{"id":7184,"date":"2023-07-27T16:35:55","date_gmt":"2023-07-27T09:35:55","guid":{"rendered":"https:\/\/vacif.com\/?p=7184"},"modified":"2023-07-27T16:35:55","modified_gmt":"2023-07-27T09:35:55","slug":"xu-huong-human-operated-ransomware-trong-cac-cuoc-tan-cong-mang","status":"publish","type":"post","link":"https:\/\/vacif.com\/en\/xu-huong-human-operated-ransomware-trong-cac-cuoc-tan-cong-mang\/","title":{"rendered":"XU H\u01af\u1edaNG HUMAN-OPERATED RANSOMWARE TRONG C\u00c1C CU\u1ed8C T\u1ea4N C\u00d4NG M\u1ea0NG."},"content":{"rendered":"\n

1. Human-Operated Ransomware l\u00e0 g\u00ec ?<\/strong><\/p>\n\n\n\n

Human-Operated Ransomware, c\u00f2n \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n, l\u00e0 m\u1ed9t lo\u1ea1i ransomware \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n v\u00e0 \u0111i\u1ec1u khi\u1ec3n b\u1edfi c\u00e1c hacker ho\u1eb7c nh\u00f3m hacker th\u1ef1c s\u1ef1, ch\u1ee9 kh\u00f4ng ph\u1ea3i ch\u1ec9 d\u1ef1a v\u00e0o m\u00e3 \u0111\u1ed9c t\u1ef1 \u0111\u1ed9ng v\u00e0 t\u1ef1 \u0111\u1ed9ng h\u00f3a.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Trong tr\u01b0\u1eddng h\u1ee3p c\u1ee7a Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n, c\u00e1c hacker ho\u1eb7c nh\u00f3m hacker th\u01b0\u1eddng t\u1ea5n c\u00f4ng c\u00e1c m\u1ea1ng ho\u1eb7c h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau b\u1eb1ng c\u00e1ch th\u00e2m nh\u1eadp v\u00e0 ti\u1ebfp c\u1eadn h\u1ec7 th\u1ed1ng b\u1eb1ng c\u00e1c k\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng m\u1ea1ng nh\u01b0 phishing, l\u1eeba \u0111\u1ea3o qua email, s\u1eed d\u1ee5ng m\u00e3 \u0111\u1ed9c \u0111\u1ec3 x\u00e2m nh\u1eadp, ho\u1eb7c khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u00e3 bi\u1ebft. Khi h\u1ecd th\u00e2m nh\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau, h\u1ecd s\u1ebd ti\u1ebfn h\u00e0nh m\u1ed9t c\u00e1ch th\u1ee7 c\u00f4ng v\u00e0 c\u00f3 ch\u1ee7 \u0111\u00edch \u0111\u1ec3 ti\u1ebfn h\u00e0nh cu\u1ed9c t\u1ea5n c\u00f4ng ransomware, \u0111\u00f2i ti\u1ec1n chu\u1ed9c t\u1eeb n\u1ea1n nh\u00e2n.<\/p>\n\n\n\n

2. Qu\u00e1 tr\u00ecnh t\u1ea5n c\u00f4ng Human-Operated Ransomware.<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

C\u00e1c b\u01b0\u1edbc ch\u00ednh trong qu\u00e1 tr\u00ecnh th\u1ef1c hi\u1ec7n Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n c\u00f3 th\u1ec3 bao g\u1ed3m:<\/p>\n\n\n\n

Ph\u00e1t hi\u1ec7n m\u1ee5c ti\u00eau: <\/strong>Hacker ti\u1ebfn h\u00e0nh t\u00ecm ki\u1ebfm c\u00e1c m\u1ee5c ti\u00eau ti\u1ec1m n\u0103ng, th\u01b0\u1eddng l\u00e0 c\u00e1c doanh nghi\u1ec7p, t\u1ed5 ch\u1ee9c ho\u1eb7c c\u01a1 quan c\u00f3 gi\u00e1 tr\u1ecb cao v\u00e0 d\u1eef li\u1ec7u quan tr\u1ecdng.<\/p>\n\n\n\n

X\u00e2m nh\u1eadp: <\/strong>Sau khi t\u00ecm th\u1ea5y m\u1ee5c ti\u00eau, hacker s\u1eed d\u1ee5ng c\u00e1c k\u1ef9 thu\u1eadt x\u00e2m nh\u1eadp \u0111\u1ec3 ti\u1ebfp c\u1eadn h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau. \u0110i\u1ec1u n\u00e0y c\u00f3 th\u1ec3 bao g\u1ed3m t\u1ea5n c\u00f4ng v\u00e0o m\u1ea1ng b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng c\u00e1c ph\u01b0\u01a1ng ph\u00e1p t\u1ea5n c\u00f4ng m\u1ea1ng nh\u01b0 brute-force, s\u1eed d\u1ee5ng m\u00e3 \u0111\u1ed9c ho\u1eb7c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u00e3 bi\u1ebft \u0111\u1ec3 t\u1ea5n c\u00f4ng.<\/p>\n\n\n\n

Ph\u00e2n t\u00edch v\u00e0 l\u1ef1a ch\u1ecdn d\u1eef li\u1ec7u quan tr\u1ecdng: <\/strong>Sau khi x\u00e2m nh\u1eadp th\u00e0nh c\u00f4ng v\u00e0o h\u1ec7 th\u1ed1ng, hacker ti\u1ebfn h\u00e0nh ph\u00e2n t\u00edch v\u00e0 l\u1ef1a ch\u1ecdn c\u00e1c t\u1ec7p v\u00e0 d\u1eef li\u1ec7u quan tr\u1ecdng m\u00e0 h\u1ecd mu\u1ed1n m\u00e3 h\u00f3a \u0111\u1ec3 y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c.<\/p>\n\n\n\n

M\u00e3 h\u00f3a d\u1eef li\u1ec7u: <\/strong>Hacker s\u1ebd m\u00e3 h\u00f3a c\u00e1c t\u1ec7p v\u00e0 d\u1eef li\u1ec7u \u0111\u00e3 ch\u1ecdn s\u1eed d\u1ee5ng m\u1ed9t ph\u01b0\u01a1ng ph\u00e1p m\u00e3 h\u00f3a m\u1ea1nh, l\u00e0m cho ch\u00fang kh\u00f4ng th\u1ec3 truy c\u1eadp \u0111\u01b0\u1ee3c cho \u0111\u1ebfn khi ti\u1ec1n chu\u1ed9c \u0111\u01b0\u1ee3c tr\u1ea3.<\/p>\n\n\n\n

Y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c: <\/strong>Sau khi ho\u00e0n th\u00e0nh vi\u1ec7c m\u00e3 h\u00f3a, hacker s\u1ebd g\u1eedi y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c \u0111\u1ebfn n\u1ea1n nh\u00e2n, th\u00f4ng qua th\u00f4ng \u0111i\u1ec7p r\u00f5 r\u00e0ng v\u00e0 h\u01b0\u1edbng d\u1eabn c\u1ee5 th\u1ec3 v\u1ec1 c\u00e1ch tr\u1ea3 ti\u1ec1n chu\u1ed9c \u0111\u1ec3 nh\u1eadn kh\u00f3a gi\u1ea3i m\u00e3.<\/p>\n\n\n\n

\u0110\u00e0m ph\u00e1n v\u00e0 nh\u1eadn ti\u1ec1n chu\u1ed9c:<\/strong> N\u1ebfu n\u1ea1n nh\u00e2n ch\u1ea5p nh\u1eadn tr\u1ea3 ti\u1ec1n chu\u1ed9c, hacker s\u1ebd th\u01b0\u1eddng th\u1ef1c hi\u1ec7n c\u00e1c ho\u1ea1t \u0111\u1ed9ng \u0111\u00e0m ph\u00e1n \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o ti\u1ec1n chu\u1ed9c \u0111\u01b0\u1ee3c tr\u1ea3 v\u00e0 cung c\u1ea5p ph\u01b0\u01a1ng ti\u1ec7n gi\u1ea3i m\u00e3 \u0111\u1ec3 gi\u1ea3i m\u00e3 d\u1eef li\u1ec7u \u0111\u00e3 b\u1ecb m\u00e3 h\u00f3a.<\/p>\n\n\n\n

Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n th\u01b0\u1eddng g\u00e2y ra nh\u1eefng thi\u1ec7t h\u1ea1i l\u1edbn, v\u00ec n\u00f3 k\u1ebft h\u1ee3p c\u1ea3 k\u1ef9 thu\u1eadt x\u00e2m nh\u1eadp m\u1ea1ng v\u00e0 m\u1ed9t c\u00e1ch ti\u1ebfp c\u1eadn t\u1ef1 \u0111\u1ed9ng h\u00f3a b\u00e1m theo \u0111\u1ec3 m\u00e3 h\u00f3a d\u1eef li\u1ec7u v\u00e0 \u0111\u00f2i ti\u1ec1n chu\u1ed9c. \u0110i\u1ec1u n\u00e0y khi\u1ebfn vi\u1ec7c ph\u00e1t hi\u1ec7n v\u00e0 ng\u0103n ch\u1eb7n n\u00f3 tr\u1edf n\u00ean kh\u00f3 kh\u0103n h\u01a1n so v\u1edbi c\u00e1c d\u1ea1ng ransomware t\u1ef1 \u0111\u1ed9ng.<\/p>\n\n\n\n

3. V\u00ec sao xu h\u01b0\u1edbng Human-Operated Ransomware ng\u00e0y c\u00e0ng t\u0103ng.<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

C\u00f3 m\u1ed9t s\u1ed1 l\u00fd do ch\u00ednh gi\u1ea3i th\u00edch t\u1ea1i sao xu h\u01b0\u1edbng Human-Operated Ransomware ng\u00e0y c\u00e0ng t\u0103ng:<\/p>\n\n\n\n

L\u1ee3i nhu\u1eadn cao:<\/strong> Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n th\u01b0\u1eddng t\u1eadp trung v\u00e0o c\u00e1c t\u1ed5 ch\u1ee9c, doanh nghi\u1ec7p c\u00f3 gi\u00e1 tr\u1ecb cao ho\u1eb7c c\u01a1 quan ch\u00ednh ph\u1ee7, nh\u1eafm v\u00e0o vi\u1ec7c m\u00e3 h\u00f3a d\u1eef li\u1ec7u quan tr\u1ecdng v\u00e0 y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c l\u1edbn. V\u00ec c\u00e1c t\u1ed5 ch\u1ee9c n\u00e0y c\u00f3 kh\u1ea3 n\u0103ng tr\u1ea3 ti\u1ec1n chu\u1ed9c l\u1edbn h\u01a1n, n\u00ean hacker c\u00f3 th\u1ec3 ki\u1ebfm \u0111\u01b0\u1ee3c nhi\u1ec1u l\u1ee3i nhu\u1eadn h\u01a1n t\u1eeb vi\u1ec7c th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng n\u00e0y.<\/p>\n\n\n\n

S\u1ef1 kh\u00f3 ki\u1ec3m so\u00e1t:<\/strong> Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n th\u01b0\u1eddng r\u1ea5t kh\u00f3 ph\u00e1t hi\u1ec7n v\u00e0 ph\u00f2ng ng\u1eeba b\u1edfi c\u00e1c gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt t\u1ef1 \u0111\u1ed9ng truy\u1ec1n th\u1ed1ng. Do ng\u01b0\u1eddi hacker th\u1ef1c hi\u1ec7n th\u1ee7 c\u00f4ng v\u00e0 c\u00f3 th\u1ec3 t\u00f9y ch\u1ec9nh cu\u1ed9c t\u1ea5n c\u00f4ng cho m\u1ed7i m\u1ee5c ti\u00eau c\u1ee5 th\u1ec3, c\u00e1c h\u00e0nh vi c\u1ee7a ransomware c\u00f3 th\u1ec3 tr\u00f4ng gi\u1ed1ng nh\u01b0 c\u00e1c ho\u1ea1t \u0111\u1ed9ng b\u00ecnh th\u01b0\u1eddng tr\u00ean h\u1ec7 th\u1ed1ng, tr\u00e1nh nh\u1eadn di\u1ec7n d\u1ec5 d\u00e0ng b\u1edfi c\u00e1c gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt d\u1ef1a tr\u00ean ch\u1eef k\u00fd ho\u1eb7c m\u00e3 h\u00f3a.<\/p>\n\n\n\n

T\u1eadp trung v\u00e0o l\u1eeba \u0111\u1ea3o v\u00e0 x\u00e2m nh\u1eadp: <\/strong>Nh\u1eefng hacker th\u1ef1c hi\u1ec7n ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n th\u01b0\u1eddng t\u1eadp trung v\u00e0o vi\u1ec7c l\u1eeba \u0111\u1ea3o v\u00e0 x\u00e2m nh\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau thay v\u00ec l\u00e2y lan r\u1ed9ng r\u00e3i. H\u1ecd th\u01b0\u1eddng t\u1ea5n c\u00f4ng c\u00e1c m\u1ee5c ti\u00eau c\u00f3 gi\u00e1 tr\u1ecb cao v\u1edbi s\u1ef1 chu\u1ea9n b\u1ecb k\u1ef9 l\u01b0\u1ee1ng, b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng c\u00e1c k\u1ef9 thu\u1eadt x\u00e2m nh\u1eadp m\u1ea1ng tinh vi v\u00e0 t\u00f9y ch\u1ec9nh cu\u1ed9c t\u1ea5n c\u00f4ng cho t\u1eebng m\u1ee5c ti\u00eau c\u1ee5 th\u1ec3, l\u00e0m cho n\u00f3 kh\u00f3 b\u1ecb ph\u00e1t hi\u1ec7n v\u00e0 ng\u0103n ch\u1eb7n.<\/p>\n\n\n\n

Khai th\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt: <\/strong>Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n th\u01b0\u1eddng khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u00e3 bi\u1ebft trong c\u00e1c h\u1ec7 th\u1ed1ng v\u00e0 \u1ee9ng d\u1ee5ng \u0111\u1ec3 ti\u1ebfp c\u1eadn m\u1ee5c ti\u00eau. C\u00e1c hacker s\u1eed d\u1ee5ng c\u00e1c c\u00f4ng c\u1ee5 t\u00f9y ch\u1ec9nh \u0111\u1ec3 th\u00e2m nh\u1eadp v\u00e0o m\u1ea1ng v\u00e0 h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau, gi\u00fap h\u1ecd tr\u00e1nh b\u1ecb ph\u00e1t hi\u1ec7n b\u1edfi c\u00e1c gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt t\u1ef1 \u0111\u1ed9ng truy\u1ec1n th\u1ed1ng.<\/p>\n\n\n\n

M\u00f4 h\u00ecnh kinh doanh c\u00f3 c\u1ea5u tr\u00fac:<\/strong> M\u1ed9t s\u1ed1 t\u1ed5 ch\u1ee9c ph\u1ea1m ph\u00e1p v\u00e0 hacker l\u1eeba \u0111\u1ea3o th\u1eadm ch\u00ed \u0111\u00e3 ph\u00e1t tri\u1ec3n c\u00e1c m\u00f4 h\u00ecnh kinh doanh c\u00f3 c\u1ea5u tr\u00fac xung quanh vi\u1ec7c tri\u1ec3n khai ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u h\u00e0nh. H\u1ecd cung c\u1ea5p d\u1ecbch v\u1ee5 t\u1ea5n c\u00f4ng ransomware d\u01b0\u1edbi d\u1ea1ng “Ransomware as a Service” (RaaS), gi\u00fap c\u00e1c hacker kh\u00f4ng c\u00f3 k\u1ef9 n\u0103ng k\u1ef9 thu\u1eadt \u0111\u1ea7y \u0111\u1ee7 c\u0169ng c\u00f3 th\u1ec3 tham gia v\u00e0o cu\u1ed9c ch\u01a1i n\u00e0y.<\/p>\n\n\n\n

Nh\u1eefng l\u00fd do tr\u00ean \u0111\u00e3 t\u1ea1o ra s\u1ef1 gia t\u0103ng c\u1ee7a xu h\u01b0\u1edbng ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u h\u00e0nh, khi\u1ebfn n\u00f3 tr\u1edf th\u00e0nh m\u1ed9t m\u1ed1i \u0111e d\u1ecda ng\u00e0y c\u00e0ng nghi\u00eam tr\u1ecdng \u0111\u1ed1i v\u1edbi c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0 doanh nghi\u1ec7p tr\u00ean to\u00e0n c\u1ea7u.<\/p>\n\n\n\n

4. S\u1ef1 kh\u00e1c nhau gi\u1eefa Human-Operated Ransomware v\u00e0 Traditional Ransomware.<\/strong><\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

Human-Operated Ransomware v\u00e0 Traditional Ransomware l\u00e0 hai lo\u1ea1i ransomware c\u00f3 s\u1ef1 kh\u00e1c bi\u1ec7t v\u1ec1 c\u00e1ch th\u1ee9c th\u1ef1c hi\u1ec7n v\u00e0 ho\u1ea1t \u0111\u1ed9ng. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 s\u1ef1 so s\u00e1nh gi\u1eefa hai lo\u1ea1i ransomware n\u00e0y:<\/p>\n\n\n\n

4.1 Human-Operated Ransomware.<\/strong><\/p>\n\n\n\n

\u0110\u1eb7c \u0111i\u1ec3m:<\/strong> Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u h\u00e0nh \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n v\u00e0 \u0111i\u1ec1u h\u00e0nh b\u1edfi c\u00e1c hacker ho\u1eb7c nh\u00f3m hacker th\u1ef1c s\u1ef1, c\u00f3 kh\u1ea3 n\u0103ng th\u1ef1c hi\u1ec7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ransomware m\u1ee5c ti\u00eau, th\u1ee7 c\u00f4ng v\u00e0 c\u00f3 ch\u1ee7 \u0111\u00edch.<\/p>\n\n\n\n

Ti\u1ebfn tr\u00ecnh t\u1ea5n c\u00f4ng: <\/strong>Hacker th\u00e2m nh\u1eadp v\u00e0o m\u1ea1ng ho\u1eb7c h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng c\u00e1c k\u1ef9 thu\u1eadt t\u1ea5n c\u00f4ng m\u1ea1ng nh\u01b0 phishing, l\u1eeba \u0111\u1ea3o qua email, s\u1eed d\u1ee5ng m\u00e3 \u0111\u1ed9c \u0111\u1ec3 x\u00e2m nh\u1eadp, ho\u1eb7c khai th\u00e1c c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u00e3 bi\u1ebft. Sau \u0111\u00f3, h\u1ecd ti\u1ebfn h\u00e0nh m\u00e3 h\u00f3a d\u1eef li\u1ec7u v\u00e0 \u0111\u00f2i ti\u1ec1n chu\u1ed9c t\u1eeb n\u1ea1n nh\u00e2n.<\/p>\n\n\n\n

\u0110\u1eb7c \u0111i\u1ec3m chung: <\/strong>Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n th\u01b0\u1eddng t\u1ea5n c\u00f4ng c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0 doanh nghi\u1ec7p c\u00f3 gi\u00e1 tr\u1ecb cao, v\u00e0 ch\u00fa tr\u1ecdng v\u00e0o vi\u1ec7c m\u00e3 h\u00f3a c\u00e1c d\u1eef li\u1ec7u quan tr\u1ecdng v\u00e0 nh\u1ea1y c\u1ea3m \u0111\u1ec3 \u0111\u00f2i ti\u1ec1n chu\u1ed9c l\u1edbn.<\/p>\n\n\n\n

4.2 Traditional Ransomware.<\/strong><\/p>\n\n\n\n

\u0110\u1eb7c \u0111i\u1ec3m: <\/strong>Ransomware truy\u1ec1n th\u1ed1ng l\u00e0 c\u00e1c lo\u1ea1i ransomware t\u1ef1 \u0111\u1ed9ng v\u00e0 t\u1ef1 lan truy\u1ec1n m\u00e0 kh\u00f4ng y\u00eau c\u1ea7u s\u1ef1 can thi\u1ec7p th\u1ee7 c\u00f4ng c\u1ee7a hacker. Ch\u00fang \u0111\u01b0\u1ee3c l\u1eadp tr\u00ecnh \u0111\u1ec3 t\u1ef1 \u0111\u1ed9ng ph\u00e1t hi\u1ec7n v\u00e0 m\u00e3 h\u00f3a c\u00e1c t\u1ec7p tr\u00ean m\u00e1y t\u00ednh c\u1ee7a n\u1ea1n nh\u00e2n.<\/p>\n\n\n\n

Ti\u1ebfn tr\u00ecnh t\u1ea5n c\u00f4ng: <\/strong>Ransomware truy\u1ec1n th\u1ed1ng th\u01b0\u1eddng lan truy\u1ec1n qua email \u0111\u1ed9c h\u1ea1i, c\u00e1c trang web \u0111\u1ed9c h\u1ea1i, ho\u1eb7c l\u1ee3i d\u1ee5ng c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt tr\u00ean m\u00e1y t\u00ednh. Khi n\u1ea1n nh\u00e2n m\u1edf m\u1ed9t t\u1ec7p ho\u1eb7c truy c\u1eadp v\u00e0o m\u1ed9t trang web \u0111\u1ed9c h\u1ea1i, ransomware s\u1ebd t\u1ef1 \u0111\u1ed9ng ph\u00e1t hi\u1ec7n v\u00e0 b\u1eaft \u0111\u1ea7u m\u00e3 h\u00f3a c\u00e1c t\u1ec7p.<\/p>\n\n\n\n

\u0110\u1eb7c \u0111i\u1ec3m chung:<\/strong> Ransomware truy\u1ec1n th\u1ed1ng th\u01b0\u1eddng l\u00e2y lan r\u1ed9ng r\u00e3i v\u00e0 t\u1ea5n c\u00f4ng ng\u1eabu nhi\u00ean nhi\u1ec1u m\u00e1y t\u00ednh, v\u1edbi m\u1ee5c ti\u00eau l\u00e0 thu th\u1eadp ti\u1ec1n chu\u1ed9c t\u1eeb s\u1ed1 l\u01b0\u1ee3ng l\u1edbn n\u1ea1n nh\u00e2n, th\u01b0\u1eddng l\u00e0 b\u1eb1ng c\u00e1ch y\u00eau c\u1ea7u s\u1ed1 ti\u1ec1n nh\u1ecf \u0111\u1ec3 d\u1ec5 d\u00e0ng n\u1eafm b\u1eaft.<\/p>\n\n\n\n

T\u00f3m t\u1eaft:<\/strong><\/p>\n\n\n\n

Human-Operated Ransomware<\/strong> \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n v\u00e0 \u0111i\u1ec1u h\u00e0nh b\u1edfi c\u00e1c hacker ho\u1eb7c nh\u00f3m hacker th\u1ef1c s\u1ef1, v\u1edbi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng m\u1ee5c ti\u00eau v\u00e0 th\u1ee7 c\u00f4ng.<\/p>\n\n\n\n

Traditional Ransomware <\/strong>l\u00e0 c\u00e1c lo\u1ea1i ransomware t\u1ef1 \u0111\u1ed9ng v\u00e0 t\u1ef1 lan truy\u1ec1n, kh\u00f4ng y\u00eau c\u1ea7u s\u1ef1 can thi\u1ec7p th\u1ee7 c\u00f4ng c\u1ee7a hacker v\u00e0 th\u01b0\u1eddng t\u1ea5n c\u00f4ng ng\u1eabu nhi\u00ean nhi\u1ec1u m\u00e1y t\u00ednh.<\/p>\n\n\n\n

5. Human-Operated Ransomware n\u1ed5i ti\u1ebfng “Ryuk”<\/strong>.<\/p>\n\n\n\n

Ryuk l\u00e0 m\u1ed9t trong nh\u1eefng v\u00ed d\u1ee5 \u0111i\u1ec3n h\u00ecnh v\u1ec1 Human-Operated Ransomware, \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n b\u1edfi nh\u1eefng hacker chuy\u00ean nghi\u1ec7p v\u1edbi m\u1ee5c ti\u00eau ch\u00ednh l\u00e0 t\u1ea5n c\u00f4ng v\u00e0o c\u00e1c t\u1ed5 ch\u1ee9c, doanh nghi\u1ec7p c\u00f3 gi\u00e1 tr\u1ecb cao v\u00e0 y\u00eau c\u1ea7u s\u1ed1 ti\u1ec1n chu\u1ed9c l\u1edbn.<\/p>\n\n\n

\n
\"\"<\/figure>\n<\/div>\n\n\n

M\u00f4 t\u1ea3: <\/strong>Ryuk l\u00e0 m\u1ed9t lo\u1ea1i ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u h\u00e0nh \u0111\u00e3 xu\u1ea5t hi\u1ec7n v\u00e0o cu\u1ed1i n\u0103m 2018 v\u00e0 nhanh ch\u00f3ng tr\u1edf th\u00e0nh m\u1ed9t trong nh\u1eefng m\u1ed1i \u0111e d\u1ecda l\u1edbn \u0111\u1ed1i v\u1edbi c\u00e1c t\u1ed5 ch\u1ee9c v\u00e0 doanh nghi\u1ec7p tr\u00ean to\u00e0n c\u1ea7u. \u0110\u01b0\u1ee3c cho l\u00e0 do m\u1ed9t nh\u00f3m hacker chuy\u00ean nghi\u1ec7p t\u1eeb Nga ho\u1eb7c B\u1eafc Tri\u1ec1u Ti\u00ean \u0111i\u1ec1u h\u00e0nh, Ryuk \u0111\u00e3 g\u00e2y ra h\u00e0ng tri\u1ec7u \u0111\u00f4 la thi\u1ec7t h\u1ea1i trong vi\u1ec7c y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c t\u1eeb c\u00e1c n\u1ea1n nh\u00e2n.<\/p>\n\n\n\n

C\u00e1ch th\u1ef1c hi\u1ec7n:<\/strong> Ryuk th\u01b0\u1eddng b\u1eaft \u0111\u1ea7u t\u1ea5n c\u00f4ng b\u1eb1ng c\u00e1ch x\u00e2m nh\u1eadp v\u00e0o h\u1ec7 th\u1ed1ng m\u1ee5c ti\u00eau th\u00f4ng qua email \u0111\u1ed9c h\u1ea1i ho\u1eb7c s\u1eed d\u1ee5ng c\u00e1c l\u1ed7 h\u1ed5ng b\u1ea3o m\u1eadt \u0111\u00e3 bi\u1ebft. Sau khi x\u00e2m nh\u1eadp th\u00e0nh c\u00f4ng v\u00e0o m\u1ea1ng, nh\u00f3m hacker th\u1ef1c hi\u1ec7n c\u00e1c b\u01b0\u1edbc sau:<\/p>\n\n\n\n

Thu th\u1eadp th\u00f4ng tin: <\/strong>Hacker thu th\u1eadp th\u00f4ng tin chi ti\u1ebft v\u1ec1 h\u1ec7 th\u1ed1ng, m\u1ea1ng, ng\u01b0\u1eddi d\u00f9ng v\u00e0 t\u1ec7p d\u1eef li\u1ec7u c\u1ee7a n\u1ea1n nh\u00e2n.<\/p>\n\n\n\n

L\u1ef1a ch\u1ecdn m\u1ee5c ti\u00eau:<\/strong> D\u1ef1a v\u00e0o th\u00f4ng tin thu th\u1eadp \u0111\u01b0\u1ee3c, hacker quy\u1ebft \u0111\u1ecbnh c\u00e1c t\u1ec7p v\u00e0 d\u1eef li\u1ec7u quan tr\u1ecdng m\u00e0 h\u1ecd mu\u1ed1n m\u00e3 h\u00f3a \u0111\u1ec3 y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c.<\/p>\n\n\n\n

M\u00e3 h\u00f3a d\u1eef li\u1ec7u: <\/strong>Hacker s\u1eed d\u1ee5ng m\u1ed9t m\u00e3 h\u00f3a m\u1ea1nh \u0111\u1ec3 m\u00e3 h\u00f3a c\u00e1c t\u1ec7p v\u00e0 d\u1eef li\u1ec7u quan tr\u1ecdng \u0111\u00e3 ch\u1ecdn, khi\u1ebfn ch\u00fang kh\u00f4ng th\u1ec3 truy c\u1eadp \u0111\u01b0\u1ee3c cho \u0111\u1ebfn khi ti\u1ec1n chu\u1ed9c \u0111\u01b0\u1ee3c tr\u1ea3.<\/p>\n\n\n\n

Y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c:<\/strong> Sau khi ho\u00e0n th\u00e0nh vi\u1ec7c m\u00e3 h\u00f3a, hacker g\u1eedi th\u00f4ng \u0111i\u1ec7p y\u00eau c\u1ea7u ti\u1ec1n chu\u1ed9c \u0111\u1ebfn n\u1ea1n nh\u00e2n th\u00f4ng qua email ho\u1eb7c th\u00f4ng qua th\u00f4ng b\u00e1o tr\u00ean m\u00e0n h\u00ecnh m\u00e1y t\u00ednh. Trong th\u00f4ng \u0111i\u1ec7p, h\u1ecd cung c\u1ea5p h\u01b0\u1edbng d\u1eabn c\u1ee5 th\u1ec3 v\u00e0 \u0111\u1ecba ch\u1ec9 v\u00ed ti\u1ec1n \u0111i\u1ec7n t\u1eed \u0111\u1ec3 n\u1ea1n nh\u00e2n tr\u1ea3 ti\u1ec1n chu\u1ed9c.<\/p>\n\n\n\n

\u0110\u00e0m ph\u00e1n v\u00e0 giao d\u1ecbch: <\/strong>N\u1ebfu n\u1ea1n nh\u00e2n ch\u1ea5p nh\u1eadn tr\u1ea3 ti\u1ec1n chu\u1ed9c, hacker th\u01b0\u1eddng th\u1ef1c hi\u1ec7n cu\u1ed9c \u0111\u00e0m ph\u00e1n \u0111\u1ec3 \u0111\u1ea3m b\u1ea3o ti\u1ec1n chu\u1ed9c \u0111\u01b0\u1ee3c tr\u1ea3 v\u00e0 cung c\u1ea5p kh\u00f3a gi\u1ea3i m\u00e3 \u0111\u1ec3 gi\u1ea3i m\u00e3 d\u1eef li\u1ec7u \u0111\u00e3 b\u1ecb m\u00e3 h\u00f3a.<\/p>\n\n\n\n

6. Gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt c\u1ee7a Sophos.<\/strong><\/p>\n\n\n\n

Sophos, m\u1ed9t trong nh\u1eefng nh\u00e0 cung c\u1ea5p h\u00e0ng \u0111\u1ea7u v\u1ec1 an ninh m\u1ea1ng v\u00e0 b\u1ea3o m\u1eadt, cung c\u1ea5p nhi\u1ec1u gi\u1ea3i ph\u00e1p \u0111\u1ec3 ng\u0103n ch\u1eb7n Human-Operated Ransomware v\u00e0 c\u00e1c lo\u1ea1i ransomware kh\u00e1c. D\u01b0\u1edbi \u0111\u00e2y l\u00e0 m\u1ed9t s\u1ed1 gi\u1ea3i ph\u00e1p c\u1ee7a Sophos \u0111\u1ec3 \u0111\u1ed1i ph\u00f3 v\u1edbi Human-Operated Ransomware:<\/p>\n\n\n\n

Sophos Intercept X with XDR (Extended Detection and Response): <\/strong>\u0110\u00e2y l\u00e0 m\u1ed9t gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt ti\u00ean ti\u1ebfn d\u1ef1a tr\u00ean tr\u00ed tu\u1ec7 nh\u00e2n t\u1ea1o v\u00e0 h\u1ecdc m\u00e1y. Intercept X with EDR gi\u00e1m s\u00e1t v\u00e0 ph\u00e2n t\u00edch c\u00e1c ho\u1ea1t \u0111\u1ed9ng c\u1ee7a h\u1ec7 th\u1ed1ng m\u1ea1ng v\u00e0 c\u00e1c thi\u1ebft b\u1ecb k\u1ebft n\u1ed1i \u0111\u1ec3 ph\u00e1t hi\u1ec7n c\u00e1c h\u00e0nh vi \u0111\u00e1ng ng\u1edd c\u1ee7a ransomware, bao g\u1ed3m c\u1ea3 Human-Operated Ransomware. N\u00f3 cung c\u1ea5p c\u00e1c c\u1ea3nh b\u00e1o v\u00e0 b\u00e1o c\u00e1o chi ti\u1ebft \u0111\u1ec3 ng\u0103n ch\u1eb7n v\u00e0 x\u1eed l\u00fd c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng.<\/p>\n\n\n\n

Sophos XG Firewall:<\/strong> Sophos XG Firewall l\u00e0 m\u1ed9t gi\u1ea3i ph\u00e1p t\u01b0\u1eddng l\u1eeda m\u1ea1ng m\u1ea1nh m\u1ebd v\u1edbi nhi\u1ec1u t\u00ednh n\u0103ng b\u1ea3o v\u1ec7 ch\u1ed1ng ransomware v\u00e0 c\u00e1c m\u1ed1i \u0111e d\u1ecda kh\u00e1c. N\u00f3 s\u1eed d\u1ee5ng c\u00f4ng ngh\u1ec7 Deep Learning \u0111\u1ec3 ph\u00e1t hi\u1ec7n c\u00e1c m\u1eabu ransomware m\u1edbi v\u00e0 kh\u00f4ng x\u00e1c \u0111\u1ecbnh.<\/p>\n\n\n\n

Sophos Email Gateway: <\/strong>Gi\u1ea3i ph\u00e1p Sophos Email Gateway gi\u00fap ng\u0103n ch\u1eb7n email ch\u1ee9a ransomware v\u00e0 c\u00e1c t\u1ec7p \u0111\u1ed9c h\u1ea1i kh\u00e1c t\u1eeb ti\u1ebfp c\u1eadn h\u1ed9p th\u01b0 \u0111\u1ebfn c\u00e1c ng\u01b0\u1eddi d\u00f9ng. N\u00f3 s\u1eed d\u1ee5ng c\u00f4ng ngh\u1ec7 ch\u1ed1ng phishing, ki\u1ec3m tra d\u1eef li\u1ec7u \u0111\u00ednh k\u00e8m v\u00e0 c\u00e1c ch\u1eef k\u00fd \u0111\u1ec3 ph\u00e1t hi\u1ec7n v\u00e0 ch\u1eb7n c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ransomware qua email.<\/p>\n\n\n\n

Sophos Server Protection: <\/strong>Gi\u1ea3i ph\u00e1p b\u1ea3o v\u1ec7 m\u00e1y ch\u1ee7 c\u1ee7a Sophos gi\u00e1m s\u00e1t v\u00e0 b\u1ea3o v\u1ec7 c\u00e1c m\u00e1y ch\u1ee7 ch\u1ea1y tr\u00ean n\u1ec1n t\u1ea3ng Windows v\u00e0 Linux kh\u1ecfi ransomware v\u00e0 c\u00e1c m\u1ed1i \u0111e d\u1ecda \u0111\u1ed9c h\u1ea1i kh\u00e1c. N\u00f3 cung c\u1ea5p t\u01b0\u1eddng l\u1eeda \u1ee9ng d\u1ee5ng, gi\u00e1m s\u00e1t l\u01b0u l\u01b0\u1ee3ng m\u1ea1ng v\u00e0 ph\u00e2n t\u00edch h\u00e0nh vi \u0111\u00e1ng ng\u1edd.<\/p>\n\n\n\n

Sophos Mobile Security:<\/strong> \u0110\u1ed1i v\u1edbi c\u00e1c thi\u1ebft b\u1ecb di \u0111\u1ed9ng, Sophos Mobile Security gi\u00fap ng\u0103n ch\u1eb7n c\u00e1c \u1ee9ng d\u1ee5ng \u0111\u1ed9c h\u1ea1i v\u00e0 ransomware t\u1eeb ti\u1ebfp c\u1eadn v\u00e0 t\u1ea5n c\u00f4ng thi\u1ebft b\u1ecb di \u0111\u1ed9ng.<\/p>\n\n\n\n

Sophos Managed Threat Response (MTR): <\/strong>\u0110\u00e2y l\u00e0 m\u1ed9t d\u1ecbch v\u1ee5 b\u1ea3o m\u1eadt g manage\u1eddi \u0111\u1ed9c l\u1eadp d\u1ef1a tr\u00ean chuy\u00ean gia c\u1ee7a Sophos. N\u00f3 gi\u00fap theo d\u00f5i v\u00e0 ph\u1ea3n \u1ee9ng nhanh ch\u00f3ng \u0111\u1ed1i v\u1edbi c\u00e1c cu\u1ed9c t\u1ea5n c\u00f4ng ransomware v\u00e0 gi\u00fap kh\u00f4i ph\u1ee5c d\u1eef li\u1ec7u n\u1ebfu c\u1ea7n thi\u1ebft.<\/p>\n","protected":false},"excerpt":{"rendered":"

1. Human-Operated Ransomware l\u00e0 g\u00ec ? Human-Operated Ransomware, c\u00f2n \u0111\u01b0\u1ee3c g\u1ecdi l\u00e0 Ransomware do con ng\u01b0\u1eddi \u0111i\u1ec1u khi\u1ec3n, l\u00e0 m\u1ed9t lo\u1ea1i ransomware \u0111\u01b0\u1ee3c th\u1ef1c hi\u1ec7n v\u00e0 \u0111i\u1ec1u khi\u1ec3n b\u1edfi c\u00e1c hacker ho\u1eb7c nh\u00f3m hacker th\u1ef1c s\u1ef1, ch\u1ee9 kh\u00f4ng ph\u1ea3i ch\u1ec9 d\u1ef1a v\u00e0o m\u00e3 \u0111\u1ed9c t\u1ef1 \u0111\u1ed9ng v\u00e0 t\u1ef1 \u0111\u1ed9ng h\u00f3a. Trong tr\u01b0\u1eddng h\u1ee3p c\u1ee7a Ransomware […]<\/p>\n","protected":false},"author":12,"featured_media":7192,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_eb_attr":"","ocean_post_layout":"","ocean_both_sidebars_style":"","ocean_both_sidebars_content_width":0,"ocean_both_sidebars_sidebars_width":0,"ocean_sidebar":"","ocean_second_sidebar":"","ocean_disable_margins":"enable","ocean_add_body_class":"","ocean_shortcode_before_top_bar":"","ocean_shortcode_after_top_bar":"","ocean_shortcode_before_header":"","ocean_shortcode_after_header":"","ocean_has_shortcode":"","ocean_shortcode_after_title":"","ocean_shortcode_before_footer_widgets":"","ocean_shortcode_after_footer_widgets":"","ocean_shortcode_before_footer_bottom":"","ocean_shortcode_after_footer_bottom":"","ocean_display_top_bar":"default","ocean_display_header":"default","ocean_header_style":"","ocean_center_header_left_menu":"","ocean_custom_header_template":"","ocean_custom_logo":0,"ocean_custom_retina_logo":0,"ocean_custom_logo_max_width":0,"ocean_custom_logo_tablet_max_width":0,"ocean_custom_logo_mobile_max_width":0,"ocean_custom_logo_max_height":0,"ocean_custom_logo_tablet_max_height":0,"ocean_custom_logo_mobile_max_height":0,"ocean_header_custom_menu":"","ocean_menu_typo_font_family":"","ocean_menu_typo_font_subset":"","ocean_menu_typo_font_size":0,"ocean_menu_typo_font_size_tablet":0,"ocean_menu_typo_font_size_mobile":0,"ocean_menu_typo_font_size_unit":"px","ocean_menu_typo_font_weight":"","ocean_menu_typo_font_weight_tablet":"","ocean_menu_typo_font_weight_mobile":"","ocean_menu_typo_transform":"","ocean_menu_typo_transform_tablet":"","ocean_menu_typo_transform_mobile":"","ocean_menu_typo_line_height":0,"ocean_menu_typo_line_height_tablet":0,"ocean_menu_typo_line_height_mobile":0,"ocean_menu_typo_line_height_unit":"","ocean_menu_typo_spacing":0,"ocean_menu_typo_spacing_tablet":0,"ocean_menu_typo_spacing_mobile":0,"ocean_menu_typo_spacing_unit":"","ocean_menu_link_color":"","ocean_menu_link_color_hover":"","ocean_menu_link_color_active":"","ocean_menu_link_background":"","ocean_menu_link_hover_background":"","ocean_menu_link_active_background":"","ocean_menu_social_links_bg":"","ocean_menu_social_hover_links_bg":"","ocean_menu_social_links_color":"","ocean_menu_social_hover_links_color":"","ocean_disable_title":"default","ocean_disable_heading":"default","ocean_post_title":"","ocean_post_subheading":"","ocean_post_title_style":"","ocean_post_title_background_color":"","ocean_post_title_background":0,"ocean_post_title_bg_image_position":"","ocean_post_title_bg_image_attachment":"","ocean_post_title_bg_image_repeat":"","ocean_post_title_bg_image_size":"","ocean_post_title_height":0,"ocean_post_title_bg_overlay":0.5,"ocean_post_title_bg_overlay_color":"","ocean_disable_breadcrumbs":"default","ocean_breadcrumbs_color":"","ocean_breadcrumbs_separator_color":"","ocean_breadcrumbs_links_color":"","ocean_breadcrumbs_links_hover_color":"","ocean_display_footer_widgets":"default","ocean_display_footer_bottom":"default","ocean_custom_footer_template":"","ocean_post_oembed":"","ocean_post_self_hosted_media":"","ocean_post_video_embed":"","ocean_link_format":"","ocean_link_format_target":"self","ocean_quote_format":"","ocean_quote_format_link":"post","ocean_gallery_link_images":"on","ocean_gallery_id":[],"footnotes":""},"categories":[18,70,80,17],"tags":[191,192,165,193,194,182,195],"class_list":["post-7184","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-endpoint","category-firewall","category-huong-dan-tai-lieu","category-bao-mat","tag-human-operated-ransomware","tag-mtr","tag-ryuk-ransomware","tag-sophos","tag-sophos-intercept-x-with-xdr","tag-sophos-xg-firewall","tag-traditional-ransomware","entry","has-media"],"_links":{"self":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/7184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/comments?post=7184"}],"version-history":[{"count":0,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/posts\/7184\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media\/7192"}],"wp:attachment":[{"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/media?parent=7184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/categories?post=7184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vacif.com\/en\/wp-json\/wp\/v2\/tags?post=7184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}