Mnoh\u00ed z n\u00e1s u\u017e ur\u010dite za\u017eili scen\u00e1re, ke\u010f n\u00e1s syst\u00e9m internetov\u00e9ho bankovn\u00edctva \u017eiadal, aby sme opakovane zad\u00e1vali svoje \u00fadaje. Syst\u00e9m toti\u017e nedok\u00e1\u017ee zisti\u0165 \u00fadaje o na\u0161om \u00fa\u010dte. Je to nielen znepokojuj\u00faca, ale aj otravn\u00e1 situ\u00e1cia. Mus\u00edme zada\u0165 autoriza\u010dn\u00fd k\u00f3d na overenie na\u0161ej toto\u017enosti.<\/p>\n
Na tento \u00fa\u010del dostaneme spr\u00e1vu alebo telefon\u00e1t z banky. Tento syst\u00e9m z\u00edskavania inform\u00e1ci\u00ed vyu\u017e\u00edvaj\u00fa nielen bankov\u00e9 \u00fa\u010dty. Ale aj in\u00e9 finan\u010dn\u00e9 organiz\u00e1cie zhroma\u017e\u010fuj\u00fa \u00fadaje na overovanie po celom svete.<\/p>\n
Vo febru\u00e1ri 2019 upozornil hacker Metro Bank na z\u00e1va\u017en\u00fd probl\u00e9m so signaliza\u010dn\u00fdm syst\u00e9mom 7 (SS7). Oper\u00e1tori mobiln\u00fdch siet\u00ed (MNO) pou\u017e\u00edvaj\u00fa tento s\u00fabor protokolov na prenos \u00fadajov. SS7 je medzin\u00e1rodn\u00fd telekomunika\u010dn\u00fd \u0161tandard na prenos hovorov, spr\u00e1v a in\u00fdch \u00fadajov. Tento syst\u00e9m zabezpe\u010duje platnos\u0165 inform\u00e1ci\u00ed a poplatkov pre z\u00e1kazn\u00edkov. Prev\u00e1dzkovatelia mobiln\u00fdch siet\u00ed (MNO) vo ve\u013ekej miere pou\u017e\u00edvaj\u00fa tento syst\u00e9m SS7 na prenos d\u00e1t. Pom\u00e1ha pou\u017e\u00edvate\u013eom pri d\u00e1tovom roamingu po\u010das cestovania do akejko\u013evek inej krajiny.<\/p>\n
V roku 1974, ke\u010f bola SS7 vyn\u00e1jden\u00e1, neexistoval ani jeden probl\u00e9m so zranite\u013enos\u0165ou. V \u010dase zavedenia SS7 existovalo len obmedzen\u00e9 mno\u017estvo prev\u00e1dzkovate\u013eov siet\u00ed. Ale technol\u00f3gia a r\u00fdchly n\u00e1rast po\u010dtu MNO jej dali priestor. Teraz, vo svete viacer\u00fdch MNO, sa stalo mo\u017en\u00e9 nab\u00fara\u0165 sa do ak\u00e9hoko\u013evek mobiln\u00e9ho zariadenia pomocou syst\u00e9mu SS7.<\/p>\n
Niet poch\u00fdb o tom, \u017ee t\u00edto MNO sa sna\u017eia chr\u00e1ni\u0165 svojich pou\u017e\u00edvate\u013eov. Sna\u017eia sa vymyslie\u0165 \u010do najlep\u0161ie bezpe\u010dnostn\u00e9 opatrenia, ale ich protivn\u00edci sa tie\u017e u\u010dia. Rovnomern\u00e9 rozdelenie znalost\u00ed sp\u00f4sobilo, \u017ee je zlo\u017eit\u00e9 chr\u00e1ni\u0165 syst\u00e9m pred t\u00fdmito inteligentn\u00fdmi naru\u0161ite\u013emi. Ak niektor\u00fd MNO prijme nejak\u00fd sledovac\u00ed prostriedok, podvodn\u00edci tie\u017e n\u00e1jdu rie\u0161enie, ako ho prekona\u0165.<\/p>\n
Samozrejme, s\u00fa vzdelan\u00ed, zru\u010dn\u00ed a vybaven\u00ed hackersk\u00fdmi n\u00e1strojmi a strat\u00e9giami. S touto pomocou \u00faspe\u0161ne pristupuj\u00fa k pripojen\u00fdm telef\u00f3nnym sie\u0165am, ktor\u00e9 ich zauj\u00edmaj\u00fa. T\u00edto hackeri vyu\u017e\u00edvaj\u00fa telef\u00f3nne \u010d\u00edsla a pou\u017e\u00edvaj\u00fa protokol SS7, aby sa dostali k t\u00fdmto zranite\u013en\u00fdm miestam.<\/p>\n
V\u0161etci odborn\u00edci a technol\u00f3gie MNO s\u00fa dobre obozn\u00e1men\u00ed s t\u00fdmito trag\u00e9diami SS7. Zlo\u017eit\u00e1 povaha technol\u00f3gie im s\u0165a\u017euje n\u00e1js\u0165 trval\u00e9 rie\u0161enie proti t\u00fdmto zranite\u013enostiam. Mnoh\u00e9 mobiln\u00e9 sie\u0165ov\u00e9 syst\u00e9my sa rozhodli bojova\u0165 proti t\u00fdmto rizik\u00e1m, ale narazili na tvrd\u00e9 a inteligentn\u00e9 prek\u00e1\u017eky. V\u00e4\u010d\u0161inou po\u010das d\u00e1tov\u00e9ho roamingu nie je mo\u017en\u00e9 SS7 filtrova\u0165 kv\u00f4li dosahu siete.<\/p>\n
Pokia\u013e sa hackeri dostan\u00fa do syst\u00e9mu SS7, m\u00f4\u017eu sa \u013eahko dosta\u0165 k mobiln\u00e9mu ovl\u00e1daniu. M\u00f4\u017eu prij\u00edma\u0165 hovory, spr\u00e1vy a preposiela\u0165 ich. Pre MNO a technol\u00f3gov sa st\u00e1va nemo\u017en\u00e9 zisti\u0165 polohu podvodn\u00edkov.<\/p>\n
Hoci v roku 2020 boli zaveden\u00e9 ur\u010dit\u00e9 autentick\u00e9 a pr\u00edsne bezpe\u010dnostn\u00e9 opatrenia. Zranite\u013enos\u0165 SS7 je v\u0161ak st\u00e1le vydan\u00e1 napospas t\u00fdmto hackerom. IT experti a technol\u00f3govia zav\u00e1dzaj\u00fa nov\u00e9 protokoly ako priemer pre siete 4G. Hoci zabezpe\u010duje pripojenie, st\u00e1le existuje mo\u017enos\u0165 zranite\u013enosti. Ke\u010f\u017ee sie\u0165 4G pou\u017e\u00edva na prenos hovorov a spr\u00e1v aj star\u00fa kompatibilitu SS7.<\/p>\n
Bezpe\u010dn\u00fd a chr\u00e1nen\u00fd protokol m\u00f4\u017ee pom\u00f4c\u0165 pred t\u00fdmito zranite\u013enos\u0165ami. Pri navrhovan\u00ed tak\u00e9hoto bezpe\u010dn\u00e9ho protokolu s\u00fa d\u00f4le\u017eit\u00e9 niektor\u00e9 faktory. Po prv\u00e9, vyhn\u00fa\u0165 sa krokom, ktor\u00e9 ved\u00fa k riziku. Tak\u017ee vyl\u00fa\u010denie naru\u0161ite\u013eov z bezpe\u010dn\u00e9ho a efekt\u00edvneho komunika\u010dn\u00e9ho syst\u00e9mu zn\u00ed\u017ei riziko. Po druh\u00e9, MNO a in\u00e9 pr\u00edslu\u0161n\u00e9 spolo\u010dnosti by mali tieto pr\u00edpady pravidelne od za\u010diatku sledova\u0165. Tak\u017ee tieto pom\u00f4\u017eu pri vykorenen\u00ed t\u00fdchto zranite\u013en\u00fdch hackerov z mobiln\u00e9ho syst\u00e9mu SS7.<\/p>","protected":false},"excerpt":{"rendered":"
Mnoh\u00ed z n\u00e1s u\u017e ur\u010dite za\u017eili scen\u00e1re, ke\u010f n\u00e1s syst\u00e9m internetov\u00e9ho bankovn\u00edctva \u017eiadal, aby sme opakovane zad\u00e1vali svoje \u00fadaje. Syst\u00e9m toti\u017e nedok\u00e1\u017ee zisti\u0165 \u00fadaje o na\u0161om \u00fa\u010dte. Je to nielen znepokojuj\u00faca, ale aj otravn\u00e1 situ\u00e1cia. Mus\u00edme zada\u0165 autoriza\u010dn\u00fd k\u00f3d na overenie na\u0161ej toto\u017enosti. Na tento \u00fa\u010del sme...<\/p>","protected":false},"author":1,"featured_media":411,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-393","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ss7-sms"],"yoast_head":"\n