Ransomware haisi kutyisidzira kutsva paInternet. Midzi yawo inodzokera shure makore mazhinji. Kutyisidzira uku kwakatowedzera kuve nengozi uye hutsinye nekufamba kwenguva.
Izwi rekuti "ransomware" rave nekuzivikanwa kwakapararira nekuda kwekubhomba kwecyberattacks izvo zvaita kuti mabhizinesi mazhinji asashande mumakore achangopfuura.
Ese mafaera paPC yako akatorwa uye akavharidzirwa, uye ipapo skrini yako inosviba uye meseji muChirungu chinogumbura inobuda.
Yiwe unofanirwa kubhadhara rudzikinuro kune nhema hat cybercriminals muBitcoin kana imwe isingateveki cryptocurrencies kuitira kuti uwane kiyi yekudzima kana kudzivirira data rako rakavanzika kubva pakuburitswa pawebhu rakasviba.
Asi vashoma vanogona kunge vachiziva nezve ransomware-se-a-Sevhisi, yakanyatso kurongeka pasi pepasi bhizinesi modhi iyo inogona kuita idzi mhando dzekurwiswa (kana RaaS).
Panzvimbo pekuzvirwisa ivo pachavo, vagadziri veransomware vanorenda mavhairasi avo anodhura kune vasina ruzivo rwematsotsi epa cyber vakagadzirira kupinza njodzi ine chekuita nekuita mabasa erudzikinuro.
Zvose zvinoshanda sei zvakadaro? Ndiani anotungamirira hutungamiri uye ndiani anoshanda sepakati? Uye pamwe zvakanyanya hutsinye, ungadzivirira sei bhizinesi rako uye iwe pachako kubva mukurwiswa uku kunoremadza?
Ramba uchiverenga kuti udzidze zvakawanda nezve RaaS.
Chii chinonzi Ransomware seSevhisi (RaaS)?
Ransomware-se-a-sevhisi (RaaS) imhando yebhizinesi rematsotsi inobvumira chero munhu kujoina uye kushandisa maturusi ekutanga kurwiswa kweransomware.
Vashandisi veRaaS, sevaya vanoshandisa mamwe se-se-sevhisi mamodheru akadai sesoftware-se-a-sevhisi (SaaS) kana chikuva-se-a-sevhisi (PaaS), kurenda kwete kuve neyako yerununuro masevhisi.
Iyo yakaderera-code, software-se-sevhisi kurwisa vector iyo inogonesa matsotsi kutenga ransomware software pane yakasviba webhu uye kuita ransomware kurwiswa vasingazive makodhi.
Email phishing zvirongwa zvakajairika kurwisa vector yeRaaS kusasimba.
Kana munhu akabatwa achidzvanya pane yakashata chinongedzo mune email yeanorwisa, iyo ransomware inodhawunirodha uye inopararira nemuchina wakakanganisika, ichidzima firewall uye antivirus software.
Iyo RaaS software inogona kuvhima nzira dzekusimudzira ropafadzo kana dziviriro yemunhu anenge abatwa yatyorwa, uye pakupedzisira inobata sangano rose nekuvharisa mafaera kusvika paasingasvikiki.
Kana munhu akabatwa achinge aziviswa nezvekurwiswa, chirongwa chinovapa mirairo yekubhadhara rudzikinuro uye (chaizvo) tora kiyi yekrisptographic chaiyo yekubvisa.
Kunyangwe hazvo kusamira zvakanaka kweRaaS neransomware zvisiri pamutemo, matsotsi anoita rudzi urwu rwekurova anogona kunyanya kunetsa kubata nekuti vanoshandisa maTor browser (anozivikanwawo seonion routers) kuti awane vavakabatwa uye anoda muripo werudzikinuro.
Iyo FBI inotaura kuti vanogadzira malware vanowedzera vari kuparadzira yavo inokuvadza LCNC (yakaderera kodhi / hapana kodhi) zvirongwa mukutsinhana nekucheka kwemari yekupamba.
Iyo RaaS modhi inoshanda sei?
Vagadziri uye Vanobatana vanobatana kuita kurwisa kweRaaS kunoshanda. Vagadziri vane basa rekunyora nyanzvi ransomware malware, iyo inozotengeswa kune yakabatana.
Iyo ransomware kodhi uye mirairo yekutanga kurwisa inopihwa nevagadziri. RaaS iri nyore kushandisa uye inoda zvishoma ruzivo rwetekinoroji.
Chero ani anokwanisa kuwana iyo yakasviba webhu anogona kupinda portal, kujoinha seanobatana, uye kutanga kurwisa nekudzvanya kamwe chete. Vanobatana vanosarudza rudzi rwehutachiona rwavanoda kugovera uye kuita mubhadharo vachishandisa cryptocurrency, kazhinji Bitcoin, kuti vatange.
Mugadziri uye anobatana anogovanisa mihoro kana mari yerudzikinuro yabhadharwa uye kurwiswa kwacho kwabudirira. Rudzi rwemodhi yemari inotaridza kuti mari inogoverwa sei.
Ngationgororei mashoma eaya mazano ebhizinesi asiri pamutemo.
Yakabatana RaaS
Nekuda kwezvakasiyana zvinhu, zvinosanganisira kuzivikanwa kwerudzi rweboka rerudzikinuro, huwandu hwebudiriro yemishandirapamwe, uye huwandu uye akasiyana masevhisi anopihwa, pasi pevhu affiliate zvirongwa zvave imwe yeanonyanya kuzivikanwa mafomu eRaaS.
Masangano ematsotsi anowanzo tsvaga matsotsi anogona kupinda mumabhizinesi network ega kuti vachengetedze kodhi yavo yekudzikinura mukati mechikwata. Vanobva vashandisa hutachiona uye rubatsiro kutanga kurwisa.
Nekudaro, mubiki anogona kusatomboda izvi zvichipihwa kusimuka kwazvino kwekambani network yekuwana-kutengesa pawebhu yakasviba kugutsa izvi maitiro.
Vanonyatso tsigirwa, vasina ruzivo rwematsotsi vanotanga kurwiswa nenjodzi huru mukutsinhana purofiti pane kubhadhara pamwedzi kana wepagore muripo kuti ushandise kodhi yerekiware (asi dzimwe nguva vanobatana vangatofanira kubhadhara kuti vatambe).
Nguva zhinji, zvikwata zveransomware zvinotsvaga matsotsi ane hunyanzvi hwekupaza network yekambani uye nekushinga kuita kuramwa.
Mune iyi sisitimu, vanobatana vanowanzo gamuchira pakati pe60% ne70% yerudzikinuro, uye yasara 30% kusvika 40% inotumirwa kumushandisi weRaaS.
Kunyoresa-kwakavakirwa RaaS
Mune zano iri, ma scammers anobhadhara mubhadharo wenhengo nguva nenguva kuti awane mukana we ransomware, rutsigiro rwehunyanzvi, uye hutachiona hwekuvandudza. Mazhinji ewebhu-akavakirwa kunyoreswa sevhisi mhando, seNetflix, Spotify, kana Microsoft Office 365, inofananidzwa neizvi.
Kazhinji, vapari vemhosva vanochengeta zana remari kubva mukubhadhara rudzikinuro kana vakabhadhara sevhisi mberi, izvo zvinogona kuita madhora makumi mashanu kusvika kumazana emadhora mwedzi wega wega, zvichienderana nemupi weRaaS.
Iyi mari yenhengo inomiririra mari ine mwero kana ichienzaniswa neyakajairwa rudzikinuro muripo we $220,000. Ehe, zvirongwa zvemubatanidzwa zvinogonawo kusanganisira kubhadhara-ku-kutamba, kunyoreswa-kwakavakirwa chinhu muzvirongwa zvavo.
Mvumo yehupenyu hwose
Anogadzira malware anogona kusarudza kupa mapakeji ekubhadhara-nguva imwe chete uye kudzivirira kutora mukana wekubatanidzwa zvakananga mumacyberattacks pane kuwana mari inodzokororwa kuburikidza nekunyoreswa uye purofiti-kugovana.
MaCybercriminals mune iyi kesi vanobhadhara kamwe chete kuti vawane mukana wehupenyu hwese kune ransomware kit, iyo yavanogona kushandisa chero nzira yavanoona yakakodzera.
Mamwe matsotsi epazasi anogona kusarudza kutenga kamwe chete kunyangwe kuchidhura zvakanyanya (makumi ezviuru emadhora emakiti akaomesesa) sezvo zvingavaomera kuti vabatane nemushandisi weRaaS kana mushandisi akabatwa.
RaaS kudyidzana
Cyberattacks inoshandisa ransomware inoda kuti hacker yega yega inobatanidzwa ave neyakasarudzika seti yekugona.
Muchiitiko ichi, boka raiungana uye kupa zvipo zvakasiyana-siyana pakuvhiya. Mugadziri wekodhi kodhi, makambani ekubhejesa network, uye mutauri werununuro anotaura Chirungu anodiwa kuti utange.
Zvichienderana nebasa ravo uye kukosha kwavo mumushandirapamwe, mubati wega wega, kana mudiwa, anobvumirana kugovera mihoro.
Nzira yekuona sei kurwiswa kweRaaS?
Kazhinji, hapana ransomware kurwisa kudzivirirwa iyo 100% inoshanda. Nekudaro, maemail ephishing anoramba ari nzira yekutanga inoshandiswa kuita ransomware kurwiswa.
Naizvozvo, kambani inofanirwa kupa ruzivo rwekuziva phishing kuti ive nechokwadi chekuti vashandi vane nzwisiso yepamusoro yekuona maemail e phishing.
Padanho rehunyanzvi, mabhizinesi anogona kunge aine nyanzvi yecybersecurity timu inopihwa basa rekuvhima kutyisidzira. Kuvhima kwekutyisidzira inzira yakabudirira kwazvo yekuona nekudzivirira kurwiswa kwerekolomware.
Dzidziso inogadzirwa mukuita uku uchishandisa ruzivo rwekurova mavector. Iyo hunch uye data rubatsiro mukugadzira chirongwa chinogona kukurumidza kuona chikonzero chekurova uye kuchimisa.
Kuti urambe wakatarira kune kusingatarisirwe faira kuurayiwa, fungidziro maitiro, nezvimwe pane network, kutyisidzira kuvhima maturusi anoshandiswa. Kuti vaone kuyedza kurwiswa, vanoshandisa wachi yeIndicators of Compromise (IOCs).
Pamusoro pezvo, akawanda emamiriro ezvinhu ekuvhima mamodheru anoshandiswa, imwe neimwe inoenderana neindasitiri yesangano rinonangwa.
Mienzaniso yeRaaS
Vanyori ve ransomware vangosvika pakuziva kuti zvine pundutso sei kuvaka bhizinesi reRaaS. Pamusoro pezvo, kwave nemasangano akati wandei ekutyisidzira anotanga mashandiro eRaaS kuparadzira ransomware mukati mebhizinesi rese. Aya ndiwo mashoma emasangano eRaaS:
- Divi rakasviba: Ndiyo imwe yeakanyanya mukurumbira RaaS vanopa. Sekureva kwemishumo, chikwata ichi chaive kumashure kwekurwiswa kweColonial Pipeline muna Chivabvu 2021. DarkSide inofungidzirwa kuti yakatanga muna Nyamavhuvhu we2020 uye yakakwira mukuita mukati memwedzi mishoma yekutanga ye2021.
- Dharma: Dharma Ransomware yakatanga kuonekwa muna 2016 pasi pezita rokuti CrySis. Kunyangwe paine akati wandei Dharma Ransomware misiyano mumakore ese, Dharma yakatanga kuoneka muRaaS fomati muna 2020.
- maze: Sezvakaita vamwe vazhinji vanopa RaaS, Maze yakatanga muna 2019. Pamusoro pekunyora data remushandisi, sangano reRaaS rakatyisidzira kuburitsa data pachena mukuyedza kunyadzisa vakabatwa. Iyo Maze RaaS yakavharwa zviri pamutemo muna Mbudzi 2020, kunyangwe zvikonzero zveizvi zvichiri kupusa. Vamwe vadzidzisi, zvisinei, vanotenda kuti vatadzi vakafanana vakaramba vari pasi pemazita akasiyana, saEgregor.
- DoppelPaymer: Yakabatanidzwa kune akati wandei ezviitiko, kusanganisira imwe muna 2020 yakanangana nechipatara kuGermany chakauraya hupenyu hwemurwere.
- Ryuk: Kunyange zvazvo RaaS yainyanya kushanda muna 2019, inofungidzirwa kuti yakanga iripo muna 2017. Makambani akawanda ekuchengetedza, kusanganisira CrowdStrike uye FireEye, vakaramba zvakataurwa nevamwe vatsvakurudzi kuti chipfeko chiri muNorth Korea.
- LockBit: Sezvo faira rekuwedzera, sangano rinoshandisa encrypt mafaira akabatwa, ".abcd virus," yakatanga kuonekwa munaSeptember 2019. Kukwanisa kweLockBit kupararira zvakazvimiririra pamusoro pechinangwa chetiweki chimwe chezvinhu zvayo. Kune vangave-vanorwisa, izvi zvinoita kuti ive inodiwa RaaS.
- Zvakaipa: Kunyange zvazvo kune vatapi vakawanda veRaaS, ndiyo yainyanya kuitika muna 2021. Kurwiswa kweKaseya, kwakaitika muna July 2021 uye kwakakonzera zvishoma makambani e1,500, kwakabatanidzwa neREvil RaaS. Sangano iri rinofungidzirwawo kuti raive shure kwekurwiswa kwaChikumi 2021 kwemugadziri wenyama JBS USA, uyo akabatwa aifanira kubhadhara madhora gumi nerimwe erudzikinuro. Yakawanikwa zvakare iine mhosva yekurova ransomware kune cyber inishuwarenzi inopa CNA Financial munaKurume 11.
Nzira yekudzivirira sei kurwiswa kweRaaS?
RaaS hackers vanowanzo shandisa akaomesesa pfumo-phishing maemail akagadzirwa nehunyanzvi kuti aite seachokwadi kugovera malware. Nzira yakasimba yekuchengetedza njodzi inotsigira inoenderera mberi yekuzivisa kuchengetedza kwevashandisi vekupedzisira inodiwa kudzivirira kubva kuRaaS.
Yekutanga uye yakanakisa kudzivirira ndeyekugadzira bhizinesi tsika inozivisa vashandisi vekupedzisira nezve ichangoburwa phishing matekiniki uye njodzi idzo ransomware kurwisa kunomiririra kumari yavo uye mukurumbira. Zvirongwa zvine chekuita neizvi zvinosanganisira:
- Software inovandudza: Masisitimu anoshanda uye maapplication anowanzo shandiswa ne ransomware. Kuti ubatsire kumisa kurwiswa kweransomware, zvakakosha kugadzirisa software kana zvigamba uye zvigadziriso zvaburitswa.
- Chenjerera kuchengetedza uye kudzoreredza data rako: Kumisikidza data backup uye kudzoreredza zano ndiyo yekutanga uye, pamwe, inonyanya kukosha nhanho. Dhata inova isinga shandiswe kune vashandisi mushure mekuvharirwa ne ransomware. Iko kukanganiswa kwedata encryption neanorwisa kunogona kudzikiswa kana kambani iine mabhapu azvino anogona kushandiswa mukuita kudzoreredza.
- Kudzivirira phishing: Phishing kuburikidza nemaemail inzira yakajairwa yekurwisa rudzikinuro. Kurwiswa kweRaaS kunogona kudzivirirwa kana paine imwe mhando yekudzivirira-email yekudzivirira munzvimbo.
- Multiple-factor authentication: Vamwe varwisi veRansomware vanoshandisa zvinhu zvinozivikanwa, izvo zvinosanganisira kushandisa mapassword akabiwa kubva kune imwe saiti pane imwe. Nekuti chechipiri chinhu chichiri kudikanwa kuti uwane mukana, multifactor authentication inoderedza kukanganiswa kwepassword imwe chete inoshandiswa zvakanyanya.
- Chengetedzo ye XDR endpoints: Endpoint chengetedzo uye matekinoroji ekuvhima ekutyisidzira, senge XDR, inopa imwe yakakosha chikamu chekudzivirira kubva kune ransomware. Izvi zvinopa yakawedzera yekuona uye yekupindura masimba ayo anobatsira kudzikisa njodzi yeransomware.
- DNS kurambidzwa: Ransomware inowanzoshandisa imwe mhando yekuraira uye kutonga (C2) sevha yekubatanidza nepuratifomu yeRaaS opareta. Mubvunzo weDNS unogara uchibatanidzwa mukutaurirana kubva kumushini une hutachiona kuenda kuC2 server. Masangano anogona kuziva kana ransomware ichiedza kudyidzana neRaaS C2 uye kudzivirira kutaurirana nerubatsiro rweDNS kusefa kuchengetedza mhinduro. Izvi zvinogona kuita semhando yekudzivirira utachiona.
Ramangwana reRaaS
Kurwiswa kweRaaS kuchawedzera uye kufarirwa pakati pevanobira mune ramangwana. Pamusoro pe60% yezvese cyberattacks mumwedzi gumi nemisere yapfuura, maererano neshumo ichangoburwa, yaive RaaS-yakavakirwa.
RaaS iri kuramba ichiwedzera kufarirwa semhedzisiro yekuti iri nyore kushandisa uye chokwadi chekuti hapana ruzivo rwehunyanzvi rwunodiwa. Pamusoro pezvo, isu tinofanirwa kugadzirira kuwedzera kweRaaS kurwiswa kunonangana neakakosha masisitimu.
Izvi zvinosanganisira minda yehutano, manejimendi, zvekufambisa, uye simba. Hackers vanoona aya maindasitiri akakosha uye masangano seakafumurwa zvakanyanya kupfuura nakare kose, achiisa masangano akaita sezvipatara uye zvidyarwa zvemagetsi munzvimbo dzekurwiswa kweRaaS. mangetani ekupa nyaya dzinoenderera kusvika 2022.
mhedziso
Mukupedzisa, kunyangwe kana Ransomware-as-a-Service (RaaS) chiri chisikwa uye imwe yenjodzi ichangoburwa yekubira vashandisi vedhijitari, zvakakosha kutora mamwe matanho ekudzivirira kurwisa kutyisidzira uku.
Pamusoro pemamwe matanho akakosha ekuchengetedza, iwe unogona zvakare kuvimba nekucheka-kumucheto antimalware maturusi kuti awedzere kukudzivirira kubva kutyisidzira uku. Nehurombo, RaaS inoita kunge iri pano kuti igare kwenguva iripo.
Iwe unozoda yakazara tekinoroji uye cybersecurity chirongwa chekudzivirira kubva kuRaaS kurwiswa kudzikisa mukana wekubudirira kweRaaS kurwisa.
Leave a Reply