加密货币(英文:Cryptocurrency,又译密码货币,密码学货币)是一种使用密码学原理来确保交易安全及控制交易单位创造的交易媒介。加密货币是数字货币(或称虚拟货币)的一种。比特币在2009年成为第一个去中心化的加密货币,这之后加密货币一词多指此类设计。自此之后数种类似的加密货币被创造,它们通常被称作altcoins。加密货币基于去中心化的共识机制,与依赖中心化监管体系的银行金融系统相对。去中心化的性质源自于使用分布式账本的区块链(Blockchain)技术。
Encrypted currency (Cryptocurrence, also translated into cryptographic currency) is the first transaction medium created in 2009 to use cryptological principles to ensure the security of transactions and control transaction units. Encrypted currency is a type of digital currency (or virtual currency). bitcoin became the first to use cryptophone principles to secure transactions and control transactional units.
过去一年,加密货币价值的激增引发了一场加密货币劫持(Cryptojacking)攻击的“淘金热”,网络攻击者同样试图从这一变化莫测的市场中获利。2017年,在全球终端计算机上所检测到的恶意挖矿程序暴增8500%。在加密货币挖矿攻击中,中国在亚太区排名第13位,全球排名第40位。
Over the past year, the surge in the value of encrypted currencies has also led to a “gold-hunting” attack by Cryptojacking, /a> attackers trying to profit from this volatile market. In 2017, the global terminal computer CPU使用率来挖掘加密货币。恶意挖矿程序能够降低设备的运行速度、让电池过热,并在某些情况下将会导致设备无法使用。对于企业而言,恶意挖矿程序可能会造成公司网络中断,以及云端CPU使用率飙升,从而增加企业的成本支出。
Because the entry threshold is low — the attackers need only a few lines of code to be able to launch an attack by using the disposal capacity stolen from consumers and businesses and cloud u>CPU/a> usage rate to excavate an encrypted currency. The malicious mining process can reduce the speed of operation of the equipment, overheat the battery and, in some cases, make the equipment unusable. For an enterprise, the malicious mining process can result in an interruption of the network of 手机、电脑或物联网设备上的资源都有可能遭到攻击者的窃取,并用于牟利。企业和消费者需要加大自身的安全防御范围,避免所拥有的设备被他人利用而导致的损失。”
Saimentek's Chief Operating Officer, Lu Shao Lu, said: “Now, mobile phones , or
此外,物联网设备依然是网络攻击的主要目标。赛门铁克分析发现,2017年物联网攻击事件的总数增长600%,这意味着,网络攻击者能够利用这些互联设备进行大规模挖币。即便是Mac电脑也未能幸免此类攻击,赛门铁克发现,针对Mac操作系统的挖币攻击增长了80%。这是由于通过利用基于浏览器的攻击手段,攻击者无需将恶意软件下载到受害者的Mac或个人电脑上,便能轻松发动网络攻击。 In addition, the object network equipment remains the main target of the cyberattacks. Simontek's analysis found that the total number of cyberattacks in 2017 increased by 600%, which means that cyberattackers were able to use these interconnective devices for large-scale money-digging. Even Mac's computer was not spared from such attacks, Simontek found that, against Mac of the operating system > >/a>, because the attacker could easily launch a cyber attack on the victim's Mac or personal computer without having to download malware .
中国是勒索软件威胁的重灾区。2017年,中国成为亚太区受到勒索软件影响最严重的国家。较上年全球排名16位相比,2017年中国在全球排名第2。 In 2017, China became the most affected country in the Asia-Pacific region by extortion software. In 2017, China ranked second globally in 2017, compared to 16 in the previous year.
攻击者也在寻找新的牟利手段,加密货币价值的激增引发了一场加密货币劫持攻击的“淘金热”。罗少辉介绍,2017年,在全球终端计算机上所检测到的恶意挖矿程序暴增8500%。 The attackers are also looking for new means of profit, and the surge in the value of encrypted money has triggered a “gold-grabbing” of an encrypted currency hijacking attack. In 2017, the malicious mining programme detected on a global terminal computer increased by 8,500 per cent.
“比特币不再是主要目标,攻击者更加‘钟爱’隐秘性更强的门罗币等。”罗少辉表示。另外,物联网设备依然是网络攻击的主要目标。《报告》称,2017年物联网攻击事件的总数增长600%,这意味着,网络攻击者能够利用这些互联设备进行大规模挖币。 “Bitcoin is no longer the main target, and the attackers are more `love' and more secretive Menroco, and so on.” Luo Lui said. Moreover, the object network equipment remains the main target of cyberattacks. According to the Report, the total number of cyberattacks in 2017 increased by 600 per cent, meaning that cyberattackers could use these interconnections for large-scale currency mining.
“网络安全意识是最后一道关口。”王景普认为,企业级用户应当实施多层防护,并部署安全解决方案。对于消费者级别的用户,建立像企业一样的防护并不容易,因此网络安全意识就更加重要。 “Web security awareness is the last stop.” Wang Xingping argues that corporate-level users should have multiple layers of protection and deploy safety solutions. For consumer-level users, it is not easy to create the same kind of protection as business, so cybersecurity awareness is all the more important.
1、植入式恶意软件增长 1. The growth of implanted malware
赛门铁克调研发现,2017年植入软件供应链的恶意软件攻击出现了200%的增长,与2016年平均每月发生4次攻击相比,相当于2017年每个月都发生1次攻击。通过劫持软件更新链,攻击者以此为攻破口,破坏防卫森严的网络。Petya勒索软件的爆发成为软件供应链攻击的典型案例。Petya攻击以乌克兰的财务软件作为切入点,通过使用多种方式在企业网络中进行大肆传播,部署恶意载荷。 The Sementek study found a 200% increase in malicious software attacks implanted into the software supply chain in 2017, which is equivalent to one attack per month in 2017, compared with an average of four attacks per month in 2016. By hijacking the software upgrade chain, the attackers used it to break down heavily defended networks. The outbreak of Petya extortion software became a typical example of a software supply chain attack.
2、移动恶意软件持续激增 2. Continued proliferation of mobile malware
移动端威胁依然呈现年度增长态势,其中包括新增移动端恶意软件变体的数量增长了54%。2017年,赛门铁克平均每天拦截24,000个恶意移动应用。2017年,中国同样是全球拦截移动恶意软件最多的前十个国家之一。由于许多用户仍在使用较旧的操作系统,这为攻击者提供了可乘之机。例如,在安卓操作系统中,仅有20%的设备安装了最新的操作系统版本,而仅有2.3%的设备安装了次要版本系统。 The mobile end threat continues to show annual growth, including an increase of 54 per cent in the number of new mobile malware variants. In 2017, Simon Tiek intercepted, on average, 24,000 malicious mobile applications per day. In 2017, China was also one of the top 10 countries in the world to intercept the most hostile mobile software. As many users are still using older operating systems, this provides opportunities for the attackers. In Andre, for example, only 20 per cent of the equipment was installed , while only 2.3 per cent of the equipment was equipped with a secondary version.
移动用户同样面临来自灰色软件应用的隐私安全风险。尽管这些应用并非完全恶意,但同样会为用户带来不少麻烦。赛门铁克发现,63%的灰色软件应用会泄露设备的联系方式。2017年,灰色软件的数量增长20%,其所带来的安全问题依然围绕在用户身边。 Mobile users also face privacy security risks from grey software applications. Although these applications are not entirely malicious, they also cause a lot of trouble for users. Simontek has found that 63% of grey software applications reveal the contact details of the equipment. In 2017, the number of grey software grew by 20%, and the security implications of this are still around the users.
随着攻击者不断改进攻击手段,企业与消费者应该采取多种措施来实现安全防护。赛门铁克建议采取以下保护措施: As the attackers continue to improve their methods of assault, businesses and consumers should take a variety of measures to protect themselves.
部署安全解决方案:企业应该部署高级威胁情报解决方案,及时发现入侵信号并做出快速响应。为最坏的情况做好准备:事件管理可以确保企业的安全框架得到优化,并具备可测量性和可重复性,帮助企业吸取教训,从而改善安全态势。赛门铁克建议,企业用户应考虑与第三方专家开展长期合作,强化危机管理。实施多层防护:实施多层防护策略,从而全面应对针对网关、邮件服务器和端点的攻击。企业应该部署包括双重身份验证、入侵检测或防护系统(IPS)、网站漏洞恶意软件防护及全网Web安全网关解决方案在内的安全防护。定期提供关于恶意电子邮件的培训:向员工讲解鱼叉式网络钓鱼电子邮件和其他恶意电子邮件攻击的危害,采取向企业报告此类尝试性攻击的措施。监控企业资源:确保对企业资源和网络进行监控,以便及时发现异常和可疑行为,并将其与专家所提供的威胁情报相关联。 Deployment of security solutions: Business should deploy a high-level threat intelligence solution to detect intrusions in a timely manner and respond quickly to worst-case scenarios. Business should deploy security protections including dual identification, intrusion detection or protection systems (IPS), malicious web-based software protection and a web-wide Web-based web-based safety net solution to help businesses learn lessons to improve security postures. Saimenke suggests that business users should consider long-term cooperation with third-party experts to enhance crisis management. Multi-layer protection: implement multi-layer protection strategies to fully respond to attacks against gateways, mail servers and endpoints.
更改设备及服务的默认密码:在电脑、物联网设备和Wi-Fi网络中采用独特且强大的密码。请勿使用常见或易被猜出的密码,例如“123456”或“password”。确保操作系统和软件为最新版本:攻击者通常会利用最新发现的安全漏洞进行攻击,而软件更新通常会包含修复安全漏洞的相应补丁。谨慎对待电子邮件:电子邮件是网络攻击的主要感染途径之一。消费者应该删除收到的所有可疑邮件,尤其是包含链接或附件的邮件。对于任何建议启用宏以查看内容的MicrosoftOffice电子邮件附件,则更加需要保持谨慎。备份文件:对数据进行备份是应对勒索软件感染最有效的方式。攻击者可通过加密受害者的文件使其无法访问,以此进行勒索。如果拥有备份副本,用户则可以在感染清除后即刻恢复文件。 Change the default password for equipment and services: use unique and powerful passwords in the network of computers, devices and services Wi-Fi. Do not use common or easily guessed passwords, such as “123456” or “passwhttps://www.hqchip.app/1716”
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论