Shaki kuma jiro in internetku noqday qayb lama huraan ah oo nolosha casriga ah ka mid ah. Daqiiqad kasta, waxaanu dirnaa 197.6 milyan oo iimaylo ah, waxaanu ku kharash garaynaa 1.6 milyan oo doolar online, waxaanu soo dejinaynaa in ka badan 415,000 codsiyo dad ahaan.
Si kastaba ha ahaatee, inkasta oo isticmaalkayaga internetka ee sii kordhaya uu ina siinayo isgaarsiin, waxbarasho, iyo ikhtiyaaro tignoolajiyada aan xadidnayn, waxay sidoo kale ina tusinaysaa khataro badan oo ku salaysan mareegaha.
Waxaan soo aruurinay xogtii ugu dambeysay ee amniga khadka tooska ah ee aduunka oo dhan si ay kaaga caawiso inaad fahanto baaxada iyo darnaanta khataraha soo wajaha shirkadaada. Tirooyinkani waxay ku salaysan yihiin sahanno iyo daabacaadyo dhinacyo saddexaad ah. Markaa, aan bilowno.
Waa maxay inta jeer ee weerarada ku saleysan shabakada?
Sida laga soo xigtay Falanqaynta Verizon ee dhawaan, Weerarada codsiga webka ayaa 26% ka ah dhammaan jebinta, taasoo ka dhigaysa qaabka labaad ee ugu badan ee weerarka.
Si kastaba ha ahaatee, barnaamijyadu maaha isha kaliya ee khatarta ah ee internetka. Taraafikada raadinta caalamiga ah ayaa si aad ah u koray sanadka 2020, iyadoo kor u kaca uu dhaco inta badan inta lagu guda jiro qufulyada faafa ee COVID-19.
Hadda, sida dunidu u soo dhaweynayso hangouts-ka-farmasiga ah iyo goobaha baahinta filimada ee wakhtiga firaaqada, iyo sidoo kale tignoolajiyada shirarka fiidyowga ah si ay ula falgalaan asxaabta fog, heerarkan sare ee isticmaalka internetka ee caalamiga ah ma muujinayaan calaamado hoos u dhac ah.
In kasta oo internetku uu ka caawiyay ganacsiyo badan in ay sii wadaan wax soo saarka marka ay u gudbaan meel fog iyo, dhawaanahan, shaqada isku-dhafka ah, ku tiirsanaantayadu waxay ka dhigtay bartilmaameed qiimo leh oo loogu talagalay weeraryahannada, kuwaas oo awoodooda isugu geeyey ka faa'iidaysiga daciifnimada webka.
Marka loo eego SiteLock, oo ku salaysan a imtixaankii 7 milyan oo website, shabakadaha internetka ayaa hadda la kulma celcelis ahaan 94 weerar maalin kasta waxaana gala bots ku dhawaad 2,608 jeer usbuuc kasta. Dembiilayaasha internetka ayaa isticmaala bots-kan si ay uga raadiyaan mareegaha meelaha daciifka ah oo ay fuliyaan qaababka weerarka fudud sida diidmada adeegga (DDoS) iyo weerarrada aqoonsiga.
Iyada oo bots aad u badan oo lagu soo oogay helitaanka daciifnimo, la yaab maaha - in kasta oo ay tahay arrin aan fiicnayn - in lagu qiyaasay 12.8 milyan oo mareegaha adduunka oo dhan ay ku dhacaan malware.
URLs ku salaysan Codsiga Shabkada
Tobanka waddan ee ugu sarreeya ee martigeliya inta badan URL-yada khatarta sare leh, marka loo eego a falanqayntii ugu dambeysay, waa:
- USA
- Russia
- Germany
- Singapore
- South Korea
- Denmark
- Shiinaha
- Japan
- Canada
- Holland
Botnets, keyloggers, iyo la socodka, goobaha malware-ka, phishingka, ka fogaanshaha wakiilnimada iyo qarsoodiga, spam, spyware, iyo adware ayaa ka mid ah URL-yada khatarta sare leh ee lagu soocay cilmi-baaristan.
Kuwa soo socda waa qaybaha ugu sarreeya ee goobta martigeliya URL-yada xaasidnimada leh:
- Dadka waaweyn (9.43% waxay martigeliyaan URL xaasidnimo ah)
- Madadaalada (8.63%)
- Daawo (7.66%)
- Wax-soo-saarka (19.87%)
- Shareware/ durdurrada (11.84%)
- Isku xirka bulshada (8.71%)
- wax ka beddelka isku xirka URL (5.81%)
- Kale (28.06%)
Hay'ad Maaliyadeed oo lala beegsaday Weerarada Shabakadda
Sannadkii 2020, in ka badan 736 milyan oo weerarro shabakadeed ah oo ka dhan ah hay'adaha maaliyadda ayaa la diiwaangeliyay, marka la isku daro 6.3 bilyan oo weerarro shabakadeed sannadkaas ah. Ku daridda faylka maxalliga ah waxay ahayd nooca ugu badan ee weerarka webka, oo lagu xisaabtamayo 52 boqolkiiba dhammaan weerarrada, oo ay ku xigto weerarrada duritaanka SQL, oo ka dhigan 33 boqolkiiba. Boqolkiiba 9 weerarrada waxay ahaayeen qoraallo goob-goob ah.
Malwareer ku salaysan mareegaha
Malware wuxuu ku lug leeyahay in ka badan 70% dhammaan jebinta nidaamka, iyo 32% dhammaan malware-ku wuxuu ku faafaa intarneedka.
Kuwa soo socda ayaa ah khataraha ugu waaweyn ee laga helay mareegaha uu cudurku ku dhacay malware:
- phishing (7%)
- Dejinta (6%)
- spam SEO (5%)
- Dhabarka dambe (65%)
- Faylka jabsiga (48%)
- Codsiga xaasidnimada ah (22%)
- Qoraalka Shell (22%)
- Durida (21%)
- Cryptominer (<1%)
phishing-ku-salaysan shabakadda
Waxa u dheer diidmada weydiimaha la xidhiidha malware-ka, tignoolajiyada amniga shabakada Akamai waxa kale oo ay ka hortagtay 6,258,597 codsiyo la xidhiidha phishing waxayna bixiyeen macluumaad ku saabsan khibradahooda phishingka.
Goobta, maaliyadda, adeegyada caalamiga ah, xafiiska CIO, iibinta internetka iyo qaybaha suuq-geynta, iyo sidoo kale taageeradooda, warbaahinta, iyo kooxaha sidayaal, ayaa ahaa qaybaha ganacsiga ugu jaajuuska ah, sida lagu sheegay cilmi-baadhistu. In kasta oo xaqiiqda ah in tiradani ay ka yar tahay tirada weydiimaha la xidhiidha malware-ka ee la diiday, Tirakoobka Baadhitaanka Badbaadada ah ee Google ayaa shaaca ka qaaday in ku dhawaad 75 jeer ay ka badan yihiin goobaha phishing-ga ee intarneedka maadaama ay jiraan goobo malware ah.
Tani waxay xooga saaraysaa baaxadda khatarta ay leedahay injineernimada bulshada: Xadgudubyada bulshada, sida phishingka, ayaa ah 25% dhammaan jebinta. Isticmaalayaasha Webmail iyo Software-as-a-Service (SaaS) ayaa ah bartilmaameedyada dadaalka ugu badan ee phishingka, marka loo eego sahan dhowaan la sameeyay, oo ka dhigan 34.7% dhammaan isku dayga phishingka.
Inta jeer ee weerarada iimaylka ganacsiga (BEC) ee lagu bilaabay adeeg bixiyayaasha webmailka bilaashka ah ayaa kordhay 11% sanadkii hore, min 61% ilaa 72%, sida lagu sheegay isla warbixinta. Gmail waxa isticmaalay in ka badan kala badh kuwii weerarrada bilaabay.
Jebinta Xogta ee Weerarada phishingka
90 boqolkiiba jebinta xogta waxaa keena weerarrada phishing, sida uu qabo Cisco's 2021 Cybersecurity. Cilmi-baadhista Trends. Isticmaalayaashu waa isku xirka ugu liita ee silsiladda amniga, sidaas darteed weeraro badan ayaa diiradda lagu saaray. Haakarisku waxay beegsadaan shucuurta bini'aadamka ama caqli-xumada si ka badan cilladaha nidaamka, sida ay caddaynayso caannimada hababka injineernimada bulshada.
A kharashyada jebinta xogta celcelis ahaan $4.24 milyan. Tiradani waxa ay tusinaysaa faraqa u dhexeeya kharashaadka sii kordhaya ee u dhexeeya shirkadaha isticmaala habab ammaan oo casri ah iyo kuwa aan isticmaalin. Tani waxay tusinaysaa in qiimaha jebinta xogta uu aad uga hooseeyo shirkadaha leh qaab dhismeedka amniga rasmiga ah, laakiin waxaa laga yaabaa inay masiibo ku noqoto kuwa aan samayn.
Marka loo eego sahan la mid ah, weerarrada xunxun waxay ka yihiin 52 boqolkiiba jebinta, jebintan waxay ku kacday celcelis ahaan $ 4.27 milyan, taas oo ka badan jebinta xogta caadiga ah. Sababtoo ah habka madax furashada iyo weerarrada malware-ka wax burburiya u burburiyaan xogta, waxay ku kacayaan wax ka badan weerarka caadiga ah. Weerarada xaasidnimada ah ee tirtira ama burburiya xogta waxay ku kaceen celcelis ahaan $4.52 milyan, halka weerarada ransomware ay ku kaceen celcelis ahaan $4.44 milyan.
Ugu Dambeyn
Isku dhafka dusha sare ee weerarka iyo habab yaraynta difaaca ayaa ka kooban codsiga web amniga. Ku-ilaalinta arjiyada mareegaha iyadoo leh hal hab ama hal darajo oo xirmo ah kuma filna. Nuglaanta goobta ama borotokoollada sida TCP ama HTTP waxay kaloo dhaawac u geysan kartaa amniga codsiga iyo helitaankiisa sida weerarrada barnaamijka laftiisa.
Si loo gaaro wanaag codsiga web booska amniga, tillaabooyin yareynta oo dhan ayaa loo baahan yahay. Waxaa xusid mudan in istaraatiijiyad dhammaystiran ay u baahan tahay isuduwidda guud ahaan shabakadda, amniga, hawlgallada, iyo kooxaha horumarinta maadaama mid walba uu mas'uul ka yahay inuu ciyaaro ilaalinta codsiyada iyo xogtooda muhiimka ah.
Leave a Reply