IMicrosoft v. SVR. Kungani umthombo ovulekile kufanele ube yinto ejwayelekile

Diego Germán González

Imizuzu ye-6

IMicrosoft vs. SVR

Kungenzeka kube yinoveli kaTom Clancy evela ochungechungeni lweNetForce, kepha yincwadi ibhalwe nguMongameli weMicrosoft uBrad Smith ngenhlonipho yena nenkampani yakhe. Noma kunjalo, uma umuntu efunda phakathi kwemigqa (okungenani ku ukukhishwa lapho i-portal yayinokufinyelela khona) futhi ihlukanisa ukuzishaya ngemuva nezinti kubancintisana nabo, okusalayo kuthakazelisa kakhulu futhi kuyafundisa. Futhi, ngombono wami othobekile, isampula yezinzuzo zesoftware yamahhala nemodeli yomthombo ovulekile.

Izinhlamvu

Yonke inoveli yezinhloli idinga "umuntu omubi" futhi, kulokhu asinalutho olungaphansi kwe-SVR, enye yezinhlangano ezalandela i-KGB ngemuva kokuwa kwe-USSR. I-SVR isebenza ngayo yonke imisebenzi yezobunhloli eyenziwa ngaphandle komngcele weRussia Federation. "Isisulu esingenacala" kwakuyiSolarWinds, inkampani eyenza isoftware yokuphathwa kwenethiwekhi.Isetshenziswa izinkampani ezinkulu, abaphathi bezingqalasizinda ezibucayi, nezinhlangano zikahulumeni wase-US. Vele siyalidinga iqhawe. Kulokhu, ngokusho kwabo, kunguMnyango Wezobungozi WakwaMicrosoft weMicrosoft.

Kungenzeka kanjani ukuthi kungenjalo, endabeni ye-hacker, i- "bad" ne- "good" ine-alias. I-SVR yi-Yttrium (Yttrium). KwaMicrosoft, basebenzisa izinto ezingajwayelekile etafuleni lezikhathi njengegama lekhodi ukuthola imithombo yezinsongo. UMnyango Wezobunhloli Obusabekayo yiMSTIC ngesifinyezo sayo esiNgisini, yize ngaphakathi bekubiza ngokuthi kuyimfihlakalo (okuyimfihlakalo) ngokufana kwefonethiki. Ngemuva kwalokhu, ukuze kube lula, ngizosebenzisa la magama.

IMicrosoft v. SVR. Amaqiniso

NgoNovemba 30, 2020, iFireEye, enye yezinkampani ezihamba phambili zokuphepha kwamakhompiyutha e-US, ithola ukuthi ibiphule ukuphepha kumaseva ayo. Njengoba bengakwazanga ukuzixazulula ngokwabo (ngiyaxolisa, kodwa angikwazi ukuyeka ukuthi "indlu yensimbi, ummese wokhuni") banqume ukucela usizo kochwepheshe bakwaMicrosoft. Njengoba iMSTIC ibilandela ezinyathelweni zeYttrium, futhiBabesola ngokushesha abaseRussia, nokuxilongwa okwabuye kwaqinisekiswa ngabezobunhloli baseMelika.

Njengoba izinsuku zihamba, ukuhlaselwa kwatholakala ukuthi kukhombe amanethiwekhi we-computer abucayi emhlabeni wonke, kufaka phakathi neMicrosoft uqobo. Ngokwemibiko yabezindaba, uhulumeni wase-United States ngokusobala uyena obekuhloswe ngaye, njengoba uMnyango Wezezimali, uMnyango WezoMbuso, uMnyango Wezohwebo, uMnyango Wezamandla kanye nezingxenye ezithile zePentagon.izinhlangano eziningi ezithintekile ohlwini lwezisulu. Lokhu kubandakanya ezinye izinkampani zobuchwepheshe, osonkontileka bakahulumeni, amathangi okucabanga kanye neyunivesithi. Lokhu kuhlasela akuzange kubhekiswe e-United States kuphela njengoba kuthinte iCanada, i-United Kingdom, iBelgium, iSpain, i-Israel ne-United Arab Emirates. Kwamanye amacala, ukungena enethiwekhi kwaphela izinyanga ezimbalwa.

Imvelaphi

Konke kuqale ngesoftware yokuphathwa kwenethiwekhi ebizwa nge-Orion futhi yathuthukiswa yinkampani ebizwa ngeSolarWinds. Ngaphezulu kwamakhasimende ezinkampani angama-38000 abasezingeni eliphakeme, abahlaseli bekufanele bafake kuphela i-malware kusibuyekezo.

Uma isifakiwe, i-malware exhunywe kulokho okwaziwa ngokusemthethweni njengeseva yomyalo nokulawula (C2). Iseva ye-C2 eKwenzelwe ukuthi kunikezwe imisebenzi yekhompyutha exhunyiwe njengamandla okudlulisa amafayela, ukwenza imiyalo, ukuqala kabusha umshini, nokukhubaza izinsizakalo zohlelo. Ngamanye amagama, abenzeli be-Yttrium bathole ukufinyelela okugcwele kunethiwekhi yalabo ababefake isibuyekezo sohlelo lwe-Orion.

Ngokulandelayo ngizocaphuna isigaba ngokwezwi nezwi esihlokweni sikaSmith

Akuzange kuthathe isikhathi eside ukuthi sibone

ukubaluleka kokusebenzisana kwezobuchwepheshe kuyo yonke imboni nakuhulumeni
kusuka e-United States. Onjiniyela abavela kwaSolarWinds, iFireEye, neMicrosoft baqale ukusebenza ndawonye ngokushesha. Amaqembu eFireEye nawakwaMicrosoft ayazana kahle, kepha iSolarWinds kwakuyinkampani encane ebhekene nenkinga enkulu, futhi amaqembu kwakudingeka akhe ngokushesha ukwethembana uma ezosebenza kahle.
Onjiniyela beSolarWinds babelane ngekhodi yomthombo yokubuyekezwa kwabo namaqembu ezokuphepha ezinye izinkampani ezimbili,
okuveze ikhodi yomthombo ye-malware uqobo. Amathimba obuchwepheshe avela kuhulumeni wase-US aqala ukusebenza ngokushesha, ikakhulukazi e-National Security Agency (NSA) naseCybersecurity and Infrastructure Security Agency (CISA) yoMnyango Wezokuphepha Kwasekhaya.

Okuvelele kungokwami. Lokho kokubambisana nokwabelana ngekhodi yomthombo. Ingabe lokho kuzwakala kuyinto ethile kuwe?

Ngemuva kokuvula umnyango wangemuva, i-malware ibingasebenzi amasonto amabili, ukugwema ukudala okufakwayo kwenethiwekhi okuzokwazisa abaphathi. PNgalesi sikhathi, yathumela imininingwane ngenethiwekhi eyayithelele umyalo nokulawula iseva. abahlaseli ababenabo nomhlinzeki wokusingathwa kweGoDaddy.

Uma okuqukethwe bekuthakazelisa ku-Yttrium, abahlaseli bangena ngomnyango ongemuva futhi bafaka ikhodi eyengeziwe kuseva ehlaselwe ukuxhuma kumyalo wesibili nokulawula iseva. Le seva yesibili, ehlukile kwisisulu ngasinye ukusiza ukugwema ukutholakala, yabhaliswa futhi yabanjelwa esikhungweni sedatha sesibili, imvamisa efwini le-Amazon Web Services (AWS).

IMicrosoft v. SVR. Isimilo

Uma unentshisekelo yokwazi ukuthi amaqhawe ethu awanikeza kanjani ama-villain ilungelo lawo, ezigabeni zokuqala unezixhumanisi zemithombo. Ngizogxumela ngqo kokuthi kungani ngibhala ngalokhu kubhulogi ye-Linux. Ukuxabana kweMicrosoft ne-SVR kukhombisa ukubaluleka kokuthi ikhodi itholakale ukuthi ihlaziywe, nokuthi ulwazi lunye.

Kuyiqiniso, njengoba uchwepheshe ohlonishwayo wezokuphepha kwamakhompiyutha engikhumbuze namhlanje ekuseni, ukuthi akusizi ngalutho ukuthi ikhodi ivuleke uma kungekho muntu onenkinga yokuyihlaziya. Kukhona icala elifakwe Inhliziyo ukufakazela lokho. Kepha, ake siphinde sibuyekeze. Amakhasimende aphezulu angama-38000 abhalisele isoftware ephathelene. Eziningana zazo zifake isibuyekezo se-malware esidalula imininingwane ebucayi futhi sanikeza amandla ezintweni ezinobutha zengqalasizinda ezibucayi. Inkampani ephethe Wenza kuphela ikhodi ukuthi itholakale kochwepheshe lapho wayenamanzi entanyeni yakhe. Uma abadayisi be-software bezingqalasizinda ezibucayi namakhasimende abucayi bebedingeka Ukukhipha isoftware yakho ngamalayisense avulekile, ngoba ukuba nomcwaningi wamakhodi wokuhlala (noma i-ejensi yangaphandle esebenzela abaningana) ubungozi bokuhlaselwa njengeSolarWinds bungaphansi kakhulu.


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Unomthwalo wemfanelo ngedatha: AB Internet Networks 2008 SL
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   Diego Vallejo isimeli somfanekiso kusho
    kwenza iminyaka 3

    Esikhathini esingengakanani esidlule, uM $ usole wonke umuntu osebenzisa isoftware yamahhala yamakhomanisi, njengakwiMcCarthyism embi kakhulu.

    Phendula u-Diego Vallejo