Microsoft:weerar balaadhan jabsi ah oo lagu qaaday inka badan kumanaan shirkadood

 


Sanadihii la soo dhaafay,dbinau wuxuu noqday mid ka mid ah qaababka ugu wanaagsan ee ay adeegsadaan haakaradu. Olole ugaarsi khiyaano ah ayaa sahlan in la diyaariyo, taasoo suurtogal ka dhigaysa in la bartilmaameedsado hadaf nta Sanadihii la soo dhaafay, shirqoolka wuxuu noqday mid ka mid ah qaababka ugu wanaagsan ee tugada internetka. Olole ugaarsi khiyaano ah ayaa sahlan in la diyaariyo, taasoo suurtogal ka dhigaysa in la bartilmaameedsado inta dhibanayaal ee suuragalka ah waana hub fiican ooy adeegsadaan haakaristayaasha.


Intaa waxaa dheer, kama kama labalabaynayaa  inay bartilmaameedsadaan isticmaaleyaasha hay'adaha dowliga ah iyo shirkadaha caanka ah ee loo yaqaan 'TTAG1> sida URSAFF, Mon Espace Santé ama DHL.


Microsoft ayaa hadda ku daabacday faahfaahinteeda barta amniga ee ololaha kalluumeysiga ee khiyaanada weyn ee saameeyay in ka badan 10,000 shirkadood oo adduunka ah tan iyo markii la bilaabay Sebtember 2021.


Sida laga soo xigtay cilmi-baarayaasha amniga kombiyuutarka ee Redmond, ololahan ballaaran wuxuu adeegsaday farsamooyinka wakiilka HTPS si uu u khayaamo xisaabaadka office 365.


Hadafku waa in la dejiyo emayllada xirfadeed. Mar haddii sanduuqyadan xirfadleyda ah ay leeyihiin, haakarisku waxay la xiriiraan macaamiisha iyo la-hawlgalayaasha shirkadahaan si ay u helaan lacag-bixinno been abuur ah. Tikniyoolajiyaddan waxaa loo yaqaan BEC for Business Email Compromise. 


Marka laga hadlayo modus operandi, waa sida soo socota: Hackers waxay diraan emayllo waxyeelo leh oo ay ku jiraan lifaaqyada HTML ee burburay. Adigoo gujinaya, dhibbanayaashu waxaa loo wareejiyaa irdaha diiwaangelinta gelitaanka been abuurka ah ee Xafiiska 365. Halkani waa meesha ololahan foosha xun uu kaga duwan yahay geedi socodka wajiga dhaqameed. Tani waa sababta oo ah cinwaanka emaylka isticmaalaha ayaa lagu lifaaqay URL bogga bogga. Ka dib waxaa loo isticmaalaa in lagu buuxiyo goobta soo galitaanka ka hor bogagga wajiga.


Mar haddii tan la sameeyo, bogagga khiyaanada waxay u dhaqmaan sidii wakiil oo waxay ka soo saaraan caddeynta isticmaaleha websaydhka xafiiska sharciga ah ee Microsoft office 365, iyada oo ujeedadu tahay codsashada shahaadada laba geesoodka ah. Qaabkan, haakarisku waxay awoodeen inay soo celiyaan furaha sirta ah marka lagu daro faylka aqoonsiga kalfadhiga. Qeybtan ugu dambeysa waa lama huraan, maxaa yeelay waxay u oggolaaneysaa isticmaaleha inuu la xiriiro isagoon mar labaad xaqiijin inta uu kalfadhigu socdo.


Tani waa sida haakarisku ku jiro sanduuqa boosta ganacsiga ay gebi ahaanba u xakameeyaan dhibbanaha, waxayna xor u yihiin inay emayl u diraan shaqaalaha, macaamiisha, iyo la-hawlgalayaasha ganacsiga, iyagoo rajeynaya inay helaan lacag-bixinno been abuur ah.