Table of Contents[Qari][muuji]
In kasta oo inta badan dambiilayaasha internetka ay yihiin wax-is-daba-marin xirfadeed, tani macnaheedu maaha inay had iyo jeer yihiin farsamo-yaqaanno farsamo; Dembiilayaasha kale ee internetka ayaa door bida dhaqanka ku dhaqanka dadka.
Si kale haddii loo dhigo, waxay ku qanacsan yihiin injineernimada bulshada, taas oo ah dhaqanka soo-saarka cyberattack iyaga oo ka faa'iideysanaya cilladaha dabeecadda aadanaha.
Kiis toos ah oo ku saabsan injineernimada bulshada, tani waxay dhici kartaa haddii dambiilaha internetka uu iska dhigo khabiir IT oo uu ku weydiiyo faahfaahinta galitaankaaga si loo hagaajiyo daloolka amniga ee nidaamkaaga.
Haddii aad xogta siiso, waxaad siisay qof xun inuu galo akoonkaaga iyaga oo aan xitaa ka walwalin gelitaanka emailkaaga ama kumbuyuutarka.
Silsilad kasta oo amniga ah, waxaan inta badan nahay isku xirka ugu daciifsan maadaama aan u nugulnahay khiyaamo kala duwan. Farsamooyinka injineernimada bulsheed waxay ka faa'iidaystaan nuglaanshahan dadka si ay u khiyaaneeyaan dhibbanayaasha si ay u sheegaan macluumaadka gaarka ah.
Injineerinka bulsheed had iyo jeer waa horumaraya, sidoo kale inta badan hanjabaadaha internetka.
Maqaalkan, waxaan kaga hadli doonaa xaalada injineernimada bulshada ee hadda, noocyada kala duwan ee weerarrada si aad u ilaaliso, iyo calaamadaha digniinta ee la fiirinayo.
Aynu bilowno hordhaca injineernimada bulshada.
Waa maxay Injineeriyada Bulshada?
Injineernimada bulshada ee xisaabinta waxaa loola jeedaa farsamooyinka dambiilayaasha internetka ay u shaqeeyaan si ay uga dhaadhiciyaan dhibbanayaasha inay sameeyaan fal shaki leh, taas oo inta badan keenta jebinta amniga, gudbinta lacagta, ama bixinta macluumaadka shakhsiyeed.
Dhaqdhaqaaqyadani waxay inta badan caqabad ku noqdaan caqli-galnimada waxayna liddi ku yihiin xukunkeenna wanaagsan.
Si kastaba ha ahaatee, khayaanada waxay nagu qancin karaan inaan joojino fikirka macquulka ah oo aan bilowno ku shaqeynta dareenka annaga oo aan ka fikirin waxa aan dhab ahaantii sameyneyno anagoo adeegsanayna shucuurteena - labadaba mid togan iyo mid xun - sida xanaaq, cabsi, iyo jacayl.
Si fudud loo qeexay, injineernimada bulshadu waa sida tuugadu u dhimaan maskaxdeena, si la mid ah waxay ku sameeyaan malware iyo fayrasyada si ay u waxyeeleeyaan mashiinadayada.
Weeraryahanadu waxay inta badan isticmaalaan injineernimada bulshada sababtoo ah inta badan way ka sahlan tahay in laga faa'iidaysto shakhsiyaadka marka loo eego in la aqoonsado daciifnimada shabakada ama software.
Sababtoo ah dembiilayaasha iyo dhibanayaasha waligood maaha inay si shakhsi ah ula falgalaan, injineernimada bulshadu had iyo jeer waa qayb ka mid ah khiyaanada ballaaran.
Helitaanka dhibbanayaasha: guud ahaan waa yoolka ugu weyn:
- Software xaasidnimo ah oo ku jira taleefankooda casriga ah.
- Ka noqo adeegsadahaaga iyo eraygaaga sirta ah.
- Sii ogolaansho xaasidnimo plugin, kordhin, ama codsiga dhinac saddexaad.
- Ku dir lacag adoo adeegsanaya money order, lacag wareejin elektaroonig ah, ama kaadhadh hadiyadeed.
- Ciyaar doorka baqalka lacagta si aad u gudbiso oo aad u dhaqdo lacag sharci darro ah.
Farsamooyinka injineernimada bulshada waxaa isticmaala dambiilayaal sababtoo ah way fududahay in laga faa'iidaysto dareenkaaga asalka ah ee lagu kalsoon yahay dadka kale marka loo eego sida loo jabsado barnaamijkaaga.
Tusaale ahaan, ilaa erayga sirta ah uu yahay mid daciif ah mooyaane, aad bay uga sahlan tahay in qof lagu khiyaaneeyo inuu kuu sheego furaha sirta ah marka loo eego in la isku dayo in la jabsado.
Sidee buu u shaqeeyaa injineernimada bulshadu?
Injineerada bulshadu waxay qaadaan weerarro internet-ka ah iyagoo isticmaalaya xeelado kala duwan. Inta badan weerarrada injineernimada bulsheed waxay ka bilowdaan weeraryahanku samaynta sahamin iyo cilmi-baadhis ku saabsan dhibbanaha.
Tusaale ahaan, haddii bartilmaameedku yahay ganacsi, jabsadayhu waxa uu wax ka baran karaa qaab-dhismeedka shirkadda, hababka gudaha, jargon warshadaha, la-hawlgalayaasha ganacsi ee suurtagalka ah, iyo faahfaahin kale.
Diirada saarista ficilada iyo caadooyinka shaqaalaha leh heer hoose oo gelitaan bilow ah, sida waardiyaha ama soo dhaweynta, waa hal xeelad oo ay adeegsadaan injineerada bulshada.
Weeraryahanadu waa raadin karaan warbaahinta bulshada xisaabiya macluumaadka gaarka ah oo u fiirso hab-dhaqankooda internetka iyo shakhsi ahaan labadaba.
Injineer bulsheed ayaa marka xiga u isticmaali kara cadaymaha la soo aruuriyay si uu u qorsheeyo weerar oo uu uga faa'ideysto ceebaha la ogaaday intii lagu jiray marxaladii sahanka.
Haddii dhab ahaantii uu weerarku dhaco, qofka wax weeraray waxa uu heli karaa nidaamyo ama shabakado, lacag bartilmaameedyada, ama helitaanka xogta gaarka ah sida lambarrada Bulshada, faahfaahinta kaadhka deynta, ama faahfaahinta bangiga.
Noocyada caanka ah ee weerarrada injineernimada bulshada
Barashada farsamooyinka caadiga ah ee loo isticmaalo injineernimada bulshada waa mid ka mid ah xeeladaha ugu weyn ee aad iskaga difaaci karto weerarka injineernimada bulshada.
Maalmahan, injineernimada bulsheed waxay caadi ahaan ku dhacdaa khadka, oo ay ku jiraan khiyaanada warbaahinta bulshada, marka weeraryahannadu u qaataan aqoonsiga ilo lagu kalsoonaan karo ama sarkaal sare si ay u khiyaaneeyaan dhibbanayaasha si ay u sheegaan macluumaadka xasaasiga ah.
Waa kuwan qaar kale oo badan oo weerarrada injineernimada bulshada:
phishing
Phishing waa nooc ka mid ah habka injineernimada bulsheed kaas oo isgaarsiintu la qariyo si ay u eegaan inay ka yimaadeen ilo la aamini karo.
Isgaadhsiintan, kuwaas oo inta badan iimaylo ah, waxa loogu talagalay in lagu khiyaaneeyo dhibbanayaasha si ay u sheegaan macluumaadka shakhsiyeed ama maaliyadeed.
Ka dib oo dhan, maxay tahay sababta aan uga shakino sharcinimada iimaylka saaxiib, xubin qoyska, ama shirkad aan naqaan? Khayaanada ayaa ka faa'iidaysta kalsoonidan.
Dalbashada
Vishing waa nooc kakan oo weerar phishing ah. Waxa kale oo loo yaqaan "fishing cod." Weeraradaan, nambarka taleefanka ayaa inta badan la been abuuraa si uu ugu muuqdo mid sax ah - weeraryahanadu waxay iska dhigi karaan shaqaale IT, shaqaale la shaqeeya, ama bangiyada.
Qaar ka mid ah weeraryahannada ayaa laga yaabaa inay shaqaaleeyaan cod beddelayaal si ay u qariyaan aqoonsigooda xitaa in ka badan.
Hadalka phishing
Shirkadaha waaweyn ama dad gaar ah ayaa ah bartilmaameedyada phishing-ka waran, nooc ka mid ah weerarka injineernimada bulshada. Bartilmaameedyada weerarrada phishing-ka waranku waa shakhsiyaad xoog leh ama kooxo yaryar, sida hoggaamiyeyaasha ganacsiga iyo dadka caanka ah.
Noocan weerarka injineernimada bulshada ayaa had iyo jeer si wanaagsan loo baaraa oo si khiyaano leh loo sawiraa, taas oo ka dhigaysa mid adag in la ogaado.
Sigaar cabid
Smishing waa nooc weerar phishing ah oo adeegsada farriimaha qoraalka (SMS) ee dhexdhexaadka ah ee isgaarsiinta. Adiga oo soo bandhigaya URL-yada waxyeelada leh si aad u gujiso ama lambarada telefoonka aad ula xidhiidho, weerarradani waxay caadi ahaan ka dalbadaan tallaabo degdeg ah dhibbanayaasha.
Dhibbanayaasha waxaa had iyo jeer lagu dhiirigeliyaa inay bixiyaan macluumaad gaar ah oo ay weeraryahannadu u adeegsan karaan iyaga.
Si looga dhaadhiciyo dhibbanayaasha inay si degdeg ah u dhaq-dhaqaaqaan oo ay u dhacaan weerarka, weerarradu waxay inta badan muujiyaan dareen degdeg ah.
Dharbaaxo
Isticmaalka injineernimada bulshada si loogu cabsi geliyo shakhsiyaadka ku rakibida software amniga beenta ah ama gelitaanka mareegaha khatarta ah ee malware-ka ayaa loo yaqaan scareware.
Scareware caadi ahaan waxa ay u muuqataa daaqado soo baxay kuwaas oo kaa caawinaya ciribtirka caabuqa kombuyuutarka ee la sheegay in laga saaray laptop kaaga. Markaad gujiso pop-upka, waxaa laga yaabaa inaad si ula kac ah u rakibto malware dheeraad ah ama laguu soo diro degel khatar ah.
Isticmaal barnaamijka ciribtirka fayraska la isku halayn karo si aad marar badan u baadho kombayutarkaaga haddii aad u malaynayso inaad haysatid scareware ama wax kale oo soo booda ah. Waa muhiim in nadaafadda dhijitaalka ah ay si xilliyo ah u baarto qalabkaaga khataraha.
Waxa kale oo laga yaabaa inay gacan ka geysato ilaalinta macluumaadkaaga shakhsiyeed iyadoo laga hortagayo weerarrada injineernimada bulshada mustaqbalka.
Jahawareer
Weerarada injineernimada bulshada waxay sidoo kale bilaabi karaan offline; Khasab ma aha in online lagu bilaabay.
Baqashada waa dhaqanka uu weeraryahanku uga tago shay uu cudurku ku dhacay, sida USB Drive, meel ay u badan tahay in laga helo. Qalabyadan ayaa inta badan lagu calaamadeeyay ujeedo si ay u kiciyaan xiisaha.
Isticmaalaha qalabka soo qaata oo geliya kombuyuutarkooda xiisaha ama hunguriga awgeed wuxuu halis ugu jiraa inuu si ula kac ah ugu qaadsiiyo fayras mashiinkaas.
Duub
Mid ka mid ah isku-dayga phishing-ka ee ugu dhiirran, oo leh natiijooyin xun, waa nibiriga. Bartilmaameedka caadiga ah ee noocan ah weerarka injineernimada bulshada waa hal, qof qiimo sare leh.
Erayga "khiyaano maamule" ayaa marmar loo isticmaalaa in lagu qeexo nibiriga, taas oo ku siinaysa tilmaanta bartilmaameedka.
Sababtoo ah waxay si wax ku ool ah u qaataan hadal ganacsi oo ku habboon oo ay u isticmaalaan aqoonta warshadaha si ay uga faa'iidaystaan, weerarrada nibiriga ayaa aad u adag in la ogaado marka loo eego weerarrada kale ee phishingka.
Qoraalka ka hor
Iska-yeelyeelku waa habka lagu been-abuuro xaalad been abuur ah, ama " marmarsiinyo ", taasoo fannaaniintu ay u shaqeeyaan si ay u khiyaameeyaan dhibbanayaasha.
Weerarada been abuurka ah, oo laga yaabo inay ka dhacaan khadka tooska ah ama khadka tooska ah, ayaa ka mid ah farsamooyinka injineernimada bulsheed ee ugu guulaha badan sababtoo ah weeraryahanadu waxay sameeyaan dadaal badan si ay naftooda ugu muuqdaan kuwo la aamini karo.
Ka digtoonow marka aad siidayso macluumaadka gaarka ah dadka aanad garanayn maadaama ay adkaan karto in la ogaado been abuurka marmarsiiyo.
Si aad meesha uga saarto isku dayga injineernimada bulshada, si toos ah ula xiriir shirkadda haddii qof uu ku soo waco baahi degdeg ah.
Dabinka malabka
Dabinka malabku waa nooc ka mid ah habka injineernimada bulshada kaas oo uu gacan-ku-dhiigluhu ku sasabo dhibbanaha galmo aan ammaan ahayn.
Weeraryahanku wuxuu markaa ka faa'iidaysanayaa xaaladda si uu u sameeyo nacayb ama galmo-galmo. Adigoo soo diraya iimaylo spam ah oo leh iska yeel been abuur ah oo ah inay "ku arkeen kamaradaada" ama shay si siman u xun, injineerada bulshadu waxay had iyo jeer dhigaan dabinada malabka.
Haddii aad hesho fariin sidan oo kale ah, hubi in kamaraddaada la ilaaliyo.
Kadib, kaliya ka kooban tahay oo iska ilaali inaad ka jawaabto, maadaama iimayladani aanay ka badnayn spam.
Quid Pro Quo
Laatiinka macneheedu waa "wax loogu talagalay," tusaale ahaan waxay tilmaamaysaa dhibbanaha oo helay abaal-marin abaal-marin ah oo loogu beddelayo wada-shaqeyntooda.
Tusaale aad u fiican ayaa ah marka haakarisku ay isu ekaysiiyaan sidii caawiye IT. Waxay telefoon u diri doonaan shaqaale badan intii suurtagal ah shirkad waxayna sheeganayaan inay haystaan xal fudud, iyagoo ku daray "waxa aad u baahan tahay oo kaliya inaad joojiso AV-gaaga."
Qof kasta oo ku dhaca waxa uu leeyahay ransomware ama fayrasyo kale oo lagu rakibay kombayutarkiisa.
Dhagax
Dabada, oo sidoo kale loo yaqaano piggybacking, waxay dhacdaa marka hackers uu raaco qof isticmaalaya kaarka gelitaanka saxda ah ee dhismo sugan.
Si loo fuliyo weerarkan, waxaa loo malaynayaa in qofka fasaxa u haysta inuu dhismahaasi ka fiirsado inuu albaabka u furo qofka ka dambeeya.
Sideed uga hortagi kartaa weerarada injineernimada bulshada?
Markaad isticmaasho tallaabooyinkan ka-hortagga ah, adiga iyo shaqaalahaagu waxaad heli doontaan fursadda ugu wanaagsan ee aad isaga ilaalin lahaydeen weerarrada injineernimada bulshada.
Wax baro shaqaalaha
Sababta ugu weyn ee u dhicitaanka shaqaalaha ee weerarrada injineernimada bulshada waa jaahilnimo. Si loo baro shaqaalaha sida looga falceliyo isku dayga jebinta caadiga ah, ururadu waa in ay bixiyaan tababaro wacyigelin amni.
Tusaale ahaan, waxa la sameeyo haddii qof isku dayo inuu ku xidho shaqaale goobta shaqada ama uu weydiiyo macluumaad xasaasi ah.
Qaar ka mid ah weerarrada inta badan soo noqnoqda ayaa lagu sifeeyay liiska hoose:
- Weerarada DDoS
- Weerarada kaluumeysiga
- Weerarrada Clickjacking
- Weeraro isdaba joog ah
- Weerarada khayaanada
- Sida looga jawaabo dabada
Hubi iska caabinta weerarka
Samee weerarrada injineernimada bulsheed ee la xakameeyey ee shirkaddaada si aad u tijaabiso. Soo dir iimaylo been abuur ah, oo si tartiib ah u canaano xubnaha shaqaalaha ee furay lifaaqyada, guji xiriiriyeyaasha waxyeelada leh, ama ka falceliya.
Halkii loo arki lahaa guuldarrooyinka amniga internetka, xaaladahan waa in loo arkaa xaalado waxbarasho oo heer sare ah.
Amniga Howlgalka
OPSEC waa hab lagu ogaado hab-dhaqan saaxiibtinimo oo faa'iido u leh mustaqbalka weerarka. OPSEC waxay soo bandhigi kartaa xogta xasaasiga ah ama muhiimka ah haddii si habboon loo habeeyo oo lagu kooxeeyo xogta kale.
Waxaad xaddidi kartaa tirada macluumaadka ay heli karaan injineerada bulshadu adiga oo isticmaalaya hababka OPSEC.
Hel Xog Leaks
Ogaanshaha in aqoonsiga la kashifay natiijada isku dayga phishing waxay noqon kartaa mid adag.
Shirkaddaadu waa inay si joogto ah u raadisaa xog-ururinta xogta iyo aqoonsiga la daatay sababtoo ah phishers-yada qaarkood waxay qaadan karaan bilo ama xitaa sannado si ay uga faa'iidaystaan aqoonsiga ay ururiyaan.
Hirgeli xaqiijinta arrimo badan
Xooji habka xaqiijinta arrimo badan oo u baahan isticmaalayaashu inay yeeshaan calaamad, yaqaanaan erayga sirta ah, oo ay yeeshaan biometrics-kooda si ay u helaan ilaha muhiimka ah.
Hirgelinta nidaamka maaraynta khatarta cid saddexaad
Kahor intaadan keenin iibiyeyaasha cusub ama sii wadida la shaqaynta alaab-qeybiyeyaasha hadda jira, samee nidaam lagu maareeyo khataraha qolo saddexaad, siyaasadda maaraynta iibka, oo samee khatarta amniga internetka qiimeyn.
Gaar ahaan ka dib marka xogta la xado lagu iibiyo shabakada mugdiga ah, aad bay uga fudud tahay in laga fogaado jebinta xogta intii la nadiifin lahaa.
Soo hel software si toos ah u maareyn kara khatarta iibiyaha oo si joogto ah ula soco, darajo, oo qiimee amniga internetka ee iibiyaashaada.
Wax ka beddel dookhyadaada spamka ee iimaylka
Beddelidda goobaha emailkaaga waa mid ka mid ah hababka ugu fudud ee aad iskaga difaaci karto isku dayga injineernimada bulshada. Waxaad hagaajin kartaa filtarradaada spamka si aad uga ilaaliso iimaylada khiyaanada injineernimada bulshada ee sanduuqaaga.
Waxa kale oo aad si toos ah ugu dari kartaa ciwaannada iimaylka ee shakhsiyaadka iyo ururada aad ogtahay inay dhab yihiin liisaska xidhiidhka dhijitaalka ah - qof kasta oo iska dhigaya inay yihiin laakiin isticmaalaya ciwaan ka duwan mustaqbalka waxay u badan tahay inuu yahay injineer bulsho.
Ugu Dambeyn
Ugu dambeyntii, injineernimada bulshadu waa farsamo aad u fudud oo loo isticmaali karo in lagu sameeyo khiyaano, khiyaano, ama dembiyo kale. Waxay ku dhici kartaa qof walba shakhsi ahaan, telefoon, ama online.
Injineerada bulshadu uma baahna inay noqdaan kuwo farsamo badan; waxay u baahan yihiin oo kaliya inay awoodaan inay ku caawiyaan si aad u siiso macluumaad gaar ah.
Waa khiyaamo masiibo ah maadaama aan dhammaanteen khatar ku jirno. Baraha bulshada ayaa sidoo kale awood u siisay injineerada bulshada inay noqdaan kuwo khiyaano badan iyaga oo awood u siinaya inay abuuraan xisaabaad been abuur ah oo ay fududahay in lagu qaldo kuwa dhabta ah ama xitaa inay iska dhigaan shaqsiyaadka dhabta ah.
Had iyo jeer isticmaal taxaddar markaad ku arkayso muuqaallo aan caadi ahayn ama aadan aqoon warbaahinta bulshada.
Leave a Reply