检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:丁梅[1] 柳丹[1] 彭洋[1] DING Mei;LIU Dan;PENG Yang(Hubei Academy of Scientific and Technical Information,Wuhan 430071,China)
出 处:《软件导刊》2024年第6期121-127,共7页Software Guide
基 金:湖北省软科学研究计划项目(2023EDA006)。
摘 要:在国家促进数据安全产业发展的新环境下,科技信息在其数字化转型过程中面临勒索软件的威胁。从科技信息管理者的角度分析勒索软件攻击科技信息的成因,以及造成的区别于以往安全威胁的后果。依据数据安全与网络安全的相关理论和技术,分析被勒索软件Mallox攻击过程中产生的28597条相关日志数据和121539个被加密文件,从而了解Mallox的攻击及加密流程,提出预防勒索软件的方法:自查向互联网开放的服务和网络安全策略,评估服务器被入侵的风险;在日常监测中关注ID 4625的日志数量和安全设备日志,可识别攻击过程;采用异地存储备份、部署EDR服务、使用VPN等方式提高科技信息的安全性。In the new environment in which the country promotes the development of data security industry,scientific and technological intel-ligence has to face the threat of ransomware in its process of digital transformation.This paper analyzes the causes of ransomware attacking sci-entific and technological information from an angle of its administrators.To understand the encryption process,using the theories and technolo-gies of both data security and network security,this paper analyzes 28597 log data and 121539 encrypted files which were generated by the ransomware Mallox during its intrusion and brings up methods to avoid Mallox:self-inspection could assess the risk of a server being infected by Mallox through its services and network security strategies.It’s suggested to pay attention to the number of ID 4625 logs,and the logs of safety devices in daily monitoring.Administrators can enhance the security of scientific and technological intelligence information by storing backup data in other places,deploying EDR services,and using VPN.
关 键 词:数据安全 勒索软件 科技信息 信息安全 异地备份
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.239