Cyber ​​​​kurwiswa: chii, kuti inoshanda sei, chinangwa uye maitiro ekudzivirira: Murume ari Pakati

Kurwisa kwe cyber ndiko definible sechiito chine hutsinye chinopesana nehurongwa, chishandiso, chishandiso kana chinhu chine chikamu chekombuta. Icho chiitiko chine chinangwa chekuwana bhenefiti kune anorwisa nemubhadharo weakarwiswa.

Kune marudzi akasiyana ekurwiswa kwecyber, ayo anosiyana zvichienderana nezvinangwa zvinofanirwa kuzadzikiswa uye tekinoroji uye mamiriro ezvinhu:

• cyber kurwiswa kudzivirira sisitimu kushanda, 
• izvo zvinonongedza kukanganisa kwehurongwa, 
• kumwe kurwiswa kunonangana nedata remunhu ane system kana kambani,
• cyber-activism kurwiswa mukutsigira zvikonzero kana ruzivo uye mishandirapamwe yekutaurirana
• nezvimwewo ...

Pakati pekurwiswa kwakapararira, munguva pfupi yapfuura, kune kurwiswa kwezvinangwa zvehupfumi uye kurwiswa kwekuyerera kwedata, kunonzi Man-In-The-Middle: kurwiswa kunonangana newebhusaiti yakakurumbira kana dhatabhesi kuba data rezvemari.

Avo vanoita cyber attack, vari voga kana mumapoka, vanodanwa Hacker

Murume-pakati-kurwisa

Murume ari kuMiddle kurwisa kunoitika kana hacker anopindira pakati pekutaurirana kwemutengi uye sevha. Heano mamwe marudzi akajairika ekurwiswa kwemurume-mukati-kati:

Session hijacking

Murudzi urwu rweMunhu muMiddle kurwisa, anorwisa anobira musangano pakati pemutengi akavimbika uye netiweki server. Iyo komputa inorwisa inotsiva iyo IP kero neyemutengi akavimbika, nepo sevha ichienderera mberi nechikamu, ichitenda kuti iri kutaurirana nemutengi. Semuenzaniso, kurwisa kunogona kuenda seizvi:

1. Mutengi anobatana neserver.
2. Komputa yeanorwisa inowana kutonga kwemutengi.
3. Komputa yeanorwisa inobvisa mutengi kubva paseva.
4. Komputa yeanorwisa inotsiva IP kero yemutengi nekero yayo yeIP e
   uye inonyepa kero yeMAC yemutengi.
5. Komputa yeanorwisa inoramba ichitaura neserver uye sevha inotenda kuti ichiri kutaurirana nemutengi chaiye.

IP spoofing

IP spoofing inoshandiswa neanorwisa kuita kuti sisitimu ione kuti iri kutaurirana neanozivikanwa uye anovimbwa naye uye nekudaro inopa anorwisa mukana wekuwana sisitimu. Anorwisa anotumira pakiti ine kwainotangira IP kero yeanozivikanwa uye anovimbwa anotambira pachinzvimbo cheyake sosi yeIP kero kune kwainotambira. Muridzi wekwaaienda anogona kugamuchira pakiti obva aita zvinoenderana, achimupa mukana.

Replay

Kurwiswa kwekudzokorora kunoitika kana munhu anorwisa abata nekuchengetedza mameseji ekare oedza kutumira gare gare, achitevedzera mumwe wevatori vechikamu. Mhando iyi inogona kuverengerwa zviri nyore nesesheni timestamps kana a nuncio (nhamba isina kurongeka kana tambo inochinja nekufamba kwenguva).

Parizvino, hapana tekinoroji imwechete kana gadziriso yekudzivirira ese Munhu muMiddle kurwisa. Kazhinji, encryption uye zvitupa zvedhijitari zvinopa chengetedzo inoshanda kubva kuMunhu muMiddle kurwisa, kuve nechokwadi chese kuvanzika uye kuvimbika kwekutaurirana. Asi murume-mu-pakati-anorwisa anogona zvakare kubaiwa mukati mekutaurirana nenzira yekuti hapana kana cryptography inogona kubatsira - semuenzaniso, anorwisa "A" anobata kiyi yeruzhinji yemunhu "P" uye anoitsiva nayo. kiyi yako yeruzhinji. Nekudaro, chero munhu anoda kutumira meseji yakavharidzirwa kuna P achishandisa kiyi yeruzhinji yaP ari kushandisa kiyi yeruzhinji yaA asingazivi. Naizvozvo, A anogona kuverenga meseji yakanangana naP uye ozotumira meseji yacho kuna P, yakavharidzirwa nekiyi yeruzhinji yaP. uye P haazombo cherechedza kuti meseji yakakanganiswa. Uyezve, A anogonawo kugadzirisa meseji asati aidzosera kuP. Sezvauri kuona, P ari kushandisa encryption uye anofunga kuti ruzivo rwake rwakachengeteka asi kwete, nekuda kweMurume ari kuMiddle kurwisa.

Saka ungave sei nechokwadi chekuti P's public key ndeyaP kwete yaA? Zviremera zveSitifiketi uye mabasa ehashi akagadzirwa kugadzirisa dambudziko iri. Kana munhu 2 (P2) achida kutumira meseji kuna P, uye P achida kuve nechokwadi chekuti A haazoverenge kana kushandura meseji uye kuti meseji yacho iri kubva kuP2, nzira inotevera inofanira kushandiswa:

1. P2 inogadzira symmetric kiyi uye inoinyorera nekiyi yeruzhinji yeP.
2. P2 inotumira iyo encrypted symmetric kiyi kuP.
3. P2 inoverengera hashi yemeseji uye inoisaina.
4. P2 inonyora meseji yayo uye hashi yakasainwa yemeseji uchishandisa kiyi yesymmetric uye inotumira kuP.
5. P anokwanisa kugashira kiyi yesymmetric kubva kuP2 nekuti ndiye chete ane kiyi yakavanzika yekubvisa encryption.
6. P, uye P chete, inogona kudhibha meseji yakavharidzirwa uye hashi yakasainwa nekuti ine kiyi yesymmetric.
7. Iyo inokwanisa kuona kuti meseji haina kushandurwa nekuti inogona kuverenga hashi yemeseji yakagamuchirwa uye kuienzanisa neyasainwa nedigital.
8. P inokwanisawo kuzviratidza kuti P2 ndiye akatumira nekuti P2 chete ndiyo inogona kusaina hashi kuitira kuti isimbiswe nekiyi yeruzhinji yeP2.

Malware uye Munhu Pakati

Zvinokwanisika kutanga kurwisa uchishandisa malware; mune technical jargon tinotaura nezvekurwisa "murume ari mubrowser"Nekuti anorwisa kuburikidza nehutachiona anokanganisa software yekubhurawuza pawebhu.

Nguva imwe yakakanganisa browser, murwi anogona shandura peji rewebhu kuratidza chimwe chinhu chakasiyana nesaiti yepakutanga.

Inogonawo kubira vanhu vasina rombo rakanaka pamawebhusaiti emanyepo, ayo anoteedzera mapeji ekubhengi kana enhau, semuenzaniso, kutora makiyi ekuwana ... fungidzira zvimwe!

Ngatitorei trojan semuenzaniso spyye, inoshandiswa se keylogger kuba zvitupa zvewebhusaiti. spyye Yakagadzirwa muRussia muna 2009, yakave yakakurumbira kuburikidza nebrowser extensions Google Chrome, Firefox, Internet Explorer uye Opera.

Gadzira fake Access Point

Rudzi rwekupedzisira rwekurwisa (runogona kuita serusina basa), zvisinei, ndirwo rwunogara ruchishanda. Zvinosanganisira kugadzira yekunyepedzera Access Point (ine zita rakafanana asi risiri rakafanana nerepamutemo), nekudaro kugadzira a bhiriji pakati pemushandisi uye router yeWi-Fi network.

Akati saka zvinoita sezvisinganzwisisike uye zvidiki, panzvimbo iyoyo vanhu vanenge vachingogara vachizviwana uye vanobatana nebogus Access Point yakagadzirwa neanorwisa, nekudaro achivhura magonhi emudziyo wake.

Session cookie hijacking

Imwe mhando yeMunhu muMiddle kurwisa inoitika apo matsotsi anoba macode snippets anogadzirwa nebrowser yako kuti abatanidze kune akasiyana mawebhusaiti. Muchiitiko ichi tinotaura nezvekubiwa kwekiki.

Aya macode snippets, kana maseshini makuki, anogona kuve nezviuru zveruzivo rwakakosha rwemunhu: mazita ekushandisa, mapassword, mafomu akafanozadzwa, zviitiko zvepamhepo, uye kunyangwe kero yako yepanyama. Kana yangove neruzivo rwese urwu, hacker inogona kuishandisa nenzira isingaverengeki yenzira (hapana imwe yayo yakanaka), sekutevedzera iwe pamhepo, kuwana data rezvemari, kuronga hutsotsi uye kuba nekushandisa chitupa chako uye nezvimwe.

Kana watambura nekurwiswa uye uchida kudzoreredza kushanda kwakajairika, kana iwe uchingoda kuona zvakajeka uye kunzwisisa zviri nani, kana uchida kudzivirira: nyorera kwatiri rda@hrcsrl.it. 

Iwe unogona kufarira yedu post paMalware kurwisa ->

Murume-pakati-anorwisa anoshanda sei?

Murume ari kuMiddle kurwisa ane zvikamu zviviri:

Chikamu chekutanga: kuvharira

Chekutanga chinodiwa kune murume-mukati-yepakati-anorwisa ndechekubata yako Internet traffic isati yasvika kwairi kuenda. Pane nzira shoma dzeizvi:

• IP Spoofing: Kufanana nechikwata chemakororo chiri kushandisa marezinesi emanyepo kumotokari inoshandiswa kutiza, neInternet Protocol (IP) kero spoofing, matsotsi anonyepa kwainobva data ravanotumira kukombiyuta yako nekuriita sezviri pamutemo uye rinovimbwa. 
• ARP Spoofing: Iyo inonziwo hutachiona hweARP kana hutsinye hweARP meseji nzira, iyi nzira yeMITM inobvumira matsotsi kutumira meseji yekunyepedzera Kero Resolution Protocol (ARP)
• Spoofing DNS: inomirira Domain Name System uye inzira yekushandura mazita eInternet domain kubva kureba uye isinga taurike manhamba IP kero kuenda kune intuitive uye nyore kukanganwika kero.

Danho rechipiri: decryption

Mushure mekutora webhu traffic yako, hackers vanofanirwa kuibvisa. Heano mamwe eanonyanya kushandiswa decryption nzira dzeMITM kurwisa:

• HTTPS spoofing
• BEASTSSL
• SSL kubiwa
• SSL Strip

Kana watambura nekurwiswa uye uchida kudzoreredza kushanda kwakajairika, kana iwe uchingoda kuona zvakajeka uye kunzwisisa zviri nani, kana uchida kudzivirira: nyorera kwatiri rda@hrcsrl.it. 

Iwe unogona kufarira yedu post paMalware kurwisa ->

Man-in-the-pakati kurwisa kudzivirira

Nepo Murume ari kuMiddle kurwiswa kungangoita njodzi, unogona kuita zvakawanda kuvadzivirira nekudzikisa njodzi uye nekuchengeta data rako, mari uye ... chiremerera chakachengeteka.

Gara uchishandisa VPN

Zvichitaurwa zviri nyore, VPN chirongwa kana app inovanza, encrypts, uye masks ese ehupenyu hwako hwepamhepo, senge email, chat, kutsvaga, kubhadhara, uye kunyange nzvimbo yako. VPNs inokubatsira kudzivirira Munhu muMiddle kurwisa uye chengetedza chero Wi-Fi network nekuvharira yako yese internet traffic uye kuishandura kuita gibberish uye isingawanikwe kune chero munhu anoedza kukusora.

Wana antivirus yakanaka

Iwe unofanirwa kuwana inoshanda uye yakavimbika antivirus software
Kana bhajeti yako yakaoma, unogona kuwana akawanda emahara antivirus online

KUCHENGETEKA KWEZVINHU

Ndiyo nzira yakakosha yekuyera iyo kambani yako ikozvino nhanho yekuchengetedza.
Kuti uite izvi, zvinodikanwa kuti ubatanidze yakanyatsogadzirirwa Cyber ​​​​Team, inokwanisa kuita ongororo yemamiriro ekambani maererano nekuchengetedzwa kweIT.
Ongororo iyi inogona kuitwa synchronously, kuburikidza nekubvunzurudza kunoitwa neCyber ​​​​Team kana
zvakare asynchronous, nekuzadza mubvunzo online.

Tinogona kukubatsira, kubata nyanzvi dzeHRC srl nekunyorera ku rda@hrcsrl.it.

KUZIVISA KWEKUCHENGETEKA: ziva muvengi

Kupfuura 90% yehacker kurwiswa kunotanga nekuita kwevashandi.
Kuziva ndicho chombo chekutanga kurwisa njodzi yecyber.

Aya ndiwo maitiro atinoita "Kuziva", tinogona kukubatsira, kubata nyanzvi dzeHRC srl nekunyorera ku rda@hrcsrl.it.

MANAGED DETECTION & RESPONSE (MDR): proactive endpoint dziviriro

Data yemakambani ndeyekukosha kukuru kune cybercriminals, ndosaka magumo nemaseva zvakanangwa. Zvakaoma kugadziriso dzechinyakare dzekuchengetedza kurwisa kutyisidzira kuri kubuda. MaCybercriminals anonzvenga zvidziviriro zveantivirus, achitora mukana wekutadza kwezvikwata zveIT zvemakambani kutarisa nekugadzirisa zviitiko zvekuchengetedza nguva nenguva.

NeMDR yedu tinogona kukubatsira, bata nyanzvi dzeHRC srl nekunyorera ku rda@hrcsrl.it.

MDR inzira ine hungwaru inotarisisa network traffic uye inoongorora maitiro
inoshanda sisitimu, kuona zvinofungirwa uye zvisingadiwe chiitiko.
Ruzivo urwu rwunopfuudzwa kuSOC (Security Operation Center), rabhoritari inotungamirwa na
cybersecurity analysts, vane iwo makuru cybersecurity certification.
Muchiitiko cheanomaly, iyo SOC, ine 24/7 inotungamirwa sevhisi, inogona kupindira pamatanho akasiyana ekuomarara, kubva pakutumira email yambiro kusvika pakuparadzanisa mutengi kubva kunetiweki.
Izvi zvichabatsira kudzivirira zvinogona kutyisidzira mubud uye kudzivirira kukuvara kusingagadzirike.

SECURITY WEB MONITORING: kuongororwa kweDARK WEB

Iyo yakasviba dandemutande inoreva zviri mukati meWorld Wide Web mumaneti akasvibira anogona kusvikwa kuburikidza neInternet kuburikidza nesoftware chaiyo, zvigadziriso uye masvikiro.
Neyedu Chengetedzo Yewebhu Monitoring isu tinokwanisa kudzivirira uye kuve ne cyber kurwiswa, kutanga kubva pakuongorora kwekambani domain (semuenzaniso: ilwebcreativo.it ) uye kero ye-e-mail yega.

Bata nesu nekunyorera ku rda@hrcsrl.it, tinogona kugadzirira chirongwa chekugadzirisa kuparadzanisa kutyisidzira, kudzivirira kupararira kwayo, uye defitinotora matanho anodiwa ekugadzirisa. Iyo sevhisi inopiwa 24/XNUMX kubva kuItaly

CYBERDRIVE: yakachengeteka application yekugovana uye kugadzirisa mafaera

CyberDrive ndeye gore faira maneja ane yakakwirira chengetedzo zviyero nekuda kwekuzvimiririra encryption yemafaira ese. Ita shuwa kuchengetedzeka kwedata remakambani uchishanda mugore uye kugovera uye kugadzirisa magwaro nevamwe vashandisi. Kana iyo yekubatanidza ikarasika, hapana data inochengetwa paPC yemushandisi. CyberDrive inodzivirira mafaera kuti asarasikike nekuda kwekukuvadzwa netsaona kana kuburitswa nekuba, kungave kwepanyama kana kwedhijitari.

"THE Cube": mhinduro yekuchinja

Iyo diki uye ine simba kwazvo mu-a-bhokisi datacenter inopa komputa simba uye dziviriro kubva mukukuvara kwemuviri uye zvine musoro. Yakagadzirirwa data management mumucheto uye robo nharaunda, nzvimbo dzekutengesa, mahofisi ehunyanzvi, mahofisi ari kure uye mabhizinesi madiki uko nzvimbo, mutengo uye simba rekushandisa zvakakosha. Izvo hazvidi data nzvimbo uye rack makabati. Inogona kuiswa mumhando ipi neipi yenzvimbo nekuda kwekukanganisa kweaesthetics inoenderana nenzvimbo dzebasa. "The Cube" inoisa bhizinesi software tekinoroji pabasa remabhizinesi madiki uye epakati nepakati.

Bata nesu nekunyorera ku rda@hrcsrl.it.

Iwe unogona kunge uchifarira murume wedu muMiddle post

Ercole Palmeri: Innovation yakapindwa muropa

[yekupedzisira_post_list id=”12982″]