Uzbrukumi, kas v\u0113rsti uz pakalpojuma atteikumu, iesp\u0113jams, neat\u0161\u0137\u012br\u0101s, un tikai 7,8 procenti \u0161\u0101da veida uzbrukumu pa\u0161laik k\u013c\u016bst sp\u0113c\u012bgi. Tika izmantota pat InsertSubscriberData sist\u0113ma, tom\u0113r 99 procenti zi\u0146ojumu palika cikliski - tie noteikti tika noraid\u012bti no operatora t\u012bkla. Apmekl\u0113t\u0101jiem un filtr\u0113\u0161anai bija iev\u0113rojama ietekme uz izn\u0101kumu - ka piepras\u012bjumu \u012bpatsvars no \u0161iem t\u012bkliem bija reizes maz\u0101ks nek\u0101 p\u0101r\u0113jos t\u012bklos, tom\u0113r bija neiesp\u0113jami palikt pasarg\u0101tiem no uzbrukumiem. Pakalpojuma atteikums tagad b\u016btu IoT ier\u012b\u010du apdraud\u0113jums. Tagad ne tikai pat\u0113r\u0113t\u0101ju ier\u012bces ir savienotas ar sakaru t\u012bkliem, bet ar\u012b pils\u0113tas infrastrukt\u016bras elementi, m\u016bsdienu uz\u0146\u0113mumi, ener\u0123\u0113tikas, transporta un citi uz\u0146\u0113mumi.<\/p>\n
T\u0101 k\u0101 m\u0113s jau esam teiku\u0161i, ka uzbruc\u0113js var palaist uzbrukumu abonenta pieejam\u012bbu t\u0101d\u0101 veid\u0101, ka sazi\u0146u nevar atdz\u012bvin\u0101t, pat nesazinoties ar atbalstu, bet laiks p\u0101rsniedz tr\u012bs stundas parasti.<\/p>\n
<\/p>\n
<\/p>\n
K\u0101 jau min\u0113ts iepriek\u0161, ar atsevi\u0161\u0137u dro\u0161\u012bbas pas\u0101kumu veik\u0161anu, pat neizmantojot dro\u0161\u012bbas veidu, nepietiek, lai nov\u0113rstu visus uzbrukumus, kas izmanto ievainojam\u012bbas, un to nosaka SS7 t\u012bklu arhitekt\u016bra. Izskat\u012bsim piem\u0113ru. Uzbrukums p\u0101rv\u0113rt\u0101s par darb\u012bbu virkni, ko uzbrukuma atkl\u0101\u0161anas proced\u016bra sp\u0113ja apvienot ticam\u0101 sec\u012bb\u0101, lai gan dro\u0161\u012bbas metodes ne\u0146\u0113ma v\u0113r\u0101 r\u012bkojumus. Vispirms uzbruc\u0113ji atst\u0101ja veiksm\u012bgu m\u0113\u0123in\u0101jumu atrast abonenta IMSI. Ieg\u016bstot inform\u0101ciju, lai veiktu darb\u012bbas, vi\u0146i cent\u0101s atrast abonentu. \u0160is uzbrukuma punkts sabruka. Uzbruc\u0113ji nos\u016bt\u012bja pet\u012bciju abonenta re\u0123istr\u0101ciju t\u012bkl\u0101. Piepras\u012bjums tika apstiprin\u0101ts operatora t\u012bkl\u0101. Vi\u0146i var\u0113ja p\u0101rtvert abonenta ien\u0101ko\u0161os t\u0101lru\u0146a zvanus un \u012bszi\u0146as, t\u0101ds bija vi\u0146u m\u0113r\u0137is. K\u0101p\u0113c m\u0113s neizp\u0113t\u012bsim katru pas\u0101kumu detaliz\u0113t\u0101k?<\/p>\n
PT TAD b\u012bstam\u012bbas noteik\u0161anas un atbildes proced\u016bra atpazina SendRoutingInfoForSM zi\u0146ojumus, kas pieg\u0101d\u0101ti \u0101r\u0113j\u0101 server\u012b uz k\u0101du abonentu no sava operatora m\u0101jas t\u012bkla. Ne p\u0101rsteidzo\u0161i, ka \u0161ie zi\u0146ojumi tika atz\u012bti par ap\u0161aub\u0101miem, lai gan tie bija der\u012bgas darb\u012bbas gad\u012bjumi, jo tiem cie\u0161i nesekoja SMS. L\u012bdzek\u013ci centieniem cie\u0161i sekoja katram materi\u0101lam, lai uzbruktu t\u012bklam, izmantojot ProvideSubscriberInfo, kas ir trauc\u0113ts ar \u0161o t\u012bklu. Pat PT TAD metode konstat\u0113ja, ka SendRoutingInfoForSM kop\u0101 ar ProvideSubscriberInfo uzbrukumu mais\u012bjums, izmantojot tikai vienu 2 min\u016btes, kas noz\u012bm\u0113, ka abonenta atra\u0161ana ir pabeigta.<\/p>\n
<\/p>\n
K\u0101 m\u0113s varam viegli redz\u0113t, daudzi mobilo sakaru operatori aizsarg\u0101 savu SS7 rezervi, p\u0101rkonfigur\u0113jot t\u012bkla pieg\u0101des un piem\u0113rojot SMS m\u0101jsaimniec\u012bbas mar\u0161rut\u0113\u0161anas l\u012bdzek\u013cus. Tas patie\u0161\u0101m var b\u016bt l\u012bdzeklis, lai pretotos SS7 uzbrukumiem, tom\u0113r ar to, iesp\u0113jams, nepietiek, lai aizsarg\u0101tu t\u012bklu. M\u016bsu p\u0113t\u012bjums un ar\u012b dro\u0161\u012bbas izp\u0113tes kl\u012bnika liecina, ka past\u0101v iesp\u0113jas veikt SS7 uzbrukumus, kas izlai\u017e \u0161\u0101da veida dro\u0161\u012bbas meh\u0101niku. Turkl\u0101t uzbrukumi ir nedaudz slepeni un gr\u016bti atkl\u0101jami jau no mazotnes. T\u0101p\u0113c m\u0113s dom\u0101jam, ka mobilo sakaru operatoriem ir j\u0101piedal\u0101s SS7 \u0101r\u0113jo attiec\u012bbu dro\u0161\u012bbas izseko\u0161an\u0101, ko veicina iedarb\u012bbas pamats, kas ir aktu\u0101ls.<\/p>","protected":false},"excerpt":{"rendered":"
Uzbrukumi, kas v\u0113rsti uz pakalpojuma atteikumu, iesp\u0113jams, neat\u0161\u0137\u012br\u0101s, un tikai 7,8 procenti \u0161\u0101da veida uzbrukumu pa\u0161laik k\u013c\u016bst sp\u0113c\u012bgi. Tika izmantota pat InsertSubscriberData sist\u0113ma, tom\u0113r 99 procenti zi\u0146ojumu palika cikliski - tie noteikti tika noraid\u012bti no operatora t\u012bkla. Apmekl\u0113t\u0101jiem un filtr\u0113\u0161anai bija iev\u0113rojama ietekme uz...<\/p>","protected":false},"author":1,"featured_media":1736,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[69,1],"tags":[],"class_list":["post-457","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-sms-intercept","category-ss7-sms"],"yoast_head":"\n