Fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131lar\u0131n\u0131 durdurmak i\u00e7in en etkili strateji, bunlar\u0131n kurulu\u015funuza girmesini \u00f6nlemeye ba\u011fl\u0131d\u0131r. \u0130\u015fletmelerin faaliyet g\u00f6stermek i\u00e7in gerek duydu\u011fu uygulama ve hizmet say\u0131s\u0131 giderek artmaktad\u0131r. Bu durum, a\u011f, SaaS tabanl\u0131 uygulamalar ve u\u00e7 noktalar da dahil olmak \u00fczere etkisiz koruma \u00f6nlemlerine sahip sald\u0131r\u0131 y\u00fczeyinin artmas\u0131yla sonu\u00e7lanmaktad\u0131r. Tehdit akt\u00f6rleri daha becerikli hale geldik\u00e7e, yeni sald\u0131r\u0131lar, iyile\u015ftirilen veya yamalar uygulanan g\u00fcvenlik a\u00e7\u0131klar\u0131ndan daha h\u0131zl\u0131 yay\u0131lmaktad\u0131r. Sonu\u00e7 olarak kurulu\u015flar\u0131n, g\u00fcvenlik platformlar\u0131n\u0131 b\u00fct\u00fcnsel olarak d\u00fc\u015f\u00fcnmeye ba\u015flamas\u0131 gerekmektedir.<\/p>\n
TESP\u0130TTEN \u00d6NLEMEYE GE\u00c7\u0130\u015e<\/strong><\/p>\n Eski siber g\u00fcvenlik yakla\u015f\u0131mlar\u0131 \u00f6ncelikle tespit ve iyile\u015ftirme odakl\u0131yd\u0131 ancak bu yakla\u015f\u0131m art\u0131k etkili de\u011fildir. Bir fidye yaz\u0131l\u0131m sald\u0131r\u0131s\u0131n\u0131 \u00f6nlemek i\u00e7in, uygulamada tespit a\u015famas\u0131ndan \u00f6nlemeye ge\u00e7mek esast\u0131r. Sald\u0131r\u0131lar\u0131, kurulu\u015funuza bula\u015f\u0131p zarara yol a\u00e7madan \u00f6nce durdurman\u0131z gerekir. \u00dc\u00e7 temel unsuru bulunan bu ge\u00e7i\u015fi m\u00fcmk\u00fcn k\u0131lmak i\u00e7in, kurulu\u015flar uygun g\u00fcvenlik yakla\u015f\u0131mlar\u0131na sahip olmal\u0131d\u0131r:<\/p>\n <\/p>\n Sald\u0131r\u0131 y\u00fczeyini azaltmak i\u00e7in a\u011f\u0131n\u0131zdaki trafi\u011fi uygulamalar, tehditler ve kullan\u0131c\u0131 davran\u0131\u015f\u0131 \u00e7ap\u0131nda tamam\u0131yla g\u00f6rebilmelisiniz. A\u011f\u0131n\u0131zda neler oldu\u011funu siz bilmiyorsan\u0131z, muhtemelen bir sald\u0131rgan biliyordur ve bu bilgiyi a\u011f\u0131n\u0131za girmek i\u00e7in kullanacakt\u0131r. Etkinli\u011fi s\u0131n\u0131fland\u0131rmak, neye izin verilece\u011fine dair do\u011fru kararlar alman\u0131z\u0131 sa\u011flar ve daha fazla ara\u015ft\u0131rma gerektiren bilinmeyen olaylar\u0131 \u00f6ne \u00e7\u0131kar\u0131r. Bu g\u00f6r\u00fcn\u00fcrl\u00fck sayesinde bilinmeyen trafi\u011fi engellemek, geli\u015fmi\u015f sald\u0131r\u0131lar\u0131 saptamak veya yaln\u0131zca ge\u00e7erli bir i\u015f amac\u0131na sahip uygulamalar\u0131 etkinle\u015ftirmek gibi ad\u0131mlar atabilirsiniz.<\/p>\n Trafik s\u0131n\u0131rland\u0131r\u0131ld\u0131ktan sonra uygulama ve kullan\u0131c\u0131 tabanl\u0131 ilkelerin uygulanmas\u0131 gerekir. A\u011f\u0131n belli b\u00f6l\u00fcmlerinin ve belli kullan\u0131c\u0131 gruplar\u0131n\u0131n belli uygulamalar\u0131na eri\u015fimi s\u0131n\u0131rland\u0131ran bu ilkeler i\u00e7in sonsuz say\u0131da perm\u00fctasyon vard\u0131r. Y\u00fcksek g\u00f6r\u00fcn\u00fcrl\u00fck ve do\u011fru ilkelerle, sald\u0131rganlar\u0131n a\u011f\u0131n\u0131za k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m sald\u0131r\u0131s\u0131nda bulunmak i\u00e7in kulland\u0131\u011f\u0131 y\u00f6ntemlerin b\u00fcy\u00fck \u00e7o\u011funlu\u011fu ortada kald\u0131r\u0131labilir.<\/p>\n Sald\u0131r\u0131 y\u00fczeyini daha da azaltmak i\u00e7in, tehlikeli olan ve olabilecek t\u00fcm dosya t\u00fcrlerini engellemelisiniz. T\u00fcm dosya t\u00fcrleri k\u00f6t\u00fc ama\u00e7l\u0131 olmasa da bu y\u00f6nde y\u00fcksek risk ta\u015f\u0131yanlar engellenmelidir. Tehlikeli dosya t\u00fcrleri engellendikten sonra, risk tolerans\u0131n\u0131za uygun ilkelerin uygulanmas\u0131 gerekir. Kullan\u0131c\u0131lar\u0131n kritik a\u011f kaynaklar\u0131na giden uyumsuz u\u00e7 noktalara ba\u011flanmas\u0131 \u00f6nlenmelidir.<\/p>\n <\/p>\n Sald\u0131r\u0131 y\u00fczeyinizi azaltt\u0131ktan sonraki ad\u0131m, bilinen tehditlerin \u00f6nlenmesidir. Bunu yapmak i\u00e7in bilinen istismarlar\u0131n, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131n ve komuta-kontrol trafi\u011finin a\u011f\u0131n\u0131za girmesini engellemelisiniz. Bunlar engellenince sald\u0131r\u0131 d\u00fczenlemenin maliyeti artaca\u011f\u0131ndan, sald\u0131rganlar yeni k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m t\u00fcrleri olu\u015fturmaya ve daha az bilinen g\u00fcvenlik a\u00e7\u0131klar\u0131na kar\u015f\u0131 yeni istismarlar ba\u015flatmaya mecbur b\u0131rak\u0131l\u0131r ve bu sayede sald\u0131r\u0131 olas\u0131l\u0131\u011f\u0131 azal\u0131r.<\/p>\n Ayr\u0131ca kullan\u0131c\u0131lar\u0131n yanl\u0131\u015fl\u0131kla k\u00f6t\u00fc ama\u00e7l\u0131 veri y\u00fckleri indirmesini ya da bilinen k\u00f6t\u00fc ama\u00e7l\u0131 ve kimlik av\u0131 ama\u00e7l\u0131 URL\u2019lere eri\u015fimlerini engelleyerek kimlik bilgilerinin \u00e7al\u0131nmas\u0131n\u0131 \u00f6nlemelisiniz. Bu tehditlerin engellenmesi, denklemden tamamen \u00e7\u0131kar\u0131lmalar\u0131n\u0131 sa\u011flar. Bilinen bu tehditler engellenince bilinen k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlara kar\u015f\u0131 SaaS tabanl\u0131 uygulamalar\u0131n\u0131z\u0131 taraman\u0131z gerekir. \u00c7\u00fcnk\u00fc bu yaz\u0131l\u0131mlar tehdit olu\u015fturmak amac\u0131yla gittik\u00e7e artan \u015fekilde kullan\u0131lmaktad\u0131r. Taramada saptanan t\u00fcm k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m ve istismarlar engellenmelidir. U\u00e7 noktadaki bilinen k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m ve istismarlar i\u00e7in de ayn\u0131s\u0131 yap\u0131lmal\u0131d\u0131r.<\/p>\n <\/p>\n Bilinen tehditler engellendikten sonra t\u00fcm bilinmeyen tehditlerin de engellenmesi \u015fartt\u0131r. \u00c7\u00fcnk\u00fc sald\u0131rganlar yeni s\u0131f\u0131r\u0131nc\u0131 g\u00fcn istismarlar\u0131 da\u011f\u0131tmaya ve yeni fidye yaz\u0131l\u0131m\u0131 t\u00fcrleri geli\u015ftirmeye devam ederler. \u0130lk ad\u0131m, dosyalar ve URL\u2019lerde bilinen tehditleri alg\u0131lamak ve analiz etmektir. Yeni dosyalar g\u00f6nderilirken, daha \u00f6nce g\u00f6r\u00fclmemi\u015f \u00f6\u011felerde k\u00f6t\u00fc ama\u00e7l\u0131 davran\u0131\u015f aramak, analiz etmek ve imha etmek esast\u0131r. Ek olarak, tehditlerin ba\u015far\u0131l\u0131 olmas\u0131n\u0131 \u00f6nlemek i\u00e7in koruma \u00f6nlemlerini g\u00fcvenlik altyap\u0131s\u0131n\u0131n farkl\u0131 b\u00f6l\u00fcmlerine m\u00fcmk\u00fcn oldu\u011fu kadar h\u0131zl\u0131 bi\u00e7imde aktarmal\u0131s\u0131n\u0131z. Bu, sald\u0131rgan\u0131, k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131, kampanyay\u0131 ve sald\u0131r\u0131yla ili\u015fkili risk g\u00f6stergelerini anlama ba\u011flam\u0131n\u0131 da i\u00e7ermelidir. Bilinmeyen tehditler ve \u015f\u00fcpheli davran\u0131\u015f e\u011filimleri saptan\u0131p engellenince, t\u00fcm eri\u015fim noktalar\u0131n\u0131n g\u00fcvenli\u011fini sa\u011flama almak i\u00e7in u\u00e7 noktadaki bilinmeyen k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar\u0131 ve istismarlar\u0131 da engelleyin.<\/p>\n Bu i\u015flemin nihai hedefi bilinmeyeni bilinir hale getirmek ve g\u00fcvenlik duru\u015funu yeni koruma olanaklar\u0131yla, sald\u0131rganlar\u0131n k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlar ve istismarlar geli\u015ftirmesinden daha h\u0131zl\u0131 iyile\u015ftirmektir.<\/p>\n","protected":false},"excerpt":{"rendered":" Fidye yaz\u0131l\u0131m\u0131 sald\u0131r\u0131lar\u0131n\u0131 durdurmak i\u00e7in en etkili strateji, bunlar\u0131n kurulu\u015funuza girmesini \u00f6nlemeye ba\u011fl\u0131d\u0131r. \u0130\u015fletmelerin faaliyet g\u00f6stermek i\u00e7in gerek duydu\u011fu uygulama ve hizmet say\u0131s\u0131 giderek artmaktad\u0131r. Bu durum, a\u011f, SaaS tabanl\u0131 uygulamalar ve …<\/p>\n","protected":false},"author":40,"featured_media":94575,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4827],"tags":[],"coauthors":[716],"class_list":["post-94573","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized-tr"],"jetpack_featured_media_url":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-content\/uploads\/2017\/04\/Cyberpedia-social-ad-linkedin-520x320.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/94573","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=94573"}],"version-history":[{"count":1,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/94573\/revisions"}],"predecessor-version":[{"id":94574,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/94573\/revisions\/94574"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/94575"}],"wp:attachment":[{"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=94573"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=94573"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=94573"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www2.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=94573"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
\n
\n
\n