CC NGUY C MT THNG TIN KHI GIAO DCH TRN MNG INTERNET

Trnh by : V Thng Gim c Trung tm o To Qun Tr Mng & An Ninh Mng ATHENA E-mail : thangvd@athenavn.com

Ni Dung

Mt ANTT Mt s thng tin v ANTT ca ATHENA Mt ANTT t u ? Mi trng lm vic di ng v nguy c ANTT Mt vi xut Q&A

Mt ATTT l g ?

Thng tin b nhng ngi khng c quyn bit c (wikileak,thng tin, hnh nh b ngi khc bt v
s dng cho bo ca h, email, phone N# b s dng cho qung co.

Thng tin khng truy cp c (v phng thc truy

cp b t lit, v mt do xo, do thit b lu tr b h hi, b DoS)

Thng tin b sai lch, b thay i ni dung (th gi

mo, h s b lm sai lch, hnh b ghp)

S kin v mt ANTT
Ch Ch th th 897 897 CT-TTG CT-TTG ca ca TTCP: TTCP: Tng Tng cng cng cc cc hot hot ng ng bo bo m m an an ton ton thng thng tin tin s s v cc vn bn khc ca CQ nh nc Hng Hng trm trm website website chnh chnh ph ph gov.vn gov.vn bb hacker hacker nc nc ngoi ngoi tn tn cng cng

Vit Vit Nam Nam lin vn tc lin ctc tn c trong tn trong nhiunhiu danh danh sch quc sch t quc v cc t v vn cc vn lin quan lin quan n ATTT n ATTT, c bit l vn th rc
Bng Bng pht pht cc cc hnh hnh thc thc la la o o mi miqua qua nhiu nhiu phng phng thc thc nh nh tin tin nhn nhn SMS SMS, , email email, , yahoo chat, website Cc Cc hng hng bo bo mt mt ca ca Vit Vit Nam Nam ng ng lot lot tung tung ra ra cc cc gii gii php, php, phn phn mm mm bo bo v v cho cho Mobile. Mobile.

S kin (tip)
Mt s t bo in t ln ca VN b tn cng trong thi gian di Hng lot cc website, din n ln ca VN b tn cng bng nhiu phng thc khc nhau nh DDOS v ly cp tn min.

Vit Nam ang tr thnh a bn hot ng ca ti phm cng ngh cao t nc ngoi, ti phm CNC tng theo cp s nhn
Mt ATTT ngnh ngn hng tng: cc v vic cn b li dng k h trong ATTT nh cp tin; ATM skimming rt ph bin, Nguy c ly nhim virus, m c hi, la o trc tuyn qua mng x hi ang ngy cng cao ti Vit Nam

MT

AN NINH THNG TIN DO U ?

H thng ca qu v tng b tn cng mng (Cyber Attack) hay khng (tnh t 1/2011)?
45% 40% 35% 30% 25% 20% 15% 10% 5% 0%

T tin hn trong nhn bit tn cng. Tuy nhin kh nng nhn bit IP vn yu, nh vy l cc cng c monitoring mnh cha c thc thi

2011 2012

Khng bit

Khng b tn C b tn cng C b tn cng cng nhng khng v c theo r s ln di y

Bo co 2010: T l tuyn b khng gp phi tn cng no tng mnh

Cc tn cng m c quan/t chc ca qu v gp phi k t thng 1 nm 2011

50% 45% 40% 35% 30% 30% 25% 20% 15% 10% 5% 0% S xm nhp S xm nhp Xm nhp h h thng t h thng t thng bi ngi bn nhng ngi ngi trong ngoi vo bn ngoi t chc (v mng bn nhng nm d: t my trong r bn trong bn bn (v d: do trong mng nhn vin c xm nhp tri cn gi mt php vo khu, ) my ch, ) H thng nhim phi trojan hay rootkit (nhng m c hi malware khng t ly lan c) H thng Cc kiu tn Tn cng t Thay i din nhim phi cng lm suy chi dch v mo, ni virus hay gim hiu (DOS) dung worm (nhng nng mng website m c hi - (v d: d (trang ch) malware t qut (scan) ly lan) mng vi cng cao gy qu ti) Ph hoi d Khng gp liu hay h phi tn cng thng (v d: no c tnh xa d liu quan trng, ) 8% 21% 17% 14% 35% 41% 46%

1. T tin hn khi chng Malware 2. DOS tng mnh 3. S lng cc IP nc ngoi tn 30% cng tng mnh
27%

18%
14% 8% 9% 10% 6% 10%

9%
6% 6%

2011

2010

Theo qu v nhng ng c no c nghi ng l nguyn nhn gy ra nhng hnh ng trn?

Khng r ng c To ngun thu ti chnh bt hp php Chim ot ti nguyn h thng ca c quan s dng cho mc ch c nhn Nhm to li th cnh tranh thng mi (v d: tnh bo cng nghip) Th hn c nhn (v d: nhn vin hoc ngi ngoi c th hn c nhn) Ph hoi h thng c ch ch Nhm th hin k nng tn cng Nhm chim dng ti nguyn h thng dn ti nhng cuc tn cng nc danh Khng c ng c r rng (v d: k tn cng tnh c tm thy im yu v khai thc n) 0% 5% 10% 15% 20% 7% 5% 14% 18% 17% 17% 15% 12% 8% 7% 11% 13% 12% 12%

28% 26%

43% 47% 25% 30% 35% 40% 45% 50%

2010

2011

T chc ca qu v c c lng c tng i tn tht ti chnh khi b tn cng khng?

70% 60% 50%

40% 30% 20% 10%

2011 2010

0%

Khng
1. 2.

Kh nng nh gi tn tht ti chnh nhn chung vn mc thp, khng thay i nhiu so vi nm ngoi (cha thc thi nh ga ri ro) Khi i vo cc tn cng c th th cc tn cng bn ngoi nh DOS, tn cng Web c cho l hay gy tn tht, trong khi cc tn cng bn trong b coi nh (c im tm l 2011?)

Tm li

http://www.securityawareness.com/secnews.htm

Bng cch no chng ta b hacked?

mt my tnh (hay thit b tnh ton c lp trnh) b hacked, phi c mt mt ng dng ni gin L ng dng ca ta c s h v b tr thnh ni gin khng ph thuc vo chng ta. L ng dng do k xu ci t vo my ca ta vi s gip sc ca ta. Nu my tnh ca ta khng b i => ch c th la (phishing) chng ta cung cp thng tin, hoc nghe thng tin trn ng truyn => Chng ta c th sng trong mi trng Internet ha vi dy c tin tc nh hin nay

Bng cch no chng ta trnh b hacked?

ng dng

ca ta c s h v b tr thnh ni gin khng ph thuc vo chng ta => v li phn mm.

ng dng do k xu

ci t vo my ca ta vi s gip sc ca ta => bit v thn trng khng b la (click vo link ca k xu, ci phn mm xu).
La (phishing) => nhn bit (bng cng c, hiu bit, thu dit web gi) website gi
Nghe ln thng tin trn ng truyn

=> M ha d liu.

Tn cng m c
Click vo y xem

full
bn

Download bn p y

Mi trng lm vic freelance

Mi trng lm vic di ng S dng nhiu thit b khc nhau Kt qu 100% dng s => d mt ht

Ri Ro Mi Trng Wifi

Ngi dng

Ngi dng

Trm truy cp khng dy (Access Point AP)

Hack er

Ngi dng

V D CC TN CNG WIFI
T chi dch v DoS

Trm truy cp AP gi mo

Nhm AP

Cu hnh sai AP

Cu hnh sai AP Kt ni ngang hng wifi My trm gia nhp nhm AP! Ngi dng bt hp php

Kt ni bt hp php

AP Gi

Tn cng t chi dch v

Ad Hoc

Tn cng gi mo AP

Nn nhn

AP
Hacker

Khai thc Thng tin t Mng X Hi

Ngy 1/7/2012 , Mng X Hi Bai du Trung Quc m thm trin khai ti Vit Nam C kh nng thu thp thng tin ngi dng ti Vit Nam C th s dng thng tin ngi dng s dng cho mc ch xu Theo bo ngi lao ng ngy 1/7/2012 http://nld.com.vn/20120701102825994p0c100 2/baidu-tra-da-quan-bi-phan-ung-du-doi.htm

Tm lc
Thc

???) Cn nhc k trc khi click vo link hoc ci t phn mm mi M ho thng tin mi khi c th: m ha tp tin, m ho thit b lu tr, xc thc khi s dng thit b, m ho ng truyn. S dng 2 phng thc kt hp xc thc (token+mt khu)
Trin

hin v (patch) kp thi v y (t ng

khai xa d liu t xa phng mt thit b.

Hi p

LIN H

V THNG

Trung tm o To Qun Tr Mng & An Ninh Mng ATHENA

2 Bis inh Tin Hong, DaKao, Qun 1,Tp HCM

www.athena.com.vn
Tel : 38244041 Hotline : 090 78 79 477