{"id":16694,"date":"2023-10-10T08:00:00","date_gmt":"2023-10-10T05:00:00","guid":{"rendered":"https:\/\/rockvell.com\/?p=16694"},"modified":"2023-10-10T12:53:41","modified_gmt":"2023-10-10T09:53:41","slug":"kaspersky-ics-cert-2023","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=16694","title":{"rendered":"Kaspersky\u00a0ICS\u00a0CERT – 2023"},"content":{"rendered":"\n

Kaspersky ICS CERT: 2023-c\u00fc ild\u0259 s\u0259naye t\u0259\u015fkilatlar\u0131na h\u00fccumlar n\u0259tic\u0259sind\u0259 kiberinsidentl\u0259rin say\u0131 art\u0131b<\/strong><\/p>\n\n\n\n

Cinay\u0259t motivli h\u00fccumlar d\u00fcnya \u00fczr\u0259 s\u0259naye t\u0259\u015fkilatlar\u0131n\u0131n b\u0259las\u0131na \u00e7evrilir<\/em><\/p>\n\n\n\n

\u201cKaspersky ICS CERT\u201din m\u0259lumat\u0131na g\u00f6r\u0259, 2023-c\u00fc ilin birinci yar\u0131s\u0131nda d\u00fcnya \u00fczr\u0259 s\u0259naye m\u00fc\u0259ssis\u0259l\u0259rind\u0259 r\u0259smi t\u0259sdiql\u0259nmi\u015f kiber insidentl\u0259rin say\u0131 artmaqda davam edir. Hadis\u0259l\u0259rin b\u00f6y\u00fck \u0259ks\u0259riyy\u0259ti fidy\u0259 proqramlar\u0131n\u0131n pay\u0131na d\u00fc\u015f\u00fcb. \u015eirk\u0259tin ekspertl\u0259ri t\u0259sir\u0259 m\u0259ruz qalan t\u0259\u015fkilatlar\u0131n h\u00fccumlar\u0131n\u0131n h\u0259d\u0259f ald\u0131\u011f\u0131 sistem bo\u015fluqlar\u0131n\u0131 r\u0259smi \u015f\u0259kild\u0259 t\u0259sdiql\u0259diyi insidentl\u0259rin t\u0259hlilind\u0259n sonra bel\u0259 bir q\u0259na\u0259t\u0259 g\u0259libl\u0259r.<\/p>\n\n\n

\n
\"\"<\/figure><\/div>\n\n\n

\u018fn \u00e7ox h\u00fccuma m\u0259ruz qalan sah\u0259 s\u0259naye istehsal\u0131d\u0131r<\/strong>. M\u00fcxt\u0259lif s\u0259naye sah\u0259l\u0259ri aras\u0131nda \u0259n \u00e7ox itki avtomobil istehsal\u0131 v\u0259 n\u0259qliyyat s\u0259nayesind\u0259, x\u00fcsus\u0259n d\u0259 g\u0259miqay\u0131rma v\u0259 logistika il\u0259 \u0259laq\u0259li \u015firk\u0259tl\u0259rd\u0259 qeyd\u0259 al\u0131n\u0131b. Mikroelektronika istehsal\u00e7\u0131lar\u0131 da h\u0259d\u0259f\u0259l\u0259r aras\u0131ndad\u0131r.<\/p>\n\n\n\n

\u0130qtisadiyyat\u0131n t\u0259sir\u0259 m\u0259ruz qalan m\u00fcxt\u0259lif \u201creal\u201d sektorlar\u0131.<\/strong> Metallurgiya, \u0259cza\u00e7\u0131l\u0131q, m\u0259d\u0259n\u00e7\u0131xarma, qida istehsal\u0131 v\u0259 bir \u00e7ox ba\u015fqa sah\u0259l\u0259r h\u00fccumlara m\u0259ruz qal\u0131b. Qurbanlar aras\u0131nda h\u0259tta m\u0259\u015fhur snoubord (qarda s\u00fcr\u00fc\u015fm\u0259k \u00fc\u00e7\u00fcn l\u00f6vh\u0259) avadanl\u0131\u011f\u0131, geyim v\u0259 t\u0259chizat m\u0259hsullar\u0131 istehsal\u00e7\u0131s\u0131 v\u0259 iki yan\u011f\u0131ns\u00f6nd\u00fcrm\u0259 avadanl\u0131\u011f\u0131 istehsal\u00e7\u0131s\u0131 da var. Tezlikl\u0259, spesifik sah\u0259l\u0259rd\u0259 \u00e7al\u0131\u015fan t\u0259\u015fkilatlar\u0131n bu c\u00fcr siyah\u0131larda g\u00f6r\u00fcnm\u0259si art\u0131q t\u0259\u0259cc\u00fcb do\u011furmaya bil\u0259r.<\/p>\n\n\n\n

Z\u0259r\u0259r\u00e7\u0259kmi\u015fl\u0259r siyah\u0131s\u0131nda<\/strong><\/a> \u00e7ox sayda b\u00f6y\u00fck t\u0259\u015fkilatlar v\u0259 m\u0259\u015fhur adlar var<\/strong>. Bununla bel\u0259, bir \u00e7ox bu c\u00fcr t\u0259\u015fkilatlar h\u00fccumun ba\u015f verdiyi sistem bo\u015fluqlar\u0131n\u0131n t\u0259f\u0259rr\u00fcatlar\u0131n\u0131 a\u00e7\u0131qlamama\u011fa \u00e7al\u0131\u015f\u0131r v\u0259 buna g\u00f6r\u0259 d\u0259 z\u0259r\u0259rin miqyas\u0131 bar\u0259d\u0259 fikir \u0259ld\u0259 etm\u0259k \u00e7\u0259tinl\u0259\u015fir. B\u0259zi m\u00fc\u0259ssis\u0259l\u0259r m\u0259nfi n\u0259tic\u0259l\u0259rd\u0259n qorxaraq bu c\u00fcr faktlar\u0131 inkar edirl\u0259r. Bundan \u0259lav\u0259, bir \u00e7oxlar\u0131 t\u0259hl\u00fck\u0259y\u0259 m\u0259ruz qald\u0131qlar\u0131ndan x\u0259b\u0259rsiz ola bil\u0259rl\u0259r.<\/p>\n\n\n\n

Yay\u0131lm\u0131\u015f h\u00fccum vektoru.<\/strong> \u018fn az\u0131 \u00fc\u00e7 korporasiya iki f\u0259rqli MFT (Managed File Transfer) m\u0259hsulunda aradan qald\u0131r\u0131lmayan z\u0259iflik \u00fcz\u0259rind\u0259n t\u0259hl\u00fck\u0259y\u0259 m\u0259ruz qal\u0131b. B\u00f6y\u00fck t\u0259\u015fkilatlar t\u0259r\u0259find\u0259n, o c\u00fcml\u0259d\u0259n informasiya t\u0259hl\u00fck\u0259sizliyini t\u0259min etm\u0259k \u00fc\u00e7\u00fcn istifad\u0259 edil\u0259n bu tip h\u0259ll\u0259r bir daha m\u00fc\u015ft\u0259ril\u0259ri \u00fc\u00e7\u00fcn t\u0259hl\u00fck\u0259sizlik probleml\u0259rinin m\u0259nb\u0259yin\u0259 \u00e7evrilir. B\u00f6y\u00fck s\u0259naye m\u00fc\u0259ssis\u0259l\u0259ri tez-tez yaln\u0131z texnoloji \u015f\u0259b\u0259k\u0259l\u0259rd\u0259 deyil, h\u0259m d\u0259 \u00f6z \u015f\u0259b\u0259k\u0259l\u0259rinin perimetri daxilind\u0259 t\u0259hl\u00fck\u0259li z\u0259iflikl\u0259ri tez aradan qald\u0131ra bilmirl\u0259r.<\/p>\n\n\n\n

H\u00fccumlar\u0131n n\u0259tic\u0259l\u0259ri<\/strong>. Kiberh\u00fccumlar n\u0259inki m\u0259lumat s\u0131zmas\u0131 v\u0259 daxili \u0130T sisteml\u0259rinin axsamas\u0131na g\u0259tirib \u00e7\u0131xar\u0131r, h\u0259m d\u0259 birba\u015fa olaraq istehsal v\u0259 da\u015f\u0131malar\u0131n planla\u015fd\u0131r\u0131lmam\u0131\u015f dayand\u0131r\u0131lmas\u0131na s\u0259b\u0259b olur, b\u0259zi hallarda is\u0259 h\u0259tta h\u0259ft\u0259l\u0259rl\u0259 davam edir v\u0259 birba\u015fa y\u00fcz milyonlarla dollar h\u0259cmind\u0259 itkil\u0259r\u0259 s\u0259b\u0259b olur.<\/p>\n\n\n\n

\u201cCinay\u0259t motivli h\u00fccumlar b\u00fct\u00fcn d\u00fcnyada s\u0259naye t\u0259\u015fkilatlar\u0131n\u0131n b\u0259las\u0131na \u00e7evrilir, iqtisadiyyat\u0131n \u0259ks\u0259r real sektorlar\u0131na yol tap\u0131r v\u0259 insanlar\u0131n g\u00fcnd\u0259lik h\u0259yat\u0131na m\u0259nfi t\u0259sir g\u00f6st\u0259rir. X\u00fcsusil\u0259, son alt\u0131 ayda iqtisadiyyat\u0131n \u0259n \u00e7ox h\u00fccuma m\u0259ruz qalan sah\u0259l\u0259rinin siyah\u0131s\u0131na elektroenergetika s\u0259nayesi, o c\u00fcml\u0259d\u0259n ixtisasla\u015fd\u0131r\u0131lm\u0131\u015f avadanl\u0131q kompleksl\u0259ri, proqram t\u0259minat\u0131 istehsal\u00e7\u0131lar\u0131 v\u0259 m\u00fcvafiq xidm\u0259tl\u0259rin t\u0259chizat\u00e7\u0131lar\u0131 daxil edilib. Xat\u0131rlad\u0131r\u0131q ki, ist\u0259nil\u0259n sektorun v\u0259 ist\u0259nil\u0259n n\u00f6v m\u00fc\u0259ssis\u0259l\u0259rin menecerl\u0259ri kibert\u0259hl\u00fck\u0259sizlik riskl\u0259rini diqq\u0259t m\u0259rk\u0259zind\u0259 saxlamal\u0131 v\u0259 laz\u0131mi t\u0259dbirl\u0259r g\u00f6rm\u0259lidirl\u0259r\u201d, – dey\u0259 \u201cKaspersky ICS CERT\u201din r\u0259hb\u0259ri Yevgeni Qon\u00e7arov bildirir.<\/p>\n\n\n\n

2023-c\u00fc ilin birinci yar\u0131s\u0131nda ba\u015f vermi\u015f \u0259sas s\u0259naye kibert\u0259hl\u00fck\u0259sizliyi insidentl\u0259rinin \u0259trafl\u0131 icmal\u0131 \u201c\u018fsas s\u0259naye kibert\u0259hl\u00fck\u0259sizliyi insidentl\u0259rinin q\u0131sa icmal\u0131\u201d hesabat\u0131nda m\u00f6vcuddur<\/strong>: https:\/\/ics-cert.kaspersky.ru\/publications\/reports\/2023\/10\/05\/h1-2023-a-brief-overview-of-main-incidents-in-industrial-cybersecurity\/<\/a>.<\/p>\n\n\n\n

A\u0130S (avtomatla\u015fd\u0131r\u0131lm\u0131\u015f idar\u0259etm\u0259 sistemi) komp\u00fcterl\u0259rini kiber t\u0259hl\u00fck\u0259l\u0259rd\u0259n qorumaq \u00fc\u00e7\u00fcn \u201cKaspersky\u201d t\u00f6vsiy\u0259 edir:<\/p>\n\n\n\n