Sophos, inkokeli yehlabathi kwisizukulwana esilandelayo se-cybersecurity, epapashwe namhlanje "Incwadi yokudlala yoMchasi osebenzayo ka-2022 ", il report che riassume i comportamenti cybercriminali osservati sul campo dal team Rapid Response di Sophos nel corso del 2021.
Idatha evele kuphando ibonisa a Ukunyuka kwe-36% kwixesha abaphuli-mthetho be-cyber bahlala ngaphakathi kweenkqubo ezichaphazelekayo ngo-2021 nomndilili weentsuku ezili-15 xa kuthelekiswa ne-11 ngo-2020.
Ingxelo ikwaqaqambisa ifuthe lobuthathaka beProxyShell ngaphakathi kweMicrosoft Exchange, leyo uSophos akholelwa ukuba ixhatshazwa ngabathile abaQalayo boFikelelo lweeBroker (IABs) ukophula uthungelwano kwaye baphinde bathengise ukufikelela kwabo kwabanye.
“Ilizwe lolwaphulo-mthetho kwi-intanethi liye lahluka ngendlela emangalisayo kwaye likhethekile. I I-Broker yoFikelelo lokuqala (ezibonelela ishishini lolwaphulo-mthetho lwe-cyber ukufikelela kwiinkqubo ze-IT ezihlangeneyo) baphuhlise ishishini lokwenyani elingena ekujoliswe kuko, liphonononga imeko-bume yalo ye-IT okanye lifakele ucango olungemva, lize liphinde lithengise ukufikelela kumaqela emigulukudu ajongene nalo. ransomware uyachaza uJohn Shier, umcebisi omkhulu wezokhuseleko eSophos. “Kule meko iguqukayo nekhethekileyo, kunokuba nzima kwiinkampani ukugcina isantya sokuvela kwezixhobo kunye neendlela ezisetyenziswa ngabaphulimthetho be-cyber. Kubalulekile ukuba umkhuseli azi ukuba ajonge ntoni kwinqanaba ngalinye lokulandelelana kohlaselo, ukuze bakwazi ukubona kwaye banciphise iinzame zokwaphula ngokukhawuleza kangangoko kunokwenzeka ”.
“Abaphuli-mthetho be-intanethi babeka ixabiso elikhulu kwiinkampani ezinkulu, ngoko bayakhuthazeka ngakumbi ukuba bangene, benze oko bafanele bakwenze, baze baphume. Iinkampani ezincinci zinexabiso eliphantsi lokuqondwa 'kwexabiso', ukuze abahlaseli bakwazi ukuhlala ngaphakathi kwinethiwekhi ixesha elide. Kwakhona kunokwenzeka ukuba kwezi meko abahlaseli abanamava amancinci kwaye ngoko ke bathathe ixesha elide lokuqonda ukuba benze ntoni kanye ngaphakathi kwinethiwekhi. Amashishini amancinci nawo ngokubanzi abonakale kancinci kulandelelwano lohlaselo kwaye ngenxa yoko abe nexesha elinzima lokufumanisa kunye nokunciphisa ulwaphulo-mthetho, ngaloo ndlela bandisa ubukho babaphuli-mthetho, ”utshilo uShier. “Ngamathuba avela kubuthathaka obungasonjululwanga beProxyLogon kunye neProxyShell kunye nokusasazeka kwe-Intial Access Brokers, siya sijonga ngakumbi abahlaseli abaninzi kwixhoba elinye. Ukuba kukho izaphuli-mthetho ezininzi kuthungelwano, ngamnye kubo uya kufuna ukwenza ngokukhawuleza kangangoko anako ukubetha ukhuphiswano ngexesha ”.
"Iimpawu ezimele zilumkise abaphathi bezokhuseleko ze-IT ziquka ukufunyanwa kwesixhobo, ukudibanisa izixhobo okanye imisebenzi kwindawo engalindelekanga kwinethiwekhi okanye ngexesha elingalindelekanga," kuchaza uShier. “Kufanelekile ukukhumbula ukuba kusenokubakho amaxesha okwenziwa kancinci okanye kungabikho nto, kodwa oko akuthethi ukuba inkampani ayikagezelwanga. Kusenokwenzeka, ngokomzekelo, uninzi lokunyhashwa kweProxyLogon okanye iProxyShell kunoko kwaziwa ngoku, apho amaqokobhe ewebhu kunye neecango ezingemva zifakelwe ukufumana ufikelelo oluzingileyo kwaye ngoku ezihlala zingasebenzi de ukufikelela kusetyenziswe okanye kuthengiswe kwakhona kwabanye. Iipetshi kufuneka zisetyenziswe ukulungisa iimpazamo ezibalulekileyo, ngakumbi kwisoftware eyaziwayo kwaye, njengento ephambili, yomeleza ukhuseleko lweenkonzo zokufikelela kude. Kude kube iindawo zokungena eziveziweyo zivaliwe kwaye yonke into eyenziwe ngabahlaseli ukuseka nokugcina ukufikelela isusiwe, nabani na uya kukwazi ukungena kunye nabo, kwaye mhlawumbi uya ”.
Awona macandelo amelweyo ngamashishini (17%), ukuthengisa (14%), ukhathalelo lwempilo (13%), IT (9%), ulwakhiwo (8%) kunye nesikolo (6%).
Injongo yengxelo yeSophos kukunceda abaphathi be-cybersecurity baqonde ukuba benza ntoni abachasi babo ngexesha lokuhlaselwa kunye nendlela yokufumanisa nokuzikhusela kwimisebenzi engalunganga ejikeleza kwinethiwekhi. Ukufumana ulwazi oluthe kratya malunga nokuziphatha, izixhobo kunye nobuchule be-cybercriminal, bona iSophos Active Adversary Playbook 2022 kwiSophos News.
Icandelo lomkhosi wasemanzini ligunya lokwenyani loqoqosho lwehlabathi, elithe lajonga kwimarike ye-150 yeebhiliyoni...
NgoMvulo ophelileyo, i-Financial Times ibhengeze isivumelwano kunye ne-OpenAI. I-FT ikhupha iilayisensi kubuntatheli bayo obukumgangatho wehlabathi…
Izigidi zabantu zihlawula iinkonzo zokusasaza, zihlawula umrhumo wenyanga. Luluvo oluqhelekileyo ukuba…
I-Coveware nguVeeam iya kuqhubeka nokubonelela ngeenkonzo zokuphendula ngeziganeko zokuxhwilwa kwe-cyber. I-Coveware iya kubonelela nge-forensics kunye nezakhono zokulungisa…