza pa njira zina zodzitetezera, muthanso kudalira zida za antimalware kuti zikutetezeni ku chiwopsezo ichi. Zachisoni, RaaS ikuwoneka kuti ili pano kuti ikhalebe pakadali pano.
Mufunika ukadaulo wokwanira komanso dongosolo lachitetezo cha cybersecurity kuti muteteze ku ziwopsezo za RaaS kuti muchepetse mwayi wochita bwino pa RaaS.
Siyani Mumakonda