ç®æ¬¡
ãããŒããããšã¯ïŒ
ãµã€ããŒã»ãã¥ãªãã£ã§ã®ãããŒããããšã¯ããµã€ããŒæ»æè ãåŒãä»ããããã«èšèšãããåœè£ ã»ãã¥ãªãã£ã¡ã«ããºã ã§ãã»ãã¥ãªãã£ç ç©¶è ãæ»æè ã®è¡åãç®çã芳å¯ããããã«èšèšãããŠããŸããéåžžãçµç¹ã®äž»èŠãªæ¬çªç°å¢ããéé¢ãããŠãããããŒãããã¯ãçµç¹ã®ããŒã¿ãå±éºã«ãããããšãªããæ»æè ãã·ã¹ãã ã«èªã蟌ãé€ãšããŠæ©èœããŸãã
ãããŒãããã¯æå³çã«è匱ã§é åçã«èŠããããã«èšçœ®ããããããã¯ãŒã¯ããµãŒããŒãã¢ããªã±ãŒã·ã§ã³ãªã©ã®æ£åœãªæšçãæš¡å£ããŸãããããŒããããæ»æè ãèªã蟌ããšãã»ãã¥ãªãã£ã¢ããªã¹ãã¯æ»æè ã®èº«å ãæ»æææ³ã䜿çšããããŒã«ã«é¢ããæ å ±ãåéã§ããŸããçµç¹ã¯ãã®æ å ±ã䜿çšããŠããµã€ããŒã»ãã¥ãªãã£æŠç¥ãæ¹åããæ¢åã®ã¢ãŒããã¯ãã£ã«ãããæœåšçãªç²ç¹ãç¹å®ãã䜿çšãããæè¡ãæãé »ç¹ã«æšçãšãããè³ç£ã«åºã¥ããŠã»ãã¥ãªãã£å¯Ÿçã®åªå é äœä»ããšéäžåãè¡ãããšãã§ããŸãã
ãµã€ããŒã»ãã¥ãªãã£æè²ãšãã¬ãŒãã³ã°ãå§ããŸããã
ç¡æãã©ã€ã¢ã«ã®ãç³ãèŸŒã¿æé
- åŒç€Ÿã®ãµã€ããŒã»ãã¥ãªã㣠ãšãã¹ããŒãã貎瀟ã«äŒºããã»ãã¥ãªãã£ç°å¢ãè©äŸ¡ããŠãè åšãªã¹ã¯ã蚺æããŸãã
- 24 æé以å ã«æå°éã®æ§æã§ã30 æ¥éãå©çšããã ãããã«ãŒããã€ã³ãã®ãœãªã¥ãŒã·ã§ã³ãå°å ¥ããŸãã
- ãã«ãŒããã€ã³ãã®ãã¯ãããžãŒãå®éã«ãäœéšããã ããŸãã
- çµç¹ãæã€ã»ãã¥ãªãã£ã®è匱æ§ã«é¢ããã¬ããŒãããæäŸããŸãããã®ã¬ããŒãã¯ããµã€ããŒã»ãã¥ãªãã£æ»æã®å¯Ÿå¿ã«çŽã¡ã«ã掻çšããã ãããšãã§ããŸãã
ãã©ãŒã ã«å¿ èŠäºé ããå ¥åã®äžããç³èŸŒã¿ãã ããã远ã£ãŠãæ åœè ãããé£çµ¡ãããŠããã ããŸãã
Proofpointã®æ åœè ããŸããªããé£çµ¡ããããŸãã
ãããŒãããã®ä»çµã¿
ãããŒãããã¯ãäœçºçã«äœãããæ»æå¯Ÿè±¡ãå©çšããŠãµã€ããŒç¯çœªè ãæ£åœãªæšçããåŒãé¢ãããµã€ããŒã»ãã¥ãªãã£ããŒã ãç£èŠãè¡ããæµå¯Ÿè ãå®éã®æšçããéžããããšãå¯èœã«ããŸãã
éèããŒã¿ããŒã¹ãIoTããã€ã¹ããããã¯ããã«åºç¯ãªãããã¯ãŒã¯æ§æãªã©ãå®éã®ã·ã¹ãã ãæš¡å£ããããšã§ããããŒãããã¯äžèŠèåŒ±ãªæšçã«èŠããŸãããå®éã«ã¯éé¢ãããç¶¿å¯ã«ç£èŠãããŠããŸãããããŒããããšã®æ¥è§Šã¯éåžžãçããããã®ãšã¿ãªãããŸãããªããªããæ£åœãªãŠãŒã¶ãŒããããŒããããšé¢ããå®éã®éçšç®çããªãããã§ãã
ãããŒãããã®äŸ¡å€ã¯ãããã«ãŒã欺ãèœåã«ãããŸããæ»æè ããããã®å®ãšæ¥è§Šãããšãç¥ããç¥ããã®ãã¡ã«èªåãã¡ã®æŠç¥ãããŒã«ãæå³ãæããã«ããŸããã»ãã¥ãªãã£ããŒã ã¯æœåšçãªè åšãçŽæ¥èгå¯ã§ããå¶åŸ¡ãããç°å¢ã§æ»æè ã®ææ³ãç ç©¶ããããšãã§ããŸãã
æ¬è³ªçã«ããããŒãããã¯ããžã¿ã«ã®ãã©ãããå®ãšããŠæ©èœããŸããæªæã®ããäž»äœãå®éã®è³ç£ããé ããã€ã€ãæœåšçãªè匱æ§ãæ°ããªè åšã«é¢ãã貎éãªæŽå¯ãæäŸããŸãããããŒããããšã®çžäºäœçšãçè§£ãåæããããšã§ãçµç¹ã¯ããæ å ±ã«åºã¥ããç©æ¥µçãªæ¹æ³ã§ãµã€ããŒã»ãã¥ãªãã£é²åŸ¡ã匷åã§ããŸãã
ãããŒãããã®æŽå²
ãããŒãããã®æŠå¿µã¯1980幎代åŸåãã1990幎代åé ã«é¡ããŸãããã®èãã¯1991幎ã«2ã€ã®åºçç©ã§åããŠææžåãããŸããïŒã¯ãªãã©ãŒãã»ã¹ããŒã«ã®ãã«ãã³ãŠã¯ã³ã³ãã¥ãŒã¿ã«åµãç£ãããšãã«ã»ãã§ã¹ãŠã£ãã¯ã®ããã«ãã¡ãŒããšã®å€ã¹ãã§ããããããã»ãã¥ãªãã£ã³ãã¥ããã£ã«å©çšå¯èœãªæåã®ãããŒããããœãªã¥ãŒã·ã§ã³ã®äžã€ã§ãããã¬ããã»ã³ãŒãšã³ã®Deception ToolkitããªãªãŒã¹ãããã®ã¯1997幎ã«ãªã£ãŠããã§ããããã®1幎åŸã®1998幎ã«ã¯ãäžè¬ã«è²©å£²ãããæåã®åçšãããŒãããã®äžã€ã§ããCyberCop Stingã®éçºãå§ãŸããŸããã
ãããŒãããã¯æéãšãšãã«é²åããçŸä»£ã®ãã»ãã·ã§ã³ïŒæ¬ºçïŒæè¡ã«ã¯éèŠãªã·ã¹ãã ã®åšãã«æŠç¥çã«é 眮ããããã©ãããå®ãå«ãŸããŠããŸããæ»æè ããããŒãããã«äŸµå ¥ãããšããããã®å®ã·ã¹ãã ã¯äŸµå ¥è ã芳å¯ã远跡ããæã«ã¯åæããŠæ»æè ãæ»æããããšããããŸãã[1] ã¬ãŒãããŒã»ãªãµãŒãã¯2016幎ã«ãã»ãã·ã§ã³æè¡ããæ°èæè¡ããšããŠç¹å®ãããåžå Žã§å®çšåããã€ã€ããããšè©äŸ¡ããŸããã[2]
ãããŒãããã®çš®é¡
ãµã€ããŒã»ãã¥ãªãã£æŠç¥ã§äœ¿çšã§ãããããŒãããã«ã¯ãããŸããŸãªçš®é¡ããããŸããæãäžè¬çãªçš®é¡ã«ã¯ä»¥äžã®ãããªãã®ããããŸãã
- ãããã¯ã·ã§ã³ãããŒãããïŒãããã¯ã·ã§ã³ãããŒãããã¯ãå®éã®æ¬çªãµãŒããŒãšäžŠãã§é 眮ãããåæ§ã®ãµãŒãã¹ãå®è¡ããŸãããããã¯ã·ã§ã³ãããŒãããã¯ãå éšãããã¯ãŒã¯ã®äŸµå®³ãç¹å®ããªãããæªæã®ããè¡çºè ãæ¬ºããŸãã
- ãªãµãŒããããŒãããïŒãªãµãŒããããŒãããã¯ããµã€ããŒç¯çœªè ã®ææ°ã®æ»æææ³ãããŒã«ã«é¢ãã貎éãªæ å ±ãæäŸããŸãããããã¯ãã»ãã¥ãªãã£å¯Ÿçã®æ¹åãæ°ããé²åŸ¡æŠç¥ã®éçºã«äœ¿çšã§ããŸãã
- äœå¯Ÿè©±åãããŒãããïŒäœå¯Ÿè©±åãããŒãããã¯ãå¶éãããæ©èœãæã€éå®çã«ãšãã¥ã¬ãŒãããããµãŒãã¹ãå®è¡ãããããã·ã¹ãã ãšã®éšåçãªå¯Ÿè©±ãå¯èœã«ããŸããäœå¯Ÿè©±åãããŒãããã¯ãçµç¹ãæ¬çªç°å¢ã§ãã䜿çšããæ©ææ€åºã¡ã«ããºã ã§ãã
- é«å¯Ÿè©±åãããŒãããïŒé«å¯Ÿè©±åãããŒãããã¯ããè€éã§ãæ»æè ãå®éã®ãªãã¬ãŒãã£ã³ã°ã·ã¹ãã ãšå¯Ÿè©±ããããšãå¯èœã«ããŸãããããã¯äœå¯Ÿè©±åãããŒãããããããªãœãŒã¹ãå€ãå¿ èŠãšããããå€ãã®ã¡ã³ããã³ã¹ãå¿ èŠã§ãã
- ãã¥ã¢ãããŒãããïŒ ãã¥ã¢ãããŒãããã¯ãããŸããŸãªãµãŒããŒäžã§å®è¡ãããå®å šãªã·ã¹ãã ãæããŸããæ¬çªã·ã¹ãã ãå®å šã«æš¡å£ããŸãããŠãŒã¶ãŒæ å ±ãããŒã¿ã¯æ©å¯æ§ãé«ãéèŠã«èŠããããã«æäœãããæ§ã ãªã»ã³ãµãŒãè åšã¢ã¯ã¿ãŒã®æŽ»åã远跡ã»èгå¯ããŸãã
- ã¯ã©ã€ã¢ã³ããããŒãããïŒã¯ã©ã€ã¢ã³ããããŒãããã¯ããŠã§ããã©ãŠã¶ãã¡ãŒã«ã¯ã©ã€ã¢ã³ããªã©ã®è匱ãªã¯ã©ã€ã¢ã³ãã·ã¹ãã ãã·ãã¥ã¬ãŒãããããã«èšçœ®ãããŸããã¯ã©ã€ã¢ã³ããããŒãããã¯ãã¯ã©ã€ã¢ã³ãåŽã®æ»æãæ€åºã»åæããããã«äœ¿çšã§ããŸãã
- ä»®æ³ãããŒãããïŒä»®æ³ãããŒãããã¯ãå®éã®ã·ã¹ãã ãã·ãã¥ã¬ãŒãããä»®æ³ãã·ã³ã§ããä»®æ³åç°å¢ã«å¯Ÿããæ»æã®æ€åºãšåæã«äœ¿çšã§ããŸãã
ããããã®ã¿ã€ãã®ãããŒãããã«ã¯ãç¹å®ã®äœ¿çšäºäŸã®é©çšããããããã«äŒŽãé·æãšçæããããŸãããã®ãããçµç¹ã¯ãããŒãããæŠç¥ãèšèšããéã«ãç®çãšãªãœãŒã¹ãæ éã«è©äŸ¡ããå¿ èŠããããŸãã
ãããŒãããã®å©ç¹
ãããŒãããã¯ãµã€ããŒã»ãã¥ãªãã£æŠç¥ã«ãããŠè²ŽéãªããŒã«ã§ãããçµç¹ã«ããã€ãã®å©ç¹ããããããŸãã
- æ»æã®æ©ææ€åºïŒãããŒãããã¯ãæ°ãããŸãã¯ä»¥åã«ç¥ãããŠããªãã£ããµã€ããŒæ»æã®æ©æèŠåãæäŸããITã»ãã¥ãªãã£ããŒã ãããè¿ éãã€å¹æçã«å¯Ÿå¿ã§ããããã«ããŸãã
- ã»ãã¥ãªãã£æ å¢ã®æ¹åïŒå¯èŠæ§ãé«ãããã¡ã€ã¢ãŠã©ãŒã«ãé²ããªãæ»æã«å¯ŸããŠITã»ãã¥ãªãã£ããŒã ãé²åŸ¡ã§ããããã«ããããšã§ãçµç¹ã®ã»ãã¥ãªãã£æ å¢ãå€§å¹ ã«æ¹åã§ããŸãã
- æ»æè ã®æ³šæããããïŒãããŒãããã¯æ»æè ã®æ³šæãããã貎éãªååšã§ãããããŒãããã«è²»ããããæéãšåŽåãå¢ããã°ãæ£åœãªæšçã«åããããåŽåã¯ãæžå°ããŸãã
- æ»æè ã«é¢ããæ å ±åéïŒãããŒãããã¯ãæ»æè ã®ææ³ãããŒã«ãè¡åãªã©ãæ»æè ã«é¢ããæ å ±ã广çã«åéããŸãããã®æ å ±ã¯ãçµç¹ã®ãµã€ããŒã»ãã¥ãªãã£æŠç¥ã®æ¹åãæ°ããé²åŸ¡æŠç¥ã®éçºã«äœ¿çšã§ããŸãã
- ã€ã³ã·ãã³ã察å¿ããã»ã¹ã®ãã¹ãïŒãããŒãããã¯ãçµç¹ãã€ã³ã·ãã³ã察å¿ããã»ã¹ããã¹ãããæ¹åãå¿ èŠãªé åãç¹å®ããã®ã«åœ¹ç«ã¡ãŸãã
- äŸµå ¥æ€ç¥ã·ã¹ãã ã®æ¹è¯ïŒãããŒãããã¯ãçµç¹ã®äŸµå ¥æ€ç¥ã·ã¹ãã ïŒIDSïŒãšè åšå¯Ÿå¿ãæ¹è¯ããæ»æãããé©åã«ç®¡çã»é²æ¢ããã®ã«åœ¹ç«ã¡ãŸãã
- ã»ãã¥ãªãã£ã¹ã¿ããã®ãã¬ãŒãã³ã°ããŒã«ïŒãããŒãããã¯ãæè¡çã»ãã¥ãªãã£ã¹ã¿ããã®ãã¬ãŒãã³ã°ããŒã«ãšããŠäœ¿çšã§ããæ»æè ã®åäœã瀺ããå¶åŸ¡ãããå®å šãªç°å¢ã§æ§ã ãªçš®é¡ã®è åšãæ€èšŒããããšãã§ããŸãã
ãããŒãããå®è£ ã®ãã¹ããã©ã¯ãã£ã¹
ã¬ãŒãããŒã»ãªãµãŒãã®ãã€ã¹ãã¬ãžãã³ãã§ããã¢ãŠã°ã¹ãã»ããã¹ã¯ããããŒãããæè¡ããã®ä»ã®ã»ãã¥ãªãã£ãã»ãã·ã§ã³ãœãªã¥ãŒã·ã§ã³ãäŸµå ¥è ã®çºèŠãšæŽãªã被害ã®é»æ¢ã«å¹æçã§ããäžæ¹ã§ãäŒæ¥ãã忣åãã»ãã·ã§ã³ãã©ãããã©ãŒã ïŒDDPïŒãã®æ¡çšãæ¿èªããåã«ãããã€ãã®ã¹ããããèžãå¿ èŠããããšè¿°ã¹ãŠããŸãã[3]
ãããŒããããšãã»ãã·ã§ã³æè¡ãå®è£ ãããã¹ããã©ã¯ãã£ã¹ã«ã¯ä»¥äžãå«ãŸããŸãã
- ãŸããæ¬çªç°å¢ã§ãããŒãããããã»ãã·ã§ã³æè¡ãå®è£ ããåã«ããã¹ãç°å¢ã1ã€ç¢ºç«ããŸãã
- 誀æ€ç¥ãšæªæ€ç¥ã埮調æŽããŠãã¢ã©ãŒãç²ããé¿ããã·ã¹ãã ãå®éã®è åšãæ€åºããããšã確å®ã«ããŸãã
- éèŠãªã·ã¹ãã ã®åšãã«æŠç¥çã«é 眮ããããã©ãããå®ãå«ã忣åãã»ãã·ã§ã³ãã©ãããã©ãŒã ïŒDDPïŒã䜿çšããŸãã
- ãããŒããããè¶ ããŠããšã³ããã€ã³ãããµãŒããŒãããã€ã¹ã«ãã»ãã·ã§ã³æè¡ãå®è£ ããæ¬çªç°å¢å šäœã§æ å ±ãåéããŸãã
- èšå®ã管çã«æå°éã®åŽåã§æžã¿ãã»ããã¢ãããšç¶æãå®äŸ¡ãªãã»ãã·ã§ã³ããŒã«ã䜿çšããŸãã
- ãããŒããããçµç¹ã®äž»èŠãªæ¬çªç°å¢ããéé¢ãããŠããããšã確èªããçµç¹ã®ããŒã¿ãå±éºã«ãããããšãªããæ»æè ãåŒãä»ããããã®é€ãšããŠæ©èœãããŸãã
- 1ã€ä»¥äžã®ãããŒããããŠãŒã¶ãŒãäœæããå ±æãããã¯ãŒã¯äžã«ãããŒãã¡ã€ã«ãèšå®ããŸãã
- ãããŒã¢ã©ãŒãã管çããŠãã·ã¹ãã ãå®éã®è åšãæ€åºããŠããããšã確èªããŸãã
ãããã®ãã¹ããã©ã¯ãã£ã¹ã«åŸãããšã§ãçµç¹ã¯ãããŒããããšãã»ãã·ã§ã³æè¡ã广çã«å®è£ ãããµã€ããŒã»ãã¥ãªãã£æŠç¥ãæ¹åããæ¢åã®ã¢ãŒããã¯ãã£ã«ãããæœåšçãªç²ç¹ãç¹å®ããããšãã§ããŸãã
ãããŒãããã®ã»ãã¥ãªãã£èª²é¡
ãããŒãããã¯ãµã€ããŒã»ãã¥ãªãã£ã«ãããŠéåžžã«äŸ¡å€ã®ããããŒã«ãšãªãåŸãŸãããããã€ãã®èª²é¡ãå¶éã䌎ããŸãã
- éå®çãªç¯å²ïŒãããŒãããã¯ãããããšçžäºäœçšããè åšã®ã¿ãææããŸããæ»æè ããããã¯ãŒã¯ã®ä»ã®éšåãæšçã«ãããããŒããããåé¿ããå Žåããã®è åšã¯æ€åºãããªãå¯èœæ§ããããŸãã
- ã¡ã³ããã³ã¹ïŒãããŒãããã¯å®éã®ã·ã¹ãã ã説åŸåã®ããåœ¢ã§æš¡å£ããããã«ãç¶ç¶çãªæŽæ°ãå¿ èŠã§ããçµéšè±å¯ãªæ»æè ã¯ãå€ããªã£ããããŒããããç°¡åã«èŠç Žãå¯èœæ§ããããŸãã
- æªçšã®å¯èœæ§ïŒé©åã«åé¢ãŸãã¯ä¿è·ãããŠããªãå Žåãæ»æè ã¯ãããŒãããããããªããããã¯ãŒã¯æ»æã®çºå°ç¹ãšããŠæªçšããå¯èœæ§ããããŸãã
- 誀ã£ãå®å¿æïŒãããŒãããã®ã¿ã«é Œãããšã§ãçµç¹ãä»ã®éèŠãªã»ãã¥ãªãã£å¯ŸçãèŠèœãšããæœåšçãªè匱æ§ã«ã€ãªããå¯èœæ§ããããŸãã
- ãªãœãŒã¹éçŽåïŒãããŒãããã®ã»ããã¢ããã管çãããŒã¿åæã«ã¯æéãšå°éç¥èã®äž¡æ¹ãå¿ èŠã§ããªãœãŒã¹ãå€ãæ¶è²»ããå¯èœæ§ããããŸãã
- æ€åºã®ãªã¹ã¯ïŒæŽç·Žãããæ»æè ã¯ãããŒããããèªèããŠåé¿ããå¯èœæ§ããããé«åºŠãªè åšã«å¯ŸããŠå¹æããªããªãå¯èœæ§ããããŸãã
- ããŒã¿ã®éè² è·ïŒãããŒãããã¯èšå€§ãªéã®ããŒã¿ãçæããå¯èœæ§ããããç¹ã«å€æ°ã®èª€æ€ç¥ãããå Žåã广çã«åæããã®ãå°é£ã«ãªãå¯èœæ§ããããŸãã
- ã¹ãã«èŠä»¶ïŒãããŒãããã®å®è£ ãšç®¡çã«ã¯ã广çã§è¿œå ã®è匱æ§ãå°å ¥ããªãããšã確å®ã«ããããã®å°éç¥èãå¿ èŠã§ãã
- ãšã¹ã«ã¬ãŒã·ã§ã³ã®å¯èœæ§ïŒç¹å®ã®æ»æè ãšé¢ããããšã§ã圌ãã®åªåããšã¹ã«ã¬ãŒãããçµç¹ã«å¯ŸããŠããæ»æçãªæ»æã«ã€ãªããå¯èœæ§ããããŸãã
ãããã®å¶éãšèª²é¡ãçè§£ããããšã¯ããããŒãããã®å°å ¥ãæ€èšããŠããçµç¹ã«ãšã£ãŠäžå¯æ¬ ã§ããçè§£ãæ·±ããããšã§ãããåºç¯ãªãµã€ããŒã»ãã¥ãªãã£æŠç¥ã§ã®ãããŒãããã®å¹æçãªæŽ»çšãä¿èšŒãããŸãã
ãããŒãããã®æŽ»çšäºäŸ
ãããŒãããã¯ãæªæããæŽ»åãç ç©¶ã察æããããã«ããŸããŸãªã·ããªãªã§äœ¿çšãããŠããŸããã以äžã¯ãäžè¬çãªã¿ã€ããšå¿çšã«åºã¥ãã䜿çšäºäŸã§ãã
- ç ç©¶çšãããŒãããã¯ãæ°çš®ã®ãã«ãŠã§ã¢ãã©ã®ããã«æ¡æ£ããããåæããããããããããã®åäœãç ç©¶ãããããŸããäŸïŒå€§åŠããµã€ããŒã»ãã¥ãªãã£ç ç©¶æ©é¢ãããã«ãŠã§ã¢ã®äŒæãæ»æè ã®ææ³ããŸãã¯æ°ããªè åšã«é¢ããããŒã¿ãåéããããã«ãããŒããããå®è£ ããããšããããŸãã
- æ¬çªçšãããŒãããã¯ãæ»æè ãåœã®ãµãŒããŒã«èªå°ããããšã§æ©å¯æ§ã®é«ã顧客ããŒã¿ãä¿è·ããŸããäŸïŒéèæ©é¢ãååŒãµãŒããŒãæš¡ãããããŒããããèšçœ®ããŠãæ»æè ãåŒãä»ãããã®æŠç¥ãç£èŠããããšããããŸãã
- IoTãããŒãããã¯ãIoTããã€ã¹ã«ç¹æã®è åšïŒç¹å®ã®ãã«ãŠã§ã¢ã®çš®é¡ãæªçšæè¡ãªã©ïŒãçè§£ããŸããäŸïŒè€æ°ã®IoTããã€ã¹ãå®è£ ããäŒæ¥ãããããŒããããšããŠæš¡æ¬IoTããã€ã¹ãããã¯ãŒã¯ãäœæããŸãã
- ããŒã¿ããŒã¹ãããŒãããã¯ãæ©å¯ããŒã¿ãç¬èªããŒã¿ãçãæ»æè ãåŒãä»ããæ€åºããŸããäŸïŒæ¬ç©ã®ããŒã¿ããŒã¹ã®æ§é ãæš¡å£ããªãããåœã®ããŒã¿ã§æºããããåœè£ ããŒã¿ããŒã¹ã
- Webã¢ããªã±ãŒã·ã§ã³ãããŒãããã¯ãSQLã€ã³ãžã§ã¯ã·ã§ã³ãã¯ãã¹ãµã€ãã¹ã¯ãªããã£ã³ã°ã®è©Šè¡ãªã©ã®Webåºç€ã®æ»æææ³ãç¹å®ããŸããäŸïŒè匱ã«èŠããããåœã®Eã³ããŒã¹ãŠã§ããµã€ãããŠã§ãããŒã¿ã«ã
- ã¹ãã ãããŒãããïŒã¹ãã ãããïŒã¯ãã¹ãã ãã£ã³ããŒã³ããã£ãã·ã³ã°è©Šè¡ããŸãã¯æªæã®ããæ·»ä»ãã¡ã€ã«ãç ç©¶ããŸããäŸïŒã¹ãã ã¡ãŒã«ããã«ãŠã§ã¢ãåŒãä»ããŠææããããã«ç¹å¥ã«èšèšãããã¡ãŒã«ãµãŒããŒã
- ã¯ã©ã€ã¢ã³ããããŒãããã¯ãæ°ãããã«ãŠã§ã¢ã®å€çš®ãåéã»åæãããããµã€ããŒç¯çœªãããã¯ãŒã¯ã®ã€ã³ãã©ãçè§£ãããããŸããäŸïŒãã«ãŠã§ã¢ã®ãµã³ãã«ãåéããããšã¯ã¹ããã€ãããããç ç©¶ãããããããã«ãæªæã®ãããµãŒããŒãšç©æ¥µçã«é¢ããããã«èšå®ãããã·ã¹ãã ã
- ãããŒããŒã¯ã³ã¯ãåœã®èªèšŒæ å ±ã䜿çšãããéã«ãäžæ£ã¢ã¯ã»ã¹ãããŒã¿æŒæŽ©ãæ€åºããŸããäŸïŒã·ã¹ãã å ã«ã°ããŸãããåœã®ãŠãŒã¶ãŒèªèšŒæ å ±ãAPIããŒã
ãããã®å€æ§ãªã·ããªãªã§ãããŒããããå®è£ ããããšã«ãããçµç¹ã¯æœåšçãªè åšã«é¢ããæŽå¯ãåŸãŠãã»ãã¥ãªãã£æ å¢ãæ¹åããæ¬ç©ã®è³ç£ãããé©åã«ä¿è·ããããšãã§ããŸãã
ãããŒãããæè¡ã®æªæ¥
ãããµã¹å€§åŠãã©ã¹æ ¡ã®ç ç©¶è ãã¡ã¯ããããŒããããå«ãæ°ãããã»ãã·ã§ã³æè¡ã®å®è£ ã«ã€ããŠç ç©¶ãé²ããŠããŸããå倧åŠã¯ãDeepDigïŒDEcEPtion DIGgingïŒæè¡ãéçºããŸããããã®æè¡ã¯ãå®éã®ã·ã¹ãã ã«ãã©ãããå®ã仿ããåŸãæ©æ¢°åŠç¿æè¡ãé©çšããŠãã«ãŠã§ã¢æ»æè ã®è¡åãããæ·±ãçè§£ãããã®ã§ãããã®æè¡ã¯ããµã€ããŒæ»æãæ©æ¢°åŠç¿ããŒã¹ã®äŸµå ¥æ€ç¥ã·ã¹ãã ïŒIDSïŒã®ããã®ç¡æã®ã©ã€ããã¬ãŒãã³ã°ããŒã¿æºãšããŠå©çšããããã«èšèšãããŠããŸãããããã®å®ã·ã¹ãã ã¯ãããŒããããšããŠæ©èœããæ»æè ããããã¯ãŒã¯ã«äŸµå ¥ããå Žåãã»ãã¥ãªãã£ããŒã ã¯åã«éç¥ãåããã ãã§ãªããæ»æã®å¯Ÿå¿ã察çãè¡ãããšãã§ããŸãã[4]
ããã«ããããŒãããæè¡ã®æªæ¥ã«ã¯ãããè€éãªåæ£åãã»ãã·ã§ã³ãã©ãããã©ãŒã ïŒDDPïŒãå«ãŸããå¯èœæ§ããããŸãããããã®ãã©ãããã©ãŒã ã¯ãäž»èŠã·ã¹ãã ã®åšãã«æŠç¥çã«é 眮ããããã©ãããšå®ãå«ã¿ãçµç¹ãæ¬çªç°å¢å šäœã§æ å ±ãåéããããšãå¯èœã«ããŸãããã®æŠç¥ã«ãããçµç¹ã¯ããé«ã粟床ã§è åšãç¹å®ãã䜿çšãããææ³ãæãé »ç¹ã«æ»æãããè³ç£ã«éäžããããšã§ãã»ãã¥ãªãã£ãªãœãŒã¹ãå¹ççã«é åããããšãã§ããŸãã
ãããŒãããã«å¯ŸããProofpointã®ãœãªã¥ãŒã·ã§ã³
Proofpointã¯ããããŒããããšäœµçšããŠçµç¹ã®ãµã€ããŒã»ãã¥ãªãã£æ å¢ãåäžãããããã®å¹ åºããµã€ããŒã»ãã¥ãªãã£ãœãªã¥ãŒã·ã§ã³ãæäŸããŠããŸãããããã®ãœãªã¥ãŒã·ã§ã³ã«ã¯ãã¡ãŒã«ã»ãã¥ãªãã£ãã¯ã©ãŠãã»ãã¥ãªãã£ãè åšã€ã³ããªãžã§ã³ã¹ãã»ãã¥ãªãã£æèåäžãã¬ãŒãã³ã°ãå«ãŸããŸãã
Proofpointã®ãœãªã¥ãŒã·ã§ã³ã䜿çšããããšã§ãçµç¹ã¯ãããŒãããã§æ€åºããããµã€ããŒè åšãå«ãããããã«å¯Ÿå¿ããèœåãåäžãããããšãã§ããŸããProofpointã®ãœãªã¥ãŒã·ã§ã³ã¯ãçµç¹ãæ¢åã®ã¢ãŒããã¯ãã£ã«ãããæœåšçãªæ»è§ãç¹å®ãã䜿çšãããŠããææ³ãæãé »ç¹ã«æšçãšãªãè³ç£ã«åºã¥ããŠã»ãã¥ãªãã£å¯Ÿçã®åªå é äœä»ããšçŠç¹ãçµãããšãæ¯æŽããŸãã詳现ã«ã€ããŠã¯ãProofpointã«ãåãåãããã ããã
[1] Varun Haran, BankInfoSecurity.com âDeception Technology in 2020â
[2] Lawrence Pingree, Gartner âDeception-related technology â itâs not just ânice to haveâ, itâs a new strategy of defenseâ
[3] Augusto Barros Gartner Research âNew Research: Deception Technologiesâ
[4] John Leyden, The Daily Swig âAI-powered honeypots: Machine learning may help improve intrusion detectionâ