- MaHackers akashandisa kutyora kwakanyanya muSharePoint kupinza masisitimu epasi rose, kunanga hurumende, makambani nemayunivhesiti.
- Microsoft yakaratidza mapoka akabatana neChina seanokonzeresa, kunyangwe vamwe matsotsi vakashandisawo chikanganiso.
- Iyo chigamba chakaburitswa neMicrosoft haina kuvharira zvachose kurwiswa, ichibvumira kupfuurira kuwana kunyangwe mushure mekugadzirisa.
- Mazhinji emasangano ane mukurumbira akakanganiswa, kunyanya muUnited States neEurope, sezvo ongororo dziri kuenderera mberi.
Mumavhiki achangopfuura a wave of cyberattacks akanangana neMicrosoft softwareKushushikana kuri kukura pakati pemasangano nemakambani pasirese mushure mekuonekwa kwekusagadzikana muSharePoint, iyo gwaro rekutungamira hurongwa hunoshandiswa zvakanyanya nehurumende nemasangano akazvimirira. Chikanganiso ichi, chakanzi chakakomba zvakanyanya, chakabvumira kuwanikwa kusingatenderwe kune ruzivo rwakadzama munyika dzakawanda.
Zviratidzo zvepakutanga zvinoratidza izvozvo Mazana emaseva akakanganiswa, inobata masangano ehurumende, masangano edzidzo, uye masangano akazvimirira. Chiitiko ichi chaunza mhinduro yekukurumidza kubva kune zviremera zvese neMicrosoft pachayo, iyo iri kuyedza kuve nemhedzisiro yekurwiswa kwakaoma uku.
Kutyora muSharePoint kunokonzeresa kurwiswa
Mumwedzi waChikunguru, akati wandei zvikwata zvepasi rese zvecybersecurity Vakaona kusagadzikana muSharePoint papuratifomu, yaishandiswa kuchengeta nekugovana magwaro emukati. Kutyora kwacho kwaibvumira varwi kuti kuba zvitupa zvekusvika -kusanganisira mazita ekushandisa, mapassword, uye encrypted data-uye kupaza mukati memanetiweki epamusoro-mbiri masangano.
La Kukundikana kwakarongedzerwa se "zero zuva", kureva, isingazivikanwi uye isina kugadziriswa panguva yekushandiswa nevanorwisa. Kuferefeta kwekutanga kunobatanidza ma hacks kumazana emaseva ari kuUS, Germany, UK, Spain, Switzerland, Brazil, Canada, South Africa, nemamwe matunhu.
Microsoft pachayo yakaburitsa chigamba chekuchengetedza kuyedza kuvhara gomba, asi nyanzvi dzakayambira kuti vanorwisa vakawana nzira dzekunzvenga nzira dzekugadzirisa. Kunyanya, matekiniki akaonekwa anobvumira backdoors inoshanda kunyangwe mushure mekuvandudzwa, kuvimbisa vapambi kuti varambe vachiwana.
Vatambi uye geopolitical zvinoreva
Maererano nemishumo Mapoka makuru akacherechedzwa kumashure kwekurwisa kwakabatana nehurumende yeChinaMicrosoft yaona mapoka chaiwo anozivikanwa seLinen Typhoon, Violet Typhoon, uye Storm-2603. Masangano aya anofungidzirwa kuti akashanda sechikamu chemushandirapamwe wecyberespionage, wakanangana nekupinza masangano everuzhinji, mayunivhesiti, zvipatara, uye makambani emagetsi ehunyanzvi mumakondinendi akati wandei.
Nyaya iyi yakonzera kusawirirana kwezvematongerwo enyika, kubvira Embassy yeChina inoramba chero kubatana uye anoramba kupomerwa kwecyberattack, achida humbowo hwakaoma asati apa mutongo. Kuferefeta kuchiri kuenderera mberi, asi cybersecurity masosi uye hurumende dzekuMadokero dzinosimbirira kuti Mapateni akashandisa matekiniki emitambo aimbove aiitwa nevatambi vechiChinese.
Nekudivi ravo, masangano eUS akadai seFBI neCybersecurity and Infrastructure Security Agency (CISA) vakatsigira kuti vari kushandirapamwe kuti vatore kutyisidzira uye kudzikisira huwandu hwemasangano akakanganisika.
Microsoft's Scope uye Reaction
La ukuru hwekukanganisa hunoramba husina chokwadi, asi kukanganisa kwakananga kumasangano akaita seU.S. Department of Education, Florida Department of Revenue, Rhode Island General Assembly, uye sangano rinoona nezvezvombo zvenyukireya yeU.S. Zviitiko zvakaonekwawo muSpain, Middle East, uye Asia, zvinokanganisa zvese kubva kumayunivhesiti kusvika kumakambani emagetsi.
Mazana emasangano ave kuziviswa nezve njodzi, uye zvinofungidzirwa kuti Zvinopfuura 10.000 maseva anogona kuburitswa pachena, maererano nefungidziro kubva kunyanzvi dzakabvunzwa. Chiitiko ichi chinoratidza kukosha kwekusimbisa cybersecurity tsika uye kupindura nekukurumidza kune njodzi mune yakakosha software, kunyanya kana paine kubatanidzwa nemamwe mapuratifomu eMicrosoft seHofisi, Zvikwata uye OneDrive, iyo inowedzera nzvimbo yekurwisa.
Microsoft yakadzokorora zvakare kuzvipira kune kuchengeteka uye inoenderera mberi nekuvandudza zvitsva, kunyangwe ichiziva kuti dambudziko rakanyanya kuomarara nekuda kwekudzika kwekubatanidzwa kwezvigadzirwa zvayo.
Tactics nemhedzisiro yekurwiswa
Mushandirapamwe wekupindira wakaonekwa nezvawo kukurumidza kuparadzira uye kushandiswa kwenzira dzakaoma kunzwisisa. MaHackers akaisa zvakagadziridzwa zvikamu uye magonhi ekumashure pane zvakakanganisika masisitimu, zvichivabvumira kuti vakwanise kuwana zvakare kunyange mushure mekutanga server reboots kana patching.
Zvakaonekwa zvakare Huru hwehumbavha hwekuba uye kuisirwa malware inokwanisa kutevedzera vanhu uye kuchengetedza kuwana kwenguva refu. Pakati pematanho anoshandiswa kushandiswa kwekusagadzikana kwezuva-zero uye kugovera mihoro yedhijitari kune vakawanda vakawirwa nezvikamu zvakasiyana.
Makambani akadai seCrowdStrike, Mandiant uye Eye Chengetedzo anga ari akakosha mukuona uye kuongorora kurwiswa, yambiro nezve mukana wekuti. mamwe mapoka ematsotsi anoedza kushandisa gwanza rimwe chetero munguva pfupi iri kutevera.
Dambudziko repasi rose rinogara richiitika
Mamiriro epasi rose echiitiko ichi uye kuyerera kunogara kuripo kwevatsva vanobatwa kunoratidza kukurumidza kukwira kwecyberattacks yakanangana neiyo yakakosha zvivakwaOngororo irikuenderera mberi, uye vanoongorora vanoti zvinogoneka kuti kunyangwe mapoka kunze kweavo vakambozivikanwa vanogona kutora mukana wakavhurika musuwo iwoyo masangano achipedza kuzvidzivirira.
Nekuda kwehukuru hwekutyisidzira, zviremera zvinokurudzira makambani ese nemadhipatimendi anotsamira self-hosted SharePoint maseva a , wongororo yekuwana uye tsvaga zviratidzo zvekufungira chiitiko. Kushingirira uye hunyanzvi hwevanorwisa zvinoburitsa pachena kuti cybersecurity mujaho wekureba uko kudzivirira kunoramba kuri kubheja kwakachengeteka.