{"id":6076,"date":"2019-01-31T00:00:00","date_gmt":"2019-01-30T23:00:00","guid":{"rendered":"https:\/\/instrid.sk\/uncategorized\/kolko-stoji-uspesny-kyberutok-na-beznu-firmu-budete-velmi-prekvapeni-cena-je-smiesne-nizka\/"},"modified":"2019-01-31T00:00:00","modified_gmt":"2019-01-30T23:00:00","slug":"kolko-stoji-uspesny-kyberutok-na-beznu-firmu-budete-velmi-prekvapeni-cena-je-smiesne-nizka","status":"publish","type":"post","link":"https:\/\/instrid.sk\/en\/archiv\/kolko-stoji-uspesny-kyberutok-na-beznu-firmu-budete-velmi-prekvapeni-cena-je-smiesne-nizka\/","title":{"rendered":"How much does a successful cyberattack on a regular business cost? You will be very surprised, the price is ridiculously low"},"content":{"rendered":"

Mo\u017eno si spom\u00ednate na pr\u00edpad kybernetick\u00e9ho \u00fatoku na ist\u00fa firmu, ktor\u00fd prebehol ve\u013emi jednoduch\u00fdm a pritom vysoko \u00fa\u010dinn\u00fdm sp\u00f4sobom: zamestnanec upratovacej spolo\u010dnosti infikoval firemn\u00fa sie\u0165 len s\u00a0pou\u017eit\u00edm klasick\u00e9ho USB k\u013e\u00fa\u010da a dostal sa tak k mimoriadne citliv\u00fdm \u00fadajom a hesl\u00e1m. Zopakova\u0165 sa to m\u00f4\u017ee kedyko\u013evek a ani to nie je tak n\u00e1ro\u010dn\u00e9.<\/h3>\n

 <\/p>\n

Spolo\u010dnosti, ktor\u00e9 sa zaoberaj\u00fa kybernetickou bezpe\u010dnos\u0165ou (Kaspersky Lab, ESET a \u010fal\u0161ie) zistili,\u00a0\u017ee sta\u010d\u00ed menej ako 20 eur, nieko\u013eko hod\u00edn pr\u00e1ce a\u00a0z\u00e1kladn\u00e9 program\u00e1torsk\u00e9 znalosti<\/strong> na to, aby bolo mo\u017en\u00e9 vytvori\u0165 ve\u013emi siln\u00fd a\u00a0\u00fa\u010dinn\u00fd n\u00e1stroj na \u201ehacknutie\u201c firemnej siete. Pri experimente v Kaspersky Lab pou\u017eili USB zariadenie, vlastnoru\u010dne vyroben\u00e9 z\u00a0vo\u013ene dostupn\u00fdch n\u00e1strojov, s\u00a0ktor\u00fdm sa im podarilo zozbiera\u0165 a\u017e 50 re\u0165azcov (tzv. ha\u0161ov) hesiel za hodinu.<\/p>\n

 <\/p>\n

Pre potenci\u00e1lny \u00fatok tohto typu (teda met\u00f3dou zachytenia d\u00e1t) netreba ve\u013ea: experiment bol \u00faspe\u0161ne vykonan\u00fd na zamknut\u00fdch aj nezamknut\u00fdch po\u010d\u00edta\u010doch s opera\u010dn\u00fdm syst\u00e9mom Windows a Mac. Experti v\u0161ak neboli schopn\u00ed tento \u00fatok zopakova\u0165 pri zariadeniach, ktor\u00e9 boli vybaven\u00e9 syst\u00e9mom Linux.<\/p>\n

 <\/p>\n Takto vyzeral cel\u00fd pr\u00edstroj, ktor\u00fd dok\u00e1zal spr\u00edstupni\u0165 v\u0161etky citliv\u00e9 firemn\u00e9 inform\u00e1cie. Sta\u010dilo ho pripoji\u0165 cez USB k ak\u00e9muko\u013evek po\u010d\u00edta\u010du. Cena tohto vybavenie je menej ako 20 eur.\n

 <\/p>\n

Vyu\u017eili pri tom mikropo\u010d\u00edta\u010d Raspberry Pi, nakonfigurovali ho ako Ethernet adapt\u00e9r, urobili zop\u00e1r \u010fal\u0161\u00edch konfigura\u010dn\u00fdch zmien v opera\u010dnom syst\u00e9me a nain\u0161talovali nieko\u013eko verejne dostupn\u00fdch n\u00e1strojov na sledovanie, zhroma\u017edenie a\u00a0spracovanie d\u00e1t. Nakoniec zariadenie pripojili k\u00a0cie\u013eovej sieti, a\u00a0to za\u010dalo automaticky k\u0155mi\u0165 ich server ukradnut\u00fdmi prihlasovac\u00edmi d\u00e1tami. Opera\u010dn\u00fd syst\u00e9m na napadnutom po\u010d\u00edta\u010di identifikoval pripojen\u00e9 Raspbery Pi zariadenie ako sie\u0165ov\u00fd LAN adapt\u00e9r a automaticky mu priradil vy\u0161\u0161iu prioritu ako ostatn\u00fdm dostupn\u00fdm sie\u0165am. Navy\u0161e mu umo\u017enil pr\u00edstup k v\u00fdmene d\u00e1t v sieti. Experiment\u00e1lna sie\u0165 bola simul\u00e1ciou \u010dasti skuto\u010dnej firemnej siete.<\/p>\n

 <\/p>\n

To, \u017ee hacknutie uzatvorenej firemnej siete je skuto\u010dne nebezpe\u010dn\u00e9<\/strong>, je dnes tis\u00edckr\u00e1t overenou skuto\u010dnos\u0165ou. V poslednom obdob\u00ed sme \u010d\u00edtali najm\u00e4 o kryptoransomv\u00e9ri, ale aj malv\u00e9roch, ktor\u00e9 vedia \u0161kodi\u0165 a\u017e na fyzickej \u00farovni. Zn\u00e1my je tie\u017e pr\u00edpad \u00fatoku na ir\u00e1nsky jadrov\u00fd program z prelomu rokov 2009 a 2010, ktor\u00fd \u00faspe\u0161ne vyradil z prev\u00e1dzky tis\u00edcky ir\u00e1nskych centrif\u00fag na obohacovanie ur\u00e1nu.<\/p>\n

 <\/p>\n

 <\/p>","protected":false},"excerpt":{"rendered":"

Mo\u017eno si spom\u00ednate na pr\u00edpad kybernetick\u00e9ho \u00fatoku na ist\u00fa firmu, ktor\u00fd prebehol ve\u013emi jednoduch\u00fdm a pritom vysoko \u00fa\u010dinn\u00fdm sp\u00f4sobom: zamestnanec upratovacej spolo\u010dnosti infikoval firemn\u00fa sie\u0165<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[51],"tags":[],"class_list":["post-6076","post","type-post","status-publish","format-standard","hentry","category-archiv","two-columns"],"_links":{"self":[{"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/posts\/6076","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/comments?post=6076"}],"version-history":[{"count":0,"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/posts\/6076\/revisions"}],"wp:attachment":[{"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/media?parent=6076"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/categories?post=6076"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/instrid.sk\/en\/wp-json\/wp\/v2\/tags?post=6076"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}