Ubungozi be-Cybersecurity: izinhlobo, izibonelo, kanye nendlela yokubunciphisa

  • Khomba futhi ulungise ubungozi ngamapeshi, ukuqina, nokuhlola ngezikhathi ezithile ukuze unciphise indawo yokuhlasela.
  • Beka kuqala izilawuli ekuqinisekiseni okokufaka, ukumisa nokufinyelela (RBAC/ABAC, MFA, PAM).
  • Ihlanganisa ubuchwepheshe, izinqubo, nokuqeqeshwa ukuze kuncishiswe izici zabantu kanye nama-API adaluliwe.
Alicia Tomero

Imizuzu ye-10

ubungozi be-cybersecurity

Izinhlangano zihlala nsuku zonke ubuthakathaka bezobuchwepheshe nokusebenza okuthi uma ingalawuleki ingavula umnyango wezigameko ezibucayi. Ukuba sengcupheni akukhona ukuhlasela ngokwakho, kodwa kunalokho kuwukuphulwa: ucezu lwesofthiwe olungavaliwe, ukungalungiseki kahle, noma inqubo eshiya izikhala lapho omunye umuntu engase angene futhi adale umonakalo.

Kuze kube umuntu osizakala ngakho, Ukuba sengozini ingozi engaba khonaKwesinye isikhathi ukuxhashazwa kwayo kwenziwa ngamabomu (izigebengu ze-inthanethi), futhi ngezinye izikhathi kungase kuqaliswe ngephutha ukusetshenziswa okungahlosiwe, okubangela ukuphela kwesevisi, ukulahleka kwedatha, noma ukuphulwa okunomthelela esithunzini kanye nezomnotho.

Ukuthi ubungozi butholwa futhi buphathwe kanjani

Ubuthakathaka buvela ngezindlela ezimbili: ukuhlolwa kokuphepha okusebenzayo (ukuskena, ukuhlaziya ukuba sengozini, nokuhlola) noma ngenxa yokuthi umhlaseli uyakusebenzisa emhlabeni wangempela. Lapho zisheshe zitholwa, ziyancipha izindleko zokuzilungisa kanye nomthelela wazo wehla.

Amaqembu ezokuphepha asebenzisana ne-IT kanye nentuthuko ukuze patch, buyekeza, futhi qina ukufinyelela izilawuli, ukumisa, nokuqapha. Le ndlela ihambisana ne-DevSecOps kanye nendlela ethi "shift-left": ukuhlanganisa ukuphepha kusukela ekuqaleni komjikelezo wokuphila wesofthiwe ukuvimbela kunokuba usabele nje.

Ukuba khona kochwepheshe be-cybersecurity kuyisinqumo ukunciphisa indawo yokuhlasela, vala izikhala futhi ukhuphule izinga lokuvikelwa kwezinhlelo namanethiwekhi.

Izinhlobo ezivame kakhulu zokuba sengozini

Ubuthakathaka bezokuphepha bufika ngezindlela eziningi. Ngezansi kuhlanganiswe futhi kuchazwe ezivame kakhulu, kanye nomthelela wazo kanye nezindlela ezisebenzayo zokuzinciphisa. ukwandisa ukuqina yendawo yakho.

Amaphutha ekuphathweni kwezisetshenziswa

Kwenzeka lapho isicelo noma ingqalasizinda ingalawuli kahle inkumbulo, CPU, isitoreji noma concurrencyUmphumela ungasukela ekunciphiseni kuya ekuqedeni ukuphahlazeka (DoS/DDoS) uma ukugeleza kwezicelo noma izinqubo kukhuphuka ngaphandle kwemikhawulo.

Ama-API angenamingcele ngomsebenzisi ngamunye, izinqubo ngaphandle kwesikhathi, ukulayishwa kwefayela okungenamkhawulo noma ukuvuza kwenkumbulo kuyizimo zokukhathala zakudala umhlaseli angaphoqelela ukuba ehlise izinsizakalo futhi athinte bonke abasebenzisi.

  • Imikhawulo yezilinganiso nezinkokhelo ngomsebenzisi/IP.
  • Lungiselela ukuphela kwesikhathi kanye nokwesulwa kwemisebenzi emide.
  • Ihlanganisa imithwalo esindayo phakathi abasebenzi noma iziqukathi eyedwa.
  • Gada ukusetshenziswa kwesikhathi sangempela CPU, RAM kanye I/O.
  • Iyaqinisekisa kanye nemikhawulo usayizi nefomethi kusukela kunoma yikuphi ukungena.

Ubungozi be-Cybersecurity

Amaphutha okumisa

Yizona zimbangela ezivame kakhulu zokuchayeka ngokuzenzakalelayo ngoba azincikile kukhodi, kodwa ku izinqumo ngesikhathi sokuthunyelwaUkufinyelela okungakhawulelwe kumaphaneli okuphatha, izinkomba zohla lwemibhalo ezinikwe amandla, imithetho exegayo ye-firewall, noma izinsizakalo ezingadingekile ezivulayo kwandisa ubungozi.

  • Sebenzisa umgomo we ivikelekile ngokuzenzakalelayo.
  • Hlola ngokuqhubekayo umbukiso wenkonzo kanye nemithetho yenethiwekhi.
  • Ikhawulela ukufinyelela kwangaphakathi ngokuthi I-VPN, uhlu lwe-IP, ne-WAF.
  • Yenza kungasebenzi ukulungisa amaphutha noma izindawo zokuhlola ekukhiqizeni.
  • Ukuqinisekisa okuzenzakalelayo nge Amabhentshimakhi nezinqubomgomo ze-IaC.

Isici somuntu

Isixhumanisi somuntu sisaxhashazwa kakhulu: amaphasiwedi abuthakathaka noma asetshenziswe kabusha, izifakazelo ezingahoxisiwe, amafayela omsuka ongabazisayo, noma ukungazi ngobugebengu bokweba imininingwane ebucayi kuvula umnyango wokufinyelela okungagunyaziwe.

Kumhlaseli, ukukhohlisa umuntu kuvame ukwenza inzuzo enkulu kunokwephula ukubethela okuqinile: nge-imeyili ekholisayo, bangathola okhiye, amadivaysi noma izinguquko Yokucushwa.

  • Izimila MFA, ukushintsha iphasiwedi kanye nabaphathi bezinkampani.
  • Yenza ukuqeqeshwa kanye nokuzivocavoca ngezikhathi ezithile yobunjiniyela bezenhlalakahle.
  • Yenza kusebenze ukutholwa kwe ukuziphatha okungavamile kanye nezixwayiso.

ukuqinisekiswa kokufaka

Ukuqinisekisa okokufaka kubalulekile: konke okokufaka kwangaphandle (amafomu, izihloko, imingcele ye-URL, nama-API) kufanele kuhambisane nohlobo olulindelekile, ubude, nefomethi. Uma lokhu kulawula kuxega, kuvula umnyango wokujova nokwenza okuqukethwe okungafunwa.

Amaphutha ajwayelekile afaka umjovo wombuzo, i-XSS, ukwenza umyalo, kanye i-deserialization engaphephileInkambu elula engaqinisekisiwe ingaphazamisa ukuqondanisa kokuqinisekisa uma yamukela amayunithi ezinhlamvu aklanyelwe ukukhohlisa imibuzo.

  • Usa abelungu kanye nemithetho eqinile ngokomongo.
  • Qasha ukubhala ngekhodi kwesimo kanye nokukhucululwa kwendle (HTML, JSON, SQL, XML).
  • Isebenza ne- imibuzo yepharamitha kanye nama-ORM avikelekile.
  • Isebenza ku iklayenti kanye neseva ngezinqubomgomo ezingaguquki.
  • Imikhawulo ngokuqinile usayizi nezinhlobo kuvunyelwe.

Ukunqamula kohla lwemibhalo

Iqukethe ukukhohlisa izindlela ezihambisanayo zokufinyelela amafayela angaphandle kobubanzi obuhlosiweLokhu ngokuvamile kwenzeka lapho imizila etholwe kuklayenti ihlanganiswa ngaphandle kokuyenza ibe evamile noma ukuhlola ubulungu balo ohlwini oluvunyelwe.

Ngokufaka ukulandelana kwe-backspace endleleni, umhlaseli angazama ukufinyelela amafayela esistimu abucayi noma ukulungiselelwa kwangaphakathi, okunomthelela obalulekile idatha, izimfihlo namalungelo.

  • Ungayixhumi imizila okokufaka komsebenzisi.
  • Ikhawulela ukufinyelela ku izinkomba ezivunyelwe ngokusobala.
  • Ijwayela futhi iqinisekise imizila ngemisebenzi uhlaka oluvikelekile.
  • Gijimani nge izimvume ezincane ukukhawulela ububanzi.

Ubungozi be-Cybersecurity

Izimvume nokulawula ukufinyelela

Ukulawula okungalungile kuvumela abasebenzisi ukuthi benze izenzo ezinjalo azihambelani nazoLe nkinga (I-Broken Access Control) iphezulu ohlwini ngokomthelela kanye nemvamisa.

Izibonakalisa njengokufinyelela okuvundlile (ukubuka idatha yomunye umsebenzisi), mpo (izenzo zokuphatha ngaphandle kokuba umlawuli) noma ukukhuphuka kwamalungelo ngenxa yamaphutha ezindima noma ukuqinisekiswa kwamathokheni.

  • Faka isicelo se- ubuncane belungelo kanye nokuhlukaniswa ngemisebenzi.
  • Yenza ukuhlolwa kwemvume kuseva.
  • Isebenzisa i-RBAC/ABAC kanye nokuhlolwa kwamabhuku imizila kanye nemingcele.
  • Hlola mathupha izimo ezivundlile neziqondile.

Okunye ukukhubazeka okubalulekile

  • Umjovo wekhodi: uma idatha yomsebenzisi ingcoliswa imiyalelo esebenzisekayo, kungenzeka ukukhohlisa isizindalwazi noma ukwenza izenzo ezingagunyaziwe.
  • Ukungavikeleki ekwakhiweni: izinqumo zezakhiwo ngaphandle kwezilawuli zokuphepha kusukela ekuqaleni zikhiqiza ukugeleza kwebhizinisi okuntekenteke kanye nokwethembana okugcwele phakathi kwezingxenye.
  • Ukuphathwa kweseshini okungalungile: amathokheni akhiqizwa kabi, amaseshini angaphelelwa yisikhathi noma ukuvalwa okufanele kuvumela ukudunwa kweseshini.
  • Ukuvuza kolwazi: idatha ebucayi ngaphakathi imilayezo yephutha, izihloko, imizila noma izingodo Zisetshenziselwa ukuqashelwa kwesistimu.
  • Ama-API Aveziwe: ukuxhumana ngaphandle kokuqinisekisa okuqinile noma kubhalwe kabi ezingaphandle kwezilawuli ezifanayo njengewebhusayithi eyinhloko.

Izigaba eziwusizo nezigaba

In practice kulula ukubala ubuthakathaka ukuze ukubeka eqhulwini isinqumo sawoLezi yizigaba eziyisishiyagalombili ezijwayelekile ezindaweni zamabhizinisi zanamuhla.

  • Usuku zero: Iphutha elingaziwa kumenzi futhi alikho ipheshana elitholakalayo. Inikeza abahlaseli inzuzo yesikhashana.
  • Ukwenziwa Kwekhodi Ekude (RCE): ivumela ikhodi ukuthi isetshenziswe kusistimu ethintekile bese intshontsha idatha noma ikhiphe uhlelo olungayilungele ikhompuyutha.
  • Ukungahlanzeki kahle kwedatha: Okokufaka okungaqinisekisiwe okunika amandla imijovo nokuchichima.
  • Isofthiwe enganamathiselwe: izinguqulo eziphelelwe yisikhathi ezigcina ubungozi obaziwayo.
  • Ukufinyelela ngokweqile: izimvume namalungelo ngaphezu kwalokho okudingekayo kusisebenzi noma ama-akhawunti ezinkampani zangaphandle.
  • ukumisa kabi: izinketho ezizenzakalelayo ezingavikelekile noma ukuthunyelwa okungaqinile, ikakhulukazi ku ifu.
  • Ukwebiwa kwemininingwane: Ubugebengu bokweba imininingwane ebucayi, uhlelo olungayilungele ikhompuyutha, noma ukufaka imininingwane ngemininingwane kuvumela ukuzenza ongeyena kwama-akhawunti asemthethweni.
  • Vulnerable APIs: izindawo zokugcina ezinezilawuli ezingezinhle noma ukuchayeka okungadingekile kwe core yebhizinisi.

Ubungozi obujwayelekile kumawebhusayithi

Endaweni yewebhu, amaphethini avelayo avela okufanele kubhekwane nawo emsukeni ukuthuthukiswa okuhle kanye nezinqubo zokusebenza.

  • Umjovo we-SQL: Ukukhohlisa kombuzo kusetshenziswa idatha engenamapharamitha. Nciphisa ngemibuzo elungisiwe, ukuqinisekiswa okuqinile, namalungelo amancane esizindalwazi.
  • I-XSS: Umjovo weskripthi esipheqululini sesisulu. Yehlisa ubungozi ngokubaleka okufanele, i-CSP, nokuqinisekisa okokufaka.
  • I-CSRF: Izicelo eziphoqelelwe ezivela kusiphequluli somsebenzisi esigunyaziwe. Ivikela ngamathokheni aphikisana ne-CSRF nokuqinisekiswa komsuka.
  • Ibhafa iyachichima: Ibhala okweqa imikhawulo yenkumbulo ezintweni zomdabu. Vimbela ngemikhawulo eqinile, izilimi eziphephile, nokuvikela uhlelo.
  • Ukuqinisekisa okubuthakathaka/ukuphathwa kweseshini: Amagama ayimfihlo angalungile, isitoreji esingavikelekile, namaseshini angaphelelwa yisikhathi. Qinisa nge-MFA, i-hashing enamandla, nokuvala shaqa okufanele.
  • Ukungabi namapheshanaI-CMS ephelelwe yisikhathi, ama-plugin, namalabhulali. Gcina i-inventory futhi usebenzise izibuyekezo ngokushesha.
  • Ukufinyelela kumafayela/izinkomba Okungagunyaziwe: Izimvume ezingalungile noma ukuqinisekiswa okungekho. Hlukanisa izindawo ezibucayi futhi uqinisekise okulayishiwe.
  • Izilungiselelo zeseva Okungavikelekile: uhlu lwemibhalo, amathuluzi omlawuli adaluliwe. Khubaza ngokuzenzakalela futhi usebenzise isayithi lonke le-HTTPS.
  • I-HTTP esikhundleni se-HTTPS: Ithrafikhi engabetheliwe isengozini ye-MitM. Iphoqelela i-TLS, i-HSTS, nezitifiketi ezivumelekile.
  • Amandla brute: Imizamo yokungena ngobuningi. Khawulela imizamo, sebenzisa izikhiya zesikhashana, ama-CAPTCHA, kanye ne-MFA.

Umehluko: impahla, usongo, ubungozi kanye nobungozi

Impahla yilokho okuvikelayo (abantu, amasistimu, idatha, noma isithunzi); usongo yilokho okungalimaza; ubungozi ubuthakathaka obuvumelayo; futhi ingozi ivela lapho usongo lusizakala ngokuba sengozini kwempahla ethile.

Ungase ube sengozini, kodwa uma zingekho izinsongo ezisebenzayo ubungozi buphansi (yize ku-inthanethi, izinsongo njalo futhi yonke indawo). Ukulawulwa kobungozi kudinga ukuhlolwa ngezikhathi ezithile kanye nezinhlelo zokwelashwa.

Izinhlobo zezinsongo

  • Ngokwemvelo: izinhlekelele noma izingozi ezingaphezu kwamandla akho.
  • Ngokungahlosile: amaphutha abantu aveza ulwazi.
  • Ngenhloso: izenzo ezinonya zabalingisi abasabisayo.

Iphanorama yezinsongo nokuhlasela okuvamile

Ukwazi ukuhlaselwa okuvamile kuyasiza qondisa izivikelo futhi izilawuli zibekwe eqhulwini.

  • I-DoS/DDoS
  • Umuntu-phakathi-phakathi (MitM) kanye ne-MitB
  • Ukuzenza ongeyena (ubugebengu bokweba imininingwane ebucayi, ubugebengu bokweba imininingwane ebucayi, ubugebengu bokweba imininingwane ebucayi, ukugebenga, ukugebenga, ukushushuluza)
  • ransomware
  • Ukuhlaselwa kwephasiwedi kanye namandla anonya
  • Umjovo we-SQL
  • Ukukhohlisa/Ukuhunyushwa kwe-URL
  • I-DNS Spoofing
  • Ukudunwa kweseshini
  • Ukuhlaselwa kwewebhu (XSS, RCE)
  • Izinsongo zangaphakathi
  • I-Trojans kanye neRAT
  • Dlula ngemoto
  • I-wiretapping engekho emthethweni
  • Ukuhlasela Kosuku Lokuzalwa
  • I-Malware ngokujwayelekile (i-spyware, i-cryptojacking, njll.)
  • Ukuhlaselwa kwe-Supply chain (ukufinyelela komuntu wesithathu, isofthiwe eyonakele, ukuncika engozini)

Ukuthola kanjani futhi ulungise ubuthakathaka

Ukuphatha okusebenzayo kuhlanganisa izinqubo, ubuchwepheshe kanye nabantu ukuze vala izikhala ngaphambi kokuthi zixhashazwe.

Ukucwaningwa kwamabhuku namathuluzi

Hlela ukuhlola okuvamile ukuze uhlole ukuma kwakho kokuphepha futhi uthembele kumathuluzi akhethekile: izikena zokuba sengozini Izinhlaka ezifana ne-Nessus noma i-OpenVAS zikhomba amaphutha aziwayo; izinhlaka ezifana ne-Metasploit zivumela ukuqinisekiswa okulawulwayo kokuxhashazwa ngesikhathi sepentest.

Izibuyekezo namapeshi

Izikhala eziningi ziyagwenywa nge inhlanzeko yesichibiLondoloza uhlu lwempahla, nika amandla izibuyekezo ezizenzakalelayo lapho kungenzeka, futhi unciphise isikhathi phakathi kokuphetshwa nokusetshenziswa, ikakhulukazi ezintweni eziveziwe.

ukuphepha kwenethiwekhi

Iqinisa i-periphery kanye nengaphakathi nge firewalls, WAF, segmentation, i-VPN yokufinyelela kude nokuqapha kwethrafikhi ukuze kutholwe amaphethini angavamile.

Ukufinyelela namalungelo

Usebenzisa umgomo we ubuncane belungelo, izilawuli ezisuselwe kundima/kukubaluli, kanye ne-PAM yama-akhawunti azwelayo, ngaleyo ndlela kuncishiswe ukunyakaza okuhlangene kanye nomthelela wokuqinisekisa okonakaliswa.

Ubungozi be-Cybersecurity

Ukuqwashisa kanye nezinqubo

Tshala imali ekuqeqesheni okusebenzayo ukuze unciphise ubungozi bomuntu: imikhankaso yokulwa nobugebengu bokweba imininingwane ebucayi, imihlahlandlela eqinile yephasiwedi enabaphathi nezinqubomgomo ezicacile zomsebenzi okude ophephile.

I-WiFi nokubethela

Vikela amanethiwekhi angenantambo nge I-WPA2/WPA3, i-firmware ebuyekeziwe yerutha, namaphasiwedi aqinile; ibethela idatha kukuthutha nalapho uphumule, futhi iphoqelela i-HSTS kumasevisi ewebhu.

Pentesting kanye impendulo

Yenza ukuhlola kokungena ezikhathini ezithile ukuze kuqinisekiswe ukusebenza kahle kwezilawuli futhi ilungise izinhlelo zesenzo. impendulo yesigameko ngezipele ezibethelwe, ukulingisa kanye nezindima ezichaziwe.

Izixazululo zokusekela

Ihambisana nobuchwepheshe obufana i-antivirus/EDR, abaphathi bephasiwedi yebhizinisi kanye nezixazululo zokulawulwa kokufinyelela okunenhlanhla (i-PAM) zokulawula ubunikazi obunobungozi obukhulu, izimfihlo, nokuxhumana.

Icala Langempela: Ama-Shadow Brokers nokuthi Kungani Kubalulekile

Ngo-2016, iqembu elaziwa ngokuthi The Shadow Brokers laputshuza amathuluzi futhi ukuxhaphaza okuyinkimbinkimbi kakhulu okudalwe yisikhungo sikahulumeni. Lokhu kudalule ubungozi obubalulekile kumasistimu nezinhlelo zokusebenza ezisetshenziswa kakhulu.

Eminye yaleyo nqola kamuva yasetshenziswa emikhankasweni ebhubhisayo, njenge-ransomware eyahlasela izinkulungwane zezinhlangano. Isifundo sicacile: isichibi ngesikhathi kanye nengxenye Kubalulekile, ngoba ukwehluleka komphakathi nokukhulu kungaphenduka umlilo womhlaba ngendaba yamahora.

Imiphumela yokungenzi

Ukungabhekani nobuthakathaka kuholela ku izingozi ezibonakalayo: ukwebiwa kwedatha yekhasimende nesisebenzi, izinhlawulo zokungathobeli imithetho (GDPR), ukulahlekelwa ukwethenjwa, nezikhathi zokungasebenzi kanye nezindleko ezifinyelela ezigidini.

Uhlelo lokuqhubeka nge amakhophi wokulondoloza, amaphrothokholi okuphendula kanye ne-patch automation kunciphisa kakhulu amathuba okuba nomthelela omkhulu kanye nokululama ngokushesha uma okuthile kwenzeka.

I-cybersecurity ephumelelayo ifinyelelwa ngokuhlanganisa izinqubo ezinhle, amathuluzi afanelekile nesiko lokho ibeka phambili ukuvimbela Ngaphandle kokudebeselela ukutholwa nokuphendula. Ngohlu lwamagama olucacile, amapheshana akamuva, ukulawula ukufinyelela, ukuqeqeshwa, nokuhlola okuvamile, inani lokuphulwa kwemithetho exhashakayo liyehla.

I-athikili ehlobene:
I-Cyber ​​​​Security: Kuyini futhi kwenziwa kanjani?