{"id":124,"date":"2023-08-12T10:03:06","date_gmt":"2023-08-12T01:03:06","guid":{"rendered":"https:\/\/yokohama-infosec-consulting-service.net\/?p=124"},"modified":"2024-02-23T16:43:49","modified_gmt":"2024-02-23T07:43:49","slug":"case-study-ransomware-lockbit-2-0-hospital","status":"publish","type":"post","link":"https:\/\/yokohama-infosec-consulting-service.net\/?p=124","title":{"rendered":"\u4e8b\u4f8b\u3000\uff1c\u30e9\u30f3\u30b5\u30e0\u30a6\u30a8\u30a2 Lockbit 2.0\uff1e"},"content":{"rendered":"\n<p><\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Case Study &quot;\u30e9\u30f3\u30b5\u30e0\u30a6\u30a8\u30a2 Lockbit2.0&quot;\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/CYMfF_oq0KM?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">VPN\u306e\u8106\u5f31\u3092\u7a81\u304b\u308c\u3001\u30e9\u30f3\u30b5\u30e0\u30a6\u30a8\u30a2\u3092\u6295\u5165\u3055\u308c\u305f\u4e8b\u4f8b<\/h2>\n\n\n\n<p>VPN\u306e\u8106\u5f31\u6027\u3092\u7a81\u304b\u308c\u3001\u30e9\u30f3\u30b5\u30e0\u30a6\u30a8\u30a2&lt;Lockbit2.0>\u306e\u653b\u6483\u306b\u3042\u3063\u305f\u4e8b\u4f8b\u3092\u307e\u3068\u3081\u3066\u307f\u307e\u3057\u305f\u3002\u3053\u306e\u30e9\u30f3\u30b5\u30e0\u30a6\u30a8\u30a2\u306f\u75c5\u9662\u306b\u731b\u5a01\u3092\u632f\u308b\u3044\u3001\u533b\u7642\u696d\u52d9\u306b\u591a\u5927\u306a\u5f71\u97ff\u3092\u4e0e\u3048\u3066\u3044\u307e\u3059\u3002<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. \u6e96\u5099<\/h2>\n\n\n\n<p>VPN\u306b\u8106\u5f31\u6027\u304c\u5b58\u5728(CVE-2018-13379)<br>Dark Web\u306b\u5f53\u8a72VPN\u306eIP,ID,Passuword\u304c\u516c\u958b<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. \u4fb5\u5165<\/h2>\n\n\n\n<p>VPN\u304b\u3089\u5185\u90e8\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u306b\u4fb5\u5165<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">3. \u5c55\u958b<\/h2>\n\n\n\n<p>Exploit Code\u3067Windows\u8cc7\u683c\u60c5\u5831\u3092\u7a83\u53d6<br>\u696d\u52d9\u7528PC\u3001Active Directory\u3001\u5404\u7a2e\u30b5\u30fc\u30d0\u306b\u30ea\u30e2\u30fc\u30c8\u30ed\u30b0\u30a4\u30f3<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">4. \u6d3b\u52d5\u671f<\/h2>\n\n\n\n<p>\u4fb5\u5165\u5148\u306e\u6a5f\u5668\u306bRansomware(LockBit2.0)\u3092\u5c0e\u5165\u3057\u3001\u30d5\u30a1\u30a4\u30eb\u6697\u53f7\u5316<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">5. \u88ab\u5bb3\u9855\u5728\u5316<\/h2>\n\n\n\n<p>\u30d7\u30ea\u30f3\u30bf\u30fc\u304b\u3089\u3001\u72af\u884c\u58f0\u660e\u304c\u5370\u5237\u3055\u308c\u308b<br>\u696d\u52d9\u30b7\u30b9\u30c6\u30e0\u5229\u7528\u4e0d\u80fd<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u5fb3\u5cf6\u770c\u3064\u308b\u304e\u753a\u7acb\u534a\u7530\u75c5\u9662\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u30a6\u30a4\u30eb\u30b9\u611f\u67d3\u4e8b\u6848\u6709\u8b58\u8005\u4f1a\u8b70\u8abf\u67fb\u5831\u544a\u66f8\u306b\u3064\u3044\u3066<br><a href=\"https:\/\/www.handa-hospital.jp\/topics\/2022\/0616\/index.html\" target=\"_blank\" rel=\"noreferer noopener\">https:\/\/www.handa-hospital.jp\/topics\/2022\/0616\/index.html<\/a><\/p>\n\n\n\n<p><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"VPN\u306e\u8106\u5f31\u3092\u7a81\u304b\u308c\u3001\u30e9\u30f3\u30b5\u30e0\u30a6\u30a8\u30a2\u3092\u6295\u5165\u3055\u308c\u305f\u4e8b\u4f8b VPN\u306e\u8106\u5f31\u6027\u3092\u7a81\u304b\u308c\u3001\u30e9\u30f3\u30b5\u30e0\u30a6\u30a8\u30a2&lt;Lockbit2.0>\u306e\u653b\u6483\u306b\u3042\u3063\u305f\u4e8b\u4f8b\u3092\u307e\u3068\u3081\u3066\u307f\u307e\u3057\u305f\u3002\u3053\u306e\u30e9\u30f3\u30b5\u30e0\u30a6\u30a8\u30a2\u306f\u75c5\u9662\u306b\u731b\u5a01\u3092\u632f\u308b\u3044\u3001\u533b\u7642\u696d\u52d9\u306b\u591a\u5927\u306a\u5f71\u97ff [&hellip;]","protected":false},"author":1,"featured_media":429,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[],"class_list":["post-124","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-casestudy"],"_links":{"self":[{"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/posts\/124","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=124"}],"version-history":[{"count":16,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/posts\/124\/revisions"}],"predecessor-version":[{"id":383,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/posts\/124\/revisions\/383"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/media\/429"}],"wp:attachment":[{"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=124"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=124"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=124"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}