Chimene muyenera kudziwa za Stuxnet worm
Stuxnet ndi mphutsi ya makompyuta yomwe imayimitsa mitundu ya machitidwe oyendetsa mafakitale (ICS) omwe amagwiritsidwa ntchito popanga zipangizo zothandizira zipangizo zamakono (ie, zomera zamagetsi, malo opangira madzi, magetsi, etc.).
Nyongolotsi nthawi zambiri imapezeka kuti inayamba kupezeka mu 2009 kapena 2010 koma inapezeka kuti inagonjetsa pulogalamu ya nyukiliya ya ku Iran chaka cha 2007. M'masiku amenewo, Stuxnet anapezeka makamaka ku Iran, Indonesia, ndi India, za matenda onse.
Kuchokera nthaƔi imeneyo, nyongolotsi yawononga makompyuta ambiri m'mayiko ambiri, ngakhale kuwononga makina ena ndi kuwononga mbali yaikulu ya magetsi a nyukiliya a Iran.
Kodi Stuxnet Amatani?
Stuxnet yapangidwa kuti isinthe Mapulani a Logic Controllers (PLCs) omwe amagwiritsidwa ntchito mmalo amenewa. M'madera a ICS, PLCs zimagwira ntchito zamakampani monga kulamulira kuthamanga kwa mlingo kuti zikhale ndi mphamvu ndi kutentha kwa kutentha.
Zamangidwe kuti zifalitsidwe kwa makompyuta atatu, koma aliyense wa iwo akhoza kufalikira kwa ena atatu, ndi momwe amachitira.
Chimodzi mwa zizindikiro zake ndi kufalitsa kwa zipangizo pa intaneti yomwe siili yogwirizana ndi intaneti. Mwachitsanzo, ikhoza kusuntha ku kompyuta imodzi kudzera mu USB koma kenako imafalikira ku makina ena apadera omwe amayendetsa pamsewu woterewa , omwe amayambitsa makina a intranet kuti agwirane.
Poyambirira, madalaivala a chipangizo cha Stuxnet adasindikizidwa ndi chiwerengero chifukwa adabedwa kuchokera ku zilembo zovomerezeka zomwe zinagwiritsidwa ntchito pazitsulo za JMicron ndi Realtek, zomwe zinapangitsa kuti zikhale zosavuta kudziyika zokha popanda zokayikitsa zomwe zimayambitsa wosuta. Kuyambira nthawi imeneyo, VeriSign wasintha zilembozo.
Ngati kachilomboka kamakhala pamakompyuta omwe alibe makina ovomerezeka a Siemens, adzakhalabe opanda pake. Ichi ndi kusiyana kwakukulu pakati pa kachilomboka ndi ena, chifukwa chakuti kumangidwira cholinga chenichenicho ndipo safuna "kuchita chilichonse chosasangalatsa pa makina ena.
Kodi Stuxnet Ifika Bwanji ku PLC?
Chifukwa cha chitetezo, zipangizo zambiri zamagetsi zomwe zimagwiritsidwa ntchito poyendetsa mafakitale sizolumikizana ndi intaneti (ndipo nthawi zambiri sizigwirizana ngakhale ndi magulu amtundu uliwonse). Pofuna kuthana ndi izi, nyongolotsi ya Stuxnet imaphatikizapo njira zingapo zowonjezereka zofalitsa ndi cholinga chakumapeto ndikufika ndikutenga mawonekedwe a STEP 7 omwe akugwiritsidwa ntchito pulogalamu ya PLC.
Pofuna kulengeza koyamba, nyongolotsi zimakopera makompyuta omwe amayendetsa mawindo opangira ma Windows, ndipo nthawi zambiri amachita izi kudutsa pang'onopang'ono . Komabe, PLC yokha siwowonjezera mawindo a Windows koma osati chipangizo cha chinenero cha makina. Choncho, Stuxnet amangosuntha makompyuta a Windows kuti apeze njira zomwe zimayendetsa PLC, zomwe zimapereka malipiro ake.
Polemba kachilombo ka PLC, Stuxnet mphutsi imayang'ana ndikusintha ma fayilo a polojekiti ya STEP 7, yomwe imagwiritsidwa ntchito ndi Siemens SIMATIC WinCC, kayendetsedwe ka kayendetsedwe ka kayendetsedwe ka chuma ndi (data) (SCADA) ndi machitidwe a anthu ogwiritsa ntchito makina (HMI) omwe amagwiritsidwa ntchito pokonza PLCs.
Stuxnet ili ndi machitidwe osiyanasiyana kuti azindikire mtundu wapadera wa PLC. Chitsanzo choyendera ichi ndi chofunika ngati malangizo a makina amasiyana adzasintha pa zipangizo zosiyanasiyana za PLC. Pamene chingwechi chikudziwika ndi kuchilomboka, Stuxnet imapeza mphamvu kuti iwononge deta yonse ikuyenda kapena kuchoka mu PLC, kuphatikizapo kuthekera kwa deta.
Amatchula Stuxnet Akupita
Zotsatirazi ndi njira zina zomwe anti-virus yanu ingayambitsire Stuxnet worm:
- F-Otetezeka : Trojan-Dropper: W32 / Stuxnet
- Kaspersky : Rootkit.Win32.Stuxnet.b kapena Rootkit.Win32.Stuxnet.a
- McAfee : Stuxnet
- Norman : W32 / Stuxnet.A
- Sophos : Troj / Stuxnet-A kapena W32 / Stuxnet-B
- Symantec : W32.Temphid
- Ndondomeko Yamakono: WORM_STUXNET.A
Stuxnet angakhalenso ndi "achibale" omwe amapita maina anga ngati Duqu kapena Flame .
Kodi Chotsani Stuxnet?
Popeza Siemens mapulogalamu ndi omwe amavomerezedwa pamene makompyuta ali ndi Stuxnet, ndi kofunika kuti muwawane nawo ngati kachilomboka kakukudandaula.
Gwiritsani ntchito pulojekiti yowononga antivirus monga Avast kapena AVG, kapena pulojekiti yowonjezerapo ngati Malwarebytes.
Ndifunikanso kusunga Windows , zomwe mungachite ndi Windows Update .
Onani Mmene Mungasinthire Kakompyuta Yanu kwa Malware ngati mukufuna thandizo.