{"id":81608,"date":"2021-12-06T11:44:48","date_gmt":"2021-12-06T10:44:48","guid":{"rendered":"https:\/\/mwtsolutions.eu\/?p=81608"},"modified":"2022-01-25T10:10:56","modified_gmt":"2022-01-25T09:10:56","slug":"brute-force-ransomwarove-utoky-jsou-stale-castejsi","status":"publish","type":"post","link":"https:\/\/i.mwtsolutions.eu\/cs\/clanky\/brute-force-ransomwarove-utoky-jsou-stale-castejsi\/","title":{"rendered":"Brute-force ransomwarov\u00e9 \u00fatoky jsou st\u00e1le \u010dast\u011bj\u0161\u00ed"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

\u00datoky\u00a0ransomwarem\u00a0vzrostly v roce 2021 o v\u00edce ne\u017e 485 %.\u00a0Do roku 2031 se o\u010dek\u00e1v\u00e1<\/a><\/strong>, \u017ee\u00a0se\u00a0organizace\u00a0budou st\u00e1vat\u00a0ob\u011bt\u00ed \u00fatoku\u00a0ransomwaru\u00a0ka\u017ed\u00e9 2 sekundy<\/strong>. \u00da\u010dinn\u00e1 obrana proti kybernetick\u00fdm \u00fatok\u016fm je tedy st\u00e1le v\u00edce nutn\u00e1.<\/span><\/p>

\u00a0<\/p>

Zpr\u00e1vy\u00a0od\u00a0bezpe\u010dnostn\u00edch\u00a0spole\u010dnost\u00ed<\/a><\/strong>\u00a0potvrzuj\u00ed, \u017ee prim\u00e1rn\u00edm\u00a0c\u00edlem\u00a0\u00fatok\u016f,\u00a0kter\u00fd je vstupn\u00ed branou\u00a0do podnikov\u00fdch s\u00edt\u00ed, jsou \u0161patn\u011b chr\u00e1n\u011bn\u00e1 p\u0159ipojen\u00ed RDP (Remote\u00a0Desktop\u00a0Protocol).<\/span>\u00a0<\/span><\/p>

RDP umo\u017e\u0148uje u\u017eivateli p\u0159\u00edstup a ovl\u00e1d\u00e1n\u00ed jin\u00e9ho po\u010d\u00edta\u010de um\u00edst\u011bn\u00e9ho jinde. \u0158ekn\u011bme, \u017ee po\u010d\u00edta\u010d 1 chce nav\u00e1zat spojen\u00ed RDP s po\u010d\u00edta\u010dem 2. V takov\u00e9m p\u0159\u00edpad\u011b mus\u00ed b\u00fdt na prvn\u00edm spu\u0161t\u011bn klientsk\u00fd software RDP a na druh\u00e9m by m\u011bl b\u00fdt serverov\u00fd software RDP. Jakmile je p\u0159ipojen\u00ed nav\u00e1z\u00e1no, u\u017eivatel, kter\u00fd inicioval p\u0159ipojen\u00ed RDP, bude m\u00edt p\u0159\u00edstup k za\u0159\u00edzen\u00ed, ke kter\u00e9mu se p\u0159ipojil.<\/span>\u00a0<\/span><\/p>

\u00a0<\/p>

A\u010dkoli se RDP pou\u017e\u00edv\u00e1 ji\u017e dlouhou dobu, lo\u0148sk\u00fd\u00a0rychl\u00fd p\u0159echod\u00a0na vzd\u00e1lenou pr\u00e1ci raketov\u011b zv\u00fd\u0161il po\u010det lid\u00ed, kte\u0159\u00ed se na n\u011bj spol\u00e9haj\u00ed<\/strong>. Na za\u010d\u00e1tku roku 2020\u00a0se\u00a0za pouh\u00e9 dva m\u011bs\u00edce po\u010det port\u016f RDP vystaven\u00fdch\u00a0voln\u011b na\u00a0internetu zv\u00fd\u0161il ze t\u0159\u00ed milion\u016f na \u010dty\u0159i a p\u016fl milionu.<\/span>\u00a0<\/span><\/p>

V\u011bt\u0161ina zam\u011bstnanc\u016f p\u0159istupuje ke sv\u00fdm firemn\u00edm za\u0159\u00edzen\u00edm prost\u0159ednictv\u00edm RDP ze sv\u00fdch domov\u016f, z\u00e1rove\u0148 spr\u00e1vci pou\u017e\u00edvaj\u00ed RDP k odstra\u0148ov\u00e1n\u00ed probl\u00e9m\u016f se vzd\u00e1len\u00fdmi syst\u00e9my. Tento efekt vodop\u00e1du vedl k tomu, \u017ee obrovsk\u00e9 mno\u017estv\u00ed port\u016f RDP bylo ponech\u00e1no otev\u0159en\u00fdch\u00a0voln\u011b do\u00a0internetu.\u00a0A \u00fato\u010dn\u00edci toho pln\u011b vyu\u017e\u00edvaj\u00ed.<\/span>\u00a0<\/span><\/p>

\u00a0<\/p>

Znepokojuj\u00edc\u00ed je,\u00a0\u017ee \u00fato\u010dn\u00edci\u00a0nespol\u00e9haj\u00ed na \u017e\u00e1dnou sofistikovanou techniku k vyu\u017eit\u00ed otev\u0159en\u00fdch port\u016f RDP. Velk\u00fdch \u00fasp\u011bch\u016f dosahuj\u00ed\u00a0brute-force\u00a0\u00fatoky.<\/span>\u00a0<\/span><\/p>

\u00a0<\/p>

Brute-force\u00a0\u00fatok\u00a0je metodou pokusu-omylu, kter\u00e1\u00a0neust\u00e1le h\u00e1d\u00e1\u00a0p\u0159ihla\u0161ovac\u00ed \u00fadaje u\u017eivatele. V\u00fdzkumn\u00edci v oblasti bezpe\u010dnosti zjistili, \u017ee hacke\u0159i pou\u017e\u00edvaj\u00ed r\u016fzn\u00e9\u00a0variace\u00a0brute-force\u00a0techniky, jako jsou\u00a0<\/span>password spray<\/strong> attack<\/strong><\/span><\/i><\/a>\u00a0nebo\u00a0<\/span>credential<\/strong> stuffing<\/strong><\/span><\/i><\/a>\u00a0s\u202fvyu\u017eit\u00edm p\u0159ihla\u0161ovac\u00edch \u00fadaj\u016f zakoupen\u00fdch na\u00a0dark\u00a0webu.<\/span>\u00a0<\/span><\/p>

\u00a0<\/p>

Z\u00e1kladn\u00ed\u00a0zn\u00e1m\u00e9\u00a0kroky\u00a0ochrany, jako je zav\u00edr\u00e1n\u00ed nepot\u0159ebn\u00fdch otev\u0159en\u00fdch port\u016f RDP a pravideln\u00e9 p\u0159ehodnocov\u00e1n\u00ed toho, kdo m\u00e1 p\u0159\u00edstup k RDP,\u00a0jen\u00a0m\u00edrn\u011b sni\u017euj\u00ed \u0161ance organizace na kompromitaci.\u00a0\u00dato\u010dn\u00edci se zam\u011b\u0159uj\u00ed p\u0159edev\u0161\u00edm na st\u00e1le \u010dasto m\u00edrn\u011b nastavenou politiku hesel a n\u00e1sledn\u011b chyb\u011bj\u00edc\u00ed v\u00edce faktorov\u00e9 ov\u011b\u0159en\u00ed.<\/span>\u00a0<\/span><\/p>

\u00a0<\/p>

N\u00e1stroj\u00a0ManageEngine\u00a0ADSelfService\u00a0Plus<\/strong><\/a> je \u00fa\u010dinn\u00e1 obrana proti kybernetick\u00fdm \u00fatok\u016fm\u00a0 a pom\u00e1h\u00e1 br\u00e1nit u\u017eivatelsk\u00e9 \u00fa\u010dty p\u0159ed napaden\u00edm detailn\u00edm nastaven\u00edm politiky hesel, funkcemi v\u00edce faktorov\u00e9ho ov\u011b\u0159en\u00ed, p\u0159\u00edpadn\u011b podm\u00edn\u011bn\u00fdm p\u0159ihl\u00e1\u0161en\u00edm do podnikov\u00fdch syst\u00e9m\u016f.<\/span>\u00a0<\/span><\/p>

\u00a0<\/p>

St\u00e1hn\u011bte<\/a><\/strong>\u00a0si na\u0161i e-knihu o brute-force \u00fatoc\u00edch:<\/strong><\/span><\/p>