Iyini i-ransomware, izinhlobo, izibonelo kanye nendlela yokuzivikela

El I-Ransomware isibe ngenye yezindlela zokuhlasela ze-cyber ezinenzuzo kakhulu neziyingozi. yeminyaka yamuva nje. Ikhiya amakhompyutha, ibethele amafayela, futhi ifune inkokhelo, ngokuvamile nge-cryptocurrency, ukuze kubuyiselwe ukufinyelela. Ithinta abasebenzisi ngabanye kanye namabhizinisi, izibhedlela, amakhansela amadolobha, ngisho nengqalasizinda ebalulekile.

Kunokuba yinto entsha, Umlando we-ransomware uqala ngasekupheleni kweminyaka yama-80 futhi usuthuthuke kakhulu. Ngokuhamba kwesikhathi: yaqala ukusatshalaliswa kuma-floppy disks futhi yacelwa imali ngeposi; namuhla isakazeka ngemizuzwana kuwo wonke amanethiwekhi, isebenzisa i-cryptography ethuthukisiwe futhi ithembele kumamodeli ebhizinisi afana ne-Ransomware-as-a-Service avumela noma yisiphi isigebengu ukuthi siqalise imikhankaso ngaphandle kolwazi oluphelele lobuchwepheshe.

Iyini i-ransomware futhi isebenza kanjani?

I-athikili ehlobene:

Isipele esingaguquki ngokumelene ne-ransomware: umhlahlandlela ophelele wokuvikela ama-backups akho

Ngamazwi alula, I-Ransomware uhlobo lwe-malware eyenzelwe ukukuvimbela ekusebenziseni ikhompyutha yakho noma ukufinyelela idatha yakho. Ngaphandle kokuthi ukhokhe isihlengo. Kungavimba ukufinyelela kulo lonke uhlelo, kubethele amadokhumenti, izizindalwazi, izithombe, noma ngisho nediski yonke, futhi kubonise umlayezo onemiyalelo yokukhokha.

Ekuhlaselweni okuvamile, Isigebengu se-inthanethi silimaza idivayisi noma inethiwekhi, sisebenzise i-malware, futhi sibambe ulwazi.Kusukela lapho, ukuphanga kuqala: basongela ukungabuyisi ukhiye wokuqaqa, ukushicilela idatha eyebiwe, noma ukuyibhubhisa ngqo uma inkokhelo ingenziwanga phakathi nesikhathi esithile.

Kubalulekile ukukucacisa lokho Ukukhokha isihlengo akuqinisekisi lutho nhlobo.Izisulu eziningi azitholi amafayela azo ngisho nangemva kokukhokha; ezinye zithola amathuluzi anephutha angcolisa idatha kakhulu. Ngaphezu kwalokho, ukukhokha kukhuthaza ibhizinisi lobugebengu futhi kungenza isisulu sibe yisisulu esiphindaphindwayo.

Ngakho-ke, uma kwenzeka ukutheleleka, izincomo zochwepheshe nezinhlangano ezifana ne-INCIBE noma i-FBI uqobo Zicacile: ungakhokhi, hlukanisa izinhlelo ezithintekile, buyisela ama-backup bese ubika isigameko eziphathimandleni ezifanele.

Ukuvela komlando kwe-ransomware

Uhlu lwesikhathi lwe-ransomware lubonisa ukuthi isuke kanjani ekubeni yindaba yobuchwepheshe yaba imboni yobugebengu ebiza izigidigidi zamaRandi. Igxathu ngalinye elibalulekile lilethe ukuthuthuka ekubetheleni, ekusakazeni, noma ekuqotheni..

1989 - I-AIDS Trojan noma i-“PC Cyborg”Lokhu kubhekwa njengecala lokuqala elibhalwe phansi le-ransomware. Lalisatshalaliswa kuma-floppy disk ahlobene nolwazi lwe-AIDS. I-malware yafihla iziqondiso zamafayela esistimu futhi yafuna u-$189 ukuze iwavule, kanti inkokhelo yayizokwenziwa ngeposi ekhelini elisePanama. Ngobuchwepheshe, kwakuyinto engavamile. Ayizange ibhale ngemfihlo okuqukethwe kwamafayela, kodwa yabhala amagama awo kuphela.okwavumela ukuthi umonakalo uguqulwe ngaphandle kokukhokha.

1996 - Umqondo "wokuxhaphaza nge-cryptoviral" uqalweAbacwaningi u-Adam L. Young noMoti Yung bachaze engqungqutheleni ye-IEEE Security and Privacy ukuthi i-malware ingasebenzisa kanjani i-cryptography engalingani ukuze iphange izisulu zayo. Ikhodi enonya yayihlanganisa ukhiye womphakathi, amafayela abethelwe, futhi yaphoqa isisulu ukuba sithumele umbhalo obethelwe kumhlaseli ukuze athole ukhiye wangasese. ngokushintshana ngemali. Lokho kwakuseyimfundiso yezemfundo, kodwa kwakubonisa kahle lokho esasizokubona kamuva.

Ekuqaleni kweminyaka yama-2000 - Ukuqubuka kokuqala kwesimanjeNgemva kwesikhathi sezigameko ezingavamile, Ngo-2005 kwaqala ukwanda okuphawulekayo kwezifoikakhulukazi eRussia naseMpumalanga Yurophu. Kwavela izinhlobo zokuqala ezazisebenzisa i-cryptography engalingani, okwaba nzima kakhulu ukususa ukubethela ngaphandle kwesihluthulelo somhlaseli.

2009 - Kufika ama-CryptocurrenciesUkudalwa kweBitcoin kwaphawula iphuzu lokushintsha. Izinkokhelo zishintshe kusukela kumasheke, ukudluliselwa, noma amakhadi akhokhelwa kusengaphambili kuya ezimalini ezingokoqobo okunzima ukuzilandelaLokhu kungaziwa okuhlobene kwenza imodeli yathandeka kakhulu futhi yakwazi ukwandiswa ngobugebengu obuhleliwe.

2013 - Isikhathi Sesimanje Se-Ransomware: I-CryptoLockerI-CryptoLocker yenza ukubethela okunamandla kwaziwe ngezinga elikhulu: Okhiye be-RSA abangu-2048-bit, amafayela abethelwe ngesandiso, kanye ne-ransoms edingekayo ku-Bitcoin noma kuma-voucher akhokhelwa kusengaphambiliUmthelela wayo wawukhulu kangangokuthi yadinga imisebenzi yamazwe ngamazwe ukuze kubhidlizwe ingqalasizinda (i-Gameover Zeus) eyayiyisekela.

2015 - I-Ransomware-as-a-Service (RaaS)Izinhlobo ezifana ne-Tox zethula imodeli ye-RaaS: abadali be-ransomware banikeza “ama-kit” alungele ukusetshenziswa kwezinye izigebenguUkuze uthole ikhomishini ngezihlengo. Lokhu kudala intando yeningi ekuhlaselweni: awusadingi ukwazi ukuthi ungahlela kanjani umkhankaso.

2016-2017 – Amagagasi omhlaba wonke kanye nezikelemu ze-cryptoNgo-2016, kwavela imindeni ye-ransomware efana ne-Mamba, ebhala ngemfihlo yonke idiski ezingeni lokuqalisa kusetshenziswa amathuluzi afana ne-DiskCryptor. Ngo-2017, kwavela i-WannaCry (WanaCrypt0r). i-cryptoworm yokuqala ephindaphinda kakhulu, esebenzisa ubuthakathaka be-MS17-010 ku-Windows futhi ibethela idatha evela kumakhompyutha angaphezu kuka-75.000 emhlabeni jikelele, okuhlanganisa izibhedlela zaseBrithani, izinkampani zaseSpain ezifana ne-Telefónica, kanye nengqalasizinda yaseRussia.

Futhi ngo-2017 I-Petya kanye nezinhlobo zayo zihlasela ngokubethela ithebula lefayela eliyinhloko (i-MFT)ukuvimbela uhlelo, kanye nemikhankaso emikhulu yokulwa namabhange, izinkampani zamandla, kanye nokuphathwa komphakathi kubhaliwe phansi. Ukusetshenziswa kwemiyalezo ezenza amaphoyisa ukuze anikeze "ubuqiniso" ekukhwabaniseni kuya ngokuya kusabalala.

2018 - Ryuk kanye "nokuzingela okukhulu kwezilwane". URyuk ugxile ezinhlosweni ezibaluleke kakhulu: izinhlangano zomphakathi, izibhedlela, iziteshi zabezindaba kanye nezinkampani ezinkuluIsebenzisa okhiye abahlukile ngenhlangano ngayinye kanye namakhono okusabalalisa athuthukile (i-Wake on LAN, i-SMB, i-RPC), okwenza kube nzima ukuphendula kanye nokususa ukubethela.

2019 - Ukuxhaphaza okuphindwe kabili nokuphindwe kathathuKusukela kulo nyaka, amaqembu e-ransomware asebenzise isu lokuphanga kabili: Abagcini nje ngokubethela idatha, bayayikhipha futhi basongela ukuyishicilela. Uma inkokhelo ingakhokhwa. Kukhona ngisho nezinhlelo zokuxhaphaza kathathu, lapho amakhasimende esisulu, abahlinzeki, noma iziguli nabo becindezelwa khona. Amaqembu okusabela ezigamekweni njenge-IBM Security X-Force aqinisekisa ukuthi cishe wonke amacala abawasingathayo manje ahilela ukwebiwa kwedatha.

2020 - Ukwanda okukhulu ngesikhathi se-COVID-19Ukusebenza ngocingo ngobuningi, ukushesha kokuvumela ukufinyelela kude, kanye nokuphepha okuncishisiwe kwemizi eminingi kudala ukuhlaselwa. Ohulumeni, izikhungo zezimali, ikakhulukazi umkhakha wezempilo babhekene nokwanda okukhulu ngezigameko ze-ransomware ngesikhathi sobhubhane.

2022 - Ukuntshontshwa kwengxoxo ye-imeyiliIndlela ekhohlisayo kakhulu iyanda: “ukuntshontsha izintambo”. Izigebengu zingena ezingxoxweni ze-imeyili ezisemthethweni bese ziphendula ngaphakathi kwengxoxo efanayo. ngezinamathiselo noma izixhumanisi ezinonya, okwandisa kakhulu izinga lokuchofoza.

2023-2024 - Ngale kokubethelaNjengoba ukuzivikela kanye nabadlali abasekelayo kuthuthuka, amaqembu amaningi ayanda izikhali zawo: Bahlanganisa i-ransomware namasela edatha (amasela) Bakhipha iziqinisekiso kanye nedatha ebucayi ngaphandle kwesidingo sokukhiya izinhlelo. Amaqembu afana ne-LockBit noma izinsalela ze-Conti asebenzisa ukwebiwa kwedatha okuqondile kanye nokusongela, ngisho noma bengasebenzisi ukubethela.

Izinhlobo eziyinhloko ze-ransomware

Nakuba kunezinhlobo eziningi ezahlukene, Iningi le-ransomware lamanje lingahlukaniswa ngemindeni emibili emikhuluEsokuqala yilesi esibethela ulwazi kanye nelesivimba idivayisi. Ukusuka lapho, kuvela ezinye izinhlobo ezincane kanye namasu okuphanga.

Ukubethela i-ransomware

Ungumuntu owesatshwa kakhulu futhi ovame ukuba sematheni. Umgomo wayo ukubethela amafayela noma idatha ebalulekile ukuze ikwazi ukutholwa kuphela ngokhiye ophethwe umhlaseli.Ngokuvamile igxila kumadokhumenti ehhovisi, izizindalwazi, ama-backups afinyelelekayo, izinhlelo zokukhiqiza, njll.

Ngokombono, ngemva kokukhokha isihlengo, isigebengu sithumela ukhiye noma ithuluzi lokususa ukubethela okuguqula inqubo. Empeleni, kunezimo eziningi lapho isisulu singatholi lutho oluwusizo, noma lapho ukuqaqwa kwekhodi kwehluleka khona futhi olunye ulwazi lonakala unomphela.

I-Locker ransomware

Kulokhu, i-malware Ivimbela ukufinyelela kuyo yonke idivayisi ngokubonisa isikrini esikhulu. Kuthatha yonke ideskithophu futhi kukuvimbele ekusebenziseni uhlelo. Kuvame kakhulu kumaselula nakwamanye amakhompyutha asekhaya.

Ngokungafani nokubethela okumsulwa, Amafayela awatholakali lapha njalo.Uma ukutheleleka kususiwe noma uhlelo lubuyiselwa, idatha ingase ihlale ingashintshi. Inothi lesihlengo livame ukufaka ama-logo ezinhlangano zomthetho noma izixwayiso zemisebenzi engekho emthethweni okuthiwa isolwa.

Ezinye izinhlobo ezivamile

Ngokusekelwe kulezi zisekelo ezimbili, kuvela izinhlobo eziningana namalebula awusizo ukuwazi ukuze kutholakale kangcono ingozi:

• Isofthiwe ye-Scareware noma yokusabisaIziveza njenge-antivirus noma ithuluzi lokuphepha "elithola" izifo ezingamanga futhi lifune inkokhelo ukuze lizihlanze. Ikuhlaselela ngama-pop-up, kodwa kaningi Ayibhali noma ivimbe lutho, imane nje iyamkhohlisa umsebenzisi.
• Ukukhiya isikrini kwakudalaBabonisa isikrini esingashintshi, ngokuvamile esinama-logo amaphoyisa noma izinhlangano zikahulumeni, okubonisa ukuthi okuqukethwe okungekho emthethweni (ubusela, izithombe zobulili ezingcolile, njll.) kutholakale nokuthi "inhlawulo" kumele ikhokhwe. Umgomo wabo ukwesabisa, hhayi ubuchwepheshe obukhulu kangako..
• I-DoxwareUmhlaseli weba ulwazi oluyimfihlo (izithombe, amadokhumenti, imilando, izizindalwazi) futhi usongela ukulushicilela. Ingcindezi ayisekelwe ekulahlekelweni ukufinyelela kwedatha, kodwa isekelwe ehlazweni, ekulimaleni kwedumela, noma ezijezisweni ezingaba khona ngokuhlunga.
• I-ransomware yokuqola ephindwe kabili futhi kathathuIhlanganisa ukubethela + ukwebiwa kwedatha futhi, kwezinye izimo, Ukuhlaselwa okwengeziwe okufana ne-DDoS noma ukusongela abantu besithathu abathintekayo (amaklayenti, iziguli, abalingani) ukuze kwandiswe ingcindezi.
• i-ransomware ebhubhisayoEsikhundleni sokugxila ekusindisweni kwangempela, Usongela ngokususa noma ukubhala phansi ulwazi uma inkokhelo ingakhokhwa.Futhi ngezinye izikhathi kwenza kanjalo ngisho nangemva kokuthola imali. Kuseduze kakhulu nokubhujiswa kunokuphanga okuvamile.

Indlela i-ransomware esakazeka ngayo

Ukuze ukuhlasela kuphumelele, isigebengu sidinga indawo yokungena. I-Ransomware ivame ukufika "njengomgibeli" ngaphakathi kwama-imeyili, okulandwayo, noma ubuthakathaka obungalungiswanga..

I-Malspam (ugaxekile olunonya)Kuyindlela yokudubula ngobuningi. Umhlaseli uthumela izinkulungwane noma izigidi zama-imeyili nge okunamathiselwe okunogibe (i-PDF, i-Word, i-ZIP) noma izixhumanisi kumasayithi asengozini. Ukuvula ifayela noma ukuvula ama-macro kwanele ukuthi i-malware ilande futhi iqalise.

Ukukhangisa okungalungile (ukukhangisa okunonya)Isebenzisa amabhanela kumawebhusayithi asemthethweni noma asengozini. Ukufinyelela nje ikhasi kungaqondisa buthule umsebenzisi kuseva elawulwa umhlaseli.Lapho, ikhithi yokusebenzisa ihlaziya isiphequluli, ama-plugin, kanye nesistimu, bese iqala ukuhlasela ngokusebenzisa noma yikuphi ubuthakathaka obutholakalayo, ngokuvamile ngaphandle kokuthi umsebenzisi achofoze noma yini.

Ubugebengu bokweba imininingwane ebucayi kanye nokuqola imikhomoNgokungafani nogaxekile abaningi, I-Spear phishing ihlose izinhloso ezithile kakhulu.Inkampani, umnyango, umphathi. Ama-imeyili aklanywe ngokucophelela, asekelwe kudatha yangempela (isibonelo, amashadi enhlangano e-LinkedIn), futhi azenza abantu abanjengo-CEO noma umphathi we-HR. I-"Whaling" ihlose izikhundla eziphezulu, lapho ukuchofoza okukodwa kungavula umnyango kuyo yonke inethiwekhi yenkampani.

Ubunjiniyela bezenhlalo ngokujwayelekileAbahlaseli bathola ulwazi ezinkundleni zokuxhumana, kumawebhusayithi ezinkampani, noma ekuvuthweni kwangaphambilini, kanye Bayisebenzisela ukwenza umyalezo ubonakale uyiqiniso futhi ujwayelekile.Ngezinye izikhathi bazenza abeseki bezobuchwepheshe, ibhange, umhlinzeki wesofthiwe, noma ngisho nomuntu osebenza naye, okunciphisa izinsolo zomsebenzisi.

Futhi, Ukuhlasela okuningi kwanamuhla kuyasetshenziswa ubungozi besoftwareamasevisi aveziwe (njenge-RDP engavikelekile kahle), amaphasiwedi abuthakathaka, noma isofthiwe ephangiweUma isingaphakathi kwenethiwekhi, i-ransomware ihlangana namanye amathuluzi ukuhambisa eceleni, ukweba iziqinisekiso, nokuthola izinhlelo ezibaluleke kakhulu ngaphambi kokuqalisa ukubethela.

I-Ransomware kumakhompyutha, kuma-Mac nakumafoni eselula

Nakuba izigameko eziningi zabezindaba zihilela iWindows, akukho pulatifomu ephephile ngokuphelele.

En WindowsIndawo yokuhlasela inkulu ngenxa yesabelo sayo semakethe kanye nenani lesofthiwe yomuntu wesithathu efakiwe. Imindeni efana ne-CryptoLocker, i-CryptoWall, i-Petya, i-WannaCry, i-Ryuk, i-TeslaCrypt, kanye ne-Mamba ibe nomthelela omkhulu, ibhala amafayela, amadiski aphelele, futhi isakazeka ngokuzenzakalelayo kuwo wonke amanethiwekhi; bheka Isifundo se-Shadow Copy.

En MacIcala lokuqala elidumile kwakuyi-KeRanger ngo-2016, elangena njengenguqulo esengozini yohlelo lokusebenza olusemthethweni (i-Transmission). Ibizokopisha ngemuva, ilinde izinsuku ezimbalwa, bese iqala ukubethela amafayela.Kamuva, kwavela ezinye, njenge-Findzip noma i-MacRansom, kanye ne-ransomware mbumbulu njenge-ThiefQuest/EvilQuest empeleni ezazisebenza "njengama-wipers", zibhubhisa idatha ngaphandle kwenhloso yangempela yokususa ukubethela.

En Izingcingo ze-AndroidNgaphezu kwakho konke, ama-screen blocker andise lokho Babonisa imiyalezo esola imisebenzi engekho emthethweni futhi bafuna inkokhelo ukuze bavule idivayisi.Ngokuvamile bacasha izinhlelo zokusebenza ezilandiwe ezitolo ezisemthethweni zangaphandle noma kuzinhlelo zokusebenza ezisuka ekusatshazeni. Ezimweni eziningi, zingasuswa ngokuvula kabusha kumodi ephephile bese ukhipha uhlelo lokusebenza olunobungozi, kodwa ezinye izinhlobo zidinga ukusetha kabusha okuphelele.

Amacala nemindeni ephawulekayo ye-ransomware

Eminyakeni edlule, okulandelayo kuye kwatholakala imindeni eminingi enamaqhinga nezinhloso ezahlukahlukene. Ezinye ezaziwa kakhulu yilezi:

• I-RevetonWakhangisa ukukhiya isikrini ngamalogo ezinhlangano zomthetho ezazithiwa ziyasebenza. ikheli le-IP, umhlinzeki we-inthanethi, ngisho nesithombe se-webcam ukwesabisa isisulu nokufuna inkokhelo ngamakhadi akhokhelwa kusengaphambili noma izinsizakalo ezingaziwa.
• I-CryptoLockerOmunye wamaphayona amakhulu ekubethelweni kwenqwaba okunamandla. Yakha ama-key pair e-RSA, amafayela abethelwe ngokwesandiso, futhi yafuna i-Bitcoin.Ingqalasizinda yayo ayizange isetshenziswe lapho i-botnet ye-Gameover Zeus idilizwa.
• I-CryptoWallUkuvela okulandelayo, okusatshalaliswe ngemikhankaso yobugebengu bokweba imininingwane ebucayi kanye nama-exploit kits. Ifinyelele ezinguqulweni ezifana ne-CryptoWall 3.0 futhi yayihlotshaniswa namaqembu, okwakuthiwa avela eRussia.
• I-TeslaCryptEkuqaleni egxile ezweni lemidlalo yevidiyo (ukubethela imidlalo nokuqukethwe okuhlobene nayo), wagcina esethathe umhlalaphansi lapho Ukhiye wokuqaqa oyinhloko uvuvukileLokhu kwavumela izinkampani zokuphepha ukuthi zenze amathuluzi wamahhala wokubuyisa amafayela.
• MambaEsikhundleni sokubethela amafayela ngamanye, Bethela yonke idiski ezingeni lokuqalisa usebenzisa i-DiskCryptorIdala abasebenzisi abathile, iguqula i-MBR, futhi ivimbele uhlelo ukuthi luqale ngaphandle kokhiye.
• WannaCryIcala eliyipharadesi le-cryptography worm. Isebenzise kabi ubungozi beWindows (EternalBlue/MS17-010) futhi yasakazeka ngokuzenzakalelayoezithinta izibhedlela, izinkampani zamandla, ezokuthutha kanye nezinkulungwane zezinhlangano emhlabeni wonke kuze kube yilapho "ukushintsha kokubulala" kwenziwa ngengozi.
• IsiRyukKugxilwe ezinhlanganweni ezinkulu, Isebenzisa okhiye abangokwezifiso ngesisulu ngasinye, amakhono ezikelemu, kanye namathuluzi engeziwe ukuzulazula kunethiwekhi. Kuye kwabonakala ekuhlaselweni kohulumeni bomphakathi, izikhungo zezindaba, kanye nezinsizakalo ezibalulekile.

I-Ransomware-as-a-Service (RaaS): ibhizinisi elingemuva kobugebengu

Esinye sezizathu zokwanda kwe-ransomware yimodeli yayo yebhizinisi. I-Ransomware-as-a-Service isebenza njenge-franchise yobugebengu lapho wonke umuntu enendima yakhe.

Abathuthukisi bakha i-malware kanye nengqalasizinda yewebhu lapho "abasebenzisana nabo" bengakwazi khona Lungiselela imikhankaso, yenza ngokwezifiso amanothi esihlengo, setha amanani, futhi uqaphe izibalo (izisulu ezinegciwane, izinkokhelo ezitholiwe, njll.). Njengokubuyisela, umdali ugcina iphesenti lesihlengo ngasinye.

Kube khona futhi kukhona "izinhlobo" eziningi ze-RaaS: Cerber, Stampado, Philadelphia, Frozr Locker, Satan, RaasBerry, Atom, Hostman, Shark, GrandCrab, Ako, LockBit kanye nezinye eziningi. Ezinye zikhangiswa ngisho nasezinkundleni zokuxhumana ezingaphansi komhlaba ngezincwajana, amavidiyo, kanye "nokusekelwa kobuchwepheshe" kwezigebengu ezingenalo ulwazi oluningi.

Ngale modeli, Ingozi isakazekile futhi isithiyo sokungena siphansi kakhulu.Mane nje ukhokhe imali noma wabelane ngenzuzo ukuze uqalise ukuhlasela obekuzodinga ulwazi oluthuthukisiwe lokuhlela, i-cryptography, kanye namanethiwekhi.

Okufanele ukwenze uma ungenwa yi-ransomware

Lapho kuvela inothi lesihlengo, Ukusabela okungokwemvelo ngokuvamile kuba ukwethuka.Kodwa kubalulekile ukwenza ngokuhlakanipha ukuze unciphise umonakalo.

Esokuqala ukuthi Nqamula idivayisi kunethiwekhi (ikhebula, i-Wi-Fi, njll.) bese uvala amanye amadivayisi axhunyiwe. lokho kungaba sengozini, ikakhulukazi uma wabelana ngamafayela noma amadrayivu enethiwekhi. Lokhu kusiza ekunciphiseni ukusabalala.

Okulandelayo, futhi noma nini lapho kungenzeka, Xhumana nethimba lakho le-IT, uchwepheshe wezokuphepha kwe-inthanethi, noma izinsizakalo zosizo lomphakathi. (ESpain, ucingo losizo lwe-INCIBE oluthi 017 lunikeza ukwesekwa kwamahhala nokuyimfihlo.) Bazokwazi ukuhlaziya uhlobo, bahlole izinketho, futhi bakuqondise ezinyathelweni ezilandelayo.

Uma unezipele ezithembekile, Isixazululo esiphephile ngokuvamile ukufometha amakhompyutha athintekile kanye buyisela izipeleNoma yimuphi umzamo "wokuhlanza" ngaphandle kokufaka okuhlanzekile ungashiya iminonjana ye-malware futhi uvumele ukutheleleka kabusha.

Uma kungekho ama-backups, Kunezinhlelo ezifana ne-No More Ransom lokho okunikezwayo amathuluzi okususa ukubethela mahhala kweminye imindeni eyaziwayo. Azimbozi zonke izinhlobo noma zonke izinhlobo, kodwa kwezinye izimo zikuvumela ukuthi uthole amafayela mahhala.

Kunoma yisiphi isimo, Kumelwe ubike lesi sigameko eziphathimandleniNgaphandle kwanoma yiluphi usekelo ongaluthola, idatha yakho izosiza ekuthuthukiseni ubuhlakani bezinsongo futhi ishushise labo abanecala.

Indlela yokuvimbela ukuhlaselwa kwe-ransomware

Isu elihle kakhulu lokulwa ne-ransomware licacile: Tshala imali ekuvimbeleni futhi wamukele ukuthi maduze noma kamuva kuzoba nokuzama ukuhlasela.Umqondo uwukunciphisa amathuba empumelelo kanye nomthelela uma kwenzeka.

Ngokombono wezobuchwepheshe, kuyalulekwa Gcina izinhlelo zokusebenza, izinhlelo zokusebenza, kanye ne-firmware zibuyekeziwe futhi zilungisiwe yi- ukuphathwa kwesichibiImikhankaso eminingi isebenzisa ubuthakathaka obekukhona ama-patches abo isikhathi esithile. Ukuvumela izibuyekezo ezizenzakalelayo, uma kungenzeka, kunciphisa kakhulu ithuba lokudalulwa.

Ibalulekile futhi babe nezixazululo zokuphepha ezithembekile (i-antimalware, i-antiransomware, i-antiexploit, izihlungi ze-antispam) kumakhompyutha omuntu siqu, amaseva, namadivayisi eselula. Umkhiqizo omuhle ungabona ukuziphatha okuvamile kokubethela ngobuningi bese umisa inqubo ngaphambi kokuthi ithinte lonke uhlelo. Bheka ukuqhathanisa kwe izixazululo zokuphepha ezithembekile izinkampani

Esinye isinyathelo esibalulekile yilesi Sebenzisa inqubomgomo eqinile yokusekelayoOkungcono kakhulu, kufanele uhlanganise ama-backups e-cloud (ngokubethela kanye nokuqinisekiswa kwezinto eziningi) namakhophi angaxhunyiwe ku-inthanethi kuma-drive angaphandle noma Amaseva we-NASAmatheyiphu noma ezinye izinto zokugcina kufanele zinqanyulwe ngokomzimba uma zingasetshenziswa. Lokhu kuvimbela i-ransomware ekubetheleni ama-backup.

Emkhakheni wenhlangano, Ukuqeqeshwa kwabasebenzisi kanye nokuqwashisa kubalulekileUkuchaza ngokucacile ukuthi iyini i-phishing, ukuthi ungayibona kanjani ama-imeyili asolisayo, ukuthi kungani kungafanele unike amandla ama-macro ngokungadingekile, noma ulande okunamathiselwe okungalindelekile kwenza umehluko omkhulu. Amathuluzi afana nokulingisa i-phishing asiza ukuqinisa le mikhuba emihle kakhulu. Funda kabanzi mayelana ukuqeqeshwa nokuqwashisa.

Ezinye iziqondiso eziyisisekelo ezinciphisa kakhulu ingozi yilezi:

• Ungavuli okunamathiselwe okuvela kubathumeli abangaziwa noma abangalindelekile., noma ngabe kubonakala sengathi bavela koxhumana nabo abathembekile, ngaphandle kokuqinisekisa kuqala ngesinye isiteshi.
• Hambisa igundane lakho phezu kwezixhumanisi ukuze ubone i-URL yangempela Futhi uma ungaqiniseki, thayipha ikheli ngesandla kusiphequluli sakho esikhundleni sokuchofoza.
• Gwema ukuphequlula noma ukulanda isofthiwe kumawebhusayithi anemvelaphi engabazisayoikakhulukazi uma benikeza izinhlelo "zamahhala" ezivame ukukhokhelwa.
• Nciphisa ukusetshenziswa kwesofthiwe ephangiwe, njengoba kuvame ukuza nekhodi enonya efakiwe.

Ngaphezu kwalokho, ezinkampanini, Kunconywa ukusebenzisa isimiso samalungelo aphansi, ukuhlukanisa amanethiwekhi, nokuvikela izinsizakalo eziveziwe (njenge-RDP) nge-VPN kanye nokuqinisekiswa kwezinto eziningi.futhi babe nohlelo lokuphendula ezigamekweni oluhlanganisa lokho okufanele ukwenze ikakhulukazi uma kwenzeka ukuhlaselwa kwe-ransomware.

Ubuningi bokuhlaselwa, izinkokhelo zezigidi zamaRandi, kanye nobuciko bamaqembu ezigelekeqe kwenza kucace ukuthi I-Ransomware izoqhubeka nokuba usongo oluqhubekayo iminyaka eminingi ezayo.Ukugcina izinhlelo zisesikhathini, ukwenza ama-backup, ukusebenzisa izixazululo zokuphepha ezingathi sína, futhi ngaphezu kwakho konke, ukuhlakulela isiko elihle lokuhlanzeka kwe-inthanethi ekhaya nasenkampanini kuyizinto ezibalulekile ezenza umehluko phakathi kokwesaba okulawulwayo kanye nenhlekelele enkulu ekhubaza ngokuphelele umsebenzi.

Isaka

Umbhali oshisekayo ngomhlaba wamabhayithi nobuchwepheshe ngokujwayelekile. Ngiyathanda ukwabelana ngolwazi lwami ngokubhala, futhi yilokho engizokwenza kule bhulogi, ngikubonise zonke izinto ezithakazelisayo kakhulu ngamagajethi, isofthiwe, ihadiwe, izitayela zobuchwepheshe, nokuningi. Inhloso yami ukukusiza ukuthi uzulazule emhlabeni wedijithali ngendlela elula nejabulisayo.