Wikipedia

Serangan perangkat pemeras WannaCry: Perbedaan antara revisi

Jelajahi riwayat secara interaktif
← Revisi sebelumnyaRevisi selanjutnya →
Konten dihapus Konten ditambahkan
VisualTeks wiki
InternetArchiveBot (bicara | kontrib)
Bot
695.977 suntingan
Rescuing 1 sources and tagging 0 as dead.) #IABot (v2.0.8
InternetArchiveBot (bicara | kontrib)
Bot
695.977 suntingan
Rescuing 1 sources and tagging 0 as dead.) #IABot (v2.0.8.2
Baris 66:
== Serangan siber ==
[[Berkas:Countries initially affected in WannaCry ransomware attack.svg|al=|jmpl|Negara awalnya terpengaruh<ref>{{cite web|url=http://www.bbc.com/news/world-europe-39907965|title=Cyber-attack: Europol says it was unprecedented in scale|date=13 May 2017|publisher=|via=www.bbc.com}}</ref>]]
Pada tanggal 12 Mei 2017, WannaCry mulai mempengaruhi komputer di seluruh dunia.<ref>{{cite web|last1=Newman|first1=Lily Hay|title=The Ransomware Meltdown Experts Warned About Is Here|url=https://www.wired.com/2017/05/ransomware-meltdown-experts-warned/|website=Wired.com|access-date=13 May 2017}}</ref> Infeksi awal mungkin disebabkan oleh kerentanan pertahanan jaringan atau [[Pengelabuan|serangan pengelabuan tombak]] yang sangat bagus.<ref>{{Cite news|url=https://arstechnica.com/security/2017/05/an-nsa-derived-ransomware-worm-is-shutting-down-computers-worldwide/|title=An NSA-derived ransomware worm is shutting down computers worldwide|last=Goodin|first=Dan|work=ARS Technica|access-date=2017-05-14|language=en-US}}</ref> Saat dieksekusi, malware pertama kali memeriksa "kill switch" [[nama domain]]. Jika tidak ditemukan, maka ransomware mengenkripsi data komputer,<ref name=":1">{{Cite news|url=http://www.telegraph.co.uk/news/2017/05/12/russian-linked-cyber-gang-shadow-brokers-blamed-nhs-computer/|title=Russian-linked cyber gang blamed for NHS computer hack using bug stolen from US spy agency|work=The Telegraph|access-date=12 May 2017|language=en-GB}}</ref><ref name=syma /><ref>{{Cite news|url=https://www.nytimes.com/2017/05/12/world/europe/uk-national-health-service-cyberattack.html|title=Hackers Hit Dozens of Countries Exploiting Stolen N.S.A. Tool|last=Bilefsky|first=Dan|date=12 May 2017|work=The New York Times|access-date=12 May 2017|last2=Perlroth|first2=Nicole|issn=0362-4331}}</ref> kemudian mencoba untuk memanfaatkan kerentanan SMB untuk menyebar ke komputer acak di Internet,<ref name=mbytes>{{cite web|last1=Clark|first1=Zammis|title=The worm that spreads WanaCrypt0r|url=https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/|website=Malwarebytes Labs|publisher=malwarebytes.com|access-date=13 May 2017}}</ref> dan "lateral" ke komputer pada [[Jaringan area lokal]] yang sama.<ref>{{cite web|last1=Samani|first1=Raj|title=An Analysis of the WANNACRY Ransomware outbreak|url=https://securingtomorrow.mcafee.com/executive-perspectives/analysis-wannacry-ransomware-outbreak/|publisher=McAfee|access-date=13 May 2017|archive-date=2017-05-13|archive-url=https://web.archive.org/web/20170513130044/https://securingtomorrow.mcafee.com/executive-perspectives/analysis-wannacry-ransomware-outbreak/|dead-url=yes}}</ref> Seperti pada perangkat pemeras modern lainnya, muatan menampilkan pesan yang menginformasikan pengguna bahwa file telah dienkripsi, dan menuntut pembayaran sekitar $300 dalam [[bitcoin]] dalam tiga hari atau $600 dalam waktu tujuh hari.<ref name=syma>{{cite web|title=What you need to know about the WannaCry Ransomware|url=https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware|publisher=Symantec Security Response|accessdate=14 May 2017}}</ref><ref>{{Cite news|url=https://www.wsj.com/articles/more-cyberattack-victims-emerge-as-agencies-search-for-clues-1494671938|title=More Cyberattack Victims Emerge as Agencies Search for Clues|last=Thomas|first=Andrea|date=2017-05-13|work=Wall Street Journal|access-date=2017-05-14|last2=Grove|first2=Thomas|issn=0099-9660|last3=Gross|first3=Jenny}}</ref>
 
Kerentanan Windows bukanlah cacat [[zero-day (komputasi)|zero-day]], tapi satu di antaranya Microsoft menyediakan [[Tambalan (komputasi)|tambalan keamanan]] pada tanggal 14 Maret 2017,<ref name="microsoft.com" /> Hampir dua bulan sebelum serangan. Tambalan ke protokol Server Message Block (SMB) yang digunakan oleh Windows.<ref name=exploit>{{cite news|url=http://www.eweek.com/security/wannacry-ransomware-attack-hits-victims-with-microsoft-smb-exploit|title=WannaCry Ransomware Attack Hits Victims With Microsoft SMB Exploit|work=[[eWeek]]|access-date=13 May 2017}}</ref><ref name="hei">{{cite web|title=WannaCry: BSI ruft Betroffene auf, Infektionen zu melden|url=https://www.heise.de/newsticker/meldung/WannaCry-BSI-ruft-Betroffene-auf-Infektionen-zu-melden-3713442.html|publisher=heise online|accessdate=14 May 2017|language=de-DE}}</ref> Organisasi yang kekurangan tambalan keamanan ini terpengaruh karena alasan ini, walaupun sejauh ini tidak ada bukti bahwa ada yang secara khusus ditargetkan oleh pengembang perangkat pemeras.<ref name=exploit /> Setiap organisasi masih menjalankan [[Windows XP]] lama<ref name=vicexp>{{cite web|url=https://motherboard.vice.com/en_us/article/nhs-hospitals-are-running-thousands-of-computers-on-unsupported-windows-xp|title=NHS Hospitals Are Running Thousands of Computers on Unsupported Windows XP|website=Motherboard|access-date=13 May 2017}}</ref> sangat berisiko tinggi karena sampai 13 Mei,<ref name="microsoftreleases" /> tidak ada tambalan keamanan yang telah dirilis sejak April 2014.<ref>{{cite web|url=https://www.microsoft.com/en-gb/windowsforbusiness/end-of-xp-support|title=Windows XP End of Support|website=www.microsoft.com|access-date=13 May 2017}}</ref> Setelah serangan tersebut, Microsoft merilis tambalan keamanan untuk Windows XP.<ref name="microsoftreleases" />
Diperoleh dari "https://wiki-indonesia.club/wiki/Serangan_perangkat_pemeras_WannaCry"