Kompyuter xavfsizligi - Computer security

Kompyuter xavfsizligining aksariyat jihatlari elektron parollar va shifrlash kabi raqamli choralarni o'z ichiga olsa, ruxsatsiz buzilishlarning oldini olish uchun metall qulflar kabi jismoniy xavfsizlik choralari hanuzgacha qo'llanilmoqda.

Kompyuter xavfsizligi, kiberxavfsizlik^[1] yoki axborot texnologiyalari xavfsizligi (IT xavfsizligi) ning himoyasi kompyuter tizimlari va tarmoqlar ularning o'g'irlanishidan yoki ularga zarar etkazilishidan apparat, dasturiy ta'minot, yoki elektron ma'lumotlar, shuningdek buzilish yoki noto'g'ri yo'nalish ular ko'rsatadigan xizmatlarning.

Ishonchlilik ortib borishi sababli maydon yanada muhim ahamiyat kasb etmoqda kompyuter tizimlari, Internet^[2] va simsiz tarmoq kabi standartlar Bluetooth va Wi-fi, va o'sishi tufayli "aqlli" qurilmalar, shu jumladan smartfonlar, televizorlar va turli xil qurilmalar "Internetdagi narsalar ". Siyosat va texnologiyalar nuqtai nazaridan murakkabligi tufayli kiberxavfsizlik ham zamonaviy dunyodagi eng muhim muammolardan biri hisoblanadi.^[3]

Zaifliklar va hujumlar

Zaiflik - bu loyihalash, amalga oshirish, ishlatish yoki ichki nazoratning zaifligi. Kashf etilgan zaifliklarning aksariyati Umumiy zaifliklar va ta'sirlar (CVE) ma'lumotlar bazasi. An ekspluatatsiya qilinadigan zaiflik - bu kamida bitta ishchi hujum yoki "ekspluatatsiya " mavjud.^[4] Zaifliklarni o'rganish, teskari loyihalash, ovlash yoki ulardan foydalanish orqali foydalanish mumkin avtomatlashtirilgan vositalar yoki moslashtirilgan skriptlar.^[5][6] Kompyuter tizimining xavfsizligini ta'minlash uchun, unga qarshi qanday hujumlarni amalga oshirishni va bularni tushunish muhimdir tahdidlar odatda quyidagi toifalardan biriga tasniflanishi mumkin:

Orqa eshik

A orqa eshik kompyuter tizimida, a kriptotizim yoki an algoritm, normal holatni chetlab o'tishning har qanday maxfiy usuli autentifikatsiya yoki xavfsizlik nazorati. Ular bir nechta sabablarga ko'ra, shu jumladan asl dizayni yoki yomon konfiguratsiya tufayli mavjud bo'lishi mumkin. Ular vakolatli tomon tomonidan qonuniy ravishda kirishga ruxsat berish uchun yoki tajovuzkor tomonidan zararli sabablarga ko'ra qo'shilgan bo'lishi mumkin; ammo ularning mavjud bo'lish sabablaridan qat'i nazar, ular zaiflikni yaratadilar. Orqa eshiklarni aniqlash juda qiyin bo'lishi mumkin va orqa eshiklarni aniqlash odatda dastur manba kodiga yoki kompyuterning Operatsion Tizimi haqida yaxshi ma'lumotga ega bo'lgan odam tomonidan aniqlanadi.

Xizmatni rad etish xuruji

Xizmat hujumlarini rad etish (DoS) mashina yoki tarmoq manbasini mo'ljallangan foydalanuvchilari uchun mavjud bo'lmasligi uchun mo'ljallangan.^[7] Hujumchilar jabrlanuvchiga xizmat ko'rsatishni rad etishi mumkin, masalan, qurbonning akkauntini blokirovka qilish uchun ketma-ket etarlicha noto'g'ri parolni kiritish yoki ular mashina yoki tarmoq imkoniyatlarini haddan tashqari yuklashi va bir vaqtning o'zida barcha foydalanuvchilarni to'sib qo'yishi mumkin. Bittadan tarmoq hujumi paytida IP-manzil ko'plab xavfsizlik devorlari qoidalarini qo'shish orqali bloklanishi mumkin Xizmat ko'rsatishni rad etish (DDoS) hujumlari mumkin, bu erda hujum ko'p sonli nuqtalardan kelib chiqadi - va himoya qilish ancha qiyin. Bunday hujumlar kelib chiqishi mumkin zombi kompyuterlari a botnet yoki boshqa bir qator mumkin bo'lgan texnikalardan, shu jumladan aks ettirish va kuchaytirish hujumlari, jabrlanuvchiga trafikni yuborishda aybsiz tizimlar aldangan joyda.

To'g'ridan-to'g'ri hujumlar

Kompyuterga jismoniy kirish huquqini olgan ruxsatsiz foydalanuvchi, ehtimol undan ma'lumotlarni to'g'ridan-to'g'ri nusxalashga qodir. Ular, shuningdek, xavfsizlikni buzish orqali amalga oshirishi mumkin operatsion tizim o'zgartirishlar, dasturiy ta'minotni o'rnatish qurtlar, keyloggerlar, yashirin tinglash moslamalari yoki simsiz sichqonlardan foydalanish. Tizim standart xavfsizlik choralari bilan himoyalangan bo'lsa ham, ularni boshqa operatsion tizim yoki vositani yuklash orqali o'tkazib yuborish mumkin. CD-ROM yoki boshqa yuklash vositasi. Diskni shifrlash va Ishonchli platforma moduli ushbu hujumlarning oldini olish uchun mo'ljallangan.

Tinglab turish

Tinglab turish bu xususiy kompyuterning "suhbat" (aloqa) ni yashirincha tinglashi, odatda tarmoqdagi xostlar o'rtasida. Masalan, kabi dasturlar Yirtqich va NarusInSight tomonidan ishlatilgan Federal qidiruv byurosi va NSA tizimlarini tinglash Internet-provayderlar. Hatto yopiq tizim sifatida ishlaydigan mashinalarni ham (ya'ni tashqi dunyo bilan aloqa qilmasdan) xira holatni kuzatish orqali tinglash mumkin. elektromagnit apparat tomonidan ishlab chiqarilgan uzatmalar; TEMPEST tomonidan ko'rsatilgan xususiyatdir NSA ushbu hujumlarga ishora qilmoqda.

Ko'p vektorli, polimorfik hujumlar

2017 yilda yuzaga keladigan ko'p vektorli yangi sinf,^[8] polimorfik^[9] bir nechta hujum turlarini birlashtirgan kiber tahdidlar paydo bo'ldi va ular tarqalishi bilan kiberxavfsizlik nazorati oldini olish uchun shakl o'zgargan. Ushbu tahdidlar beshinchi avlod kiberhujumlari deb tasniflangan.^{[iqtibos kerak ]}

Fishing

Rasmiy sifatida yashiringan fishing elektron pochtasining misoli elektron pochta (xayoliy) bankdan. Yuboruvchi oluvchini maxfiy ma'lumotlarni oshkor qilmoqchi bo'lib, ularni fishing saytida "tasdiqlash" orqali amalga oshirmoqda. So'zlarning noto'g'ri yozilishiga e'tibor bering qabul qildi va farqlanish kabi olingan va nomuvofiqliknavbati bilan. Garchi URL manzili bankning veb sahifa qonuniy ko'rinadi, bu hiper veb-saytidagi gipermurojaat nuqtalari.

Fishing foydalanuvchi nomlari, parollar va kredit karta tafsilotlari kabi maxfiy ma'lumotlarni to'g'ridan-to'g'ri foydalanuvchilarni aldash yo'li bilan foydalanuvchilardan olishga urinishdir.^[10] Phishing odatda tomonidan amalga oshiriladi elektron pochta orqali firibgarlik yoki tezkor xabar almashish, va ko'pincha foydalanuvchilarni "qarash" va "his qilish" deyarli qonuniy veb-saytga o'xshash bo'lgan soxta veb-saytga ma'lumotlarni kiritishga yo'naltiradi. Soxta veb-sayt tez-tez kirish ma'lumotlari va parollar kabi shaxsiy ma'lumotlarni so'raydi. Keyinchalik, ushbu ma'lumotdan haqiqiy veb-saytda shaxsning haqiqiy hisobiga kirish huquqini olish uchun foydalanish mumkin. Jabrlanuvchining ishonchiga tayanib, fishing, uning shakli sifatida tasniflanishi mumkin ijtimoiy muhandislik. Hujumchilar haqiqiy hisoblarga kirish uchun ijodiy usullardan foydalanmoqdalar. Oddiy firibgarlik - tajovuzkorlar soxta elektron hisob-fakturalarni yuborishlari^[11] jismoniy shaxslarga yaqinda musiqa, dastur yoki boshqa narsalarni sotib olganliklarini ko'rsatib, agar sotib olishga ruxsat berilmagan bo'lsa, havolani bosishni buyuradilar.

Imtiyozni kuchaytirish

Imtiyozni kuchaytirish ba'zi bir darajadagi cheklangan kirish huquqiga ega bo'lgan tajovuzkor avtorizatsiz o'z imtiyozlarini yoki kirish darajasini ko'tarishi mumkin bo'lgan vaziyatni tasvirlaydi. Masalan, odatdagi kompyuter foydalanuvchisi bunga qodir bo'lishi mumkin ekspluatatsiya a zaiflik cheklangan ma'lumotlarga kirish huquqini olish uchun tizimda; yoki hatto "ildiz "va tizimga to'liq cheklovsiz kirish huquqiga ega.

Teskari muhandislik

Teskari muhandislik bu texnogen ob'ektni uning dizayni, kodi, arxitekturasini ochish yoki ob'ektdan bilim olish uchun dekonstruktsiya qilish jarayoni; ilmiy tadqiqotlarga o'xshash, yagona farq shundaki, ilmiy tadqiqotlar tabiiy hodisa haqida.^[12]:3

Ijtimoiy muhandislik

Ijtimoiy muhandislik, kompyuter xavfsizligi bilan bog'liq holda, foydalanuvchini, masalan, bank, pudratchi yoki mijozga taqlid qilish orqali parollar, karta raqamlari va boshqalar kabi sirlarni oshkor qilishga ishontirishga qaratilgan.^[13]

Axborot xavfsizligi nuqtai nazaridan ijtimoiy muhandislik - bu odamlarning harakatlarni amalga oshirishda yoki maxfiy ma'lumotlarni oshkor qilishda psixologik manipulyatsiyasi.

Oddiy firibgarlikka buxgalteriya va moliya bo'limlariga yuborilgan soxta bosh elektron pochta xabarlari kiradi. 2016 yil boshida Federal qidiruv byurosi firibgarligi AQSh biznesiga 2 dollardan ko'proq zarar etkazganligi haqida xabar berdi taxminan ikki yil ichida milliard.^[14]

2016 yil may oyida Miluoki Boks NBA jamoa ushbu turdagi kiber-firibgarlikning qurboniga aylanib, jamoa prezidentini taqlid qilgan Piter Feygin, natijada jamoaning barcha xodimlarini topshirish 2015 yil W-2 soliq shakllari.^[15]

Soxtalashtirish

Spoofing - bu ma'lumotni soxtalashtirish orqali haqiqiy shaxs sifatida maskaralash harakati (masalan IP-manzil yoki foydalanuvchi nomi), boshqacha tarzda ruxsatsiz olingan ma'lumot yoki manbalarga kirish huquqini olish uchun.^[16][17] Soxtalashtirishning bir necha turlari mavjud, jumladan:

• Elektron pochta orqali firibgarlik, bu erda tajovuzkor yuborishni soxtalashtiradi (Kimdan, yoki elektron pochta manzili).
• IP-manzilni soxtalashtirish, bu erda tajovuzkor a-dagi manba IP-manzilini o'zgartiradi tarmoq paketi o'zligini yashirish yoki boshqa hisoblash tizimini taqlid qilish.
• MAC firibgarligi, bu erda tajovuzkor Media Access Control (MAC) manzili ularning tarmoq interfeysi tarmoqdagi haqiqiy foydalanuvchi sifatida joylashish.
• Biometrik firibgarliklar, bu erda tajovuzkor boshqa foydalanuvchi sifatida o'zini ko'rsatish uchun soxta biometrik namunani ishlab chiqaradi.^[18]

Soxtalashtirish

Soxtalashtirish ma'lumotlarni zararli o'zgartirish yoki o'zgartirishni tavsiflaydi. Deb nomlangan Yovuz Maid hujumlari va xavfsizlik xizmatlarini ekish nazorat routerlarda ishlash qobiliyati bunga misoldir.^[19]

Zararli dastur

Kompyuterga o'rnatilgan zararli dastur shaxsiy ma'lumotni chiqarib yuborishi, tajovuzkorga tizimni boshqarish huquqini berishi va ma'lumotlarni butunlay yo'q qilishi mumkin.^[20]

Axborot xavfsizligi madaniyati

Xodimlarning xatti-harakatlari tashkilotlarda axborot xavfsizligiga katta ta'sir ko'rsatishi mumkin. Madaniy tushunchalar tashkilotning turli segmentlariga samarali ishlashga yordam berishi yoki tashkilot ichidagi axborot xavfsizligi samaradorligiga qarshi harakat qilishi mumkin. Axborot xavfsizligi madaniyati - bu "... har qanday turdagi axborotni himoya qilishga hissa qo'shadigan tashkilotdagi xulq-atvor shakllarining umumiyligi."^[21]

Andersson va Reimers (2014) ishchilar ko'pincha o'zlarini tashkilotlarining axborot xavfsizligi faoliyatining bir qismi deb hisoblamaydilar va ko'pincha tashkiliy o'zgarishlarga to'sqinlik qiladigan harakatlarni amalga oshiradilar.^[22] Tadqiqotlar shuni ko'rsatadiki, axborot xavfsizligi madaniyatini doimiy ravishda takomillashtirish zarur. ″ Axborot xavfsizligi madaniyati tahlildan o'zgarishga qadar ″ qismida mualliflar quyidagilarni ta'kidladilar: ″ Bu tugamaydigan jarayon, baholash va o'zgartirish yoki qo'llab-quvvatlash tsikli. The Axborot xavfsizligi madaniyatini boshqarish uchun beshta qadam qo'yilishi kerak: oldindan baholash, strategik rejalashtirish, tezkor rejalashtirish, amalga oshirish va keyingi baholash.^[23]

• Oldindan baholash: xodimlarning axborot xavfsizligi to'g'risida xabardorligini aniqlash va amaldagi xavfsizlik siyosatini tahlil qilish.
• Strategik rejalashtirish: yaxshiroq xabardorlik dasturini ishlab chiqish uchun aniq maqsadlarni belgilash kerak. Bunga erishish uchun malakali mutaxassislar guruhini yig'ish foydalidir.
• Operativ rejalashtirish: xavfsizlikni ta'minlash madaniyatini ichki aloqa, sotib olish menejmenti va xavfsizlik to'g'risida xabardorlik va o'quv dasturi asosida o'rnatish mumkin.^[23]
• Amalga oshirish: axborot xavfsizligi madaniyatini amalga oshirish uchun to'rt bosqichdan foydalanish kerak. Ular:

1. Boshqaruv majburiyati
2. Tashkilot a'zolari bilan aloqa qilish
3. Barcha tashkilot a'zolari uchun kurslar
4. Xodimlarning majburiyatlari^[23]

• Post-baholash: rejalashtirish va amalga oshirish muvaffaqiyatini baholash va hal qilinmagan muammolarni aniqlash.

Xavf ostida bo'lgan tizimlar

Kompyuter tizimlari sonining o'sishi va jismoniy shaxslar, korxonalar, sanoat tarmoqlari va hukumatlar tomonidan ularga bo'lgan ishonchning kuchayishi xavf ostida bo'lgan tizimlar sonining ko'payib borayotganligini anglatadi.

Moliyaviy tizimlar

Moliya regulyatorlari va moliya institutlarining kompyuter tizimlari shunga o'xshash AQShning qimmatli qog'ozlar va birjalar bo'yicha komissiyasi, SWIFT, investitsiya banklari va tijorat banklari xakerlik maqsadlari hisoblanadi kiberjinoyatchilar bozorlarni manipulyatsiya qilish va noqonuniy yutuqlarga erishishdan manfaatdor.^[24] Qabul qiladigan yoki saqlaydigan veb-saytlar va ilovalar kredit karta raqamlari, vositachilik hisobvaraqlari va bank hisob raqami pul o'tkazish, sotib olish yoki ma'lumotni sotishdan darhol moliyaviy daromad olish imkoniyati mavjud bo'lganligi sababli, ma'lumotlar buzilishning taniqli maqsadlari hisoblanadi. qora bozor.^[25] Do'kon ichidagi to'lov tizimlari va Bankomatlar mijozlar hisob ma'lumotlarini to'plash maqsadida ham buzilgan PIN-kodlar.

Kommunal xizmatlar va sanoat uskunalari

Kompyuterlar ko'plab yordam dasturlarida funktsiyalarni boshqaradi, shu jumladan telekommunikatsiya, elektr tarmog'i, atom elektr stantsiyalari va suv va gaz tarmoqlarida vana ochilishi va yopilishi. Internet ulangan bo'lsa, bunday mashinalar uchun potentsial hujum vektori hisoblanadi, ammo Stuxnet Internetga ulanmagan kompyuterlar tomonidan boshqariladigan uskunalar ham zaif bo'lishi mumkinligini ko'rsatdi. 2014 yilda Kompyuterning shoshilinch tayyorgarligi jamoasi, ning bo'linishi Milliy xavfsizlik bo'limi, energiya kompaniyalaridagi 79 xakerlik hodisasini tekshirdi.^[26] Zaifliklar aqlli hisoblagichlar (ularning aksariyati mahalliy radio yoki uyali aloqa vositalaridan foydalanadi) to'lovlarni firibgarlik bilan bog'liq muammolarga olib kelishi mumkin.^{[iqtibos kerak ]}

Aviatsiya

The aviatsiya sanoat hujumga uchrashi mumkin bo'lgan bir qator murakkab tizimlarga juda ishonadi.^[27] Bitta aeroportda elektr energiyasining oddiy uzilishi butun dunyoda aks ta'sirga olib kelishi mumkin,^[28] tizimning katta qismi buzilishi mumkin bo'lgan radioeshittirishlarga tayanadi,^[29] va samolyotlarni okeanlar ustidan boshqarish ayniqsa xavflidir, chunki radar nazorati dengizdan atigi 175 dan 225 milgacha uzayadi.^[30] Shuningdek, samolyot ichidan hujum qilish imkoniyati mavjud.^[31]

Evropada (bilanUmumevropa tarmoq xizmati )^[32] va NewPENS,^[33] va AQShda NextGen dasturi bilan,^[34] aeronavigatsiya xizmati ko'rsatuvchi provayderlar o'zlarining maxsus tarmoqlarini yaratish uchun harakat qilmoqdalar.

Muvaffaqiyatli hujumning oqibatlari maxfiylikni yo'qotishdan tortib tizim yaxlitligini yo'qotishga qadar, havo harakatini boshqarish uzilishlar, samolyotlarning yo'qolishi va hatto hayotning yo'qolishi.

Iste'mol qurilmalari

Odatda ish stoli kompyuterlar va noutbuklar parollar yoki moliyaviy hisob ma'lumotlarini to'plash yoki a botnet boshqa nishonga hujum qilish. Smartfonlar, planshet kompyuterlar, aqlli soatlar va boshqalar mobil qurilmalar kabi miqdoriy o'zini o'zi kabi qurilmalar faoliyatni kuzatuvchilar kameralar, mikrofonlar, GPS qabul qiluvchilar, kompaslar va boshqalar kabi sensorlarga ega akselerometrlar ekspluatatsiya qilinishi mumkin bo'lgan shaxsiy ma'lumotlar, shu jumladan sog'liq to'g'risidagi nozik ma'lumotlarni to'plashi mumkin. Ushbu qurilmalarning har qandayida WiFi, Bluetooth va uyali telefon tarmoqlari hujum vektori sifatida ishlatilishi mumkin va muvaffaqiyatli buzilganidan keyin sensorlar masofadan faollashtirilishi mumkin.^[35]

Borayotgan soni uy avtomatizatsiyasi kabi qurilmalar Nest termostati potentsial maqsadlardir.^[35]

Yirik korporatsiyalar

Yirik korporatsiyalar umumiy maqsadlardir. Ko'p hollarda hujumlar shaxsni o'g'irlash orqali moliyaviy daromad olishga qaratilgan va o'z ichiga oladi ma'lumotlar buzilishi. Bunga millionlab mijozlar tomonidan kredit karta ma'lumotlarining yo'qolishi kiradi Uy ombori,^[36] Zımbalar,^[37] Maqsadli korporatsiya,^[38] va eng so'nggi buzilishi Ekvaks.^[39]

Biroz kiberhujumlar bilan shug'ullanadigan xorijiy hukumatlar tomonidan buyurtma qilinadi kiberjangi o'zlarining tashviqotlarini, sabotajlarini yoki maqsadlariga josuslik qilishni yoyish maqsadida. Ko'pchilik Rossiya hukumati 2016 yilgi AQSh prezidentlik saylovida Twitter va Facebook-dan saylov natijalariga ta'sir ko'rsatishda katta rol o'ynagan deb hisoblaydi.^[40]

Tibbiy yozuvlar umuman o'g'irlik, tibbiy sug'urtadagi firibgarliklar va bemorlarni o'zlarini rekreatsiya maqsadida yoki qayta sotish uchun retsept bo'yicha dori-darmonlarni olish uchun taqlid qilish kabi holatlarni aniqlagan.^[41] Kiber tahdidlar tobora ko'payib borayotgan bo'lsa-da, barcha tashkilotlarning 62 foizi 2015 yilda o'z bizneslari uchun xavfsizlik bo'yicha o'qitishni oshirmagan.^[42]

Hujumlarning hammasi ham moliyaviy jihatdan rag'batlantirilmagan: ammo xavfsizlik firmasi HBGary Federal 2011 yilda jiddiy hujumlarga duch keldi hacktivist guruh Anonim firma bosh direktorining o'z guruhiga kirib ketganligini da'vo qilish uchun qasos sifatida,^[43][44] va Sony Pictures edi 2014 yilda buzilgan ma'lumotlarning tarqalishi va kompaniyalarni ish stantsiyalari va serverlarni yo'q qilish orqali mayib qilish orqali kompaniyani xijolat qilishning aniq ikki tomonlama motivi bilan.^[45][46]

Avtomobillar

Avtomobillar tobora kompyuterlashtirilmoqda, dvigatelning ishlash muddati, kruiz nazorati, qulflashga qarshi tormozlar, xavfsizlik kamarining qisqichlari, eshik qulflari, xavfsizlik yostiqchalari va haydovchilarga yordam berishning ilg'or tizimlari ko'plab modellarda. Qo'shimcha ravishda, ulangan mashinalar bortdagi qurilmalar va uyali aloqa tarmog'i bilan aloqa qilish uchun WiFi va Bluetooth-dan foydalanishi mumkin.^[47] O'z-o'zini boshqaradigan mashinalar yanada murakkab bo'lishi kutilmoqda.

Ushbu tizimlarning barchasi xavfsizlik uchun ma'lum darajada xavf tug'diradi va bu kabi muammolar katta e'tiborga sazovor bo'ldi.^[48][49][50] Xavfning oddiy misollari zararli moddalarni o'z ichiga oladi ixcham disk hujum vektori sifatida foydalanish,^[51] va avtoulovning mikrofonlari tinglash uchun foydalanilmoqda. Biroq, agar avtomobilning ichki qismiga kirish imkoni bo'lsa nazorat qilish tarmog'i, xavf ancha katta^[47] - va keng tarqalgan reklama qilingan 2015 yilgi sinovda xakerlar masofadan turib 10 kilometr uzoqlikdagi transport vositasini olib qochib, zovurga haydab yuborishdi.^[52][53]

Ishlab chiqaruvchilar bir necha usul bilan reaksiyaga kirishmoqdalar Tesla 2016 yilda o'z avtomobillarining kompyuter tizimlariga ba'zi xavfsizlik tuzatishlarini "havodan" chiqarib yuborish.^[54]

Avtonom transport vositalari sohasida 2016 yil sentyabr oyida Qo'shma Shtatlar transport vazirligi ba'zi dastlabki xavfsizlik standartlarini e'lon qildi va davlatlarni yagona siyosat ishlab chiqishga chaqirdi.^[55][56]

Hukumat

Hukumat va harbiy kompyuter tizimlari odatda faollar tomonidan hujumga uchraydi^[57][58][59] va chet el kuchlari.^{[60][61][62][63]} Kabi mahalliy va mintaqaviy hukumat infratuzilmasi svetofor boshqaruv, politsiya va razvedka agentligining aloqalari, xodimlarning yozuvlari, talabalar yozuvlari,^[64] moliyaviy tizimlar ham potentsial maqsadlardir, chunki ularning barchasi asosan kompyuterlashtirilgan. Pasportlar va hukumat ID kartalar foydalanadigan ob'ektlarga kirishni nazorat qiluvchi RFID himoyasiz bo'lishi mumkin klonlash.

Internet va jismoniy zaifliklar

The Internetdagi narsalar (IoT) - bu qurilmalar, transport vositalari va binolar kabi jismoniy ob'ektlar tarmog'i ko'milgan bilan elektronika, dasturiy ta'minot, sensorlar va tarmoqqa ulanish bu ularga ma'lumotlarni to'plash va almashtirish imkoniyatini beradi^[65] - xavfsizlik bilan bog'liq muammolarni hisobga olmasdan ishlab chiqilayotganidan xavotir bildirildi.^[66][67]

IOT jismoniy dunyoni kompyuterga asoslangan tizimlarga to'g'ridan-to'g'ri integratsiyalash imkoniyatlarini yaratgan bo'lsa-da,^[68][69]shuningdek, noto'g'ri foydalanish uchun imkoniyatlar yaratadi. Xususan, narsalar Internetining keng tarqalishi bilan kiberhujumlar tobora jismoniy (shunchaki virtual emas) tahdidga aylanishi mumkin.^[70] Agar eshik oldidagi qulf Internetga ulangan bo'lsa va uni telefondan qulflash / ochish mumkin bo'lsa, u holda jinoyatchi tugmachani bosib o'g'irlangan yoki buzilgan telefondan uyga kirishi mumkin. IoT-ni qo'llab-quvvatlaydigan qurilmalar tomonidan boshqariladigan dunyoda odamlar kredit karta raqamlaridan ko'ra ko'proq narsani yo'qotishlari mumkin. O'g'rilar, shuningdek, Internetga ulanmagan mehmonxonalarning eshik qulflarini chetlab o'tish uchun elektron vositalardan foydalanganlar.^[71]

Jismoniy infratuzilmani va / yoki inson hayotini nishonga olgan hujum, a deb tasniflanadi Kiber-kinetik hujum. IoT qurilmalari va jihozlari valyutani orttirganda, kiber-kinetik hujumlar keng tarqalib, sezilarli darajada zarar etkazishi mumkin.

Tibbiy tizimlar

Tibbiy asboblar muvaffaqiyatli hujumga uchragan yoki o'limga olib kelishi mumkin bo'lgan zaifliklar, shu jumladan shifoxonadagi diagnostika uskunalari^[72] va joylashtirilgan qurilmalar, shu jumladan yurak stimulyatorlari^[73] va insulin nasoslari.^[74] Kasalxonalar va shifoxona tashkilotlari xakerlik hujumiga uchraganligi haqida ko'plab ma'lumotlar mavjud, shu jumladan to'lov dasturlari hujumlar,^{[75][76][77][78]} Windows XP ekspluatatsiya,^[79][80] viruslar,^[81][82] va ma'lumotlar buzilishi shifoxona serverlarida saqlanadigan maxfiy ma'lumotlar.^{[83][76][84][85]} 2016 yil 28 dekabrda AQSh Oziq-ovqat va dori-darmonlarni boshqarish tibbiyotga oid tavsiyalarini chiqardi qurilma ishlab chiqaruvchilari Internetga ulangan qurilmalar xavfsizligini ta'minlashi kerak - ammo majburiy ijro etish uchun tuzilma yo'q.^[86][87]

Energetika sohasi

Tarqatilgan avlod tizimlarida kiber hujum xavfi haqiqiydir Daily Energy Insider. Hujum uzoq vaqt davomida katta hududda kuch yo'qotishiga olib kelishi mumkin va bunday hujum tabiiy ofat kabi og'ir oqibatlarga olib kelishi mumkin. Kolumbiya okrugi shahar ichida taqsimlangan energiya manbalari (DER) ma'muriyatini yaratishni o'ylamoqda, maqsadi mijozlar o'zlarining energiyasidan foydalanish to'g'risida ko'proq ma'lumotga ega bo'lishlari va mahalliy elektr xizmatlarini berishlari; Pepko, energiya talabini yaxshiroq baholash imkoniyati. Biroq, D.C.ning taklifi "uchinchi tomon sotuvchilariga ko'plab energiya tarqatish punktlarini yaratishga imkon beradi, bu esa kiberhujumchilar uchun elektr tarmog'iga tahdid solishi uchun ko'proq imkoniyatlar yaratishi mumkin".^[88]

Xavfsizlik buzilishlarining ta'siri

Jiddiy moliyaviy zarar etkazilgan xavfsizlikni buzish, ammo hodisa narxini taxmin qilishning standart modeli mavjud emasligi sababli, mavjud bo'lgan yagona ma'lumot mavjud bo'lgan tashkilot tomonidan jamoatchilikka ma'lum qilingan ma'lumotdir. "Kompyuter xavfsizligi bo'yicha bir qator konsalting kompaniyalari butun dunyo bo'ylab zararlar hisob-kitoblarini ishlab chiqmoqdalar virus va qurt hujumlar va umuman dushman raqamli harakatlarga. Ushbu firmalarning 2003 yilgi zarar hisob-kitoblari 13 milliard dollardan (faqat qurtlar va viruslar) 226 milliard dollargacha (barcha turdagi yashirin hujumlar uchun). Ushbu taxminlarning ishonchliligi ko'pincha shubha ostiga olinadi; asosiy metodologiya asosan latifadir. "^[89] Xavfsizlikning buzilishi korxonalarga milliardlab dollar zarar etkazishda davom etmoqda, ammo so'rov natijalariga ko'ra xavfsizlik xodimlarining 66% yuqori rahbariyat kiber ehtiyot choralarini strategik ustuvor yo'nalish sifatida qabul qilishiga ishonmaydi.^{[iqtibos kerak ]}

Biroq, xavfsizlik buzilishining moliyaviy xarajatlarining oqilona baholari aslida tashkilotlarga sarmoyaviy qarorlarni qabul qilishda yordam berishi mumkin. Klassikaga ko'ra Gordon-Loeb modeli axborot xavfsizligi uchun optimal investitsiya darajasini tahlil qilib, shuni xulosa qilish mumkinki, firma ma'lumotni himoya qilish uchun sarflaydigan mablag 'odatda kutilgan zararning kichik qismiga teng bo'lishi kerak (ya'ni, kutilayotgan qiymat kiber / ma'lumot natijasida kelib chiqadigan zarar xavfsizlikni buzish ).^[90]

Hujumchi motivatsiyasi

Xuddi shunday jismoniy xavfsizlik, kompyuter xavfsizligini buzish sabablari tajovuzkorlar orasida turlicha. Ba'zilar hayajonli izlovchilar yoki vandallar, ba'zilari faollar, boshqalari moliyaviy daromad izlayotgan jinoyatchilar. Davlat tomonidan homiylik qilingan tajovuzkorlar hozirda keng tarqalgan va yaxshi manbalar bilan ta'minlangan, ammo bu kabi havaskorlardan boshlangan Markus Xess kim uchun buzilgan KGB tomonidan aytilganidek Klifford Stoll yilda Kuku tuxumi.

Bundan tashqari, so'nggi hujumchilarning motivlari siyosiy ustunlikka erishish yoki ijtimoiy kun tartibini buzishga intilayotgan ekstremistik tashkilotlarga tegishli bo'lishi mumkin.^{[iqtibos kerak ]} Internet, mobil texnologiyalar va arzon hisoblash qurilmalarining o'sishi qobiliyatlarning oshishiga olib keldi, shuningdek, operatsiyalar uchun muhim deb hisoblanadigan muhit uchun xavf tug'dirdi. Barcha muhim maqsadli muhitlar murosaga moyil bo'lib, bu ushbu turdagi aktyorlarning turtkilarini hisobga olgan holda xavfni qanday ko'chirish bo'yicha bir qator proaktiv tadqiqotlarni olib keldi. Hacker motivatsiyasi va uning o'rtasida bir nechta keskin farqlar mavjud milliy davlat hujum qilishga intilayotgan aktyorlar mafkuraviy ustunlikka asoslangan.^[91]

Ning standart qismi tahdidlarni modellashtirish chunki har qanday alohida tizim ushbu tizimga hujumni nima undashi va kim uni buzishga undashi mumkinligini aniqlashdir. Ehtiyot choralarining darajasi va tafsilotlari ta'minlanadigan tizimga qarab o'zgaradi. Uy shaxsiy kompyuter, bank va tasniflangan harbiy tarmoq hatto ishlatilayotgan asosiy texnologiyalar o'xshash bo'lgan taqdirda ham, turli xil tahdidlarga duch kelishadi.^{[iqtibos kerak ]}

Kompyuterni himoya qilish (qarshi choralar)

Kompyuter xavfsizligida qarshi choralar bu harakatni, qurilmani, protsedurani yoki texnikani kamaytiradi tahdid, a zaiflik yoki an hujum uni yo'q qilish yoki oldini olish, etkazishi mumkin bo'lgan zararni minimallashtirish yoki tuzatish choralarini ko'rish uchun kashf qilish va xabar berish orqali.^[92][93][94]

Ba'zi umumiy qarshi choralar quyidagi bo'limlarda keltirilgan:

Dizayn bo'yicha xavfsizlik

Dizayn bo'yicha xavfsizlik, yoki dizayni bilan muqobil ravishda xavfsizligi, dasturiy ta'minot xavfsizligi uchun yerdan ishlab chiqilganligini anglatadi. Bunday holda xavfsizlik asosiy xususiyat sifatida qaraladi.

Ushbu yondashuvning ba'zi texnikalari quyidagilarni o'z ichiga oladi:

• The eng kam imtiyoz printsipi, bu erda tizimning har bir qismi faqat ishlashi uchun zarur bo'lgan imtiyozlarga ega. Agar shunday bo'lsa ham tajovuzkor ushbu qismga kirish huquqini qo'lga kiritadi, ular butun tizimga cheklangan kirish huquqiga ega.
• Avtomatlashtirilgan teorema hal qiluvchi dasturiy ta'minot quyi tizimlarining to'g'riligini isbotlash.
• Kod sharhlari va birlik sinovi, rasmiy to'g'riligini isbotlash imkoni bo'lmagan joyda modullarni yanada xavfsizroq qilish uchun yondashuvlar.
• Chuqurlikda mudofaa, agar dizayn shunday bo'lsa, tizimning bir butunligini va uning ma'lumotlarini buzish uchun bir nechta quyi tizimni buzish kerak.
• Birlamchi xavfsiz sozlamalar va dizayn "ishonchsiz" emas, balki "xavfsiz" ishlamaydi (qarang) xavfsiz ning ekvivalenti uchun xavfsizlik muhandisligi ). Ideal holda, xavfsiz tizim xavfsizlikka erishish uchun qonuniy hokimiyat organlari tomonidan ataylab, ongli, bilim va erkin qarorni talab qilishi kerak.
• Audit yo'llari tizim faolligini kuzatish, shunda xavfsizlik buzilishi sodir bo'lganda, buzilish mexanizmi va hajmini aniqlash mumkin. Auditorlik izlarini masofadan turib saqlash, ularni faqat ularga qo'shib qo'yish mumkin, buzg'unchilar o'z izlarini yopib qo'ymasliklari mumkin.
• To'liq oshkor qilish barcha zaifliklarni, "zaiflik oynasi "xatolar aniqlanganda imkon qadar qisqa tutiladi.

Xavfsizlik arxitekturasi

Open Security Architecture tashkiloti IT xavfsizligi arxitekturasini "dizayn" deb ta'riflaydi asarlar xavfsizlik nazorati (xavfsizlikka qarshi choralar) qanday joylashtirilganligi va ularning umuman qanday bog'liqligini tavsiflovchi axborot texnologiyalari arxitekturasi. Ushbu boshqaruv tizimlari tizimning sifat xususiyatlarini saqlashga xizmat qiladi: maxfiylik, yaxlitlik, mavjudlik, hisobdorlik va ishonchli xizmatlar ".^[95]

Techopedia xavfsizlik arxitekturasini "ma'lum bir stsenariy yoki muhit bilan bog'liq bo'lgan ehtiyojlar va yuzaga kelishi mumkin bo'lgan xatarlarni ko'rib chiqadigan birlashtirilgan xavfsizlik dizayni. Shuningdek, xavfsizlik nazorati qachon va qaerda qo'llanilishini belgilaydi. Loyihalash jarayoni odatda takrorlanuvchan". Xavfsizlik me'morchiligining asosiy xususiyatlari:^[96]

• turli xil tarkibiy qismlarning aloqasi va ularning bir-biriga bog'liqligi.
• risklarni baholash, yaxshi amaliyot, moliya va huquqiy masalalar asosida nazoratni aniqlash.
• boshqaruv elementlarini standartlashtirish.

Xavfsizlik me'morchiligiga amal qilish tashkilotdagi ishbilarmonlik, axborot texnologiyalari va xavfsizlik muammolarini muntazam ravishda hal qilish uchun to'g'ri asos yaratadi.

Xavfsizlik choralari

Kompyuterning "xavfsizligi" holati bu uchta jarayonni qo'llash orqali erishiladigan kontseptual idealdir: tahdidlarning oldini olish, aniqlash va ularga javob berish. Ushbu jarayonlar turli xil siyosat va tizim tarkibiy qismlariga asoslanadi, ular quyidagilarni o'z ichiga oladi:

• Foydalanuvchi qayd yozuvi kirishni boshqarish va kriptografiya mos ravishda tizim fayllari va ma'lumotlarni himoya qilishi mumkin.
• Xavfsizlik devorlari tarmoq xavfsizligi nuqtai nazaridan eng keng tarqalgan profilaktika tizimlari, chunki ular (agar to'g'ri tuzilgan bo'lsa) ichki tarmoq xizmatlariga kirishni himoya qilishlari va paketli filtrlash orqali ba'zi hujumlarni bloklashlari mumkin. Xavfsizlik devori ham apparat, ham dasturga asoslangan bo'lishi mumkin.
• Intruziyani aniqlash tizimi (IDS) mahsulotlari davom etayotgan tarmoq hujumlarini aniqlash va hujumdan keyin yordam berishga mo'ljallangan sud tibbiyoti, esa audit yo'llari va jurnallar individual tizimlar uchun shunga o'xshash funktsiyani bajaradi.
• "Javob berish" majburiy ravishda individual tizimning baholangan xavfsizlik talablari bilan belgilanadi va himoya vositalarining oddiy yangilanishidan xabar berishgacha bo'lgan masofani qamrab olishi mumkin. qonuniy rasmiylar, qarshi hujumlar va boshqalar. Ba'zi bir maxsus holatlarda, buzilgan tizimning to'liq yo'q qilinishi ma'qul, chunki barcha buzilgan resurslar aniqlanmasligi mumkin.

Bugungi kunda kompyuter xavfsizligi asosan "oldini olish" choralarini o'z ichiga oladi xavfsizlik devorlari yoki an chiqish tartibi. Xavfsizlik devori xost yoki tarmoq va boshqa tarmoq o'rtasida tarmoq ma'lumotlarini filtrlash usuli sifatida aniqlanishi mumkin, masalan Internet, va unga ulangan holda, mashinada ishlaydigan dastur sifatida amalga oshirilishi mumkin tarmoq to'plami (yoki, aksariyat hollarda UNIX kabi asoslangan operatsion tizimlar Linux, operatsion tizimga o'rnatilgan yadro ) real vaqtda filtrlash va blokirovkalashni ta'minlash. Boshqa bir dastur - bu "jismoniy xavfsizlik devori" deb nomlangan bo'lib, u tarmoq trafigini filtrlaydigan alohida mashinadan iborat. Faervollar doimiy ravishda ulangan mashinalar orasida keng tarqalgan Internet.

Ba'zi tashkilotlar murojaat qilmoqda katta ma'lumotlar kabi platformalar Apache Hadoop, ma'lumotlarga kirish imkoniyatini kengaytirish va mashinada o'rganish aniqlash rivojlangan doimiy tahdidlar.^[97]

Shu bilan birga, nisbatan kam sonli tashkilotlar samarali aniqlash tizimlari bilan kompyuter tizimlarini qo'llab-quvvatlamoqdalar va hali ham ozroq tashkil etilgan javob mexanizmlari mavjud. Natijada, Reuters ta'kidlaganidek: "Kompaniyalar birinchi marta aktivlarni jismoniy o'g'irlashdan ko'ra ko'proq ma'lumotni elektron o'g'irlash orqali ko'proq yo'qotishlarini qayd etishmoqda".^[98] Samarali yo'q qilish uchun asosiy to'siq kiberjinoyat xavfsizlik devorlariga va boshqa avtomatlashtirilgan "aniqlash" tizimlariga haddan tashqari ishonishdan kelib chiqishi mumkin. Shunga qaramay, bu asosiy dalillarni yig'ish paketli ushlash uskunalari jinoyatchilarni panjara ortiga qo'yadigan.^{[iqtibos kerak ]}

Etarli xavfsizlikni ta'minlash uchun, Markaziy razvedka boshqarmasi triadasi sifatida tanilgan tarmoqning maxfiyligi, yaxlitligi va mavjudligi himoya qilinishi kerak va axborot xavfsizligining asosi hisoblanadi.^[99] Ushbu maqsadlarga erishish uchun ma'muriy, jismoniy va texnik xavfsizlik choralari qo'llanilishi kerak. Aktivga taqdim etiladigan xavfsizlik miqdori faqat uning qiymati ma'lum bo'lganda aniqlanishi mumkin.^[100]

Zaifliklarni boshqarish

Zaifliklarni boshqarish - bu aniqlash, qayta tiklash yoki yumshatish tsikli zaifliklar,^[101] ayniqsa dasturiy ta'minot va proshivka. Zaifliklarni boshqarish kompyuter xavfsizligi va tarmoq xavfsizligi.

Zaifliklarni a bilan topish mumkin zaiflik skaneri ma'lum bo'lgan zaifliklarni qidirishda kompyuter tizimini tahlil qiladigan,^[102] kabi ochiq portlar, xavfli dasturiy ta'minot konfiguratsiyasi va unga moyilligi zararli dastur. Ushbu vositalar samarali bo'lishi uchun ular sotuvchilar chiqaradigan har bir yangi yangilanish bilan yangilanib turilishi kerak. Odatda, ushbu yangilanishlar yaqinda kiritilgan yangi zaifliklarni tekshiradi.

Xavfsizlikni skanerlashdan tashqari, ko'plab tashkilotlar muntazam ravishda ishlash uchun tashqi xavfsizlik auditorlari bilan shartnoma tuzishadi penetratsion sinovlar zaifliklarni aniqlash uchun ularning tizimlariga qarshi. Ba'zi tarmoqlarda bu shartnoma shartidir.^[103]

Zaif tomonlarni kamaytirish

Esa rasmiy tekshirish kompyuter tizimlarining to'g'riligi mumkin,^[104][105] bu hali keng tarqalgan emas. Rasmiy ravishda tasdiqlangan operatsion tizimlarga quyidagilar kiradi seL4,^[106] va SYSGO "s PikeOS^[107][108] - ammo bular bozorning juda oz foizini tashkil qiladi.

Ikki faktorli autentifikatsiya tizimga yoki maxfiy ma'lumotlarga ruxsatsiz kirishni yumshatish usuli. Buning uchun "siz bilgan narsa" kerak; parol yoki PIN-kod va "sizda mavjud bo'lgan narsa"; karta, dongle, uyali telefon yoki boshqa jihozlar. Bu xavfsizlikni kuchaytiradi, chunki ruxsatsiz shaxs ikkalasiga ham kirish huquqiga ega bo'lishi kerak.

Ijtimoiy muhandislik va kompyuterga to'g'ridan-to'g'ri kirish (jismoniy) hujumlarning oldini olish faqat axborotga nisbatan sezgirligiga nisbatan amalga oshirilishi qiyin bo'lgan kompyuter bo'lmagan vositalar yordamida amalga oshiriladi. Ushbu xavfni kamaytirishga yordam berish uchun o'qitish ko'pincha ishtirok etadi, ammo juda intizomli muhitda (masalan, harbiy tashkilotlar) ham ijtimoiy muhandislik hujumlarini oldindan ko'rish va oldini olish qiyin bo'lishi mumkin.

Dan olingan emlash emlash nazariyasi, o'xshash yoki shunga o'xshash urinishlar ta'sirida ishontirish urinishlariga qarshilik ko'rsatish orqali ijtimoiy muhandislik va boshqa firibgar nayranglar yoki tuzoqlarning oldini olishga intiladi.^[109]

Xavfsizlik skaneri yordamida tizimlarni xavfsizlik tuzatishlari va yangilanishlari bilan yangilab turish orqali tajovuzkor imkoniyatini kamaytirish mumkin^{[ta'rif kerak ]} va / yoki xavfsizlik bo'yicha tajribaga ega odamlarni yollash, ammo ularning hech biri hujumning oldini olishga kafolat bermaydi. Ma'lumotni yo'qotish / shikastlanish oqibatlari ehtiyotkorlik bilan kamaytirilishi mumkin zaxira nusxasi va sug'urta.

Uskunani himoya qilish mexanizmlari

Uskunalar xavfsizlikning manbai bo'lishi mumkin, masalan, ishlab chiqarish jarayonida zararli ravishda kiritilgan mikrochip zaifliklari bilan,^[110][111] qo'shimcha qurilmalar asosida yoki yordamchi kompyuter xavfsizligi, shuningdek, faqat dasturiy ta'minot uchun kompyuter xavfsizligiga alternativa taklif qiladi. Kabi qurilmalar va usullardan foydalanish dongles, ishonchli platforma modullari, kirish huquqi buzilganligi, haydovchining qulflanishi, USB portlarini o'chirib qo'yishi va uyali aloqa vositalariga kirish jismoniy kirish tufayli xavfsizroq (yoki murakkab) bo'lishi mumkin orqa eshikka kirish ) buzilish uchun talab qilinadi. Ularning har biri quyida batafsilroq yoritilgan.

• USB dongles odatda dasturiy ta'minot imkoniyatlarini ochish uchun dasturiy ta'minotni litsenziyalash sxemalarida qo'llaniladi,^{[iqtibos kerak ]} ammo ularni kompyuter yoki boshqa qurilmaning dasturiy ta'minotiga ruxsatsiz kirishni oldini olish usuli sifatida ham ko'rish mumkin. Dongle yoki kalit asosan dasturiy ta'minot dasturi bilan kalit o'rtasida xavfsiz shifrlangan tunnel hosil qiladi. Ushbu printsip shundan iboratki, donglda shifrlash sxemasi Kengaytirilgan shifrlash standarti (AES) xavfsizlikni kuchaytiradi, chunki mahalliy dasturiy ta'minotni boshqa mashinaga nusxalash va undan foydalanishdan ko'ra dongleni buzish va nusxalash qiyinroq. Dongles uchun yana bir xavfsizlik dasturi - bu bulutli dasturiy ta'minot yoki veb-ga asoslangan tarkibga kirish uchun foydalanish Virtual xususiy tarmoqlar (VPN).^[112] Bundan tashqari, USB dongle kompyuterni blokirovka qilish yoki qulfdan chiqarish uchun sozlanishi mumkin.^[113]
• Ishonchli platforma modullari (TPM) mikroprotsessorlar yoki chipdagi kompyuterlar deb ataladigan vositalar yordamida kriptografik imkoniyatlarni kirish qurilmalariga birlashtirish orqali xavfsizlikni ta'minlaydi. Server tomonidagi dasturiy ta'minot bilan birgalikda ishlatiladigan TPMlar tarmoq qurilmalari va ma'lumotlarga ruxsatsiz kirishni oldini olgan holda apparat qurilmalarini aniqlash va tasdiqlash usulini taklif etadi.^[114]
• Kompyuter ishiga kirishni aniqlash kompyuter korpusining ochilishini aniqlaydigan, odatda tugmachali tugmachani nazarda tutadi. Proshivka yoki BIOS kompyuter keyingi safar yuklanganda operatorga ogohlantirish ko'rsatish uchun dasturlashtirilgan.
• Disk qulflari aslida qattiq disklarni shifrlash uchun dasturiy ta'minot vositasi bo'lib, ularni o'g'rilar kira olmaydi.^[115] Asboblar tashqi disklarni shifrlash uchun ham mavjud.^[116]
• USB-portlarni o'chirib qo'yish, boshqa yo'l bilan xavfsiz kompyuterga ruxsatsiz va zararli kirishni oldini olish uchun xavfsizlik variantidir. Xavfsizlik devori ichidagi kompyuterdan tarmoqqa ulangan USB-dongllar Network World jurnali tomonidan kompyuter tarmoqlariga duch keladigan eng keng tarqalgan apparat tahdidi sifatida qaraladi.
• Ishlatilmaydigan tashqi qurilmalarni (masalan, kamera, GPS, olinadigan xotira va boshqalar) ajratish yoki o'chirish.^[117]
• Uyali telefonlar har joyda mavjud bo'lganligi sababli, mobil qurilmalar tomonidan ishlatiladigan qurilmalar mashhurligi oshib bormoqda. Kabi ichki imkoniyatlar Bluetooth, yangi Bluetooth kam energiya (LE), Dala aloqasi yaqinida (NFC) iOS bo'lmagan qurilmalarda va biometrik tasdiqlash, masalan, bosh barmoqli o'qiydiganlar, shuningdek QR kod mobil qurilmalar uchun mo'ljallangan o'quvchi dasturiy ta'minoti, mobil telefonlarning boshqaruv tizimlariga ulanishning yangi, xavfsiz usullarini taklif etadi. Ushbu boshqaruv tizimlari kompyuter xavfsizligini ta'minlaydi va xavfsiz binolarga kirishni boshqarish uchun ham ishlatilishi mumkin.^[118]

Xavfsiz operatsion tizimlar

"Kompyuter xavfsizligi" atamasining bir ishlatilishi xavfsiz dasturni amalga oshirishda foydalaniladigan texnologiyani anglatadi operatsion tizimlar. 1980-yillarda Amerika Qo'shma Shtatlari Mudofaa vazirligi (DoD) ishlatilgan "To'q sariq kitob"^[119] standards, but the current international standard ISO/IEC 15408, "Umumiy mezonlar " defines a number of progressively more stringent Evaluation Assurance Levels. Many common operating systems meet the EAL4 standard of being "Methodically Designed, Tested and Reviewed", but the rasmiy tekshirish required for the highest levels means that they are uncommon. An example of an EAL6 ("Semiformally Verified Design and Tested") system is Integrity-178B da ishlatiladigan Airbus A380^[120]and several military jets.^[121]

Secure coding

In software engineering, secure coding aims to guard against the accidental introduction of security vulnerabilities. It is also possible to create software designed from the ground up to be secure. Such systems are "dizayn bilan xavfsiz ". Beyond this, rasmiy tekshirish aims to prove the correctness ning algoritmlar underlying a system;^[122]uchun muhim kriptografik protokollar masalan.

Capabilities and access control lists

Within computer systems, two of many security models capable of enforcing privilege separation are kirishni boshqarish ro'yxatlari (ACLs) and qobiliyatga asoslangan xavfsizlik. Using ACLs to confine programs has been proven to be insecure in many situations, such as if the host computer can be tricked into indirectly allowing restricted file access, an issue known as the chalkash deputat muammosi. It has also been shown that the promise of ACLs of giving access to an object to only one person can never be guaranteed in practice. Both of these problems are resolved by capabilities. This does not mean practical flaws exist in all ACL-based systems, but only that the designers of certain utilities must take responsibility to ensure that they do not introduce flaws.^[123]

Capabilities have been mostly restricted to research operatsion tizimlar, while commercial OSs still use ACLs. Capabilities can, however, also be implemented at the language level, leading to a style of programming that is essentially a refinement of standard object-oriented design. An open-source project in the area is the E tili.

End user security training

The end-user is widely recognized as the weakest link in the security chain^[124] and it is estimated that more than 90% of security incidents and breaches involve some kind of human error.^[125][126] Among the most commonly recorded forms of errors and misjudgment are poor password management, sending emails containing sensitive data and attachments to the wrong recipient, the inability to recognize misleading URLs and to identify fake websites and dangerous email attachments. A common mistake that users make is saving their userid/password in their browsers to make it easier to log in to banking sites. This is a gift to attackers who have obtained access to a machine by some means. The risk may be mitigated by the use of two-factor authentication.^[127]

As the human component of cyber risk is particularly relevant in determining the global cyber risk^[128] an organization is facing, security awareness training, at all levels, not only provides formal compliance with regulatory and industry mandates but is considered essential^[129] in reducing cyber risk and protecting individuals and companies from the great majority of cyber threats.

The focus on the end-user represents a profound cultural change for many security practitioners, who have traditionally approached cybersecurity exclusively from a technical perspective, and moves along the lines suggested by major security centers^[130] to develop a culture of cyber awareness within the organization, recognizing that a security-aware user provides an important line of defense against cyber attacks.

Digital hygiene

Related to end-user training, digital hygiene yoki cyber hygiene is a fundamental principle relating to axborot xavfsizligi and, as the analogy with shaxsiy gigiena shows, is the equivalent of establishing simple routine measures to minimize the risks from cyber threats. The assumption is that good cyber hygiene practices can give networked users another layer of protection, reducing the risk that one vulnerable node will be used to either mount attacks or compromise another node or network, especially from common cyberattacks.^[131]

As opposed to a purely technology-based defense against threats, cyber hygiene mostly regards routine measures that are technically simple to implement and mostly dependent on discipline^[132] or education.^[133] It can be thought of as an abstract list of tips or measures that have been demonstrated as having a positive effect on personal and/or collective digital security. As such, these measures can be performed by laypeople, not just security experts.

Cyber hygiene relates to personal hygiene as computer viruses relate to biological viruses (or pathogens). However, while the term kompyuter virusi was coined almost simultaneously with the creation of the first working computer viruses,^[134] atama cyber hygiene is a much later invention, perhaps as late as 2000^[135] tomonidan Internet kashshof Vint Cerf. U buyon qabul qilingan Kongress^[136] va Senat ning Qo'shma Shtatlar,^[137] The Federal qidiruv byurosi,^[138] EI muassasalar^[131] va davlat rahbarlari.^[139]

Cyber hygiene should also not be mistaken for proactive cyber defence, a military term.^[139]

Response to breaches

Responding forcefully to attempted security breaches (in the manner that one would for attempted physical security breaches) is often very difficult for a variety of reasons:

• Identifying attackers is difficult, as they are often in a different yurisdiktsiya to the systems they attempt to breach and operate through proxies, temporary anonymous dial-up accounts, wireless connections, and other anonymizing procedures which make backtracing difficult and are often located in yet another jurisdiction. If they successfully breach security, they are often able to delete jurnallar to cover their tracks.
• The sheer number of attempted attacks is so large that organizations cannot spend time pursuing each attacker (a typical home user with a permanent (e.g., kabel modem ) connection will be attacked at least several times per day, so more attractive targets could be presumed to see many more). Note, however, that most of the sheer bulk of these attacks are made by automated zaiflik skanerlari va kompyuter qurtlari.
• Law enforcement officers are often unfamiliar with axborot texnologiyalari, and so lack the skills and interest in pursuing attackers. There are also budgetary constraints. It has been argued that the high cost of technology, such as DNK testing and improved sud tibbiyoti, mean less money for other kinds of law enforcement, so the overall rate of criminals not getting dealt with goes up as the cost of the technology increases. In addition, the identification of attackers across a network may require logs from various points in the network and in many countries, the release of these records to law enforcement (with the exception of being voluntarily surrendered by a tarmoq ma'muri yoki a tizim ma'muri ) talab qiladi qidiruv orderi and, depending on the circumstances, the legal proceedings required can be drawn out to the point where the records are either regularly destroyed, or the information is no longer relevant.
• The United States government spends the largest amount of money every year on cybersecurity. The United States has a yearly budget of 28 billion dollars. Canada has the 2nd highest annual budget at 1 billion dollars. Australia has the third-highest budget with only 70 million dollars.^{[iqtibos kerak ]}

Types of security and privacy

Incident response planning

Incident response is an organized approach to addressing and managing the aftermath of a computer security incident or compromise with the goal of preventing a breach or thwarting a cyberattack. An incident that is not identified and managed at the time of intrusion typically escalates to a more damaging event such as a data breach or system failure. The intended outcome of a computer security incident response plan is to limit damage and reduce recovery time and costs. Responding to compromises quickly can mitigate exploited vulnerabilities, restore services and processes and minimize losses.^{[iqtibos kerak ]}Incident response planning allows an organization to establish a series of best practices to stop an intrusion before it causes damage. Typical incident response plans contain a set of written instructions that outline the organization's response to a cyberattack. Without a documented plan in place, an organization may not successfully detect an intrusion or compromise and stakeholders may not understand their roles, processes and procedures during an escalation, slowing the organization's response and resolution.

There are four key components of a computer security incident response plan:

1. Tayyorgarlik: Preparing stakeholders on the procedures for handling computer security incidents or compromises
2. Detection & Analysis: Identifying and investigating suspicious activity to confirm a security incident, prioritizing the response based on impact and coordinating notification of the incident
3. Containment, Eradication & Recovery: Isolating affected systems to prevent escalation and limit impact, pinpointing the genesis of the incident, removing malware, affected systems and bad actors from the environment and restoring systems and data when a threat no longer remains
4. Post Incident Activity: Post mortem analysis of the incident, its root cause and the organization's response with the intent of improving the incident response plan and future response efforts.^[140]

Notable attacks and breaches

Some illustrative examples of different types of computer security breaches are given below.

Robert Morris and the first computer worm

In 1988, only 60,000 computers were connected to the Internet, and most were mainframes, minicomputers and professional workstations. On 2 November 1988, many started to slow down, because they were running a malicious code that demanded processor time and that spread itself to other computers – the first internet "kompyuter qurti ".^[141] The software was traced back to 23-year-old Kornell universiteti aspirant Robert Tappan Morris, Jr. who said "he wanted to count how many machines were connected to the Internet".^[141]

Rim laboratoriyasi

In 1994, over a hundred intrusions were made by unidentified crackers into the Rim laboratoriyasi, the US Air Force's main command and research facility. Foydalanish troyan otlari, hackers were able to obtain unrestricted access to Rome's networking systems and remove traces of their activities. The intruders were able to obtain classified files, such as air tasking order systems data and furthermore able to penetrate connected networks of Milliy aviatsiya va kosmik ma'muriyat 's Goddard Space Flight Center, Wright-Patterson Air Force Base, some Defense contractors, and other private sector organizations, by posing asa trusted Rome center user.^[142]

TJX customer credit card details

In early 2007, American apparel and home goods company TJX announced that it was the victim of an ruxsatsiz kompyuter tizimlarining aralashuvi^[143] and that the hackers had accessed a system that stored data on kredit karta, debit karta, tekshirish va tovarlarni qaytarish bo'yicha operatsiyalar.^[144]

Stuxnet attack

In 2010 the computer worm known as Stuxnet reportedly ruined almost one-fifth of Iran's nuclear centrifuges.^[145] It did so by disrupting industrial programmable logic controllers (PLCs) in a targeted attack. This is generally believed to have been launched by Israel and the United States to disrupt Iranian's nuclear program^{[146][147][148][149]} – although neither has publicly admitted this.

Global kuzatuv ma'lumotlari

In early 2013, documents provided by Edvard Snouden tomonidan nashr etilgan Washington Post va The Guardian^[150][151] exposing the massive scale of NSA global surveillance. There were also indications that the NSA may have inserted a backdoor in a NIST standard for encryption.^[152] This standard was later withdrawn due to widespread criticism.^[153] The NSA additionally were revealed to have tapped the links between Google 's data centres.^[154]

Target and Home Depot breaches

In 2013 and 2014, a Ruscha /Ukrain hacking ring known as "Rescator" broke into Maqsadli korporatsiya computers in 2013, stealing roughly 40 million credit cards,^[155] undan keyin Uy ombori computers in 2014, stealing between 53 and 56 million credit card numbers.^[156] Warnings were delivered at both corporations, but ignored; physical security breaches using self checkout machines are believed to have played a large role. "The malware utilized is absolutely unsophisticated and uninteresting," says Jim Walter, director of threat intelligence operations at security technology company McAfee – meaning that the heists could have easily been stopped by existing antivirus dasturi had administrators responded to the warnings. The size of the thefts has resulted in major attention from state and Federal United States authorities and the investigation is ongoing.

Kadrlar boshqaruvi ma'lumotlarini buzish

2015 yil aprel oyida Office of Personnel Management discovered it had been hacked more than a year earlier in a data breach, resulting in the theft of approximately 21.5 million personnel records handled by the office.^[157] The Office of Personnel Management hack has been described by federal officials as among the largest breaches of government data in the history of the United States.^[158] Data targeted in the breach included shaxsan aniqlanadigan ma'lumotlar kabi Ijtimoiy ta'minot raqamlari, names, dates and places of birth, addresses, and fingerprints of current and former government employees as well as anyone who had undergone a government background check.^[159][160] It is believed the hack was perpetrated by Chinese hackers.^[161]

Ashley Madison breach

In July 2015, a hacker group known as "The Impact Team" successfully breached the extramarital relationship website Ashley Madison, created by Avid Life Media. The group claimed that they had taken not only company data but user data as well. After the breach, The Impact Team dumped emails from the company's CEO, to prove their point, and threatened to dump customer data unless the website was taken down permanently."^[162] When Avid Life Media did not take the site offline the group released two more compressed files, one 9.7GB and the second 20GB. After the second data dump, Avid Life Media CEO Noel Biderman resigned; but the website remained functioning.

Legal issues and global regulation

International legal issues of cyber attacks are complicated in nature. There is no global base of common rules to judge, and eventually punish, cybercrimes and cybercriminals - and where security firms or agencies do locate the cybercriminal behind the creation of a particular piece of zararli dastur or form of kiberhujum, often the local authorities cannot take action due to lack of laws under which to prosecute.^[163][164] Proving attribution for cybercrimes and cyberattacks is also a major problem for all law enforcement agencies. "Kompyuter viruslari switch from one country to another, from one jurisdiction to another – moving around the world, using the fact that we don't have the capability to globally police operations like this. So the Internet is as if someone [had] given free plane tickets to all the online criminals of the world."^[163] The use of techniques such as dinamik DNS, tez oqim va bullet proof servers add to the difficulty of investigation and enforcement.

Hukumatning roli

The role of the government is to make qoidalar to force companies and organizations to protect their systems, infrastructure and information from any cyberattacks, but also to protect its own national infrastructure such as the national power-grid.^[165]

The government's regulatory role in kiber-makon murakkab. For some, cyberspace was seen virtual bo'shliq that was to remain free of government intervention, as can be seen in many of today's libertarian blok zanjiri va bitkoin discussions.^[166]

Many government officials and experts think that the government should do more and that there is a crucial need for improved regulation, mainly due to the failure of the private sector to solve efficiently the cybersecurity problem. R. Klark said during a panel discussion at the RSA Security Conference yilda San-Fransisko, he believes that the "industry only responds when you threaten regulation. If the industry doesn't respond (to the threat), you have to follow through."^[167]On the other hand, executives from the private sector agree that improvements are necessary, but think that government intervention would affect their ability to innovate efficiently. Daniel R. McCarthy analyzed this public-private partnership in cybersecurity and reflected on the role of cybersecurity in the broader constitution of political order.^[168]

2020 yil 22-may kuni BMT Xavfsizlik Kengashi held its second ever informal meeting on cybersecurity to focus on cyber challenges to xalqaro tinchlik. BMT Bosh kotibining so'zlariga ko'ra António Guterres, new technologies are too often used to violate rights.^[169]

International actions

Many different teams and organisations exist, including:

• The Forum of Incident Response and Security Teams (FIRST) is the global association of CSIRTs.^[170] The US-CERT, AT & T, olma, Cisco, McAfee, Microsoft are all members of this international team.^[171]
• The Evropa Kengashi helps protect societies worldwide from the threat of cybercrime through the Convention on Cybercrime.^[172]
• Maqsadi Xabarlarni suiiste'mol qilishga qarshi ishchi guruhi (MAAWG) is to bring the messaging industry together to work collaboratively and to successfully address the various forms of messaging abuse, such as spam, viruses, denial-of-service attacks and other messaging exploitations.^[173] France Telecom, Facebook, AT & T, olma, Cisco, Sprint are some of the members of the MAAWG.^[174]
• ENISA : The Evropa tarmoq va axborot xavfsizligi agentligi (ENISA) is an Evropa Ittifoqi agentligi with the objective to improve network and axborot xavfsizligi ichida Yevropa Ittifoqi.

Evropa

On 14 April 2016 the Evropa parlamenti va Evropa Ittifoqi Kengashi qabul qilingan Ma'lumotlarni muhofaza qilishning umumiy reglamenti (GDPR) (EU) 2016/679. GDPR, which became enforceable beginning 25 May 2018, provides for data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). GDPR requires that business processes that handle personal data be built with data protection by design and by default. GDPR also requires that certain organizations appoint a Data Protection Officer (DPO).

Milliy harakatlar

Kompyuterning favqulodda vaziyatlarda harakat qilish guruhlari

Most countries have their own computer emergency response team to protect network security.

Kanada

Since 2010, Canada has had a cybersecurity strategy.^[175][176] This functions as a counterpart document to the National Strategy and Action Plan for Critical Infrastructure.^[177] The strategy has three main pillars: securing government systems, securing vital private cyber systems, and helping Canadians to be secure online.^[176][177] There is also a Cyber Incident Management Framework to provide a coordinated response in the event of a cyber incident.^[178][179]

The Kanadalik kiber-hodisalarga javob berish markazi (CCIRC) is responsible for mitigating and responding to threats to Canada's critical infrastructure and cyber systems. It provides support to mitigate cyber threats, technical support to respond and recover from targeted cyber attacks, and provides online tools for members of Canada's critical infrastructure sectors.^[180] It posts regular cybersecurity bulletins^[181] and operates an online reporting tool where individuals and organizations can report a cyber incident.^[182]

To inform the general public on how to protect themselves online, Public Safety Canada has partnered with STOP.THINK.CONNECT, a coalition of non-profit, private sector, and government organizations,^[183] and launched the Cyber Security Cooperation Program.^[184][185] They also run the GetCyberSafe portal for Canadian citizens, and Cyber Security Awareness Month during October.^[186]

Public Safety Canada aims to begin an evaluation of Canada's cybersecurity strategy in early 2015.^[177]

Xitoy

Xitoy "s Internet xavfsizligi va axborotlashtirish bo'yicha Markaziy etakchi guruh (Xitoy : 中央网络安全和信息化领导小组) was established on 27 February 2014. This Leading Small Group (LSG) of the Xitoy Kommunistik partiyasi tomonidan boshqariladi Bosh kotib Si Tszinpin himself and is staffed with relevant Party and state decision-makers. The LSG was created to overcome the incoherent policies and overlapping responsibilities that characterized China's former cyberspace decision-making mechanisms. The LSG oversees policy-making in the economic, political, cultural, social and military fields as they relate to network security and IT strategy. This LSG also coordinates major policy initiatives in the international arena that promote norms and standards favored by the Xitoy hukumati and that emphasizes the principle of national sovereignty in cyberspace.^[187]

Germaniya

Berlin starts National Cyber Defense Initiative:On 16 June 2011, the German Minister for Home Affairs, officially opened the new German NCAZ (National Center for Cyber Defense) Nationales Cyber-Abwehrzentrum located in Bonn. The NCAZ closely cooperates with BSI (Federal Office for Information Security) Bundesamt für Sicherheit in der Informationstechnik, BKA (Federal Police Organisation) Bundeskriminalamt (Deutschland), BND (Federal Intelligence Service) Bundesnachrichtendienst, MAD (Military Intelligence Service) Amt für den Militärischen Abschirmdienst and other national organizations in Germany taking care of national security aspects. According to the Minister the primary task of the new organization founded on 23 February 2011, is to detect and prevent attacks against the national infrastructure and mentioned incidents like Stuxnet. Germany has also established the largest research institution for IT security in Europe, the Xavfsizlik va maxfiylikni tadqiq qilish markazi (CRISP) in Darmshtadt.

Hindiston

Some provisions for cybersecurity have been incorporated into rules framed under the Information Technology Act 2000.^[188]

The National Cyber Security Policy 2013 is a policy framework by Ministry of Electronics and Information Technology (MeitY) which aims to protect the public and private infrastructure from cyberattacks, and safeguard "information, such as personal information (of web users), financial and banking information and sovereign data". CERT- In is the nodal agency which monitors the cyber threats in the country. Post National Cyber Security Coordinator has also been created in the Prime Minister's Office (PMO).

The Indian Companies Act 2013 has also introduced cyber law and cybersecurity obligations on the part of Indian directors.Some provisions for cybersecurity have been incorporated into rules framed under the Information Technology Act 2000 Update in 2013.^[189]

Janubiy Koreya

Following cyber attacks in the first half of 2013, when the government, news media, television station, and bank websites were compromised, the national government committed to the training of 5,000 new cybersecurity experts by 2017. The South Korean government blamed its northern counterpart for these attacks, as well as incidents that occurred in 2009, 2011,^[190] and 2012, but Pyongyang denies the accusations.^[191]

Qo'shma Shtatlar

Qonunchilik

1986 yil 18 AQSh  § 1030, Kompyuter firibgarligi va suiiste'mol qilish to'g'risidagi qonun is the key legislation. It prohibits unauthorized access or damage of "protected computers" as defined in 18 AQSh  § 1030(e)(2). Although various other measures have been proposed^[192][193] – none has succeeded.

2013 yilda, ijro buyrug'i 13636 Improving Critical Infrastructure Cybersecurity was signed, which prompted the creation of the NIST kiberxavfsizlik doirasi

Standardized Government Testing Services

The Umumiy xizmatlarni boshqarish (GSA) potentsial zaifliklarni tezda bartaraf etish va AQSh federal, shtat va mahalliy hukumatlariga ta'sir qilishidan oldin dushmanlarni to'xtatish uchun "penetratsion test" xizmatini oldindan tekshirilgan qo'llab-quvvatlash xizmati sifatida standartlashtirdi. Ushbu xizmatlar odatda yuqori moslashuvchan kiberxavfsizlik xizmatlari (HACS) deb nomlanadi va AQSh GSA Advantage veb-saytida keltirilgan. See more information here: Penetration test: Standardized government penetration test services.

Agentliklar

The Milliy xavfsizlik bo'limi has a dedicated division responsible for the response system, xatarlarni boshqarish program and requirements for cybersecurity in the United States called the Milliy kiber xavfsizlik bo'limi.^[194][195] The division is home to US-CERT operations and the National Cyber Alert System.^[195] The National Cybersecurity and Communications Integration Center brings together government organizations responsible for protecting computer networks and networked infrastructure.^[196]

The third priority of the Federal tergov byurosi (FBI) is to: "Protect the United States against cyber-based attacks and high-technology crimes",^[197] and they, along with the Milliy Oq yoqali jinoyatchilik markazi (NW3C) va Adliya yordam byurosi (BJA) are part of the multi-agency task force, The Internet jinoyatlariga qarshi shikoyat markazi, also known as IC3.^[198]

In addition to its own specific duties, the FBI participates alongside non-profit organizations such as InfraGard.^[199][200]

In criminal division ning Amerika Qo'shma Shtatlari Adliya vazirligi operates a section called the Kompyuter jinoyati va intellektual mulk bo'limi. The CCIPS is in charge of investigating kompyuter jinoyati va intellektual mulk crime and is specialized in the search and seizure of digital evidence in computers and tarmoqlar.^[201] In 2017, CCIPS published A Framework for a Vulnerability Disclosure Program for Online Systems to help organizations "clearly describe authorized vulnerability disclosure and discovery conduct, therebysubstantially reducing the likelihood that such described activities will result in a civil or criminal violation of law under the Computer Fraud and Abuse Act (18 U.S.C. § 1030)."^[202]

The Amerika Qo'shma Shtatlarining kiber qo'mondonligi, also known as USCYBERCOM, "has the mission to direct, synchronize, and coordinate cyberspace planning and operations to defend and advance national interests in collaboration with domestic and international partners."^[203] It has no role in the protection of civilian networks.^[204][205]

AQSh Federal aloqa komissiyasi 's role in cybersecurity is to strengthen the protection of critical communications infrastructure, to assist in maintaining the reliability of networks during disasters, to aid in swift recovery after, and to ensure that first responders have access to effective communications services.^[206]

The Oziq-ovqat va dori-darmonlarni boshqarish has issued guidance for medical devices,^[207] va Milliy avtomobil yo'llari harakati xavfsizligi boshqarmasi^[208] is concerned with automotive cybersecurity. After being criticized by the Davlatning hisobdorligi idorasi,^[209] and following successful attacks on airports and claimed attacks on airplanes, the Federal aviatsiya ma'muriyati has devoted funding to securing systems on board the planes of private manufacturers, and the Samolyot aloqa manzillari va hisobotlari tizimi.^[210] Concerns have also been raised about the future Next Generation Air Transportation System.^[211]

Computer emergency readiness team

"Kompyuterning favqulodda vaziyatlar guruhi " is a name given to expert groups that handle computer security incidents. In the US, two distinct organization exist, although they do work closely together.

• US-CERT: qismi Milliy kiber xavfsizlik bo'limi ning Amerika Qo'shma Shtatlari Milliy xavfsizlik vazirligi.^[212]
• CERT / CC: created by the Mudofaa bo'yicha ilg'or tadqiqot loyihalari agentligi (DARPA) and run by the Dasturiy ta'minot muhandisligi instituti (SEI).

Zamonaviy urush

There is growing concern that cyberspace will become the next theater of warfare. As Mark Clayton from Christian Science Monitor described in an article titled "The New Cyber Arms Race":

In the future, wars will not just be fought by soldiers with guns or with planes that drop bombs. They will also be fought with the click of a mouse a half a world away that unleashes carefully weaponized computer programs that disrupt or destroy critical industries like utilities, transportation, communications, and energy. Such attacks could also disable military networks that control the movement of troops, the path of jet fighters, the command and control of warships.^[213]

This has led to new terms such as kiberjangi va kiberterrorizm. The Amerika Qo'shma Shtatlarining kiber qo'mondonligi was created in 2009^[214] and many other countries have similar forces.

There are a few critical voices that question whether cybersecurity is as significant a threat as it is made out to be.^{[215][216][217]}

Ishga qabul qilish

Cybersecurity is a fast-growing field of IT concerned with reducing organizations' risk of hack or data breach.^[218] According to research from the Enterprise Strategy Group, 46% of organizations say that they have a "problematic shortage" of cybersecurity skills in 2016, up from 28% in 2015.^[219] Commercial, government and non-governmental organizations all employ cybersecurity professionals. The fastest increases in demand for cybersecurity workers are in industries managing increasing volumes of consumer data such as finance, health care, and retail.^{[iqtibos kerak ]} However, the use of the term "cybersecurity" is more prevalent in government job descriptions.^[220]

Typical cybersecurity job titles and descriptions include:^[221]

Xavfsizlik bo'yicha tahlilchi

Analyzes and assesses vulnerabilities in the infrastructure (software, hardware, networks), investigates using available tools and countermeasures to remedy the detected vulnerabilities and recommends solutions and best practices. Analyzes and assesses damage to the data/infrastructure as a result of security incidents, examines available recovery tools and processes, and recommends solutions. Tests for compliance with security policies and procedures. May assist in the creation, implementation, or management of security solutions.

Security engineer

Performs security monitoring, security and data/logs analysis, and forensic analysis, to detect security incidents, and mounts the incident response. Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements. May also review code or perform other xavfsizlik muhandisligi metodologiyalar.

Security architect

Designs a security system or major components of a security system, and may head a security design team building a new security system.

Security administrator

Installs and manages organization-wide security systems. This position may also include taking on some of the tasks of a security analyst in smaller organizations.

Chief Information Security Officer (CISO)

A high-level management position responsible for the entire information security division/staff. The position may include hands-on technical work.

Chief Security Officer (CSO)

A high-level management position responsible for the entire security division/staff. A newer position now deemed needed as security risks grow.

Security Consultant/Specialist/Intelligence

Broad titles that encompass any one or all of the other roles or titles tasked with protecting computers, networks, software, data or information systems against viruses, worms, spyware, malware, intrusion detection, unauthorized access, denial-of-service attacks, and an ever-increasing list of attacks by hackers acting as individuals or as part of organized crime or foreign governments.

Student programs are also available to people interested in beginning a career in cybersecurity.^[222][223] Meanwhile, a flexible and effective option for axborot xavfsizligi professionals of all experience levels to keep studying is online security training, including webcasts.^[224][225] A wide range of certified courses are also available.^[226]

In Birlashgan Qirollik, a nationwide set of cybersecurity forums, known as the U.K Cyber Security Forum, were established supported by the Government's cybersecurity strategy^[227] in order to encourage start-ups and innovation and to address the skills gap^[228] tomonidan aniqlangan U.K Government.

Terminologiya

The following terms used with regards to computer security are explained below:

• Kirish ruxsat restricts access to a computer to a group of users through the use of autentifikatsiya tizimlar. These systems can protect either the whole computer, such as through an interactive tizimga kirish screen, or individual services, such as a FTP server. There are many methods for identifying and authenticating users, such as parollar, identification cards, aqlli kartalar va biometrik tizimlar.
• Anti-virus software consists of computer programs that attempt to identify, thwart, and eliminate kompyuter viruslari and other malicious software (zararli dastur ).
• Ilovalar bor bajariladigan kod, so general practice is to disallow users the power to install them; to install only those which are known to be reputable – and to reduce the hujum yuzasi by installing as few as possible. They are typically run with eng kam imtiyoz, with a robust process in place to identify, test and install any released security patches or updates for them.
• Autentifikatsiya techniques can be used to ensure that communication end-points are who they say they are.
• Avtomatlashtirilgan teorema and other verification tools can enable critical algorithms and code used in secure systems to be mathematically proven to meet their specifications.
• Zaxira nusxalari are one or more copies kept of important computer files. Typically, multiple copies will be kept at different locations so that if a copy is stolen or damaged, other copies will still exist.
• Imkoniyat va kirishni boshqarish ro'yxati imtiyozlarni ajratish va kirishni majburiy boshqarishni ta'minlash uchun texnikadan foydalanish mumkin. Imkoniyatlar va ACLlar ulardan foydalanishni muhokama qiladi.
• Ishonch zanjiri yuklangan barcha dasturiy ta'minot tizim dizaynerlari tomonidan haqiqiyligini tasdiqlaganligiga ishonch hosil qilish uchun texnikadan foydalanish mumkin.
• Maxfiylik boshqa vakolatli shaxsdan tashqari ma'lumotni oshkor qilmaslikdir.^[229]
• Kriptografik texnikalar tizimlar o'rtasida tranzitda ma'lumotlarni himoya qilishda ishlatilishi mumkin, bu tizimlar o'rtasida almashinadigan ma'lumotlarning tutilishi yoki o'zgartirilishi ehtimolini kamaytiradi.
• Kiber urush bu axborot va axborot tizimlariga siyosiy motivlar bilan hujumlarni o'z ichiga olgan Internetga asoslangan mojaro. Bunday hujumlar, masalan, rasmiy veb-saytlar va tarmoqlarni o'chirib qo'yishi, muhim xizmatlarni to'xtatishi yoki o'chirib qo'yishi, maxfiy ma'lumotlarni o'g'irlashi yoki o'zgartirishi va moliyaviy tizimlarni nogiron qilishi mumkin.
• Ma'lumotlarning yaxlitligi ma'lumotlar ro'yxatining ikkita yangilanishi o'rtasida ma'lumotlarda hech qanday o'zgarish bo'lmasligi bilan ko'rsatilgan saqlangan ma'lumotlarning aniqligi va izchilligi.^[230]

Kriptografik texnika ma'lumotni o'zgartirishni, uni chigallashtirishni o'z ichiga oladi, shuning uchun uni uzatish paytida o'qish mumkin bo'lmaydi. Belgilangan qabul qiluvchi xabarni bekor qilishi mumkin; ideal holda, tinglovchilar qilolmaydilar.

• Shifrlash xabarning maxfiyligini himoya qilish uchun ishlatiladi. Kriptografik jihatdan xavfsiz shifrlar har qanday amaliy urinishni amalga oshirish uchun mo'ljallangan buzish ularni amalga oshirish mumkin emas. Simmetrik kalit shifrlar yordamida ommaviy shifrlash uchun javob beradi umumiy kalitlar va ochiq kalitli shifrlash foydalanish raqamli sertifikatlar oldindan hech qanday kalit bilan bo'lishilmasa, xavfsiz aloqa qilish muammosi uchun amaliy echimni taqdim etishi mumkin.
• Oxirgi nuqta xavfsizligi dasturiy ta'minot tarmoqlarga zararli dasturlarning yuqishini va tarmoq kirish punktlarida ma'lumotlarni o'g'irlanishini oldini olishda yordam beradi, bu noutbuklar, mobil qurilmalar va USB drayvlar kabi yuqishi mumkin bo'lgan qurilmalar tarqalishidan himoyalangan.^[231]
• Xavfsizlik devorlari faqat belgilangan qoidalarga mos keladigan trafikni ta'minlaydigan tarmoqlar orasidagi darvozabon tizimi sifatida xizmat qiladi. Ular ko'pincha batafsil ma'lumotlarni o'z ichiga oladi kirish va o'z ichiga olishi mumkin kirishni aniqlash va kirishni oldini olish Xususiyatlari. Ular kompaniyalar orasida deyarli universaldir mahalliy tarmoqlar va Internet, shuningdek, agar tarmoq ichida yo'l harakati qoidalarini o'rnatish uchun ichki sifatida foydalanish mumkin tarmoq segmentatsiyasi tuzilgan.
• A xaker kompyuter tizimida yoki tarmog'ida himoyani buzish va zaif tomonlardan foydalanishga intiladigan kishi.
• Asal qozonlari qasddan krakerlar hujumiga qarshi himoyasiz qolgan kompyuterlardir. Ular krakerlarni ushlash va ularning texnikasini aniqlash uchun ishlatilishi mumkin.
• Hujumni aniqlash tizimlari tarmoqlar yoki tizimlarni zararli faoliyat yoki qoidalarni buzish uchun kuzatadigan qurilmalar yoki dasturiy ta'minot.
• A mikrokernel operatsion tizimni loyihalashtirishga yondashuv bo'lib, u faqat eng imtiyozli darajada ishlaydigan minimal miqdordagi kodga ega va operatsion tizimning boshqa elementlarini, masalan, qurilmalar drayverlari, protokollar to'plamlari va fayl tizimlarini xavfsizroq, kamroq imtiyozlar bilan ishlaydi. foydalanuvchi maydoni.
• Pinging. IP-manzil ishlatilayotganligini tekshirish uchun standart "ping" ilovasidan foydalanish mumkin. Agar shunday bo'lsa, tajovuzkorlar a ni sinab ko'rishlari mumkin portni skanerlash qaysi xizmatlar fosh etilganligini aniqlash uchun.
• A portni skanerlash uchun IP-manzilni tekshirish uchun foydalaniladi ochiq portlar mavjud tarmoq xizmatlari va dasturlarini aniqlash.
• A Key logger josuslarga qarshi dastur jimgina kompyuter klaviaturasida foydalanuvchi kiritgan har bir tugmachani bosadi va saqlaydi.
• Ijtimoiy muhandislik xavfsizlikni buzish uchun shaxslarni boshqarish uchun aldovdan foydalanish.
• Mantiqiy bombalar qonuniy dasturga qo'shilgan zararli dasturlarning bir turi bo'lib, u ma'lum bir voqea boshlangunga qadar uxlab qoladi.

Olimlar

Shuningdek qarang

Adabiyotlar

Qo'shimcha o'qish

• Filial, J. (2020). "Ism nima? Metafora va kiberxavfsizlik. " Xalqaro tashkilot.
• Kostigan, Shon; Xennessi, Maykl (2016). Kiberxavfsizlik: Umumiy ma'lumot qo'llanmasi. NATO. ISBN  978-9284501960. https://www.nato.int/nato_static_fl2014/assets/pdf/pdf_2016_10/20161025_1610-cybersecurity-curriculum.pdf
• Fuller, Kristofer J. "Amerika Qo'shma Shtatlarining kiber (ichki) xavfsizligi ildizlari", Diplomatik tarix "43: 1 (2019): 157-185. onlayn
• Kim, Piter (2014). Hacker Playbook: Penetratsiya testlari uchun amaliy qo'llanma. Sietl: CreateSpace mustaqil nashr platformasi. ISBN  978-1494932633.
• Li, Nyuton (2015). Terrorizmga qarshi kurash va kiberxavfsizlik: Axborot to'g'risida to'liq ma'lumot (2-nashr). Springer. ISBN  978-3-319-17243-9.
• Montagnani, Mariya Lilla va Kavallo, Mirta Antonella (26.07.2018). "Katta ma'lumotlar dunyosidagi kiberxavfsizlik va javobgarlik ". SSRN.
• Singer, P. V.; Fridman, Allan (2014). Kiberxavfsizlik va kiber urush: hamma bilishi kerak bo'lgan narsalar. Oksford universiteti matbuoti. ISBN  978-0199918119.
• Vu, Chvan-Xva (Jon); Irvin, J. Devid (2013). Kompyuter tarmoqlari va kiberxavfsizlikka kirish. Boka Raton: CRC Press. ISBN  978-1466572133.
• M. Shariati va boshq. / Processia Computer Science 3 (2011) 537-543. Korxonaning axborot xavfsizligi, arxitektura va ramkalarni o'zaro muvofiqlik nuqtai nazaridan ko'rib chiqish

Tashqi havolalar

• Kompyuter xavfsizligi da Curlie
• Kiberxavfsizlik veb-saytlari