{"id":168239,"date":"2019-01-25T14:06:50","date_gmt":"2019-01-25T14:06:50","guid":{"rendered":"https:\/\/bm.dev.synology.me\/?p=168239"},"modified":"2019-01-25T14:06:50","modified_gmt":"2019-01-25T14:06:50","slug":"kaspersky-lab-a-identificat-o-suprapunere-a-atacurilor-cibernetice-intre-doua-grupuri-ruse","status":"publish","type":"post","link":"https:\/\/bm.dev.synology.me\/?p=168239","title":{"rendered":"Kaspersky Lab a identificat o suprapunere a atacurilor cibernetice \u00eentre dou\u0103 grupuri ruse"},"content":{"rendered":"<div style=\"color: rgb(0, 0, 0); font-family: &quot;Source Sans Pro&quot;, sans-serif; font-size: 13.3333px;\">\nGrup\u0103rile de hacking BlackEnergy \u015fi Sofacy sunt considerate doi dintre principalii actori din peisajul modern al amenin\u0163\u0103rilor cibernetice. \u00cen trecut, activit\u0103\u0163ile lor au dus deseori la consecin\u0163e grave, la nivel na\u0163ional. BlackEnergy a provocat unul dintre cele mai cunoscute atacuri cibernetice din istorie, atac\u00e2nd instala\u0163iile energetice ucrainene \u00een 2015, ceea ce a dus la \u00eentreruperi \u00een furnizarea curentului electric. \u00centre timp, grupul Sofacy a declan\u015fat atacuri \u00eempotriva organiza\u0163iilor guvernamentale americane \u015fi europene, precum \u015fi \u00eempotriva agen\u0163iilor de securitate na\u0163ional\u0103 \u015fi de informa\u0163ii. A existat \u015fi anterior b\u0103nuiala privind o&nbsp; leg\u0103tur\u0103 \u00eentre cele dou\u0103 grupuri, dar nu s-a dovedit p\u00e2n\u0103 acum, c\u00e2nd succesorul lui BlackEnergy \u2013 GreyEnergy \u2013 a folosit malware pentru a ataca \u0163inte de infrastructur\u0103 industrial\u0103 \u015fi critic\u0103, \u00een special din Ucraina, exist\u00e2nd puternice asem\u0103n\u0103ri de structur\u0103 cu BlackEnergy.<\/p>\n<p>\nDepartamentul ICS CERT al Kaspersky Lab, responsabil cu cercetarea \u015fi eliminarea amenin\u0163\u0103rilor pentru sistemele industriale, a g\u0103sit dou\u0103 servere g\u0103zduite \u00een Ucraina \u015fi Suedia, utilizate de ambele grup\u0103ri, \u00een acela\u015fi timp, \u00een iunie 2018. GreyEnergy a folosit serverele \u00een campania sa de phishing pentru a stoca un fi\u015fier periculos. Acest fi\u015fier a fost desc\u0103rcat de utilizatori \u00een momentul deschiderii unui document text ata\u015fat la un e-mail de phishing. \u00cen acela\u015fi timp, Sofacy a folosit serverul ca centru de comand\u0103 \u015fi control pentru propriul malware. Deoarece ambele grupuri au folosit serverele pentru un timp relativ scurt, o astfel de coinciden\u0163\u0103 sugereaz\u0103 o infrastructur\u0103 comun\u0103. Acest lucru a fost confirmat de faptul c\u0103 ambii atacatori au vizat aceea\u015fi companie, la distan\u0163\u0103 de o s\u0103pt\u0103m\u00e2n\u0103, cu e-mail-uri de phishing. \u00cen plus, ambele grupuri au folosit documente similare de tip phishing sub forma unor e-mail-uri de la Ministerul Energiei din Republica Kazahstan.<\/p>\n<\/div>\n<div style=\"color: rgb(0, 0, 0); font-family: &quot;Source Sans Pro&quot;, sans-serif; font-size: 13.3333px;\">\n&nbsp;<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Exper\u0163ii Kaspersky Lab au identificat o suprapunere a atacurilor cibernetice \u00eentre dou\u0103 grupuri, GreyEnergy \u2013 care se crede c\u0103 este succesorul BlackEnergy \u2013 \u015fi gruparea de spionaj cibernetic Sofacy. Ambii actori au folosit acelea\u015fi servere \u00een acela\u015fi timp, dar \u00een scopuri diferite.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[510],"tags":[32507,10657,15650],"class_list":["post-168239","post","type-post","status-publish","format-standard","hentry","category-actualitate","tag-cibernetic","tag-kaspersky","tag-spionaj"],"_links":{"self":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/168239","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=168239"}],"version-history":[{"count":0,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=\/wp\/v2\/posts\/168239\/revisions"}],"wp:attachment":[{"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=168239"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=168239"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bm.dev.synology.me\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=168239"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}