{"id":332,"date":"2024-11-12T13:27:45","date_gmt":"2024-11-12T12:27:45","guid":{"rendered":"https:\/\/rumex.mendelu.cz\/bezpecnost\/?p=332"},"modified":"2024-11-12T13:29:14","modified_gmt":"2024-11-12T12:29:14","slug":"kyberneticky-utok-v-srdci-ceske-energetiky-varovani-pro-budoucnost-bezpecnosti-infrastruktury","status":"publish","type":"post","link":"https:\/\/rumex.mendelu.cz\/bezpecnost\/?p=332","title":{"rendered":"Kybernetick\u00fd \u00fatok v srdci \u010desk\u00e9 energetiky: varov\u00e1n\u00ed pro budoucnost bezpe\u010dnosti infrastruktury"},"content":{"rendered":"\n<p>V z\u00e1\u0159\u00ed 2022 se n\u011bkolik \u010desk\u00fdch energetick\u00fdch spole\u010dnost\u00ed stalo ter\u010dem sofistikovan\u00fdch kybernetick\u00fdch \u00fatok\u016f, kter\u00e9 vyu\u017e\u00edvaly metody soci\u00e1ln\u00edho in\u017een\u00fdrstv\u00ed. \u00dato\u010dn\u00edci prost\u0159ednictv\u00edm phishingov\u00fdch e-mail\u016f a podvodn\u00fdch telefon\u00e1t\u016f z\u00edskali p\u0159\u00edstup k intern\u00edm syst\u00e9m\u016fm t\u011bchto spole\u010dnost\u00ed, co\u017e vedlo k naru\u0161en\u00ed jejich provozu a potenci\u00e1ln\u00edm hrozb\u00e1m pro energetickou infrastrukturu \u010cesk\u00e9 republiky.<\/p>\n\n\n\n<p><strong>Pr\u016fb\u011bh \u00fatoku:<\/strong><\/p>\n\n\n\n<p>\u00dato\u010dn\u00edci zas\u00edlali zam\u011bstnanc\u016fm energetick\u00fdch spole\u010dnost\u00ed e-maily, kter\u00e9 se tv\u00e1\u0159ily jako ofici\u00e1ln\u00ed komunikace od d\u016fv\u011bryhodn\u00fdch instituc\u00ed. Tyto e-maily obsahovaly odkazy na fale\u0161n\u00e9 webov\u00e9 str\u00e1nky nebo \u0161kodliv\u00e9 p\u0159\u00edlohy, jejich\u017e otev\u0159en\u00edm do\u0161lo k instalaci malwaru do intern\u00edch syst\u00e9m\u016f. V n\u011bkter\u00fdch p\u0159\u00edpadech \u00fato\u010dn\u00edci tak\u00e9 telefonicky kontaktovali zam\u011bstnance, vyd\u00e1vali se za technickou podporu a z\u00edsk\u00e1vali citliv\u00e9 informace pot\u0159ebn\u00e9 k p\u0159\u00edstupu do syst\u00e9m\u016f.<\/p>\n\n\n\n<p><strong>Dopady \u00fatoku:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Naru\u0161en\u00ed provozu:<\/strong> N\u011bkter\u00e9 spole\u010dnosti zaznamenaly v\u00fdpadky v dod\u00e1vk\u00e1ch energie a musely p\u0159ej\u00edt na z\u00e1lo\u017en\u00ed syst\u00e9my, aby zajistily kontinuitu slu\u017eeb.<\/li>\n\n\n\n<li><strong>Finan\u010dn\u00ed ztr\u00e1ty:<\/strong> N\u00e1klady spojen\u00e9 s obnovou syst\u00e9m\u016f, implementac\u00ed nov\u00fdch bezpe\u010dnostn\u00edch opat\u0159en\u00ed a p\u0159\u00edpadn\u00fdmi sankcemi vedly k v\u00fdznamn\u00fdm finan\u010dn\u00edm ztr\u00e1t\u00e1m.<\/li>\n\n\n\n<li><strong>Reputace:<\/strong> D\u016fv\u011bra ve\u0159ejnosti v bezpe\u010dnost energetick\u00e9 infrastruktury byla ot\u0159esena, co\u017e mohlo ovlivnit vn\u00edm\u00e1n\u00ed t\u011bchto spole\u010dnost\u00ed na trhu.<\/li>\n<\/ul>\n\n\n\n<p><strong>Reakce a opat\u0159en\u00ed:<\/strong><\/p>\n\n\n\n<p>Po odhalen\u00ed \u00fatok\u016f zah\u00e1jily posti\u017een\u00e9 spole\u010dnosti ve spolupr\u00e1ci s N\u00e1rodn\u00edm \u00fa\u0159adem pro kybernetickou a informa\u010dn\u00ed bezpe\u010dnost (N\u00daKIB) a dal\u0161\u00edmi bezpe\u010dnostn\u00edmi slo\u017ekami okam\u017eit\u00e1 opat\u0159en\u00ed k minimalizaci \u0161kod a obnoven\u00ed bezpe\u010dnosti syst\u00e9m\u016f. Byly provedeny d\u016fkladn\u00e9 anal\u00fdzy, identifikov\u00e1ny zranitelnosti a implementov\u00e1ny pos\u00edlen\u00e9 bezpe\u010dnostn\u00ed protokoly.<\/p>\n\n\n\n<p><strong>Doporu\u010den\u00ed:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\u0160kolen\u00ed zam\u011bstnanc\u016f:<\/strong> Pravideln\u00e1 \u0161kolen\u00ed zam\u011b\u0159en\u00e1 na rozpozn\u00e1v\u00e1n\u00ed phishingov\u00fdch \u00fatok\u016f a dal\u0161\u00edch forem soci\u00e1ln\u00edho in\u017een\u00fdrstv\u00ed jsou kl\u00ed\u010dov\u00e1 pro prevenci podobn\u00fdch incident\u016f v budoucnu.<\/li>\n\n\n\n<li><strong>Pos\u00edlen\u00ed bezpe\u010dnostn\u00edch opat\u0159en\u00ed:<\/strong> Implementace v\u00edcefaktorov\u00e9 autentizace, pravideln\u00e9 aktualizace softwaru a monitorov\u00e1n\u00ed syst\u00e9m\u016f mohou v\u00fdrazn\u011b sn\u00ed\u017eit riziko \u00fasp\u011b\u0161n\u00e9ho \u00fatoku.<\/li>\n\n\n\n<li><strong>Spolupr\u00e1ce s bezpe\u010dnostn\u00edmi slo\u017ekami:<\/strong> Aktivn\u00ed komunikace a spolupr\u00e1ce s N\u00daKIB a dal\u0161\u00edmi institucemi m\u016f\u017ee pomoci v\u010das identifikovat hrozby a reagovat na n\u011b.<\/li>\n<\/ul>\n\n\n\n<p>Tento incident zd\u016fraznil pot\u0159ebu neust\u00e1l\u00e9ho zvy\u0161ov\u00e1n\u00ed pov\u011bdom\u00ed o kybernetick\u00fdch hrozb\u00e1ch a posilov\u00e1n\u00ed bezpe\u010dnostn\u00edch opat\u0159en\u00ed v energetick\u00e9m sektoru, kter\u00fd je kl\u00ed\u010dov\u00fd pro fungov\u00e1n\u00ed cel\u00e9 spole\u010dnosti.<\/p>\n\n\n\n<p>Zdroj: chrome-extension:\/\/efaidnbmnnnibpcajpcglclefindmkaj\/https:\/\/nukib.gov.cz\/download\/<\/p>\n\n\n\n<p>publikace\/zpravy_o_stavu\/Zprava_o_stavu_kyberneticke_bezpecnosti_CR_za_rok_2022.pdf; <a href=\"https:\/\/www.czdefence.cz\/clanek\/stav-kyberneticke-bezpecnosti-v-ceske-republice-za-rok-2022-vyzvy-a-priprava-na-budoucnost\">https:\/\/www.czdefence.cz\/clanek\/stav-kyberneticke-bezpecnosti-v-ceske-republice-za-rok-2022-vyzvy-a-priprava-na-budoucnost<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>V z\u00e1\u0159\u00ed 2022 se n\u011bkolik \u010desk\u00fdch energetick\u00fdch spole\u010dnost\u00ed stalo ter\u010dem sofistikovan\u00fdch kybernetick\u00fdch \u00fatok\u016f, kter\u00e9 vyu\u017e\u00edvaly metody soci\u00e1ln\u00edho in\u017een\u00fdrstv\u00ed. \u00dato\u010dn\u00edci prost\u0159ednictv\u00edm phishingov\u00fdch e-mail\u016f a podvodn\u00fdch telefon\u00e1t\u016f z\u00edskali p\u0159\u00edstup k intern\u00edm syst\u00e9m\u016fm t\u011bchto spole\u010dnost\u00ed, co\u017e vedlo k naru\u0161en\u00ed jejich provozu a potenci\u00e1ln\u00edm <a href=\"https:\/\/rumex.mendelu.cz\/bezpecnost\/?p=332\"> Read more&#8230;<\/a><\/p>\n","protected":false},"author":2,"featured_media":333,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"status","meta":{"footnotes":""},"categories":[20],"tags":[],"class_list":["post-332","post","type-post","status-publish","format-status","has-post-thumbnail","hentry","category-prispevky","post_format-post-format-status"],"_links":{"self":[{"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=\/wp\/v2\/posts\/332","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=332"}],"version-history":[{"count":3,"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=\/wp\/v2\/posts\/332\/revisions"}],"predecessor-version":[{"id":336,"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=\/wp\/v2\/posts\/332\/revisions\/336"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=\/wp\/v2\/media\/333"}],"wp:attachment":[{"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=332"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=332"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rumex.mendelu.cz\/bezpecnost\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=332"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}