vimarsana.com
Home
Live Updates
深刻度を増すランサムウェア攻撃、今度はITサーヴィス企業の顧客もまとめて標的に : vimarsana.com
深刻度を増すランサムウェア攻撃、今度はITサーヴィス企業の顧客もまとめて標的に
ãã¾ããµã¤ãã¼ã»ãã¥ãªãã£ã«ããã2大è å¨ã¨ãªã£ããµãã©ã¤ãã§ã¼ã³æ»æã¨ã©ã³ãµã ã¦ã§ã¢æ»æããåä½ãã¦å¤§æ··ä¹±ãå¼ãèµ·ããäºæ ã¯æããé¿ããããªãã£ããã¨ã ããã7æ2æ¥ï¼ç±³å½æéï¼ã®åå¾ã«èµ·ãããã¨ã¯ãã¾ãã«ããã ã£ããæªåé«ãç¯ç½ªã°ã«ã¼ããREvilããï¼ã©ãããITã·ã¹ãã ã管çããã½ããã¦ã§ã¢ã«ä¾µå ¥ãããã¨ã§ï¼æ°ç¾ç¤¾ãã®ãã¡ã¤ã«ãä¸æã«æå·åãããã¨ã«æåããã®ã§ãããããããããã¯ã»ãã®å§ã¾ãã«ãããªãã
ç¶æ³ã¯å¾ã ã«æããã«ãªã£ã¦ããæä¸ã§ããããã¾ã ã«è©³ç´°ã¯ä¸æã§ããããªãã§ãæãéè¦ãªãã¨ã¯ãããããæ»æè ãã©ããã£ã¦ã½ããã¦ã§ã¢ã«ä¾µå ¥ãããã ãããã¨ã¯ããããã§ã«å¤§ããªå½±é¿ãåºã¦ãããã¿ã¼ã²ããã®æ§è³ªãèããã°è¢«å®³ãã¾ãã¾ãæ·±å»ã«ãªã£ã¦ãããã¨ã¯å¿ è³ã§ããã
MSPãçãããçç±
åé¡ã¨ãªã£ãã½ããã¦ã§ã¢ãKaseya VSAãã¯ãä¼æ¥ã«ITãµã¼ã´ã£ã¹ãæä¾ããããã¼ã¸ãã»ãµã¼ã´ã£ã¹ã»ããã´ã¡ã¤ãã¼ï¼MSPï¼ã®éã§äººæ°ãé«ããITã¤ã³ãã©ã®éå¶ãå¤é¨å§è¨ãããã¨èããèããä¼æ¥ã«ããããããµã¼ã´ã£ã¹ãæä¾ããéã«ä½¿ãããã½ããã¦ã§ã¢ã ã
ã¤ã¾ããã²ã¨ã¤ã®MSPã®ãããã³ã°ã«æåããã°ããã®é¡§å®¢å ¨å¡ã®ãã¼ã¿ã«ã¢ã¯ã»ã¹ã§ããããã«ãªããã¤ã¾ãã貸é庫ãä¸ã¤ã²ã¨ã¤ç ´ãããããéè¡ã®æ¯åºé·ããã¤ãã¹ã¿ã¼ãã¼ãçãã ã»ãã話ãæ©ããã¨ããããã ã
ã»ãã¥ãªãã£ä¼æ¥ã®Huntressã«ããã¨ãããã¾ã§ã®ã¨ããREvilã¯8ã¤ã®MSPããããã³ã°ããã¨ããããã¼ã¿ãæå·åããã¦ããç¶æ ã7æ2æ¥ã«çºè¦ããä¼æ¥ã¯ãHuntressãç´æ¥é¢ä¸ãã¦ãã3ã¤ã®MSPã®é¡§å®¢ã ãã§ã200社ã«ããªããKaseyaãåºã使ããã¦ãããã¨ãèããã°ã被害ãããã«æ¡å¤§ããã§ããããã¨ã¯æ³åã«é£ããªãã
ãKaseyaã¯ãªã¢ã¼ãããã¸ã¡ã³ãçã®ã³ã«ã»ã³ã¼ã©ã®ãããªãã®ãªã®ã§ããã¨ãã¤ã³ã·ãã³ã対å¿ãå°éã¨ããBreachQuestã®æé«æè¡è²¬ä»»è ï¼CTOï¼ã®ã¸ã§ã¤ã¯ã»ã¦ã£ãªã¢ã ãºã¯è¨ãããç±³å½ã¯ç¥æ¥ã¨éãªãé±æ«ã«å ¥ãã®ã§ãé±æãã®ç«æãæ°´æã«ãªããªãã¨è¢«å®³è ãã©ãã ãããã®ãããããããªãã§ããããããã§ããã¨ã¦ã¤ããªãæ°ã«ãªãã§ããããã
以åããMSPã¯ãç¹ã«å½å®¶ä¸»å°ã®ããã«ã¼ã«ã¯äººæ°ã®ã¿ã¼ã²ããã ã£ããMSPãæ»æã§ããã°ã極ãã¦å¹ççã«ã¹ãã¤æ´»åãå±éã§ããã
ä¾ãã°ã2018å¹´ã«å¸æ³çã®èµ·è¨´ç¶ã«ç¤ºãããããã«ãä¸å½ã®ç²¾éã¹ãã¤éå£ãAPT10ãã¯MSPã«ä¸æ£ä¾µå ¥ããæ°åã«ä¸ãä¼æ¥ããæ°ç¾ã®ã¬ãã¤ãã®ãã¼ã¿ãçã¿åºãããREvilãMSPãæ¨çã«ãããã¨ãããã19å¹´ã«ã¯ããã足ãããã«ãµã¼ããã¼ãã£ã¼ã®ITä¼æ¥ã«å ¥ãè¾¼ã¿ããããµã¹å·ã®22ã®èªæ²»ä½ãä¸æã«ä¹ã£åã£ãã
ãµãã©ã¤ãã§ã¼ã³æ»æã¯ãã¾ãã¾ããããµãããã®ã«ãªãã¤ã¤ãããç¹ã«2020å¹´ã¯ãSolarWindsã«å¯¾ãã¦ç ´å£çãªä½æ¦ãå®æ½ãããããã¤ãã®ç±³æ¿åºæ©é¢ã¨ç¡æ°ã®ãã®ä»ã®è¢«å®³è ã«ãã·ã¢ãã¢ã¯ã»ã¹ã§ããããã«ãªã£ãããµãã©ã¤ãã§ã¼ã³ã®ãããã³ã°ã«ããMSPã«å¯¾ããæ»æã¨åãããã«ããç®ã®ãããªå¹æããããã²ã¨ã¤ã®ã½ããã¦ã§ã¢ã®æ´æ°ãæ±æãããã¨ã被害è ã®æ°ã¯æ°ç¾åä½ã«ä¸ããããªãã®ã ã
ææ°é¢æ°çãªå½±é¿
以ä¸ã®ãã¨ãããMSPãæ¨çã«ãããµãã©ã¤ãã§ã¼ã³æ»æããªãææ°é¢æ°çãªå½±é¿ãåã¼ãå¯è½æ§ãããã®ããããã ãããããã«ã·ã¹ãã ã麻çºãããã©ã³ãµã ã¦ã§ã¢ãæå ¥ãããã°ãç¶æ³ã¯ããã«å°é£ãªãã®ã«ãªããåãããµãã©ã¤ãã§ã¼ã³ã®ã»ãã¥ãªãã£ä¾µå®³ãå©ç¨ããå½åã¯ã©ã³ãµã ã¦ã§ã¢ã®ããã«è¦ããªããå®ã¯ãã·ã¢ã«ããå½å®¶çãªæ»æã ã£ããNotPetyaãã«ããæ·±å»ãªæ»æãæãèµ·ãããããæè¿ã®ãã·ã¢ã«ããä½æ¦ãåæ§ã ã
ãããã¯SolarWindsã®äºä¾ã¨åãã§ãããã ããã©ã³ãµã ã¦ã§ã¢ã使ããã¦ãã¾ããã¨ãã¢ã³ãã¦ã¤ã«ã¹ã½ããã¦ã§ã¢ä¼æ¥Emsisoftã®è å¨ã¢ããªã¹ãã®ãã¬ããã»ãã£ãã¦ã¯è¨ãããã²ã¨ã¤ã®MSPã侵害ãããã ãã§ãæ°ç¾ã®ã¨ã³ãã¦ã¼ã¶ã¼ã«å½±é¿ãåã¶ãã¨ãããã¾ããä»åã®ã±ã¼ã¹ã§ã¯è¤æ°ã®MSPã侵害ãããããã§ãããâ¦ã
BreachQuestã®ã¦ã£ãªã¢ã ãºã«ããã¨ãREvilã¯è¢«å®³ä¼æ¥ã«å¯¾ãã¦ä»®æ³é貨ï¼æå·é貨ãæå·è³ç£ï¼ã®ãMoneroï¼ã¢ããï¼ãã§ããã45,000ãã«ï¼ç´500ä¸åï¼ç¸å½ãè¦æ±ãã¦ããã¨ããã1é±é以å ã«æ¯æããªãã£ãå ´åã¯ãè¦æ±é¡ã2åã«ãªãã
ã»ãã¥ãªãã£ãã¥ã¼ã¹ãµã¤ãã®ãBleepingComputerãã«ããã¨ãREvilã¯ä¸é¨ã®è¢«å®³è ã«å¯¾ãã¦ãæå·åããããããã¯ã¼ã¯ã®ãã¹ã¦ã®PCãã解é¤ãã復å·ãã¼ã¨å¼ãæãã«500ä¸ãã«ï¼ç´5å5,000ä¸åï¼ãè¦æ±ãã¦ããã¨ãããããã¯é¡§å®¢ã§ã¯ãªããMSPãæ¨çã«ãã¦ããå¯è½æ§ãããã
ãããããã¡ã¯MSPã«ã¤ãã¦ãå¤ãã®ä¸å°ä¼æ¥ãçµç¹ã®âæ¯è¹âã«ãã¨ãããã¨ãããããã¾ããã¨ãHuntressã®ã·ãã¢ã»ãã¥ãªãã£ãªãµã¼ãã£ã¼ã®ã¸ã§ã³ã»ãã¢ã³ãã¯è¨ãããããããããæ»æãããã®ãKaseyaã§ããã°ãç¯ç½ªè ã¯Kaseyaã®ãã¹ã¦ã®æ¯è¹ã侵害ãããã¨ã«ãªãã¾ãã
ãã®æ»æãå®è¡ããããã«ã¼ãã¡ãã©ãã ã価å¤ãã足ããããç¯ããããèããã¨ãã©ã³ãµã ã¦ã§ã¢ã®ä½¿ç¨ãé¸æãããã¨ã¯ããããé©ãã¹ããã¨ãããããªãããMalwareHunterTeamãã¨ãã¦æ´»åãã¦ããã»ãã¥ãªãã£ç 究è ã¯ããã©ã³ãµã ã¦ã§ã¢ãå±éããããã«ã¢ã¯ã»ã¹ãããã«åæ¢ãããã®ã¯è³¢ãããæ¹ã«ã¯æãã¾ãããã¨èªãã
ä¾ãã°ãå½å®¶ä¸»å°ã®éå£ã§ããã°ããããã足ãããã¯ã¹ãã¤æ´»åãããä¸ã§éæ¹ããªã価å¤ãããã¨èããã ãããããã«çç ´ãã¦ãã¾ãã«ã¯ãã¾ãã«æãããç´ æ´ãããâãã³ãã«âãæã£ãã®ã§ããã
ãããã®ä½æã«åããKaseya
æåã®ä¾µå®³ãã©ã®ããã«èµ·ããã®ãã¯ãã¾ã ããã£ã¦ããªããã ããããã¾ã§ã®ã¨ããKesaya VSAãèªç¤¾ã®è¨åã§éç¨ï¼ãªã³ãã¬ãã¹ï¼ãã¦ããä¼æ¥ã ãã«å½±é¿ãåãã§ããããã ãã¯ã©ã¦ãã§SaaSã¨ãã¦ä½¿ç¨ãã¦ããä¼æ¥ã¯ãå½±é¿ãåãã¦ããªãããã§ããã
ãããããã¡ã¯VSAã«å¯¾ããæ»æã®å¯è½æ§ã«ã¤ãã¦èª¿ã¹ã¦ãã¾ãããã²ã¨æ¡ãã®ãªã³ãã¬ãã¹ã®é¡§å®¢ã«éããã¦ããããã§ããã¨ãKaseyaã®ã³ã¼ãã¬ã¼ãã³ãã¥ãã±ã¼ã·ã§ã³æ å½ã·ãã¢ã´ã¡ã¤ã¹ãã¬ã¸ãã³ãã®ãã¤ãã»ãªã¼ããã«ã ã¯è¨ãããããããã¡ã¯å¿µã®ããã«SaaSãµã¼ã´ã¡ã¼ãèªãåæ¢ãã¾ããã
ããã¯ãKaseyaã顧客ã«åãã¦7æ2æ¥åå¾ã«åºããéç¥ã®å 容ã¨ä¸è´ããããå½ç¤¾ã¯ä»åã®äºä»¶ã®æ ¹æ¬çãªåå ãæ éã«èª¿æ»ãã¦ããæä¸ã§ãããå½ç¤¾ããæ¹ãã¦éç¥ãåãåãã¾ã§ã¯ããã ã¡ã«ãVSAãµã¼ã´ã¡ã¼ãåæ¢ãããã¨ããããããã¾ãã ã¨ãå社ã¯è¨ãã¦ããããæ»æè ãæåã«ãããã¨ã®ã²ã¨ã¤ã¯ãVSAã¸ã®ç®¡çè ã¢ã¯ã»ã¹ãé®æãããã¨ã§ãããã®ããããã ã¡ã«ãµã¼ã´ã¡ã¼ãåæ¢ãããã¨ã極ãã¦éè¦ã§ãã
è¨äºã®å·çæç¹ã§ã¯ãKaseyaèªèº«ã®VSAãµã¼ã´ã¡ã¼ãã¾ã ãªãã©ã¤ã³ã®ã¾ã¾ã§ãããKaseyaã®æé«çµå¶è²¬ä»»è ï¼CEOï¼ãã¬ããã»ã´ã©ãã³ã©ã¯2æ¥å¤ã«ã¡ã¼ã«ã§å£°æãåºããå社ã®SaaSã®é¡§å®¢ã¯ãä¸åº¦ãå±éºã«æããã¦ããªãããã¨ã確èªããã¨ã¨ãã«ã24æé以å ã«ãµã¼ã´ã£ã¹ã復æ§ã§ããã¨è¦ã¦ããã¨èª¬æããã
Kaseyaã¯èå¼±æ§ã®åå ããã§ã«çªãæ¢ãã¦ãããæ¨çã«ãªãæãããããªã³ãã¬ãã¹ã®é¡§å®¢ã®ããã«ãããã®ä½æã«ã¨ãããã£ã¦ããã¨ãããã¾ãã被害ã«éã£ã顧客æ°ã¯å ¨ä¸çã§ã40æªæºãã¨æ¨å®ãã¦ãããããã§ã«èª¬æããããã«ããã«ã¼ã¯ã²ã¨æ¡ãã®MSPã®è¢«å®³è ã足ãããã«æ¡éãã®æ°ã®æ¨çã«æã伸ã°ããã¨ãã§ããã
æåã®ä¾µå®³ãã©ã®ããã«ãã¦èµ·ããã«ãããæ»æè ã¯ãã«ã¦ã§ã¢ã®ããã±ã¼ã¸ãMSPã«é å¸ãããã¨ã«æåããããã®ããã±ã¼ã¸ã«ã¯ã©ã³ãµã ã¦ã§ã¢æ¬ä½ã«å ãã¦ãWindows Defenderãã®ã³ãã¼ã¨ãæéãåãã¦ãããã®ã®ã¾ã 失å¹ãã¦ããªãåæ³çã«ç½²åããã証ææ¸ãå ¥ã£ã¦ããããã®ããã±ã¼ã¸ã¯ãµã¤ããã¼ãã£ã³ã°ã¨å¼ã°ããææ³ã§Windowsã®ãã«ã¦ã§ã¢ãã§ãã¯ãåé¿ããããã«è¨è¨ããã¦ãããçµæã¨ãã¦ã©ã³ãµã ã¦ã§ã¢ã®å®è¡ãå¯è½ã«ãªãã
ç±³å½åå®å ¨ä¿éçã®ãµã¤ãã¼ã»ãã¥ãªãã£ã»ã¤ã³ãã©ã¹ãã©ã¯ãã£ã¼ã»âã»ãã¥ãªãã£åºï¼CISAï¼ãã2æ¥é ãã«åºãããéç¥ããæ ¹æ¬çãªåå ãæããã«ãã¦ããªãããCISAã¯Kaseya VSAããã³VSAã½ããã¦ã§ã¢ãæ¡ç¨ãã¦ããè¤æ°ã®MSPã«å¯¾ããä»åã®ãµãã©ã¤ãã§ã¼ã³ã»ã©ã³ãµã ã¦ã§ã¢æ»æãç解ãã¦å¯¾å¦ãã¹ãè¡åãã¦ãã¾ããCISAã¯åçµç¹ãKaseyaã®å§åã確èªãããã®å©è¨ã«å¾ã£ã¦ãã ã¡ã«VSAãµã¼ã´ã¡ã¼ãåæ¢ãããã¨ãæ¨å¥¨ãã¾ããã¨ãååºã¯èª¬æãã¦ããã
ã©ã³ãµã ã¦ã§ã¢ã®é²åã®ã次ã
ä¸å¯è§£ãªãã¨ã®ã²ã¨ã¤ã¯ãREvilããªããã®ãããªããæ¹ãããã®ãã§ãããã ããæºè¶³ã§ããçãã示ããããã¨ã¯æ±ºãã¦ãªãã ãããå¤ãã®è¢«å®³è ã身代éãæãã°ãREvilã¯è«å¤§ãªå©çãå¾ããã¨ãã§ãããããããæ°ç¾ã®ä¼æ¥ãä¸åº¦ã«æ»æãããã¨ã§ã5æã«ãDarksideããã³ããã¢ã«ã»ãã¤ãã©ã¤ã³ã«å¯¾ãã¦å®æ½ããã©ã³ãµã ã¦ã§ã¢æ»æã®ããã«ãèªèº«ã«éæ¹ããªã注ç®ãéãããã¨ã«ããªã£ãã
æ°ç¾ç¤¾ã®ä¼æ¥ã®ãã¡ã¤ã«ãæå·åããããã¨ããã©ã®ãããªé£éåå¿ãèµ·ããã®ããç¾æç¹ã§ã¯ä¸æã§ããããªãã§ããã®æ»æã¯ãç±³å½ã§ã¯7æ4æ¥ã®ç¥æ¥ãä¼´ãé£ä¼ãæ§ãã¦å¤ãã®ä¼æ¥ã人æä¸è¶³ã«ãªãã¿ã¤ãã³ã°ã§å®æ½ãããããã ãè¦ããã«ãREvilã¯ããããèªå¶å¿ã«å¯ããã¨ã§ç¥ãããéå£ã§ã¯ãªãã«ãã¦ããä¿¡ããããªãã»ã©è¦å¢ã®ãªãæ»æãªã®ã§ããã
ãé常ã«å¤ãã®é¡§å®¢ãæ»æãã¦ãããã¨ãæ»æè ãã¡ã¯ç¥ã£ã¦ãããã®ã®ããã®å½±é¿ã®å ¨ä½åãäºæ¸¬ã§ããªãã£ãã®ã ã¨æãã¾ããã¨ãBreachQuestã®ã¦ã£ãªã¢ã ãºã¯è¨ããã大ããªè³ãã«åºã¦ãããã¨ãé£ä¸ã¯ããã£ã¦ãã¾ããããããã ãã®è¢«å®³è ãåºãã°è£ç®ã«åºãªãã¯ããããã¾ããã
ãããã©ã®ãããªããã¡ã«ãªãã®ãã¯ãã¾ã ããããªããã ãããããã«ãã¦ãã©ã³ãµã ã¦ã§ã¢ã®é²åã®æ¬¡ã®æ®µéã¯æ確ã«å§ã¾ã£ã¦ããããã®å½±é¿ã¯ç大ãªãã®ã«ãªãã ãããããããã§ã«ãããªã£ã¦ããã®ã ã
â»ãWIREDãã«ããã©ã³ãµã ã¦ã§ã¢æ»æã®é¢é£è¨äºã¯ãã¡ãã
RELATED ARTICLES
Related Keywords
China
,
Waka Tsu
,
Saga
,
Japan
,
Thailand
,
Russia
,
Texas
,
United States
,
Jake Williams
,
John Hammond
,
Target Corporation
,
Tee Ri Target Corporation
,
Management Field
,
Tuesday Or Wednesday
,
Texas Province
,
Corporate Communication
,
Senior Weiss President
,
Colonial Revival
,
சீனா
,
சாகா
,
ஜப்பான்
,
தாய்லாந்து
,
ரஷ்யா
,
டெக்சாஸ்
,
ஒன்றுபட்டது மாநிலங்களில்
,
ஜேக் வில்லியம்ஸ்
,
ஜான் சுத்தி
,
இலக்கு நிறுவனம்
,
மேலாண்மை புலம்
,
பெருநிறுவன தொடர்பு
,
காலனித்துவ மறுமலர்ச்சி
,
vimarsana.com © 2020. All Rights Reserved.