{"id":10238,"date":"2025-01-29T10:56:45","date_gmt":"2025-01-29T13:56:45","guid":{"rendered":"https:\/\/www.ecommerceupdate.com.br\/?p=10238"},"modified":"2025-01-29T11:00:24","modified_gmt":"2025-01-29T14:00:24","slug":"golpe-gerado-por-ia-sera-desafio-da-ciberseguranca-em-2025-2","status":"publish","type":"post","link":"https:\/\/www.ecommerceupdate.com.br\/sk\/golpe-gerado-por-ia-sera-desafio-da-ciberseguranca-em-2025-2\/","title":{"rendered":"Podvod vytvoren\u00fd AI bude v roku 2025 v\u00fdzvou pre kybernetick\u00fa bezpe\u010dnos\u0165"},"content":{"rendered":"<p>V posledn\u00fdch rokoch sa kybernetick\u00e1 bezpe\u010dnos\u0165 st\u00e1va pre organiz\u00e1cie \u010doraz relevantnej\u0161ou t\u00e9mou, najm\u00e4 vzh\u013eadom na v\u00fdrazn\u00fd n\u00e1rast kybernetick\u00fdch \u00fatokov. Tento rok bude v\u00fdzva e\u0161te zlo\u017eitej\u0161ia, s vyu\u017e\u00edvan\u00edm umelej inteligencie na viacer\u00fdch frontoch zlo\u010dincami, ako aj so zvy\u0161uj\u00facou sa zlo\u017eitos\u0165ou digit\u00e1lnych syst\u00e9mov a sofistikovanos\u0165ou techn\u00edk pou\u017e\u00edvan\u00fdch kyberzlo\u010dincami.<\/p>\n\n\n\n<p>Obrann\u00e9 strat\u00e9gie sa bud\u00fa musie\u0165 vyvin\u00fa\u0165, aby rie\u0161ili nov\u00e9 v\u00fdzvy, ako je v\u00fdrazn\u00fd n\u00e1rast exfiltr\u00e1cie platn\u00fdch poveren\u00ed a vyu\u017e\u00edvanie nespr\u00e1vnych konfigur\u00e1ci\u00ed v cloudov\u00fdch prostrediach. V r\u00e1mci tejto perspekt\u00edvy uv\u00e1dzame hlavn\u00e9 hrozby, ktor\u00e9 by mali CISO v roku 2025 usp\u00e1va\u0165:<\/p>\n\n\n\n<p><strong>Prim\u00e1rnym cie\u013eom bud\u00fa platn\u00e9 poverenia<\/strong><\/p>\n\n\n\n<p>Index IBM Threat Intelligence Index z roku 2024 pouk\u00e1zal na n\u00e1rast \u00fatokov 71% zameran\u00fdch na exfiltr\u00e1ciu platn\u00fdch poveren\u00ed. V sektore slu\u017eieb sa najmenej 46% incidentov vyskytlo s platn\u00fdmi \u00fa\u010dtami, zatia\u013e \u010do v odvetv\u00ed to bolo 31%.<\/p>\n\n\n\n<p>Prv\u00fdkr\u00e1t v roku 2024, vyu\u017eitie platn\u00fdch \u00fa\u010dtov sa stal najbe\u017enej\u0161\u00edm vstupn\u00fdm bodom do syst\u00e9mu, \u00fa\u010dtovanie 30% v\u0161etk\u00fdch incidentov.To ukazuje, \u017ee je jednoduch\u0161ie pre kyberzlo\u010dincov ukradn\u00fa\u0165 poverenia, ne\u017e zneu\u017ei\u0165 zranite\u013enosti alebo spolieha\u0165 sa v\u00fdlu\u010dne na phishing \u00fatoky.<\/p>\n\n\n\n<p><strong>Nespr\u00e1vna konfigur\u00e1cia obla\u010dnosti s\u00fa spolo\u010dnosti Achilles heel<\/strong><\/p>\n\n\n\n<p>Pri to\u013ek\u00fdch spolo\u010dnostiach vyu\u017e\u00edvaj\u00facich cloudov\u00e9 prostredie je prirodzen\u00e9, \u017ee zlo\u017eitos\u0165 spr\u00e1vy prostredia sa len zvy\u0161uje, ako aj v\u00fdzvy a \u0165a\u017ekosti so \u0161pecializovanou pr\u00e1cou. Niektor\u00e9 z naj\u010dastej\u0161\u00edch d\u00f4vodov naru\u0161enia \u00fadajov v cloude s\u00favisia s nespr\u00e1vnymi konfigur\u00e1ciami cloudov\u00fdch prostred\u00ed: ch\u00fdbaj\u00face kontroly pr\u00edstupu, \u00falo\u017en\u00e9 segmenty, ktor\u00e9 nie s\u00fa chr\u00e1nen\u00e9, alebo neefekt\u00edvna implement\u00e1cia bezpe\u010dnostn\u00fdch polit\u00edk.<\/p>\n\n\n\n<p>V\u00fdhody cloud computingu je potrebn\u00e9 vyv\u00e1\u017ei\u0165 d\u00f4kladn\u00fdm monitorovan\u00edm a bezpe\u010dn\u00fdmi konfigur\u00e1ciami, aby sa zabr\u00e1nilo vystaveniu citliv\u00fdch \u00fadajov. Vy\u017eaduje si to celoorganiza\u010dn\u00fa strat\u00e9giu zabezpe\u010denia cloudu: nepretr\u017eit\u00fd audit, spr\u00e1vne riadenie identity a pr\u00edstupu a automatiz\u00e1ciu n\u00e1strojov a procesov na zis\u0165ovanie nespr\u00e1vnych konfigur\u00e1ci\u00ed sk\u00f4r, ako sa stan\u00fa bezpe\u010dnostn\u00fdmi incidentmi.<\/p>\n\n\n\n<p><strong>Zlo\u010dinci pou\u017eij\u00fa viacero techn\u00edk \u00fatoku<\/strong><\/p>\n\n\n\n<p>\u010casy, kedy \u00fatoky zasiahli jeden produkt alebo zranite\u013enos\u0165, s\u00fa pre\u010d Tento rok bude jedn\u00fdm z najznepokojuj\u00facej\u0161\u00edch trendov v oblasti kybernetickej bezpe\u010dnosti rast\u00face vyu\u017e\u00edvanie viacvektorov\u00fdch \u00fatokov a viacstup\u0148ov\u00fdch pr\u00edstupov.<\/p>\n\n\n\n<p>Kyberzlo\u010dinci pou\u017e\u00edvaj\u00fa kombin\u00e1ciu taktiky, techniky a postupov (TTP), zasiahnu\u0165 viac oblast\u00ed naraz naru\u0161i\u0165 obrany.Bude tie\u017e n\u00e1rast sofistikovanosti a vyh\u00fdbanie sa webov\u00e9 \u00fatoky, s\u00fabory-zalo\u017een\u00e9 \u00fatoky, DNS-zalo\u017een\u00e9 \u00fatoky a ransomware \u00fatoky, ktor\u00e9 s\u0165a\u017eia tradi\u010dn\u00e9 a izolovan\u00e9 bezpe\u010dnostn\u00e9 n\u00e1stroje \u00fa\u010dinne br\u00e1ni\u0165 proti modern\u00fdm hrozb\u00e1m.<\/p>\n\n\n\n<p><strong>Razomware generovan\u00fd AI exponenci\u00e1lne zv\u00fd\u0161i hrozby<\/strong><\/p>\n\n\n\n<p>V roku 2024 pre\u0161lo ransomv\u00e9rov\u00e9 prostredie hlbokou transform\u00e1ciou, ktor\u00e1 sa vyzna\u010duje \u010doraz sofistikovanej\u0161\u00edmi a agres\u00edvnej\u0161\u00edmi strat\u00e9giami kybernetick\u00e9ho vydierania. Zlo\u010dinci sa vyvinuli nad r\u00e1mec tradi\u010dn\u00fdch \u00fatokov zalo\u017een\u00fdch na \u0161ifrovan\u00ed, priekopn\u00edckych techn\u00edk dvojit\u00e9ho a trojit\u00e9ho vydierania, ktor\u00e9 exponenci\u00e1lne zvy\u0161uj\u00fa tlak na cie\u013eov\u00e9 organiz\u00e1cie. Tieto pokro\u010dil\u00e9 pr\u00edstupy zah\u0155\u0148aj\u00fa nielen \u0161ifrovanie \u00fadajov, ale aj strategick\u00fa exfiltr\u00e1ciu citliv\u00fdch inform\u00e1ci\u00ed a ohrozenie ich zverejnenia, \u010do n\u00fati obete zv\u00e1\u017ei\u0165 platby v\u00fdkupn\u00e9ho, aby sa vyhli potenci\u00e1lnej pr\u00e1vnej ujme a po\u0161kodeniu dobr\u00e9ho mena.<\/p>\n\n\n\n<p>Vznik platforiem Ransomware-as-a-Service (RaaS) demokratizoval po\u010d\u00edta\u010dov\u00fa kriminalitu, \u010do umo\u017e\u0148uje menej technicky kvalifikovan\u00fdm zlo\u010dincom sp\u00fa\u0161\u0165a\u0165 komplexn\u00e9 \u00fatoky s minim\u00e1lnymi znalos\u0165ami. Kriticky sa tieto \u00fatoky \u010doraz viac zameriavaj\u00fa na sektory s vysokou hodnotou, ako je zdravotn\u00edctvo, kritick\u00e1 infra\u0161trukt\u00fara a finan\u010dn\u00e9 slu\u017eby, \u010do demon\u0161truje strategick\u00fd pr\u00edstup k maximaliz\u00e1cii potenci\u00e1lnych v\u00fdnosov v\u00fdkupn\u00e9ho.<\/p>\n\n\n\n<p>Po\u010d\u00edta\u010dov\u00ed zlo\u010dinci teraz vyu\u017e\u00edvaj\u00fa AI na automatiz\u00e1ciu vytv\u00e1rania kampan\u00ed, efekt\u00edvnej\u0161iu identifik\u00e1ciu slab\u00fdch miest syst\u00e9mu a optimaliz\u00e1ciu doru\u010dovania ransomv\u00e9ru. Integr\u00e1cia vysokov\u00fdkonn\u00fdch blockchainov\u00fdch technol\u00f3gi\u00ed a vyu\u017e\u00edvanie platforiem decentralizovan\u00e9ho financovania (DeFi) poskytuj\u00fa dodato\u010dn\u00e9 mechanizmy na r\u00fdchly pohyb fondov a zahmlievanie transakci\u00ed, \u010do predstavuje v\u00fdznamn\u00e9 v\u00fdzvy pre sledovanie a z\u00e1sah \u00faradov.<\/p>\n\n\n\n<p><strong>Probl\u00e9mom bud\u00fa phishingov\u00e9 \u00fatoky generovan\u00e9 AI<\/strong><\/p>\n\n\n\n<p>Pou\u017eitie generat\u00edvnej AI pri vytv\u00e1ran\u00ed phishingov\u00fdch \u00fatokov po\u010d\u00edta\u010dov\u00fdmi zlo\u010dincami rob\u00ed phishingov\u00e9 e-maily prakticky na nerozoznanie od legit\u00edmnych spr\u00e1v. Minul\u00fd rok pod\u013ea Palo Alto Networks do\u0161lo k n\u00e1rastu 30% v \u00faspe\u0161n\u00fdch pokusoch o phishing, ke\u010f s\u00fa e-maily nap\u00edsan\u00e9 alebo prep\u00edsan\u00e9 generat\u00edvnymi syst\u00e9mami AI. \u013dudia sa stan\u00fa e\u0161te menej spo\u013eahliv\u00fdmi ako posledn\u00e1 l\u00ednia obrany a spolo\u010dnosti sa bud\u00fa spolieha\u0165 na pokro\u010dil\u00fa bezpe\u010dnostn\u00fa ochranu poh\u00e1\u0148an\u00fa AI na obranu proti t\u00fdmto sofistikovan\u00fdm \u00fatokom.<\/p>\n\n\n\n<p><strong>Kvantov\u00e9 v\u00fdpo\u010dty vytvoria bezpe\u010dnostn\u00fa v\u00fdzvu<\/strong><\/p>\n\n\n\n<p>Vlani v okt\u00f3bri \u010d\u00ednski vedci uviedli, \u017ee pou\u017eili kvantov\u00fd po\u010d\u00edta\u010d na prelomenie met\u00f3dy \u0161ifrovania RSA, ktor\u00e1 sa dnes \u0161iroko pou\u017e\u00edva. Vedci pou\u017eili 50-bitov\u00fd k\u013e\u00fa\u010d IO, ktor\u00fd je mal\u00fd v porovnan\u00ed s modernej\u0161\u00edmi \u0161ifrovac\u00edmi k\u013e\u00fa\u010dmi, zvy\u010dajne 1024 a\u017e 2048 bitov.<\/p>\n\n\n\n<p>Teoreticky m\u00f4\u017ee kvantov\u00e9mu po\u010d\u00edta\u010du trva\u0165 len nieko\u013eko sek\u00fand, k\u00fdm vyrie\u0161i probl\u00e9m, ktor\u00fd by konven\u010dn\u00fdm po\u010d\u00edta\u010dom trval mili\u00f3ny rokov, preto\u017ee kvantov\u00e9 stroje dok\u00e1\u017eu spracov\u00e1va\u0165 v\u00fdpo\u010dty paralelne, a nie len postupne, ako to robia v s\u00fa\u010dasnosti. Hoci kvantov\u00e9 \u00fatoky s\u00fa e\u0161te nieko\u013eko rokov, organiz\u00e1cie by sa mali za\u010da\u0165 pripravova\u0165 u\u017e teraz.<\/p>","protected":false},"excerpt":{"rendered":"<p>Nos \u00faltimos anos, a ciberseguran\u00e7a tem se tornado um tema cada vez mais relevante para as organiza\u00e7\u00f5es, especialmente diante do aumento significativo dos ataques cibern\u00e9ticos. Neste ano, o desafio ser\u00e1 ainda mais complexo, com o uso da Intelig\u00eancia Artificial em v\u00e1rias frentes por parte dos criminosos \u2013 bem como a crescente complexidade dos sistemas digitais [&hellip;]<\/p>\n","protected":false},"author":257,"featured_media":10240,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[35,37],"tags":[47,43,48],"class_list":{"0":"post-10238","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-artigos","8":"category-tendencias","9":"tag-artigos","10":"tag-e-commerce","11":"tag-tendencias"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/posts\/10238","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/users\/257"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/comments?post=10238"}],"version-history":[{"count":0,"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/posts\/10238\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/media\/10240"}],"wp:attachment":[{"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/media?parent=10238"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/categories?post=10238"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ecommerceupdate.com.br\/sk\/wp-json\/wp\/v2\/tags?post=10238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}