針對勒索病毒惡意程式攻擊網路風險管理與資訊安全防護技術研究
|
摘要 勒索病毒 (勒索軟體/綁架病毒)迅速竄起,是一種惡意程式攻擊型態也被證實是網路犯罪集團的一棵搖錢樹。這一點從 2016 年上半年勒索病毒新家族數量就成長了 172% 即可看出。事實上,駭客除不斷創新和更新犯罪工具之外,更不斷從現有的目標當中積極找尋更多潛在受害者,同時也採用社交工程等攻擊來提高獲利。根據趨勢科技 Trend Labs 報告發現:99% 的勒索病毒都是透過電子郵件或網站連結進行散播攻擊。趨勢科技光在2016年上半年就發現了79 個新的勒索病毒家族,這數字較 2015 年一整年的數量成長了 179%。根據趨勢科技接獲的案例回報顯示,感染勒索病毒 Ransomware的受害企業當中,近三成是重複感染,肇因分析是未即時修補伺服器的安全漏洞形成防護空窗,因此讓惡意程式攻擊有機可乘。
關鍵字:勒索病毒、緊急應變、資訊管理、網路安全、惡意程式。 ABSTRACT Ransomwares have been proven to be a cash cow of malicious code attacks and cybercrime groups. The related reports have shown from the first half of 2016 the number of Ransomware family grew up 172%. Moreover, in addition to constantly innovating and updating malicious codes tools, hackers are constantly looking for more potential victims from existing targets, and using new tactics to improve profitability. According to the Trend Micro Trend Labs report, 99% of the Ransomwares are distributed via e-mail or site links using social engineering tools. Trend Micro found in the first half year of 2016, 79 new Ransomware families were found and exceed the number of 2015 year, the growth of 179%. According to Trend Micro's studies, nearly 30 percent of the victims of the infected virus Ransomware are infected, and the cause of the attack is a failure to repair the server's security vulnerabilities, so that the malicious attacks can take the advantages.
Keywords: Ransomwares; Emergency Response; Information Managemen; Network Security; Malicious Code |