Phan Thu Trang

Ma doc tan cong kien true mang xa hoi tang manh

B

ao cao hifin trang bao mfit thang 7 nam 2011 do Symantec edng bd ngay 15 thang 8 nam 2011 cho thiy sff gig tang dang bao dpng eija cac biin the ma ddc da hinh (pplymprphic malware) v i c l sd Iffpng lln mffc dd nguy hai. Cff 280,9 email trfin toan clu dffpc gffi di trpng thang 7 thi cd 1 email dffdc xac djnh ed chffa ma dfic, chiim 23,7% tdng Iffdng email ma ddc bi ngan chgn trong thang 7; eon sd nay Idn hdn gip 2 lln so vdi sau thang trffdc day, ddng thdi nd cho thiy tdi pham mang dang tang cffdng chiin Iffpe tin cdng hung hang hPn. Trong thang 7 nam 2011, eae nffde Chau A eung din diu v i ngudn gde phat sinh cija Iffdng thff rac toan clu. An Od din diu danh saeh eae nffde trfin thi gidi vdi ty Ifi 15,5% tdng ngudn thff rac trfin toan clu, Vifit Nam dffng d vj tri thff 4 vdi 6,4%, In- donesia va Trung Qudc dffng ngay sau Vifit Nam vdi ty Ifi ti/dng ffng la 2,6% va 2,5%.

Bl^n th^ ma doc ngay cang tang manh Theo dng Raymond Goh, giam dde ky thuat khu vffc Nam A, Bd phan Kiin triic hfi thdng va Tff van djch vu khach hang Symantec:

"Sd Iffpng eae biin tiie ma dde va cac ddng ma dpc dffpc sff dyng trong cac cudc tin edng gin day dg phat trien mgnh. Niu so vdi 6 thang trffdc dgy thi eon sd nay da tang Ifin 25 lln. Sff phat ti'iin nd rd ti'ong mdt tiidi gian ngan nhff vgy khiin eho nhiiu td chffc dffng trffdc nguy cd rui ro cao bdi vi nhumg ddng ma ddc mdi nay khd phat hifin hdn bing cac cdng cu blp mat truyin thdng.'' Cac ddng ma dde nay thffdng dffpe tieh hpp bfin trpng mfit tfip tin thi hanh (executable file), dffdc dinh kfim trpng tfip tin nen dgng ZIP va thffdng tra hinh dffdi vd bpc mfit tfip fin dgng PDF hogc mdt tai lifiu dang van ban.

Xu hffdng tan edng kieu mdi nay nham phat tan eae logi mg dde da hinh (polymorphic mglware) quy md Idn khiin nhiiu doanh nghifip cln phai Iffff tam, dac bifit la nhflng doanh nghifip chl ddn thuin sff dung cae edng eu bao mat truyin thdng bdi nhflng ma dde nay dffpe tap ra de ddi phd vdi cae cdng cu bap mgt dd. Vi du v i ky thuat tan edng

nay lifin quan din thay ddi ma khdi tgo trfin mpi phien ban cua ma dfic; thay dpi d u triic doan ma va khiin eho cae cP ehi tim quet trong nhiiu san pham diet virus khd phat hifin ra chiing.

NhOTig phan tieh sau hdn eung eho thiy cac cude tin cdng Iffa dao hifin nay dang nhim tdi vific sff dung nhiiu cdng cu khac nhau d i khai thac Id hdng/diim yiu trfin di dfing eija ngffdi diing. Hai xu hffdng rd nhit cija tdi phgm mgng la: Sd Iffpng cac vu Iffa dao trfin cae trang ed giao thffc ffng dung khdng day (WAP pages) gia tang - day la nhufng trang Web nhe dffdc thiit k i cho cac thifit bi di dfing nhd nhff difin thogi di ddng; va thff hai la vific tan dung cac tfin miin bj chiim quyin diiu khien ma da dang ky eho thiit bi di ddng, ching hgn nhff sff dtjng tfin miin hang diu gianh eho di dfing .mobi. Mdt sd thdng tin chi tifi't v i tinh hinh an ninh mgng tdng thang nhff sau:

Thff rac: Ty lfi thff rac trfin toan clu tang len mffc 77,8% (tffdng dffdng cff 1,29 email gffi ra thi cd 1 thff rac); con sd nay tang 4,9% so vdi thang 6 nam 2011. Vifit Nam nim trong Top 5 nffdc din diu v i ty Ifi thff rac vdi ty Ifi 81,6%, va ngudn phat tan thff rac tff Vifit Nam chiim tdi 6,4% tdng ngudn phat tan thff rac trfin toan clu.

Lffa dlo( phishing): Lffpng thff rac Iffa dao tang 0,01% so vdi thang 6 nam 2011; cff 319,3 email (0,313%) dffpe gffi ra thi ed 1 email ehffg npi dung Iffa dio.

Cae mdi de dpa an trong email (Email- bourne Threats): Ty lfi cge virus an trong email trfin tdng Iffu Iffpng email trfin toan clu la 1 trfin 280,9 email (tffpng dffpng 0,333%) vao thang 7 nam 2011, tang 0,01% so vdi thang 6 nam 2011.

Cae de dpa dpc hgi trfin web: Hfi thdng Symantec Intelligence da phat hifin trung binh khoang 6,797 websites cd chffa phin mim dfic hgi va nhffng chffdng trinh phin mim khong mong mudn mdi ngay (bao gdm spyware-phin mim gian difip va adware- phln mim quang eao), eon sd nay tang

25,5% so vdi thang 6 nam 2011.

Mdi de dpa vdi cac thiit bi diu eudi: Phin mim ddc hai bi chan nhiiu nhit vao thang trffdc la W32.Ramnit!html. Mdi de dpa nay do phat hifin thay eae file .HTML bi lay nhiim bdi W32.Ramnit - mpt Ipgi sau lay nhiim trfin eae d cffng di ddng va thdng qua cac tfip tin thffc thi dffdc (executable file). Logi sau nay lay nhiim bing each tff ma hda va sau dd tff gin kem vdi eae tfip tin ed dudi md rdng .DLL, .EXE va .HTM. Cac biin the ciJa loai sau Ramnit chiim khoang 17,3%

trfin tdng sd cac phin mim dde hai bi chgn bdi cdng nghfi bao vfi thiit bj diu cudi trong thang 7.

Nhirng xu hu6ng theo nganh:

LTnh vffc Tff ddng hda vin la linh vffc cd ty lfi thff rac nhiiu nhit, vdi ty lfi 80,7%.

Ty lfi thff rac trong ITnh vffc Giao due tang Ifin 80,3%; linh vffc Hda chit & Dffdc pham:

77,9%; finh vffc djch vu CNTT: 77,8%; vdi linh Vffc Ban le thi ty lfi la 77,8%; ITnh vffc Cdng cd ty Ifi thff rac 77,0% va ITnh vffc Tai chinh cd ty lfi 77,0%.

Khu vffc cdng (Public Sector) vin la ddi tffpng muc tifiu hang diu eua cac hogt dfing Iffa dao trong thang 7 nam 2011, cff 73,2 email gffi tdi thi cd 1 email cd chffa npi dung Iffa dao.

Hogt ddng Iffa dio trong linh vffc Hda chit va Dffdc pham chiim ty Ifi 1 trfin 799.0 email, trong ITnh vffc dieh vu CNTT la 1 trfin 566.2 email; vdi linh vffc Ban le thi ty Ifi la 1 trfin 482.3 email; Giao due: 1 trfin 87.8 email va Tai chinh: 1 trfin 396.7 email.

Vdi ty Ifi cff 62,1 email thi ed 1 email dffpe coi la ddc hgi, khu vffc cdng vin la ITnh vffc bi tin edng nhiiu nhit trong thang 7 nam 2011.

Ty le virus trong email eija ITnh vffc Hda chat va Dffdc pham la 1 trfin 438,9 email va vdi ITnh vffc Dieh vu CNTT, ty Ifi nay la 1 trfin 390,0 email; ITnh vffc Ban le: 1 trfin 418,3 email; fTnh vffc Giao due cd ty lfi 1 trfin 79,1 email va ITnh vffc tai ehinh ty Ifi nay la 1 trfin 443,5 email •

TAP CHI TIN HOC NGAN HANG • SO 6(122) - 8/2011 • 5 1