{"id":538865,"date":"2022-07-30T09:10:52","date_gmt":"2022-07-30T07:10:52","guid":{"rendered":"https:\/\/www.hashtag.al\/?p=538865"},"modified":"2022-07-30T09:12:28","modified_gmt":"2022-07-30T07:12:28","slug":"mbrojtja-e-dobet-si-armiku-dixhital-shpartallon-shqiperine","status":"publish","type":"post","link":"https:\/\/www.hashtag.al\/index.php\/2022\/07\/30\/mbrojtja-e-dobet-si-armiku-dixhital-shpartallon-shqiperine\/","title":{"rendered":"Mbrojtja e dob\u00ebt, si armiku dixhital \u201cshpartallon\u201d Shqip\u00ebrin\u00eb","gt_translate_keys":[{"key":"rendered","format":"text"}]},"content":{"rendered":"

\"\"<\/a><\/span><\/p>\n

Brenda nj\u00eb viti, sistemet elektronike dhe dixhitale publike jan\u00eb dekonspiruar dhe sulmuar disa her\u00eb, q\u00eb me rrjedhjen e t\u00eb dh\u00ebnave sensitive t\u00eb qytetar\u00ebve t\u00eb Tiran\u00ebs n\u00eb prag t\u00eb zgjedhjeve t\u00eb vitit 2021, lista e pagave dhe s\u00eb fundmi, nj\u00eb sulm armiq\u00ebsor i organizuar nga jasht\u00eb.<\/span>
\nEkspert\u00ebt e IT, t\u00eb cil\u00ebt kan\u00eb punuar n\u00eb ngritjen e sistemeve dixhitale qeveritare, pohojn\u00eb se, qend\u00ebrzimi i t\u00eb dh\u00ebnave n\u00eb vitin 2017 pran\u00eb AKSHI i ka ekspozuar t\u00eb dh\u00ebnat ndaj sulmeve kibernetike, nd\u00ebrkoh\u00eb q\u00eb nuk \u00ebsht\u00eb punuar me seriozitet n\u00eb drejtim t\u00eb mbrojtjes.<\/span>
\nSulmet e tipit Ransomware pritet t\u00eb ken\u00eb pasoja n\u00eb t\u00eb ardhmen, pasi dokumente me r\u00ebnd\u00ebsi m\u00ebsohet se kan\u00eb humbur n\u00eb Ministrin\u00eb e Jashtme, at\u00eb t\u00eb Mbrojtjes, Financave etj. Kthimi i sh\u00ebrbimeve nuk e parandalon keqp\u00ebrdorimin e dokumenteve n\u00eb t\u00eb ardhmen, pasi tani ata jan\u00eb p\u00ebrvet\u00ebsuar. Rriten shqet\u00ebsimet p\u00ebr sulme t\u00eb tjera<\/span><\/p>\n

Sulmet kibernetike mbi sistemet dixhitale dhe kompjuterike t\u00eb qeveris\u00eb shqiptare, n\u00eb mes t\u00eb korrikut, krijuan d\u00ebme, kostot e t\u00eb cilave mund t\u00eb jen\u00eb t\u00eb larta n\u00eb avanc\u00eb, p\u00ebr shkak se hakerat kan\u00eb p\u00ebrvet\u00ebsuar nj\u00eb seri dokumentesh t\u00eb r\u00ebnd\u00ebsishme n\u00eb institucione ky\u00e7e si Ministria e Jashtme, Agjencia e Kadastr\u00ebs, Ministria e Financave, ajo e Mbrojtjes etj.<\/span><\/p>\n

Qytetar\u00ebt n\u00eb t\u00eb gjith\u00eb vendin dhe bizneset u p\u00ebrball\u00ebn gjithashtu me kosto t\u00eb larta nga mungesa e ofrimit t\u00eb sh\u00ebrbimeve.<\/span><\/p>\n

Qindra udh\u00ebtime u pezulluan p\u00ebr shkak se, qytetar\u00ebt nuk shkarkuan dot vaksinat dhe nuk mor\u00ebn dot pasaportat. Komunikimi me Tatimet dhe Qendr\u00ebn Komb\u00ebtare t\u00eb biznesit u bllokua p\u00ebr disa dit\u00eb p\u00ebr t\u00eb gjith\u00eb bizneset, t\u00eb cilat ishin n\u00eb koh\u00ebn e dor\u00ebzimit t\u00eb bilanceve t\u00eb vitit 2021 dhe tani mund t\u00eb p\u00ebrballen me gjoba, p\u00ebr shkak t\u00eb mosrespektimit t\u00eb afateve.<\/span><\/p>\n

P\u00ebrtej d\u00ebmeve t\u00eb momentit, burimet brenda institucioneve t\u00eb qeveris\u00eb, sidomos Ministris\u00eb s\u00eb Jashtme, Mbrojtjes dhe Hipotek\u00ebs b\u00ebjn\u00eb t\u00eb ditur se kan\u00eb humbur dokumente me r\u00ebnd\u00ebsi, t\u00eb cilat edhe n\u00eb dit\u00ebn e shtat\u00eb pas sulmit nuk jan\u00eb rikuperuar. T\u00eb nj\u00ebjtat burime thon\u00eb se jan\u00eb rritur shqet\u00ebsimet p\u00ebr nj\u00eb val\u00eb t\u00eb tret\u00eb sulmesh.<\/span><\/p>\n

N\u00eb harkun e nj\u00eb viti, t\u00eb dh\u00ebnat sensitive t\u00eb qytetar\u00ebve dhe dokumenteve qeveritare q\u00eb administrohen nga Agjencia Komb\u00ebtare e Shoq\u00ebris\u00eb s\u00eb Informacionit (AKSHI) kan\u00eb rrjedhur shpeshher\u00eb. Fillimisht, nj\u00eb list\u00eb me t\u00eb dh\u00ebna sensitive t\u00eb qytetar\u00ebve t\u00eb Tiran\u00ebs u publikua n\u00eb prag t\u00eb zgjedhjeve t\u00eb vitit 2021, m\u00eb pas nj\u00eb list\u00eb me pagat dhe targat e automjeteve dhe s\u00eb fundmi, nj\u00eb sulm i gjer\u00eb q\u00eb erdhi nga jasht\u00eb ka p\u00ebrvet\u00ebsuar nj\u00eb seri dokumentesh t\u00eb r\u00ebnd\u00ebsishme.<\/span><\/p>\n

Nj\u00eb ekspert i teknologjis\u00eb me p\u00ebrvoj\u00eb t\u00eb gjat\u00eb pune n\u00eb ngritjen e sistemeve qeveritare dixhitale tha se, r\u00ebnia e sistemeve t\u00eb shtetit shqiptar n\u00eb form\u00ebn q\u00eb po i p\u00ebrjetojm\u00eb k\u00ebto dit\u00eb \u00ebsht\u00eb nj\u00eb kronik\u00eb e paralajm\u00ebruar q\u00eb n\u00eb 2017-n, kur K\u00ebshilli i Ministrave miratoi VKM Nr. 673, dat\u00eb 22.11.2017 p\u00ebr riorganizimin e AKSHI-t.<\/span><\/p>\n

N\u00ebp\u00ebrmjet atyre ndryshimeve dhe t\u00eb tjerave q\u00eb e ndoq\u00ebn, AKSHI u b\u00eb pronar i vet\u00ebm, pa asnj\u00eb lloj mbik\u00ebqyrje i shtetit dixhital, duke qen\u00eb edhe politik\u00ebb\u00ebr\u00ebs, edhe hartues projektesh, edhe prokurues, edhe zbatues, auditues, d.m.th t\u00eb gjitha. Ky ndryshim komprometoi n\u00eb m\u00ebnyr\u00eb jasht\u00ebzakonisht t\u00eb r\u00ebnd\u00eb sigurin\u00eb e t\u00eb dh\u00ebnave dhe kaloi me shum\u00eb pak v\u00ebmendje dhe komente, si n\u00eb media ashtu edhe n\u00eb Parlament, tha eksperti.<\/span><\/p>\n

Erjona Pre\u00e7i, eksperte n\u00eb fush\u00ebn e siguris\u00eb s\u00eb informacionit, n\u00eb Hamburg, Gjermani, tha se sulmi kibernetik n\u00eb Shqip\u00ebri erdhi n\u00eb nj\u00eb koh\u00eb plot\u00ebsisht t\u00eb pap\u00ebrshtatshme, ku emigrant\u00ebt potencialisht mund t\u00eb shfryt\u00ebzojn\u00eb sezonin veror p\u00ebr t\u00eb marr\u00eb sh\u00ebrbime n\u00eb Shqip\u00ebri, po ashtu kur qeveria sapo ka marr\u00eb vendimin e mbylljes s\u00eb sporteleve fizike dhe ofrimin e sh\u00ebrbimit vet\u00ebm p\u00ebrmes kanaleve dixhitale.<\/span><\/p>\n

Sipas saj, organet shtet\u00ebrore, si dhe organizatat e tjera publike apo private, duhet t\u00eb alokojn\u00eb n\u00eb m\u00ebnyr\u00eb racionale burimet mes mbrojtjes dhe p\u00ebrgjigjes ndaj sulmeve kibernetike. \u00c7do entitet duhet t\u00eb nd\u00ebrtoj\u00eb dhe t\u00eb zbatoj\u00eb procese efektive t\u00eb menaxhimit t\u00eb incidenteve t\u00eb siguris\u00eb s\u00eb informacionit, duke trajtuar me seriozitet dhe konsistenc\u00eb t\u00eb gjitha fazat, tha zonja Pre\u00e7i.<\/span><\/p>\n

 <\/p>\n

Qend\u00ebrzimi i t\u00eb dh\u00ebnave ka rritur mund\u00ebsit\u00eb p\u00ebr sulme<\/span><\/strong><\/p>\n

Institucionet publike shqiptare, si kudo n\u00eb bot\u00eb, disponojn\u00eb t\u00eb dh\u00ebna sensitive t\u00eb qytetar\u00ebve t\u00eb tyre dhe t\u00eb dh\u00ebna t\u00eb tjera me r\u00ebnd\u00ebsi shtet\u00ebrore, shum\u00eb prej tyre klasifikohen me r\u00ebnd\u00ebsi t\u00eb lart\u00eb, si Hipoteka, Ministria e Jashtme, Policia, Sh\u00ebrbimi Informativ, Fondi i Sigurimeve Sh\u00ebndet\u00ebsore, Regjistri i Gjendjes Civile.<\/span><\/p>\n

Eksperti i IT, i cili d\u00ebshiroi t\u00eb fliste n\u00eb anonimat, tha se kur u krijua baza e t\u00eb dh\u00ebnave p\u00ebr t\u00eb ofruar sh\u00ebrbime n\u00eb e-Albania, server\u00ebt ishin t\u00eb lidhura kok\u00eb me kok\u00eb (n\u00eb gjuh\u00ebn teknike informacionet ishin m\u00eb t\u00eb fragmentuara). Por, p\u00ebr t\u00eb rritur sigurin\u00eb n\u00eb vitet e m\u00ebvonshme, u qend\u00ebrzuan t\u00eb dh\u00ebnat n\u00eb p\u00ebrputhje me arkitektur\u00ebn ESB (Platform\u00ebn unike qeveritare t\u00eb nd\u00ebrveprimit) pran\u00eb AKSHI.<\/span><\/p>\n

Kjo do t\u00eb thot\u00eb se tani, informacionet nga t\u00eb gjitha institucionet grumbullohen n\u00eb nj\u00eb ESB, e cila monitorohet dhe mir\u00ebmbahet nga AKSHI. Nd\u00ebrveprimi n\u00ebp\u00ebrmjet platform\u00ebs unike qeveritare lejon shk\u00ebmbimin e mesazheve elektronike nd\u00ebrmjet Government Gateway dhe sistemeve t\u00eb brendshme.<\/span><\/p>\n

Infrastruktura mb\u00ebshtet\u00ebse q\u00eb sh\u00ebrben p\u00ebr t\u00eb shk\u00ebmbyer informacion me Platform\u00ebn Qeveritare t\u00eb Nd\u00ebrveprimit \u00ebsht\u00eb DIS (Department Integration Server). DIS realizon komunikim t\u00eb dyansh\u00ebm, merr k\u00ebrkesa nga Core Government Gateway \/ ESB dhe i d\u00ebrgon drejt sistemeve fundore dhe duke marr\u00eb mbrapsht nj\u00eb p\u00ebrgjigje nga sistemi fundor e d\u00ebrgon drejt Government Gateway Core \/ ESB.<\/span><\/p>\n

Ndalimi p\u00ebr disa dit\u00eb (ende nuk e dim\u00eb se sa koh\u00eb do t\u00eb duhet p\u00ebr t\u2019i kthyer t\u00eb gjitha sh\u00ebrbimet online) i t\u00eb gjitha sh\u00ebrbimeve dixhitale t\u00eb ofruara n\u00eb AKSHI \u00ebsht\u00eb i fundit n\u00eb radh\u00ebn e incidenteve t\u00eb siguris\u00eb, n\u00eb administrimin e sistemeve qeveritare dhe se k\u00ebto ngjarje jan\u00eb pasoj\u00eb e strategjis\u00eb totalisht t\u00eb gabuar q\u00eb n\u00eb fillim p\u00ebr p\u00ebrqendrimin e sh\u00ebrbimeve, tha eksperti.<\/span><\/p>\n

Sulme u kan\u00eb ndodhur edhe shteteve t\u00eb tjera dhe jan\u00eb hakeruar institucione me infrastruktur\u00eb teknologjike dhe njer\u00ebzore shum\u00eb m\u00eb t\u00eb fuqishme se AKSHI. Por nuk ka ndodhur n\u00eb asnj\u00eb vend q\u00eb t\u00eb bien n\u00eb t\u00eb nj\u00ebjt\u00ebn koh\u00eb dhe p\u00ebr nj\u00eb koh\u00eb kaq t\u00eb gjat\u00eb t\u00eb gjitha sh\u00ebrbimet dixhitale shtet\u00ebrore, shtoi ai. P\u00ebrqendrimi i t\u00eb dh\u00ebnave rrit mund\u00ebsin\u00eb p\u00ebr d\u00ebm t\u00eb madh n\u00eb rast sulmi, si n\u00eb rastin konkret, n\u00eb nj\u00eb koh\u00eb q\u00eb ekipet e nj\u00ebsis\u00eb p\u00ebr sigurin\u00eb kibernetike nuk jan\u00eb funksionale.<\/span><\/p>\n

 <\/p>\n

CSIRT, nj\u00ebsia ligjore p\u00ebr sigurin\u00eb kibernetike jo eficiente<\/span><\/strong><\/p>\n

N\u00eb vitin 2017, Parlamenti i Shqip\u00ebris\u00eb miratoi nj\u00eb ligj \u201cP\u00ebr Sigurin\u00eb Kibernetike\u201d. Q\u00ebllimi i k\u00ebtij ligji \u00ebsht\u00eb arritja e nj\u00eb niveli t\u00eb lart\u00eb t\u00eb siguris\u00eb kibernetike.<\/span>
\nN\u00eb nenin 7 t\u00eb ligjit \u00ebsht\u00eb p\u00ebrcaktuar funksionimi i CSIRT (Ekipi i P\u00ebrgjigjes ndaj Incidenteve t\u00eb Siguris\u00eb Kompjuterike).<\/span><\/p>\n

N\u00eb ligj, CSIRT \u00ebsht\u00eb konceptuar si ekip i p\u00ebrgjigjes ndaj incidenteve t\u00eb siguris\u00eb kompjuterike dhe n\u00eb p\u00ebrb\u00ebrje t\u00eb tij duhet t\u00eb jen\u00eb specialist\u00eb t\u00eb fush\u00ebs s\u00eb siguris\u00eb kompjuterike pran\u00eb \u00e7do operatori q\u00eb administron infrastruktur\u00ebn kritike t\u00eb informacionit.<\/span><\/p>\n

Ligji thot\u00eb se, operator\u00ebt e infrastrukturave t\u00eb r\u00ebnd\u00ebsishme t\u00eb informacionit duhet t\u00eb ken\u00eb t\u00eb pakt\u00ebn nj\u00eb person p\u00ebrgjegj\u00ebs p\u00ebr incidentet e siguris\u00eb kompjuterike. Ministri p\u00ebrgjegj\u00ebs nxjerr udh\u00ebzim p\u00ebr metodologjin\u00eb e pun\u00ebs, detyrat q\u00eb duhet t\u00eb zbatojn\u00eb ekipet, ose personat p\u00ebrgjegj\u00ebs dhe kriteret e p\u00ebrgjithshme q\u00eb duhet t\u00eb respektojn\u00eb operator\u00ebt n\u00eb p\u00ebrzgjedhjen tyre.<\/span><\/p>\n

Por q\u00eb kur ligji ka hyr\u00eb n\u00eb fuqi, ekipi CSIRT, nuk \u00ebsht\u00eb b\u00ebr\u00eb funksional, thot\u00eb eksperti. \u201cDhe arsyeja \u00ebsht\u00eb e thjesht\u00eb, q\u00eb ky ekip pothuaj nuk ekziston. Me ligj, Autoriteti i Certifikimit Elektronik dhe Siguris\u00eb Kibernetike (CESK), i cili p\u00ebrmban edhe CSIRT-in n\u00eb struktur\u00eb, duhet t\u00eb ishte i pari n\u00eb frontin e \u2018p\u00ebrleshjes me armikun\u2019 dhe t\u00eb koordinonin masat mbrojt\u00ebse, por ky ekip nuk ekziston\u201d, tha eksperti. Sipas tij, si n\u00eb t\u00eb gjith\u00eb entet publike, m\u00ebnyra e p\u00ebrzgjedhjes s\u00eb stafeve, si dhe dhe n\u00eb rastin e sigurin\u00eb kibernetike, l\u00eb shum\u00eb p\u00ebr t\u00eb d\u00ebshiruar.<\/span><\/p>\n

 <\/p>\n

Llojet m\u00eb t\u00eb zakonshme t\u00eb sulmeve kibernetike<\/span><\/strong><\/p>\n

Sulmet kund\u00ebr sistemeve p\u00ebr leht\u00ebsi kuptimi nga publiku mund t\u2019i ndajm\u00eb n\u00eb 2 kategori, shpjegon Eksperti i IT:<\/span><\/p>\n

T\u00eb parat, m\u00eb t\u00eb zakonshmet, jan\u00eb sulmet DDoS, t\u00eb cilat synojn\u00eb t\u00eb pengojn\u00eb \/ pamund\u00ebsojn\u00eb qasjen e p\u00ebrdoruesve n\u00eb sh\u00ebrbimet dixhitale. K\u00ebto lloj sulmesh zakonisht kan\u00eb si taktik\u00eb t\u00eb gjenerojn\u00eb trafik (k\u00ebrkesa) t\u00eb m\u00ebdha ndaj sistemeve q\u00eb ofrojn\u00eb sh\u00ebrbimet dhe n\u00eb k\u00ebt\u00eb m\u00ebnyr\u00eb bllokojn\u00eb p\u00ebrdoruesit. \u00cbsht\u00eb nj\u00ebsoj sikur t\u00eb shtohej aq shum\u00eb n\u00eb m\u00ebnyr\u00eb artificiale numri i makinave \u201cfake\u201d n\u00eb rrug\u00eb saq\u00eb qytetar\u00ebve do t\u2019i b\u00ebhej i pamundur p\u00ebrdorimi i rrug\u00ebs.<\/span><\/p>\n

T\u00eb dytat jan\u00eb sulmet Ransomware, t\u00eb cilat synojn\u00eb marrjen e aksesit t\u00eb paautorizuar n\u00eb sisteme. K\u00ebto lloj sulmesh p\u00ebrdorin teknika t\u00eb sofistikuara dhe jan\u00eb m\u00eb t\u00eb v\u00ebshtira se t\u00eb parat p\u00ebr t\u2019u kapur dhe p\u00ebr t\u2019u menaxhuar.<\/span><\/p>\n

\"\"<\/a><\/span><\/strong><\/p>\n

 <\/p>\n

Gjasat jan\u00eb p\u00ebr sulm t\u00eb llojit Ransomware n\u00eb Shqip\u00ebri<\/span><\/strong><\/p>\n

Nga rezultati q\u00eb kemi par\u00eb deri tani, duket q\u00eb nuk jemi n\u00eb kategorin\u00eb e par\u00eb t\u00eb sulmeve t\u00eb llojit DDOs, pasi pas mbarimit t\u00eb sulmit do t\u00eb duhet t\u00eb ishin kthyer t\u00eb gjitha sh\u00ebrbimet n\u00eb t\u00eb nj\u00ebjt\u00ebn koh\u00eb, shprehet eksperti i IT. Ka ndodhur nj\u00eb sulm i tipit Ransomware, pasi ajo q\u00eb ka ndodhur \u00ebsht\u00eb q\u00eb sulmuesit kan\u00eb marr\u00eb akses n\u00eb serverat (nj\u00eb ose disa nuk dihet) q\u00eb mbartin sh\u00ebrbimet qeveritare.<\/span><\/p>\n

Sipas qeveris\u00eb, nuk jan\u00eb d\u00ebmtuar t\u00eb dh\u00ebnat, por mesa duket jan\u00eb d\u00ebmtuar vet\u00ebm sistemet. Por ajo q\u00eb nuk dim\u00eb \u00ebsht\u00eb a jan\u00eb vjedhur t\u00eb dh\u00ebna dhe a jan\u00eb vjedhur dokumente elektronike. Eksperti i IT shpjegoi se t\u00eb gjith\u00eb kompjuter\u00ebt personal\u00eb t\u00eb institucioneve qendrore (Ministrit\u00eb, etj.) jan\u00eb t\u00eb lidhur n\u00eb nj\u00eb rrjet t\u00eb vet\u00ebm. P\u00ebrdoruesit e k\u00ebtyre kompjuter\u00ebve, p\u00ebr t\u00eb hyr\u00eb n\u00eb kompjuterin e tyre, duhet t\u00eb identifikohen n\u00eb nj\u00eb sistem t\u00eb vet\u00ebm, i cili me shum\u00eb gjasa ruan edhe t\u00eb gjitha dokumentet e prodhuara nga secili p\u00ebrdorues n\u00eb nj\u00eb vend.<\/span><\/p>\n

Deri tani, qeveria \u00ebsht\u00eb prononcuar n\u00eb lidhje me sh\u00ebrbimet online t\u00eb cilat jan\u00eb t\u00eb prekshme nga qytetar\u00ebt. Por n\u00ebse sulmuesit (q\u00eb prezumohet t\u00eb jen\u00eb shtete jomiq\u00ebsore) kan\u00eb marr\u00eb akses n\u00eb serverat e AKSHI-t dhe kan\u00eb mundur t\u00eb marrin akses edhe n\u00eb sistemin e identifikimit, at\u00ebher\u00eb problemet mund t\u00eb jen\u00eb edhe m\u00eb t\u00eb m\u00ebdha dhe v\u00ebrtet ky sulm t\u00eb jet\u00eb k\u00ebrc\u00ebnim p\u00ebr sigurin\u00eb komb\u00ebtare, shpjegoi m\u00eb tej ai.<\/span><\/p>\n

N\u00ebp\u00ebrmjet sistemit t\u00eb identifikimit, sulmuesit mund t\u00eb ken\u00eb pasur akeses n\u00eb dokumente t\u00eb prodhuara n\u00eb Ministrin\u00eb e Jashtme, at\u00eb t\u00eb Mbrojtjes apo Ministrin\u00eb e Brendshme, konstatoi eksperti. Natyrisht n\u00eb kushte normale, n\u00eb k\u00ebt\u00eb lloj rrjeti nuk do t\u00eb duhet t\u00eb kishte informacion t\u00eb klasifikuar, por asnj\u00ebher\u00eb nuk mund t\u00eb jemi t\u00eb sigurt se \u00e7far\u00eb mund t\u00eb b\u00ebjn\u00eb p\u00ebrdoruesit e pap\u00ebrgjegjsh\u00ebm.<\/span><\/p>\n

Nga ana tjet\u00ebr, pas \u201ckund\u00ebrofensiv\u00ebs\u201d s\u00eb suksesshme, sh\u00ebrbimet po kthehen, por \u00e7far\u00eb sigurie kemi q\u00eb kur armiku iku vet\u00eb, nuk na ka l\u00ebn\u00eb t\u00eb instaluar ndonj\u00eb port\u00eb t\u00eb fsheht\u00eb q\u00eb t\u00eb vazhdoj\u00eb t\u00eb b\u00ebj\u00eb pun\u00ebn e vet n\u00eb vazhdim\u00ebsi, shpjegoi ai.<\/span><\/p>\n

 <\/p>\n

Sulmi mund t\u00eb ishte frenuar dhe rikuperimi mund t\u00eb ishte m\u00eb i shpejt\u00eb<\/span><\/strong><\/p>\n

Eksperti i IT shpjegon se sulmi n\u00eb vetvete nuk mund t\u00eb parandalohet. Ajo q\u00eb entet p\u00ebrgjegj\u00ebse p\u00ebr sigurin\u00eb kibernetike mund t\u00eb b\u00ebjn\u00eb \u00ebsht\u00eb q\u00eb t\u00eb marrin masa p\u00ebr t\u00eb minimizuar d\u00ebmet, t\u00eb cilat mund t\u00eb vijn\u00eb nga sulme t\u00eb tilla. N\u00eb bot\u00eb aplikohen praktika t\u00eb zakonshme testimi dhe auditimi i siguris\u00eb s\u00eb sistemeve. Tek ne jo dhe aq, thot\u00eb eksperti. Sulmi i fundit tregoi se sistemi ka shfaqur dob\u00ebsi t\u00eb cilat jan\u00eb shfryt\u00ebzuar nga sulmuesi.<\/span><\/p>\n

N\u00eb kushtet kur nga qeveria thuhet se n\u00eb sulm \u00ebsht\u00eb p\u00ebrfshir\u00eb nj\u00eb shtet, at\u00ebher\u00eb minimalisht duhet t\u00eb thirrej Komisioni i Siguris\u00eb p\u00ebr t\u2019u informuar dhe p\u00ebr t\u00eb vler\u00ebsuar d\u00ebmin dhe pse jo, p\u00ebr t\u00eb vendosur mbi hapat ligjor\u00eb q\u00eb do t\u00eb duhet t\u00eb nd\u00ebrmerren p\u00ebr t\u00eb b\u00ebr\u00eb p\u00ebrmir\u00ebsime p\u00ebr t\u00eb ardhmen, u shpreh ai.<\/span><\/p>\n

Eksperti tha se komuniteti i IT n\u00eb Shqip\u00ebri \u00ebsht\u00eb i shqet\u00ebsuar p\u00ebr natyr\u00ebn e sulmit dhe se cila infrastruktur\u00eb u sulmua. N\u00eb m\u00ebnyr\u00eb q\u00eb t\u00eb sigurohet nj\u00eb mbrojtje m\u00eb e mir\u00eb duhen ditur llojet e teknologjis\u00eb q\u00eb jan\u00eb sulmuar dhe n\u00ebse ka teknologji alternative etj. Duhet ditur se cila \u00ebsht\u00eb arkitektura e siguris\u00eb s\u00eb komunikimit, t\u00eb dh\u00ebnave dhe informacionit, cili defekt i arkitektur\u00ebs kontribuoi n\u00eb amplifikimin e d\u00ebmit, cila pjes\u00eb duhet ndryshuar, cilat sisteme jan\u00eb prekur dhe si jan\u00eb prekur.<\/span><\/p>\n

Cili ishte reagimi dhe sa ishte koha e reagimit. A ka procedura standarde reagimi dhe a u ndoq\u00ebn k\u00ebto procedura dhe mbi t\u00eb gjitha, cili ishte efekti. Gjithashtu duhen marr\u00eb masat p\u00ebr t\u00eb garantuar q\u00eb sistemet e kthyera n\u00eb pun\u00eb jan\u00eb t\u00eb pastra. Eksperti ngre dyshime p\u00ebr infrastruktur\u00ebn e AKSHI-t, p\u00ebr rastet e rikuperimit nga katastrofat. AKSHI duhet t\u2019i sqaroj\u00eb publikut, n\u00ebse ka procedura p\u00ebr k\u00ebto raste dhe n\u00ebse po, si u p\u00ebrdor\u00ebn p\u00ebr rikuperimin e sh\u00ebrbimeve. N\u00ebse jo, cila ka qen\u00eb strategjia alternative dhe sa \u00ebsht\u00eb koha e parashikuar p\u00ebr kthimin e sh\u00ebrbimeve n\u00eb rast katastrofash?<\/span><\/p>\n

Por \u00e7\u00ebshtja kryesore q\u00eb sot shqet\u00ebson komunitetin e IT-s\u00eb \u00ebsht\u00eb pas skandaleve me tender\u00ebt sekret\u00eb dhe vlerat jasht\u00eb \u00e7do logjike t\u00eb tyre, pas skandalit me t\u00eb dh\u00ebnat personale, pas paralizimit total t\u00eb sh\u00ebrbimeve dixhitale, duhet nj\u00eb reform\u00eb t\u00ebr\u00ebsore n\u00eb burimet njer\u00ebzore t\u00eb AKSHI-it.<\/span><\/p>\n

 <\/p>\n

Krimet kibernetike, n\u00eb rritje t\u00eb shpejt\u00eb<\/span><\/strong><\/p>\n

Gjat\u00eb vitit t\u00eb kaluar jan\u00eb proceduar n\u00eb organet e prokuroris\u00eb 231 raste p\u00ebr krime kibernetike, ose 48% m\u00eb shum\u00eb se n\u00eb vitin 2020. Mir\u00ebpo sipas burimeve zyrtare n\u00eb Prokurorin\u00eb e P\u00ebrgjithshme t\u00eb referuara n\u00eb raportet vjetore n\u00eb vitin 2021, nga 231 kall\u00ebzime, vet\u00ebm 10 raste jan\u00eb d\u00ebrguar n\u00eb gjykat\u00eb. T\u00eb dh\u00ebnat tregojn\u00eb se sulmet kibernetike po rriten me shpejt\u00ebsi. Nga vet\u00ebm 115 t\u00eb tilla q\u00eb u raportuan n\u00eb prokurori gjat\u00eb vitit 2019, vitin e kaluar, procedimet u rrit\u00ebn m\u00eb shum\u00eb se dyfishi.<\/span><\/p>\n

Numri m\u00eb i lart\u00eb i procedimeve t\u00eb regjistruara p\u00ebr krimin kibernetik \u00ebsht\u00eb n\u00eb prokurorit\u00eb pran\u00eb Gjykat\u00ebs s\u00eb Shkall\u00ebs s\u00eb Par\u00eb t\u00eb Tiran\u00ebs, me 65% t\u00eb numrit total t\u00eb procedimeve t\u00eb regjistruara p\u00ebr k\u00ebto vepra, Elbasan dhe Shkod\u00ebr me 6% t\u00eb procedimeve t\u00eb regjistruara, etj. Sipas prokuroris\u00eb, rritjen m\u00eb t\u00eb madhe brenda krimeve kibernetike e ka mashtrimi me kompjuter dhe nd\u00ebrhyrja n\u00eb t\u00eb dh\u00ebnat kompjuterike, q\u00eb \u00ebsht\u00eb rritur me 37%.<\/span><\/p>\n

Gjithashtu Sh\u00ebrbimi Informativ ka njoftuar se n\u00eb vitit 2021 ka arritur t\u00eb p\u00ebrballoj\u00eb nj\u00eb num\u00ebr t\u00eb madh k\u00ebrc\u00ebnimesh kibernetike n\u00eb perimetrat publik\u00eb. N\u00eb raportet zyrtare, SHISH deklaron se t\u00eb gjitha k\u00ebto k\u00ebrc\u00ebnime jan\u00eb neutralizuar n\u00eb faz\u00ebn e hershme, ku \u00ebsht\u00eb arritur t\u00eb identifikohet targeti dhe burimi i k\u00ebrc\u00ebnimit. Aktor\u00ebt shtet\u00ebror\u00eb dhe joshtet\u00ebror\u00eb t\u00eb vendeve joper\u00ebndimore, si dhe entitetet e lidhura me to, p\u00ebrb\u00ebjn\u00eb burimin kryesor t\u00eb k\u00ebrc\u00ebnimeve, shoq\u00ebruar me aktivitet t\u00eb p\u00ebrhersh\u00ebm.<\/span><\/p>\n

Objekt i sulmeve gjat\u00eb 2021 kan\u00eb qen\u00eb, n\u00eb pjes\u00ebn d\u00ebrrmuese, bazat e t\u00eb dh\u00ebnave, infrastrukturat VoIP, si dhe sigurimi i q\u00ebndrueshm\u00ebris\u00eb s\u00eb dep\u00ebrtimit n\u00ebp\u00ebrmjet server\u00ebve C2 (Command and Control). SHISH ka njoftuar se hap\u00ebsira kibernetike po shfryt\u00ebzohet edhe p\u00ebr operacione informative ndikimi, edhe p\u00ebr shkak se avantazhi dhe dimensioni i ndikimit \u00ebsht\u00eb m\u00eb i madh se sa kostoja e tyre dhe rreziku i ekspozimit.<\/span><\/p>\n

VINI RE:<\/span> Ky artikull \u00ebsht\u00eb pron\u00eb intelektuale e Monitor.al<\/a><\/span><\/span><\/strong><\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"excerpt":{"rendered":"

Brenda nj\u00eb viti, sistemet elektronike dhe dixhitale publike jan\u00eb dekonspiruar dhe sulmuar disa her\u00eb, q\u00eb me rrjedhjen e t\u00eb dh\u00ebnave sensitive t\u00eb qytetar\u00ebve t\u00eb Tiran\u00ebs n\u00eb prag t\u00eb zgjedhjeve t\u00eb vitit 2021, lista e pagave dhe s\u00eb fundmi, nj\u00eb sulm armiq\u00ebsor i organizuar nga jasht\u00eb. Ekspert\u00ebt e IT, t\u00eb cil\u00ebt kan\u00eb punuar n\u00eb ngritjen e […]<\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"author":30,"featured_media":538866,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65,13],"tags":[],"class_list":["post-538865","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-lajme","category-te-fundit"],"gt_translate_keys":[{"key":"link","format":"url"}],"_links":{"self":[{"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/posts\/538865","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/users\/30"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/comments?post=538865"}],"version-history":[{"count":0,"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/posts\/538865\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/media\/538866"}],"wp:attachment":[{"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/media?parent=538865"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/categories?post=538865"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hashtag.al\/index.php\/wp-json\/wp\/v2\/tags?post=538865"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}