paint-brush
Iinyani ezili-13 zoBugebenga be-Cyberculos eziya kukunika ukuzolange@casey-crane
3,174 ukufunda
3,174 ukufunda

Iinyani ezili-13 zoBugebenga be-Cyberculos eziya kukunika ukuzola

nge Casey Crane9m2024/10/26
Read on Terminal Reader

Inde kakhulu; Ukufunda

Abaphuli-mthetho be-Cyber bathanda ukunika intsingiselo entsha kwibinzana elithi "iqhinga okanye ukuphatha" I-Ransomware Netted Threat Actors Ngaphezu kwe-1.1B yeedola kwii-Ill-Gotten Gains. I-51% yeMibutho iLahle i-$ 5- $ 25 yezigidi kwi-AI enxulumene nezoyikiso. Iindleko zoNyaniso zoBuqhophololo kubantu abadala ukuya kwi-5 yeebhiliyoni zeedola.
featured image - Iinyani ezili-13 zoBugebenga be-Cyberculos eziya kukunika ukuzola
Casey Crane HackerNoon profile picture
0-item

Ezi nyaniso zolwaphulo-mthetho lwe-intanethi zibonisa ukuba kutheni abaphuli-mthetho be-intanethi besoyikeka ngakumbi kunezilo ezizilo kunye neziporho ezizulazula esitratweni ngeHalloween.


Izikrelemnqa ziyakuthanda ukunika intsingiselo entsha ibinzana elithi “iqhinga okanye ukuphatha.”


Ngohlaselo lwe-cyber, i-phishing , i-ransomware , kunye nokuphulwa kwedatha , abantu ababi bayathanda ukubangela umonakalo kumashishini kunye nabathengi. Kodwa izenzo zabo azibhalwanga ukuya kutsho kwiipranks umntu anokuzilindela ku-All Hallows' Eve. Iimpembelelo zabo zineendleko ezingaphezulu kwaye zitshabalalisa amaxhoba.


Ukwazi oku, makhe siphonononge iinyani ezili-13 zolwaphulo-mthetho oluya kwenza iinwele zakho zime esiphelweni.

Iinyani ezoyikisayo ze-Cybercrime yezeMali kunye nezibalo

1. I-Ransomware iSetyenziselwe Usoyikiso abadlali Ngaphezulu kwe- $ 1.1B kwiiNzuzo eziFumanekileyo

Xa abantu ababi beza benkqonkqoza, ndiyathembisa ukuba abakhangeli iiButterfingers zakho okanye iikomityi zikaReese. Bajonge iintlawulo ezinkulu kunelekese - sithetha ngamakhulu, amawaka, okanye izigidi zeedola. Ingxelo evela kwi-Chainalysis ibonisa ukuba iintlawulo ze-ransomware ezimbi ezifunyenwe ngo-2023 zidlula i-1.1 yeebhiliyoni zeedola.

Umthombo wedatha: Igrafu eyenziwe kusetyenziswa idatha evela kwi-Chainalysis ebonisa inani leentlawulo ezaziwayo ze-ransomware ezifunyenwe kwiminyaka emihlanu edlulileyo.


Ukuthelekisa, isixa esipheleleyo abasifumene kwiintlawulo zentlawulelo ngo-2023 bebenokuthenga iijethi zokulwa ze-F-22 Raptor ezingaphezu kwesixhenxe ! Gcina ukhumbule ukuba nganye yale mishini yemfazwe iza nexabiso eliphakamileyo le-143 yezigidi zeedola ngeyunithi nganye (ngokwedatha ye-Air Force ka-Agasti 2022 ).


Mntu… oko kumele kuthetha ukuba iinkampani ezininzi zigqibe kwelokuba zihlawule iintlawulo ze-ransomware. Ayinakuba zininzi njengoko ucinga, ngokusekwe kwinyani yethu elandelayo ye-cybercrime…

2. Inkampani enye ihlawule i-75 yezigidi zeedola njengeMfuno yeRansomware ngo-2024

Ukubeka nje, iimfuno ze-ransomware zinokukhupha ubomi ngaphandle kwenkampani. Ngokutsho kweZscaler , enye inkampani ihlawule le mali enkulu kwiqela le-Dark Angels ransomware, elinomdla wokujolisa kwiinkampani zecandelo leziseko ezingundoqo.


Ngokwembono, loo ntlawulelo inye ixabisa imali efanayo naleyo uGoogle azinikele ngayo ukuxhasa i-AI yeThuba leNgxowa-mali .

I-3. I-51% yeMibutho iLahle i-$ 5-$ 25 yezigidi kwi-AI-Related Threats

Kungakhathaliseki ukuba unobangela wawusoyikiso olusekelwe ku-AI okanye oluqhutywa yi-AI, ngaphezu kwesiqingatha semibutho ephandwe yi-Biocatch ikhutshwe phakathi kwe-5 kunye ne-25 yezigidi zeedola ngo-2023. I-12% epheleleyo yabaphenduli bathi bajongene ubuncinane ne-25 yezigidi zeedola kumonakalo. . Asithethi pocket change apha; lixabiso eliqikelelweyo lendlu ka-Angelina Jolie yaseHollywood :


Okulusizi kukuba, yi-3% kuphela ebonise ukuba ayinalahleko kwezi zoyikiso, nto leyo ethetha ukuba i-97% ifumene ilahleko ngandlela thile.

4. Iindleko zoNyaniso zoBuqhetseba kuBantu abaDala bacingelwa ukuba bafikelele kwi-61.5 yezigidigidi zeedola

Idatha evela kwi-US Federal Trade Commission (FTC) ibonisa ukuba abantu abadala abadala babika ilahleko ephezulu kwi-1.9 yeebhiliyoni zeedola kwi-2023. Nangona kunjalo, kwakhona, elo nani limele kuphela ilahleko ezixeliweyo. Ingxelo yale arhente ibonisa ukuba iindleko zobuqhophololo bokwenyani kubantu abadala zinokufikelela kwi-61 yeebhiliyoni zeedola. Ngoba? Kuba ubuqhetseba obuninzi abuchazwa.


Inani labantu abadala abathe bawa ngenxa yobuqhetseba ngelahleko ye-100k yeedola lenyuke “ngaphezu kokuphindwe kathathu ukusukela ngo-2020.”

Inyaniso ye-Spooky AI eNxulumene neCybercrime

5. Izigrogriso zeCyber ezisekelwe kwi-AI aziyi ndawo kwaye zilindeleke ukuba ziphakame.

I-FBI ilumkisa ukuba abaphuli-mthetho be-cyber bayakhula besebenzisa itekhnoloji ye-AI ukwenza uhlaselo lwe-cyber. Ngokukodwa, i-AI evelisayo isetyenziselwa ubuqhetseba obahlukeneyo .


Umzekelo, ubuqhophololo obusekwe kwi-AI buyanda. Kolu hlobo lwemeko, umntu ombi usebenzisa idatha ekhutshiweyo kwiividiyo kunye neeprofayile ze-intanethi ukudibanisa ulwazi kunye neesampulu zelizwi lomntu ukulinganisa abantu bokwenyani. Banokusebenzisa itekhnoloji ye-AI evelisayo ukwenza iifoto ezinzulu, iividiyo, kunye nomxholo ovakalayo obonakala uyinyaniso kwaye ubonakale njengomntu omaziyo okanye omthandayo-umhlobo, ilungu losapho, umntu osebenza naye, okanye omnye umntu omthandayo-usengozini.


Umzekelo ogqibeleleyo wale nto unokubonwa kwi-AI-based trapping scams . Nantsi ividiyo malunga nobuqhophololo behlabathi be-AI obusekwe ngefowuni obujolise kubantu base-St. Louis County:


6. >7 kwiiNkampani zezeMali ezili-10 zijongana nabafana abangalunganga abasebenzisa izazisi zokwenziwa

I-72% yabaphenduli beSaveyi yeBiocatch (ingxelo ekhankanywe ngaphambili) ibonise ukuba ukongeza kwimiba yobuqhetseba bemveli, baphinde babe nabantu abangalunganga abasebenzisa izazisi zokwenziwa ukwenza iintengiselwano zemali, izicelo zemboleko kunye namakhadi okuthenga ngetyala, kunye nokuvula iiakhawunti zebhanki ezintsha.


Awuqinisekanga ukuba zeziphi izazisi zokwenziwa ? Ngokusisiseko zizazisi ezintsha ezidalwe ngokudibanisa ulwazi lokwenyani kunye nolwenkohliso olunokuchonga umntu (PII).


Ngelishwa kubafana abalungileyo, ezi zezasi zobuqhetseba ezicudiweyo zikholisa ukuqhatha izixhobo zokubona ubuqhetseba besintu, oko kuthetha ukuba abafunyaniswanga kwaye banokungaqatshelwa. Uphando lweBiocatch lubonisa ukuba nangona imibutho “ikwazi kakhulu ukutyhila ezi mpawu zokwenziwa kwiinyanga ezintathu,” siyazi ukuba mkhulu umonakalo onokwenzeka ngelo xesha.


Kuphela i-16% ibonisa ukuba bayakwazi ukuchonga ezi ID ze-synth kwiiyure ezingama-24.


7. Ii-ID zokwenziwa zibhentsisa abaBolekisi beZimali kwi-3.1 yeBhiliyoni yeedola kwiilahleko ezinokwenzeka

Izazisi ze-synthetic zikhathaza amashishini - amaziko emali ngakumbi. Idatha ye-TransUnion's 2024 State of Omnichannel Fraud Report ibonisa ukuba ababolekisi base-US kwiindidi ezahlukeneyo zamakhadi etyala kunye nemali-mboleko babenenombolo yerekhodi yeeakhawunti ezivulwe ekupheleni kuka-2023.


Ukuvezwa kokuphela konyaka ka-2023 okuqikelelweyo kwe-3.1 yeebhiliyoni zeedola kunyuke ukusuka kwi-2.8 yeebhiliyoni zeedola kwi-EOY 2022 kunye ne-2.1 yeebhiliyoni zeedola kwi-EOY 2020.


8. I-GenAI yenza uHlaselo oluNxibelele lufikeleleke ngakumbi kwaye lusebenze

Uhlaselo lobuqhetseba olukwinqanaba eliphezulu, ngakumbi xa ludityaniswe ne-AI evelisayo kunye nobuchwephesha obunzulu obunzulu bobuchwephesha, ziindlela ezisebenza kakhulu kubaphuli-mthetho be-intanethi. Ezi zixhobo zobukrelekrele ziphefumla ubomi obutsha kuhlaselo lobunjineli bezentlalo , zizenza zijolise ngakumbi, zibe yinyani, kwaye zisebenze.


Inqaku leqabane elipapashwe yiHacker News malunga nophando oluvela kwiToken kunye neDatos Insights ishwankathela kakuhle le nkxalabo ikhulayo:


"Uhlaselo lwe-Phishing kunye ne-ransomware yayikade iyindawo ekhethekileyo yeengcali ze-cybercriminals, kodwa ngokufika kwe-AI evelisayo kunye nezixhobo ezitsha ze-cybercrime, ukuqaliswa kolu hlaselo kuye kwafikeleleka kuye nabani na onokufikelela kwiwebhu emnyama, nabani na onesixhobo sekhompyutha kunye nesixhobo sekhompyutha. unxibelelwano lwe-intanethi.”


Kuvavanyo lwayo lwe-Homeland Threat Assessment ka-2025 , i-Ofisi yoBuntlola kunye noHlalutyi yeSebe lezoKhuseleko lwase-US igxininisa iziphumo zokhuseleko lwesizwe kwezi teknoloji kunyaka ozayo:



"Ngo-2025, silindele ukuba abadlali be-cyber abakhohlakeleyo baqhubeke nokusebenzisa inkqubela phambili kwi-AI yokuvelisa ukukhulisa amandla abo okuphuhlisa i-malware, ukuskena umngcipheko, kunye nokuxhaphaza izixhobo kunye nokuphucula amaqhinga kunye nemisebenzi yabo yobunjineli bentlalo. Amazwe achaseneyo aya kuqhubeka nokusebenzisa i-AI kumaphulo abo empembelelo embi njengoko itekhnoloji ithoba imida yobugcisa kwaye iphucula izakhono zabachasi ukuze benze umntu abe mnye ngokufanelekileyo kunye nokulinganisa imiyalezo ethembekileyo ngakumbi kubaphulaphuli ekujoliswe kubo.


9. UbuNjineli beNtlalo / ukuhlaselwa kwe-BEC kuPhakamisa i-1,760%, Ngokukodwa kumbulelo kwi-AI


Idatha evela kwiNgxelo yoNyaka ka-2024 ye-Perception Point: I-Cybersecurity Trends & Insights ” ingxelo ibonisa ukuba inani lohlaselo lwe-imeyile yeshishini (BEC) linyuke ukusuka kwi-1% ngo-2022 ukuya phantse kwi-19% yalo lonke uhlaselo ngo-2023.


Inkampani ithi i-BEC ihlasela ukulinganisa, ukukhohlisa, kunye nobuchule bobunjineli bezentlalo "ihlawuliswa kakhulu" yi-AI yokuvelisa . Ngaphaya koko, uphando lwenkampani oluxhaswe ngaphambili (olwenziwa yi-Osterman Research) lubonise ukuba i-91.1% yemibutho ifumene uhlaselo lwe-cyber oluvela kwii-imeyile eziphuculweyo ze-GenAI.

Iinyani ezoyikisayo zeCyberCrime malunga neNtuthuko kwiiNdlela kunye nobuGcisa

10. Ukukhutshwa kweDatha kuKhawulezayo kunangaphambili (Ngamanye amaxesha kuthatha ngaphantsi kosuku!)

Abaphuli-mthetho be-Cyber akufuneki banxibe isinxibo sesuti yenqwelomoya kunye neendondo ze-aviator ukuze zive imfuno yesantya. Xa kuziwa ekukhutshelweni kwedatha, iqela le-Palo Alto's Unit 42 Incident Response linika ingxelo yokuba yenzeka ngokukhawuleza kunangaphambili:


Phantse kwi-45% yamatyala ethu kulo nyaka, abahlaseli bakhuphe idatha ngaphantsi kosuku emva kokulalanisa. Oko kuthetha ukuba phantse isiqingatha sexesha, imibutho kufuneka iphendule kwiiyure nje ezimbalwa ukuyiyeka.”


Oku kuthetha ukuba kwiimeko ezininzi, abahlaseli baye babandakanyeka okanye bagqiba ukukhutshwa kwabo ngaphambi kokuba umbutho ube nexesha lokuhlanganisa iqela labo lokuphendula kunye nesicwangciso.


11. I-10+ yeBhiliyoni eNtsha kunye ne-Passwords zijikeleza kwiNkcazo yoKwaphulwa kweDatha enye

Khumbula ukuvuza kwe-RockYou2024 ? Le fayile, ekwabelwana ngayo ngumdlali wesongelo ohamba ngegama elithi ObamaCare, ibandakanya i-password ye-10 yebhiliyoni.


  • Iindaba ezimnandi: I-CyberNews inika ingxelo yokuba ayizizo zonke ii-passwords ezintsha , okuthetha ukuba ezinye iipassword kuluhlu ziye zavezwa kukwaphulwa kwedatha yangaphambili. Njengo... la magama okugqithisa aqokelelwa ngaphezulu kwe-4,000 yedatha kwi-20+ iminyaka. Ke, ewe, uluhlu lubandakanya amagama agqithisiweyo angoku, kodwa lukwabandakanya ezininzi ezindala, ngethemba, azisasebenzi.
  • Iindaba ezimbi: Abasebenzisi bayacotha okanye abahoywa xa kufikwa ekutshintsheni okanye ekuhlaziyweni kwamagama ayimfihlo asengozini. Umzekelo, uphononongo olugunyaziswe nguMcebisi weForbes kwaye lwaqhutywa nguTalker Research lubonisa ukuba yi-68% kuphela yabasebenzisi abatshintshe amagama abo ayimfihlo “kwiiakhawunti ezininzi emva kokuba igama labo libekwe emngciphekweni.” Ngaphaya koko, ngabasebenzisi ababini kuphela kwabahlanu abatshintsha amagama ayimfihlo xa becelwa kunokuba bawatshintshe ngokuqhubekayo.


Ke, ngaba iipassword kufuneka zitshintshwe ngokuqhubekayo? Akunjalo, ngokusekwe kwiNational Institute of Standards and Technology's (NIST's) inguqulelo yamva nje yeDigital Identity Guidelines :


Umfanekiso wesithombe: Umfanekiso weskrini othathwe kwi-NIST'S SP 800-63-4.


Awuqinisekanga ukuba i-password yakho ivuzisiwe okanye yophulwe na? Jonga isixhobo sokujonga igama lokuvuza leCyberNews. Nanku umzekelo weziphumo zegama lokugqitha NoWayJose:


Isihloko somfanekiso: Umzekelo wokukhangela isiphumo sokuphendla igama lokugqitha endilwenzileyo ndisebenzisa isixhobo sokujonga igama lokuvuza leCyberNews.


12. Inani leeNkcukacha zeDatha kwi-H1 2024 Skyrocketed

I-2024 ibingunyaka wokuseta irekhodi ngeendlela ezininzi - ngokuqinisekileyo hayi eyona incinci ibandakanya inani lokuphulwa kwedatha okuxeliweyo okwenzekileyo ukuza kuthi ga ngoku. I -Identity Theft Resource Centre (ITRC) ibika ukuba inani lamaxhoba okuphulwa kwedatha linyuke ngokunyuka kwe-1,170% ngonyaka ukusuka kwi-Q2 2023 ukuya kwi-Q2 2024. Hayi, loo nto yayingeyona i-typo - ufunde oko ngokuchanekileyo.


I -ITRC ibika ukuba ukuphulwa kwedatha ye-H1 2024 kunye nezinye izinto ezihambelanayo ziphelele kwi-1,571 kwaye zichaphazele ngaphezu kwe-1.007 yezigidigidi zamaxhoba. Nangona kunjalo, kuyakhawuleza ukukhomba ukuba amaxhoba aqikelelwa kwi-1+ yebhiliyoni ayibali abo babandakanyeka kuhlaselo olukhulu olunxulumene noTshintsho lwezeMpilo olunxulumene nobonelelo, olunokuthi "lube nefuthe 'kwinani elikhulu' labahlali base-US."


Kodwa unokwazi njani ukuba ulwazi lwakho lubandakanyiwe kuko nakuphi na ukwaphulwa? Enye indlela yokwazi kukukhangela i-database ye-intanethi efana ne-hasibeenpwned.com . Nanku umzekelo okhawulezayo wendlela ekhangeleka ngayo xa usebenzisa esi sixhobo:


Umfanekiso we-caption: Umzekelo wesiphumo sam sedilesi ye-imeyile ye-hadaibeenpwned.com xa ujonga ukuba, phi, kwaye xa yophulwe.


13. Izixhobo ezingalawulwayo eziJoliswe kwi-90% yeMisitho yeRansomware

Ayiyomfihlo into yokuba izixhobo zenethiwekhi ezingalawulwayo zibeka umngcipheko omkhulu wokhuseleko kumbutho wakho. Nangona kunjalo, iMicrosoft's 2024 Digital Defense Report ibonisa ukuba kwiimeko apho uhlaselo lwe-ransomware luye lwaqhubela phambili ukuya kwinqanaba lentlawulelo, basebenzisa kakhulu izixhobo ezingalawulwayo njenge-vector yokuqala yokufikelela okanye njengendlela yokubethela ukude i-asethi:


"Sibone ukubethelwa okude kwi-70% yamatyala aphumeleleyo, kunye ne-92% evela kwizixhobo ezingalawulwayo kwinethiwekhi, igxininisa imfuneko yokuba imibutho ibhalise izixhobo kulawulo okanye ingabandakanyi izixhobo ezingalawulwayo kwinethiwekhi."


Yiyo loo nto kubalulekile ukuba amashishini aqinisekise kwaye alawule izixhobo zawo zenethiwekhi. Ukuba oko akunakwenzeka, ngoko ke izixhobo kufuneka zisuswe kwinethiwekhi ukunqanda ukusetyenziswa kakubi.


Indlela "Abafana Abalungileyo" abalwa ngayo

Iingcali zokhuseleko kwi-Cybersecurity, abaqulunqi bomthetho, kunye nemibutho kwihlabathi jikelele bayalwa ngokuchasene nezi zenzo zolwaphulo-mthetho zimbi. Bajonge ngakumbi kwizisombululo ze-AI zokuphucula ukhuseleko lwabo kwi-cybersecurity. I-Darktrace ibika ukuba i-95% ye-1,800 yeenkokheli zokhuseleko zenkampani eziphononongwe kunye nabasebenzi babonisa ukuba izixhobo zokhuseleko ze-AI ziya kuphucula isantya semibutho yabo kunye nokusebenza kakuhle xa kuziwa ekulweni nezoyikiso ze-cyber.


Nazi ezinye iindlela ezimbalwa iinkokeli zeshishini ezithatha inyathelo lokuthintela izenzo zobugebenga be-intanethi.


UGoogle Wamkela iZiqinisekiso zeDijithali zokulwa nokuThatha iAkhawunti yeLifu

I-Tual TLS (i-mTLS okanye into ebizwa ngokuba yi-two-way authentication) kukusetyenziswa kwezatifikethi zedijithali ukubonisa ukuba umntu uyiloo nto babanga ukuba uyiyo. Oku kuluncedo ngakumbi xa uqinisekisa abantu kunye nezixhobo ezifikelela kwinethiwekhi yakho, ii-apps, kunye nezinye iinkqubo zikude.


NgokukaGoogle , ukufikelela okusekwe kwisatifikethi kusebenzisa i-TLS efanayo "ukuqinisekisa ukuba iinkcukacha zomsebenzisi zibotshelelwe kwisatifikethi sesixhobo ngaphambi kokugunyazisa ukufikelela kwimithombo yelifu." Ngokusisiseko, imalunga nokusebenzisa izatifikethi zedijithali njengezichongi zesixhobo kunye neziqinisekiso xa umntu ezama ukufikelela kwiinkonzo zelifu likaGoogle. Ngokutsho kweposti yebhlog:


“Nokuba umhlaseli ubeka esichengeni iinkcukacha zomsebenzisi, ukufikelela kwiakhawunti kuya kuhlala kuvaliwe njengoko bengenaso isatifikethi esihambelanayo. Oku kwenza ukuba iinkcukacha ezibiweyo zingabi namsebenzi.”


INkonzo yeMfihlo yase-US kukuPhanda ubugebenga be-Cybernakele obuNxulumene neMpahla yeDijithali

Umthetho oyilwayo omtsha we-Senate yase-US onesihloko esithi "Combatting Money Laundering in Cyber Crime Act ka-2024" (S.4830) ijolise ukunika i-arhente ye-Secret Service yase-US igunya lokuphanda oku kulandelayo:


"Ulwaphulo-mthetho olwahlukeneyo olunxulumene nokuthengiselana kwe-asethi yedijithali kunye nokuchasana nomsebenzi wolwaphulo-mthetho we-cyber, kubandakanywa amashishini athumela imali ngaphandle kwephepha-mvume, ukuthengiselana okucwangcisiweyo, kunye nobuqhetseba obujoliswe kumaziko emali, kunye nezinye iinjongo."


Umthetho oyilwayo waziswa ekupheleni kukaJulayi. Ukuba iyadlula, umthetho omtsha uya kwandisa amagunya ophando eNkonzo yeMfihlo phantsi kweSihlokwana se-18 seKhowudi yase-US. Ikwafuna ukuba iOfisi yoXanduva lukaRhulumente (i-GAO) inike ingxelo ngophononongo lwayo lweCandelo lama-6102 loMthetho oChasene nokuThutyeleziswa kweMali ka-2020 kunye novavanyo lwayo lokuba unyanzeliso lomthetho luchonga kwaye luthintele kangakanani na ulwaphulo-mthetho olunxulumene nokuthutyeleziswa kwemali.


L O A D I N G
. . . comments & more!

About Author

Casey Crane HackerNoon profile picture
Casey Crane@casey-crane
Casey Crane is a tech lover and cybersecurity journalist for Hashed Out and Infosec Insights.

ZIJONGE IIMPAWU

ELI NQAKU LINIKEZELWE KU...