{"id":55151,"date":"2025-03-11T21:10:25","date_gmt":"2025-03-12T05:10:25","guid":{"rendered":"https:\/\/www.sumologic.com\/blog\/akira-%eb%9e%9c%ec%84%ac%ec%9b%a8%ec%96%b4-%ea%b3%b5%ea%b2%a9-sumo-logic%ec%9d%84-%ec%9d%b4%ec%9a%a9%ed%95%9c-iot-%ea%b8%b0%eb%b0%98-%ec%9c%84%ed%98%91-%ed%83%90%ec%a7%80"},"modified":"2025-10-20T14:10:19","modified_gmt":"2025-10-20T22:10:19","slug":"akira-ransomeware-detecting-iot-threats","status":"publish","type":"blog","link":"https:\/\/www.sumologic.com\/ko\/blog\/akira-ransomeware-detecting-iot-threats","title":{"rendered":"Akira \ub79c\uc12c\uc6e8\uc5b4 \uacf5\uaca9: Sumo Logic\uc744 \uc774\uc6a9\ud55c IoT \uae30\ubc18 \uc704\ud611 \ud0d0\uc9c0"},"content":{"rendered":"\n<section class=\"e-stn e-stn-0d652506f82b000a392973813b918ee25d5b4211 e-stn--glossary-inner-content e-stn--table-of-content\"><div class=\"container\">\n<div class=\"wp-block-b3rg-row e-row row\">\n<div class=\"wp-block-b3rg-column e-col e-col-1f7b3997080fc292474d26ff00c905d99d3520fa e-col--content-wrapper  col-sm-12 col-lg-12 col-xl-12\">\n<div class=\"e-div e-div-a1b32f66e1749758df41d5aea14f647cd10e362c e-div--card-btn-link\"><div class=\"e-img \">\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1400\" height=\"400\" src=\"https:\/\/www.sumologic.com\/wp-content\/uploads\/header-Akira_ATTACK_Blog_header_700x200.jpg\" alt=\"\" class=\"wp-image-13433\" title=\"\"><\/figure>\n<\/div>\n\n\n<p><\/p>\n\n\n\n<p>\ucd5c\uadfc \ubc1c\uc0dd\ud55c \uc815\uad50\ud55c \uc0ac\uc774\ubc84 \uacf5\uaca9\uc5d0\uc11c, \uc544\ud0a4\ub77c(Akira) \ub79c\uc12c\uc6e8\uc5b4 \uc870\uc9c1\uc740 \ubcf4\uc548\uc774 \uc124\uc815\ub418\uc9c0 \uc54a\uc740 <a href=\"https:\/\/www.s-rminform.com\/latest-thinking\/camera-off-akira-deploys-ransomware-via-webcam\" target=\"_blank\" rel=\"noreferrer noopener\">Linux \uae30\ubc18 \uc6f9\ucea0<\/a>\uc744 \uc545\uc6a9\ud574 \ud55c \uae30\uc5c5\uc758 \ub124\ud2b8\uc6cc\ud06c\uc5d0 \uce68\ud22c\ud588\uc2b5\ub2c8\ub2e4. \uacf5\uaca9\uc790\ub294 \uc774 \uac04\uacfc\ub41c IoT \uae30\uae30\ub97c \uc545\uc6a9\ud574 \uae30\uc874\uc758 <a href=\"https:\/\/www.sumologic.com\/blog\/what-is-xdr-real-impact-vs-hype\">\uc5d4\ub4dc\ud3ec\uc778\ud2b8 \ud0d0\uc9c0 \ubc0f \ub300\uc751(EDR) \uc194\ub8e8\uc158<\/a>\uc744 \uc6b0\ud68c\ud558\uace0, \uacb0\uad6d \ub124\ud2b8\uc6cc\ud06c \uacf5\uc720 \ud3f4\ub354\ub97c \uc554\ud638\ud654\ud574 \uad11\ubc94\uc704\ud55c \ud53c\ud574\ub97c \uc785\ud614\uc2b5\ub2c8\ub2e4. \uc774 \uc0ac\uac74\uc740 <a href=\"https:\/\/www.sumologic.com\/ko\/blog\/iot-security\">IoT \uae30\ubc18 \uacf5\uaca9 \ubca1\ud130<\/a>\uc758 \uc99d\uac00\ud558\ub294 \uc704\ud5d8\uc131\uc744 \uc5ec\uc2e4\ud788 \ubcf4\uc5ec\uc8fc\uba70, \uc5f0\uacb0\ub41c \uae30\uae30 \ubcf4\uc548\uc744 \uac15\ud654\ud558\uae30 \uc704\ud55c \uc870\uc9c1\uc758 \uc801\uadf9\uc801\uc778 \ub300\uc751\uc774 \uc2dc\uae09\ud568\uc744 \uac15\uc870\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n<p>\uae30\uc5c5\ub4e4\uc774 \uc778\ud504\ub77c\uc5d0 \uc810\uc810 \ub354 \ub9ce\uc740 IoT \uae30\uae30\ub97c \ud1b5\ud569\ud558\uba74\uc11c, \uc774\ub7ec\ud55c \uc5d4\ub4dc\ud3ec\uc778\ud2b8\ub97c \ubcf4\ud638\ud558\ub294 \uac83\uc740 \uacf5\uaca9\uc790\uc758 \uce21\uba74 \uc774\ub3d9\uc744 \ubc29\uc9c0\ud558\ub294 \ub370 \ud575\uc2ec\uc801\uc778 \uc694\uc18c\uac00 \ub418\uace0 \uc788\uc2b5\ub2c8\ub2e4. \uc774 \uae00\uc5d0\uc11c\ub294 \uacf5\uaca9\uc790\uac00 IoT \uae30\uae30\ub97c \uc5b4\ub5bb\uac8c \uc545\uc6a9\ud588\ub294\uc9c0, \uc774\ub7ec\ud55c \uacf5\uaca9\uc774 \uc870\uc9c1 \ubcf4\uc548\uc5d0 \uc5b4\ub5a4 \uc601\ud5a5\uc744 \ubbf8\uce58\ub294\uc9c0, \uadf8\ub9ac\uace0 Sumo Logic\uc758 <a href=\"https:\/\/help.sumologic.com\/docs\/cse\/rules\/write-first-seen-rule\/#:~:text=About%20first%20seen%20rules%E2%80%8B,a%20new%20geographic%20location%20(geolocation)\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>\u2018\ucd5c\ucd08 \uac10\uc9c0 \uaddc\uce59(First Seen)\u2019<\/strong><\/a>\uacfc <a href=\"https:\/\/help.sumologic.com\/docs\/cse\/rules\/write-outlier-rule\/\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>\u2018\uc544\uc6c3\ub77c\uc774\uc5b4(Outlier)\u2019<\/strong><\/a> \uaddc\uce59\uc744 \ud65c\uc6a9\ud574 \uc774\ub7ec\ud55c \uc704\ud611\uc774 \ub79c\uc12c\uc6e8\uc5b4 \uc0ac\uace0\ub85c \ud655\ub300\ub418\uae30 \uc804\uc5d0 \uac10\uc9c0\ud558\ub294 \ubc29\ubc95\uc744 \uc0b4\ud3b4\ubcf4\uaca0\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"understanding-the-threat\"><strong>\uc704\ud611 \uc774\ud574\ud558\uae30<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"how-the-akira-group-compromised-the-webcam\"><strong>\uc544\ud0a4\ub77c \uc870\uc9c1\uc774 \uc6f9\ucea0\uc744 \uce68\ud574\ud55c \ubc29\ubc95<\/strong><\/h3>\n\n\n\n<p>\uacf5\uaca9\uc740 \uae30\uc5c5 \ub124\ud2b8\uc6cc\ud06c \ub0b4\uc758 \ubcf4\uc548 \uc124\uc815\uc774 \ub418\uc5b4 \uc788\uc9c0 \uc54a\uc740 Linux \uae30\ubc18 \uc6f9\ucea0\uc744 \ubc1c\uacac\ud558\uba74\uc11c \uc2dc\uc791\ub418\uc5c8\uc2b5\ub2c8\ub2e4. \uacf5\uaca9\uc790\ub294 \uae30\ubcf8\uac12 \ud639\uc740 \ucde8\uc57d\ud55c \uc790\uaca9 \uc99d\uba85\uc744 \uc545\uc6a9\ud558\uc5ec \uae30\uae30\uc5d0 \ub300\ud55c \ucd08\uae30 \uc561\uc138\uc2a4 \uad8c\ud55c\uc744 \ud68d\ub4dd\ud588\uc2b5\ub2c8\ub2e4. \uce68\uc785 \ud6c4, \uc774\ub4e4\uc740 \uac10\uc5fc\ub41c \uc6f9\ucea0\uc744 \uc774\uc6a9\ud574 \ub2e4\uc74c\uacfc \uac19\uc740 \uc791\uc5c5\uc744 \uc218\ud589\ud588\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\ub124\ud2b8\uc6cc\ud06c \ub0b4\uc758 \ub2e4\ub978 \uae30\uae30\uc5d0\uc11c Windows Server Message Block(SMB) \uacf5\uc720 \ud3f4\ub354\ub97c \ub9c8\uc6b4\ud2b8<\/li>\n\n\n\n<li> IoT \uae30\uae30\uc5d0\uc11c \uc9c1\uc811 Linux \uae30\ubc18 \ub79c\uc12c\uc6e8\uc5b4 \uc778\ud06c\ub9bd\ud130\ub97c \ubc30\ud3ec<\/li>\n\n\n\n<li>\uae30\uc874 \uc5d4\ub4dc\ud3ec\uc778\ud2b8\ub97c \ubaa8\ub2c8\ud130\ub9c1\ud558\ub3c4\ub85d \uc124\uacc4\ub41c EDR \uc194\ub8e8\uc158\uc744 \ud2b8\ub9ac\uac70\ud558\uc9c0 \uc54a\uace0 \ub124\ud2b8\uc6cc\ud06c \uacf5\uc720 \ud3f4\ub354\uc758 \ub370\uc774\ud130\ub97c \uc554\ud638\ud654<\/li>\n<\/ul>\n\n\n\n<p>IoT \uae30\uae30\ub294 \uc77c\ubc18\uc801\uc73c\ub85c \ub85c\uae45 \ubc0f \ubaa8\ub2c8\ud130\ub9c1 \uae30\ub2a5\uc774 \ubd80\uc871\ud558\uae30 \ub54c\ubb38\uc5d0, \uacf5\uaca9\uc790\ub4e4\uc740 \ub79c\uc12c\uc6e8\uc5b4 \uc2e4\ud589\uc744 \uac10\uc9c0\u00b7\ucc28\ub2e8\ud558\ub3c4\ub85d \uc124\uacc4\ub41c \uc5d4\ub4dc\ud3ec\uc778\ud2b8 \ubcf4\uc548 \uccb4\uacc4\ub97c \uc190\uc27d\uac8c \uc6b0\ud68c\ud558\uc5ec \ud0d0\uc9c0\ub418\uc9c0 \uc54a\uc740 \ucc44 \ud65c\ub3d9\ud560 \uc218 \uc788\uc5c8\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"implications-of-iot-based-attacks-on-organizational-security\"><strong>IoT \uae30\ubc18 \uacf5\uaca9\uc774 \uc870\uc9c1 \ubcf4\uc548\uc5d0 \ubbf8\uce58\ub294 \uc601\ud5a5<\/strong><\/h3>\n\n\n\n<p>\uc774\ubc88 \uc0ac\uac74\uc740 \uc870\uc9c1\uc774 \ubc18\ub4dc\uc2dc \uace0\ub824\ud574\uc57c \ud560 \uba87 \uac00\uc9c0 \uc911\uc694\ud55c \ubcf4\uc548 \uacfc\uc81c\ub97c \ub4dc\ub7ec\ub0c8\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>\ubaa8\ub2c8\ud130\ub9c1\ub418\uc9c0 \uc54a\ub294 \uacf5\uaca9 \ud45c\uba74:<\/strong> \ub9ce\uc740 IoT \uae30\uae30\uac00 \uc801\uc808\ud55c \ubcf4\uc548 \ud1b5\uc81c \uc5c6\uc774 \ubc30\ud3ec\ub418\uc5b4 \uacf5\uaca9\uc790\uc5d0\uac8c \uc774\uc0c1\uc801\uc778 \uc9c4\uc785 \uc9c0\uc810\uc774 \ub418\uace0 \uc788\uc2b5\ub2c8\ub2e4.<\/li>\n\n\n\n<li><strong>\uce21\uba74 \uc774\ub3d9:<\/strong> \uacf5\uaca9\uc790\uac00 IoT \ub514\ubc14\uc774\uc2a4\ub97c \uce68\ud574\ud558\uba74 \ub124\ud2b8\uc6cc\ud06c \ub0b4\uc5d0\uc11c \ud53c\ubc97\ud558\uc5ec \ub354 \uac00\uce58 \uc788\ub294 \uc790\uc0b0\uc73c\ub85c \uc774\ub3d9\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/li>\n\n\n\n<li><strong>EDR \uc0ac\uac01\uc9c0\ub300:<\/strong> \uae30\uc874\uc758 \uc5d4\ub4dc\ud3ec\uc778\ud2b8 \ubcf4\ud638 \uc194\ub8e8\uc158\uc740 IoT \ub514\ubc14\uc774\uc2a4\ub97c \ubaa8\ub2c8\ud130\ub9c1\ud558\ub3c4\ub85d \uc124\uacc4\ub418\uc9c0 \uc54a\uc544 \uacf5\uaca9\uc790\uac00 \ud0d0\uc9c0\ub97c \ud68c\ud53c\ud560 \uc218 \uc788\ub294 \uae30\ud68c\ub97c \uc81c\uacf5\ud569\ub2c8\ub2e4.<\/li>\n\n\n\n<li><strong>\ub79c\uc12c\uc6e8\uc5b4 \uc704\ud5d8 \uc99d\uac00:<\/strong> \ub79c\uc12c\uc6e8\uc5b4 \uc870\uc9c1\uc774 \uc810\uc810 \ub354 \uc815\uad50\ud55c \uae30\uc220\uc744 \ud65c\uc6a9\ud568\uc5d0 \ub530\ub77c \uc5d4\ub4dc\ud3ec\uc778\ud2b8 \uc911\uc2ec\uc758 \ubc29\uc5b4 \uccb4\uacc4\ub9cc\uc73c\ub85c\ub294 \ud55c\uacc4\uac00 \uc788\uc2b5\ub2c8\ub2e4. \uc774\uc81c\ub294 \ub124\ud2b8\uc6cc\ud06c \ud589\ub3d9\uc758 \uc774\uc0c1 \uc9d5\ud6c4\ub97c \ud0d0\uc9c0\ud558\ub294 \uc811\uadfc \ubc29\uc2dd\uc774 \ud544\uc218\uc801\uc785\ub2c8\ub2e4. \uc774\ub7ec\ud55c \uc120\uc81c\uc801 \uc811\uadfc \ubc29\uc2dd\uc740 \ubd84\uc0b0\ub41c \ub2e4\uc591\ud55c \uc9c0\ud45c\ub97c \uc0c1\ud638 \uc5f0\uad00\uc2dc\ucf1c \ubcf5\uc7a1\ud55c \ub79c\uc12c\uc6e8\uc5b4 \uc704\ud611\uc744 \ubcf4\ub2e4 \ud6a8\uacfc\uc801\uc73c\ub85c \ud0d0\uc9c0\ud558\uace0 \ub300\uc751\ud560 \uc218 \uc788\ub294 \ub2a5\ub825\uc744 \uac15\ud654\ud569\ub2c8\ub2e4.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"leveraging-sumo-logic-for-detection\"><strong>Sumo Logic\uc744 \ud65c\uc6a9\ud55c \ud0d0\uc9c0<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"outlier-rule-monitoring-unusual-smb-traffic-from-iot-devices\"><strong>\uc544\uc6c3\ub77c\uc774\uc5b4 \uaddc\uce59: IoT \uae30\uae30\uc5d0\uc11c \ube44\uc815\uc0c1\uc801\uc778 SMB \ud2b8\ub798\ud53d \ubaa8\ub2c8\ud130\ub9c1<\/strong><\/h3>\n\n\n\n<p><a href=\"https:\/\/www.sumologic.com\/ko\/solutions\/cloud-siem\">Sumo Logic Cloud SIEM<\/a>\uc758 \uc544\uc6c3\ub77c\uc774\uc5b4 \uae30\ubc18 \ud0d0\uc9c0(Outlier-based detection)\uc758 \uc8fc\uc694 \uc7a5\uc810 \uc911 \ud558\ub098\ub294, \uae30\uc874\uacfc \uac19\uc740 \ubcf5\uc7a1\ud55c \uc124\uc815 \uc5c6\uc774\ub3c4 \uc774\ub7ec\ud55c \uacf5\uaca9\uc5d0\uc11c \uc0ac\uc6a9\uc790\u00b7IP \uc8fc\uc18c\u00b7\uae30\uae30 \ub4f1 \ub2e4\uc591\ud55c \uc5d4\ud130\ud2f0\uc5d0 \ub300\ud574 \ube44\uc815\uc0c1\uc801\uc778 \ud589\ub3d9\uc744 \uc720\uc5f0\ud558\uac8c \uc2dd\ubcc4\ud560 \uc218 \uc788\ub2e4\ub294 \uc810\uc785\ub2c8\ub2e4.<\/p>\n\n\n\n<p>IoT \uae30\uae30 \uc8fc\ubcc0\uc758 \uc758\uc2ec\uc2a4\ub7ec\uc6b4 \ud65c\ub3d9\uc744 \ud6a8\uacfc\uc801\uc73c\ub85c \ud0d0\uc9c0\ud558\uae30 \uc704\ud574\uc11c\ub294 \ud574\ub2f9 \uae30\uae30\ub97c \uc815\ud655\ud788 \ud30c\uc545\ud558\ub294 \uac83\uc774 \uc911\uc694\ud569\ub2c8\ub2e4. \ud0d0\uc9c0 \ub178\uc774\uc988\ub97c \uc904\uc774\uace0 \uc815\ud655\ub3c4\ub97c \ub192\uc774\uae30 \uc704\ud574, Sumo Logic\uc758 <a href=\"https:\/\/help.sumologic.com\/docs\/cse\/match-lists-suppressed-lists\/create-match-list\/\" target=\"_blank\" rel=\"noreferrer noopener\">\ub9e4\uce58 \ub9ac\uc2a4\ud2b8(match lists)<\/a> \uae30\ub2a5\uc744 \ud65c\uc6a9\ud558\uba74 \uc54c\ub824\uc9c4 IoT \uae30\uae30\uc758 IP\ub97c \ucd94\uc801\ud558\uc5ec \ubcf4\ub2e4 \uc815\ubc00\ud55c \ud0d0\uc9c0\ub97c \uc218\ud589\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774 \uae30\ub2a5\uc744 \ud1b5\ud574 \ubcf4\uc548\ud300\uc740 \uc778\uc99d\ub41c \uae30\uae30\uc5d0\uc11c \ubc1c\uc0dd\ud558\ub294 \uc815\uc0c1\uc801\uc778 \ud2b8\ub798\ud53d\uc744 \ud544\ud130\ub9c1\ud558\uba74\uc11c \uc2e4\uc81c \uc774\uc0c1 \uc9d5\ud6c4\ub9cc\uc744 \uc6b0\uc120\uc801\uc73c\ub85c \uc2dd\ubcc4\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n<p>\uc544\ub798 \uaddc\uce59\uc740 \ub124\ud2b8\uc6cc\ud06c \ub0b4 IoT \uae30\uae30\uc5d0\uc11c \ubc1c\uc0dd\ud558\ub294 \ube44\uc815\uc0c1\uc801\uc778 \uc11c\ubc84 \uba54\uc2dc\uc9c0 \ube14\ub85d(Server Message Block, SMB) \ud2b8\ub798\ud53d\uc744 \ubaa8\ub2c8\ud130\ub9c1\ud569\ub2c8\ub2e4. \uc77c\ubc18\uc801\uc73c\ub85c IoT \uae30\uae30\ub294 \ud658\uacbd \ubaa8\ub2c8\ud130\ub9c1, \uc790\ub3d9\ud654, \ub124\ud2b8\uc6cc\ud06c \uac00\uc804 \ub4f1 \uc81c\ud55c\ub41c \uae30\ub2a5 \uc218\ud589\uc744 \uc704\ud574 \uc124\uacc4\ub418\uc5b4 \uc788\uc73c\uba70, SMB \ud1b5\uc2e0\uc5d0\ub294 \uad00\uc5ec\ud558\uc9c0 \uc54a\uc2b5\ub2c8\ub2e4. \ub530\ub77c\uc11c \uc774\ub7ec\ud55c \uae30\uae30\uc5d0\uc11c \ubc1c\uc0dd\ud558\ub294 \ube44\uc815\uc0c1\uc801\uc778 SMB \ud2b8\ub798\ud53d\uc740 \ubb34\ub2e8 \ud30c\uc77c \uc811\uadfc \uc2dc\ub3c4, \uce21\uba74 \uc774\ub3d9, \uc545\uc131\ucf54\ub4dc \uac10\uc5fc\uacfc \uac19\uc740 \uc7a0\uc7ac\uc801 \ubcf4\uc548 \uc704\ud5d8\uc744 \uc758\ubbf8\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1079\" height=\"1236\" src=\"https:\/\/www.sumologic.com\/wp-content\/uploads\/blog-akira-img4.jpg\" alt=\"\" class=\"wp-image-13436\" title=\"\"><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"first-seen-rule-detecting-unauthorized-mounting-of-network-shares\"><strong>\ucd5c\ucd08 \uac10\uc9c0 \uaddc\uce59: \ubb34\ub2e8 \ub124\ud2b8\uc6cc\ud06c \uacf5\uc720 \ub9c8\uc6b4\ud2b8 \ud0d0\uc9c0<\/strong><\/h3>\n\n\n\n<p>\uc544\ub798 \uaddc\uce59\uc740 \uc7a0\uc7ac\uc801\uc778 \ub370\uc774\ud130 \uc720\ucd9c, \uce21\uba74 \uc774\ub3d9 \ub610\ub294 \ubb34\ub2e8 \uc561\uc138\uc2a4 \uc2dc\ub3c4\uc758 \uc9c0\ud45c\uac00 \ub420 \uc218 \uc788\ub294 \ubb34\ub2e8 \ub124\ud2b8\uc6cc\ud06c \uacf5\uc720 \ub9c8\uc6b4\ud2b8\ub97c \ubaa8\ub2c8\ud130\ub9c1\ud569\ub2c8\ub2e4. \ub124\ud2b8\uc6cc\ud06c \uacf5\uc720(\uc608: SMB \ub610\ub294 NFS \ub9c8\uc6b4\ud2b8)\ub294 \uc77c\ubc18\uc801\uc73c\ub85c \ud30c\uc77c \uc800\uc7a5 \ubc0f \ud611\uc5c5\uc744 \uc704\ud55c \uc6a9\ub3c4\ub85c \uc0ac\uc6a9\ub418\uc9c0\ub9cc, \uc774\uc804\uc5d0 \uad00\ucc30\ub418\uc9c0 \uc54a\uc740 \uae30\uae30, \uc11c\ube44\uc2a4 \uacc4\uc815, \uc678\ubd80 \uc18c\uc2a4\uc5d0\uc11c \ube44\uc815\uc0c1\uc801\uc73c\ub85c \ub9c8\uc6b4\ud2b8\ub418\ub294 \uacbd\uc6b0 \uc774\ub294 \uc798\ubabb\ub41c \uc124\uc815, \uc790\uaca9 \uc99d\uba85 \uc624\uc6a9, \ud639\uc740 \ubbfc\uac10\ud55c \ub370\uc774\ud130 \uc811\uadfc\uc744 \uc2dc\ub3c4\ud558\ub294 \uacf5\uaca9\uc790\uc758 \ud65c\ub3d9\uc744 \uc2dc\uc0ac\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1108\" height=\"1231\" src=\"https:\/\/www.sumologic.com\/wp-content\/uploads\/blog-akira-img3.jpg\" alt=\"\" class=\"wp-image-13434\" title=\"\"><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"outlier-rule-identifying-abnormal-increases-in-network-traffic-from-iot-devices\"><strong>\uc544\uc6c3\ub77c\uc774\uc5b4 \uaddc\uce59: IoT \uae30\uae30\uc758 \ube44\uc815\uc0c1\uc801\uc778 \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d \uc99d\uac00 \ud0d0\uc9c0<\/strong><\/h3>\n\n\n\n<p>\ud2b9\uc815 IoT \uae30\uae30\uc5d0\uc11c \ud3c9\uc18c\ubcf4\ub2e4 \ub9ce\uc740 \uc591\uc758 \ub370\uc774\ud130\uac00 \uc678\ubd80\ub85c \uc804\uc1a1\ub418\ub294 \ud604\uc0c1\uc774 \uad00\ucc30\ub429\ub2c8\ub2e4. \uc774 \uacbd\uc6b0, \ud574\ub2f9 IP\uac00 \ud560\ub2f9\ub41c \uae30\uae30\uc640 \ube44\uc815\uc0c1\uc801 \ud65c\ub3d9\uacfc \uc5f0\uad00\ub41c \uc778\ud130\ub137 \ubaa9\uc801\uc9c0 \ubc0f \ud2b8\ub798\ud53d\uc744 \uc870\uc0ac\ud558\ub294 \uac83\uc774 \uc88b\uc2b5\ub2c8\ub2e4. \ud0d0\uc9c0\ub41c \uc2dc\uc810 \uc804\ud6c4 \uae30\uac04 \ub3d9\uc548, \ud574\ub2f9 \uc18c\uc2a4 IP\uc640 \uc678\ubd80 \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d\uc5d0 \ub300\ud55c \uc815\uaddc\ud654\ub41c \ub808\ucf54\ub4dc \uac80\uc0c9\uc744 \uc218\ud589\ud558\uba74 \uc758\uc2ec\uc2a4\ub7ec\uc6b4 \ud65c\ub3d9 \uc5ec\ubd80\ub97c \ud30c\uc545\ud558\ub294 \ub370 \ub3c4\uc6c0\uc774 \ub429\ub2c8\ub2e4.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1079\" height=\"1186\" src=\"https:\/\/www.sumologic.com\/wp-content\/uploads\/blog-akira-img1.jpg\" alt=\"\" class=\"wp-image-13437\" title=\"\"><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\" id=\"first-seen-rule-flagging-execution-of-unrecognized-processes-on-iot-devices\"><strong>\ucd5c\ucd08 \uac10\uc9c0 \uaddc\uce59: IoT \uae30\uae30\uc5d0\uc11c \uc778\uc2dd\ub418\uc9c0 \uc54a\uc740 \ud504\ub85c\uc138\uc2a4 \uc2e4\ud589 \ud0d0\uc9c0<\/strong><\/h3>\n\n\n\n<p>\uc544\ub798 \uaddc\uce59\uc740 IoT \uae30\uae30\uc5d0\uc11c \uc774\uc804\uc5d0 \uad00\ucc30\ub418\uc9c0 \uc54a\uc558\uac70\ub098 \ud5c8\uac00\ub418\uc9c0 \uc54a\uc740 \ud504\ub85c\uc138\uc2a4 \uc2e4\ud589\uc744 \ubaa8\ub2c8\ud130\ub9c1\ud569\ub2c8\ub2e4. \uc774\ub294 \uce68\ud574, \ubb34\ub2e8 \uc18c\ud504\ud2b8\uc6e8\uc5b4 \uc124\uce58, \ucde8\uc57d\uc810 \uc545\uc6a9 \uc2dc\ub3c4\uc758 \uac15\ub825\ud55c \uc9c0\ud45c\uac00 \ub420 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc77c\ubc18\uc801\uc778 \uc5d4\ub4dc\ud3ec\uc778\ud2b8\uc640 \ub2ec\ub9ac, IoT \uae30\uae30\ub294 \uc790\ub3d9\ud654, \ubaa8\ub2c8\ud130\ub9c1, \ud1b5\uc2e0 \ub4f1 \ud2b9\uc815 \uae30\ub2a5 \uc218\ud589\uc744 \uc704\ud574 \uc81c\ud55c\uc801\uc774\uace0 \uc608\uce21 \uac00\ub2a5\ud55c \ud504\ub85c\uc138\uc2a4\ub9cc \uc2e4\ud589\ud569\ub2c8\ub2e4. \ub530\ub77c\uc11c \uc0c8\ub85c\uc6b4 \uc2e4\ud589 \ud30c\uc77c\uc774\ub098 \uc778\uc2dd\ub418\uc9c0 \uc54a\uc740 \ubc14\uc774\ub108\ub9ac\uac00 \ud0d0\uc9c0\ub41c\ub2e4\uba74, \uc774\ub294 \uc545\uc131\ucf54\ub4dc \uac10\uc5fc, \ubb34\ub2e8 \ud38c\uc6e8\uc5b4 \uc218\uc815, \ud639\uc740 \uacf5\uaca9\uc790\uac00 \uc9c0\uc18d\uc801\uc778 \uc811\uadfc\uc744 \uc2dc\ub3c4\ud558\uace0 \uc788\uc74c\uc744 \uc758\ubbf8\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1053\" height=\"1251\" src=\"https:\/\/www.sumologic.com\/wp-content\/uploads\/blog-akira-img2.jpg\" alt=\"\" class=\"wp-image-13438\" title=\"\"><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"final-thoughts-and-next-steps\"><strong>\ub9c8\ubb34\ub9ac \ubc0f \ub2e4\uc74c \ub2e8\uacc4<\/strong><\/h2>\n\n\n\n<p>Akira \ub79c\uc12c\uc6e8\uc5b4 \uacf5\uaca9 \uc0ac\ub840\ub294 \ubcf4\uc548\uc774 \ubbf8\ud761\ud55c IoT \uae30\uae30\uac00 \uae30\uc5c5 \ubcf4\uc548\uc5d0 \ubbf8\uce58\ub294 \uc704\ud5d8\uc774 \uc810\uc810 \ucee4\uc9c0\uace0 \uc788\uc74c\uc744 \ubcf4\uc5ec\uc90d\ub2c8\ub2e4. \uacf5\uaca9\uc790\ub294 IoT \uc5d4\ub4dc\ud3ec\uc778\ud2b8\ub97c \uc740\ubc00\ud55c \uce68\ud22c \uacbd\ub85c\ub85c \ud65c\uc6a9\ud574 \uae30\uc874 \ubcf4\uc548 \ubc29\uc5b4 \uccb4\uacc4\ub97c \uc6b0\ud68c\ud558\ub294 \uc804\uc220\uc744 \uacc4\uc18d \ubc1c\uc804\uc2dc\ud0a4\uace0 \uc788\uae30 \ub54c\ubb38\uc5d0, \uc774\uc5d0 \ub300\uc751\ud558\uae30 \uc704\ud574\uc11c\ub294 EDR \uc194\ub8e8\uc158\uc5d0\ub9cc \uc758\uc874\ud558\uc9c0 \uc54a\ub294 \ud0d0\uc9c0 \uc804\ub7b5\uc774 \ud544\uc694\ud569\ub2c8\ub2e4. \ubcf4\uc548\ud300\uc740 \ubcf5\uc7a1\ud55c \ubcf4\uc548 \ubd84\uc11d \uccb4\uacc4\uc5d0 \uc758\uc874\ud558\uae30\ubcf4\ub2e4, \uc11c\ub85c \ub2e4\ub978 \uc18c\uc2a4\uc758 \ub370\uc774\ud130\uc5d0\uc11c\ub3c4 \uad11\ubc94\uc704\ud55c \uaddc\uce59 \uc870\uc815\uc774\ub098 \uc218\ub3d9 \uc0c1\uad00\uad00\uacc4 \ubd84\uc11d \uc5c6\uc774 \uc2e4\uc2dc\uac04\uc73c\ub85c \uc704\ud611\uc744 \uc2dd\ubcc4\ud558\uace0 \ubd84\uc11d\ud560 \uc218 \uc788\ub294 \uc720\uc5f0\ud55c \ud50c\ub7ab\ud3fc\uc744 \uac16\ucd94\ub294 \uac83\uc774 \uc911\uc694\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n<p>Sumo Logic\uc758 \ucd5c\ucd08 \uac10\uc9c0 \ubc0f \uc544\uc6c3\ub77c\uc774\uc5b4 \uaddc\uce59 \uae30\ubcf8 \uc694\uc18c\ub294 \uc774\ub7ec\ud55c \uc694\uad6c\uc5d0 \ubd80\ud569\ud558\ub294 \uac15\ub825\ud558\uace0 \uc720\uc5f0\ud55c \ud0d0\uc9c0 \ubc29\uc2dd\uc744 \uc81c\uacf5\ud558\ubbc0\ub85c, \uc774\ub97c \ud1b5\ud574 \uce68\ud574\uc758 \uc870\uae30 \uc9d5\ud6c4\ub97c \uc2dd\ubcc4\ud558\uace0, \uc774\uc0c1 \ud589\uc704\ub97c \ud0d0\uc9c0\ud558\uba70, IoT \uae30\ubc18 \uc704\ud611\uc744 \ud655\uc0b0 \uc804\uc5d0 \ucc28\ub2e8\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. Sumo Logic\uc758 \ud0d0\uc9c0 \uaddc\uce59\uc740 \ub2e4\uc74c\uacfc \uac19\uc774 \ub300\uc751\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\uc544\uc6c3\ub77c\uc774\uc5b4 \uaddc\uce59: IoT \uae30\uae30\uc5d0\uc11c\uc758 \ube44\uc815\uc0c1\uc801\uc778 SMB \ud2b8\ub798\ud53d \ubc0f \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d \uae09\uc99d \ud0d0\uc9c0<\/li>\n\n\n\n<li>\ucd5c\ucd08 \uac10\uc9c0 \uaddc\uce59: \ubb34\ub2e8 \ub124\ud2b8\uc6cc\ud06c \uacf5\uc720 \ub9c8\uc6b4\ud2b8 \ub610\ub294 \uc774\uc804\uc5d0 \uad00\ucc30\ub418\uc9c0 \uc54a\uc740 \ud504\ub85c\uc138\uc2a4 \uc2e4\ud589 \ud0d0\uc9c0<\/li>\n<\/ul>\n\n\n\n<p>\uc774\ub7ec\ud55c \ud0d0\uc9c0 \uae30\ubc95\uc740 \ubcf4\uc548\ud300\uc774 \ube44\uc804\ud1b5\uc801\uc778 \uacf5\uaca9 \ud45c\uba74\uc5d0 \ub300\ud55c \uac00\uc2dc\uc131\uc744 \ud655\ubcf4\ud558\uace0, \uce21\uba74 \uc774\ub3d9\uc744 \uc870\uae30\uc5d0 \ud0d0\uc9c0\ud558\uba70, \ubcf4\uc548\uc758 \ud575\uc2ec \ucde8\uc57d \uc9c0\uc810\uc744 \uc2e0\uc18d\ud788 \ubcf4\uc644\ud560 \uc218 \uc788\ub3c4\ub85d \uc9c0\uc6d0\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n<p>Sumo Logic\uc744 \ud65c\uc6a9\ud558\uba74 \uae30\uc874\uc758 UEBA \uc194\ub8e8\uc158\uc5d0\uc11c \ud754\ud788 \ubc1c\uc0dd\ud558\ub294 \uc6b4\uc601\uc0c1\uc758 \ubcf5\uc7a1\uc131 \uc5c6\uc774\ub3c4 \uc0c8\ub86d\uac8c \ub4f1\uc7a5\ud558\ub294 \uc704\ud611\uc5d0 \uc2e0\uc18d\ud788 \ub300\uc751\ud560 \uc218 \uc788\ub294 \ud6a8\uacfc\uc801\uc778 \ud0d0\uc9c0 \uaddc\uce59\uc744 \uc190\uc27d\uac8c \ubc30\ud3ec\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \ubcf5\uc7a1\ud55c \uc870\ud68c, \ub2e4\uc911 \ucffc\ub9ac, \ubb34\uac70\uc6b4 \ub370\uc774\ud130 \ubaa8\ub378\ub9c1 \ubc0f \ud29c\ub2dd \ub4f1 \uc218\uc791\uc5c5\uc5d0 \uc758\uc874\ud558\ub294 \uae30\uc874\uc758 <a href=\"https:\/\/www.sumologic.com\/guides\/siem\" data-type=\"resource\" data-id=\"3026\">SIEM<\/a>\uacfc \ub2ec\ub9ac, Sumo Logic\uc758 \ucd5c\ucd08 \uac10\uc9c0 \ubc0f \uc544\uc6c3\ub77c\uc774\uc5b4 \uaddc\uce59\uc758 \uae30\ubcf8 \uc694\uc18c\ub294 \uacbd\ub7c9\ud654\ub418\uace0 \ud655\uc7a5 \uac00\ub2a5\ud55c \uc774\uc0c1 \ud0d0\uc9c0 \uae30\ub2a5\uc744 \uc81c\uacf5\ud569\ub2c8\ub2e4.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.sumologic.com\/request-demo\">Sumo Logic Cloud SIEM<\/a>\uc758 \ub77c\uc774\ube0c \ub370\ubaa8\ub97c \uc694\uccad\ud558\uc2dc\uac70\ub098, \ud604\uc7ac \uc0ac\uc6a9 \uc911\uc778 SIEM \uc194\ub8e8\uc158\uc774 \ubcf4\uc548 \ud658\uacbd\uc744 \ucda9\ubd84\ud788 \ubcf4\ud638\ud558\uace0 \uc788\ub294\uc9c0\u00a0<a href=\"\/resources\/siem-evaluation\">\ud3c9\uac00\ud574 \ubcf4\uc138\uc694<\/a>.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div><\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":57,"featured_media":45483,"template":"","meta":{"_acf_changed":false,"show_custom_date":false,"custom_date":"","featured":false,"featured_image":0,"learn_more_label":"","image_alt_text":"","learn_more_type":"","show_popup":false,"learn_more_link_file":0,"event_date":false,"event_start_date":"","event_end_date":"","place_holder_image_url":"","post_reading_time":"< 1","notification_enabled":false,"notification_text":"","notification_logo":"","notification_expiration_time":0,"is_enable_transparent_header":false,"selected_taxonomy_terms":{"blog-category":[320,325],"blog-tag":[],"translation_priority":[]},"selected_primary_terms":[],"learn_more_link":[],"featured_page_list":[],"notification_enabled_post_list":[],"_gspb_post_css":"","_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"55110,62715,62740","_relevanssi_noindex_reason":"","inline_featured_image":false,"footnotes":""},"blog-category":[320,325],"blog-tag":[],"class_list":["post-55151","blog","type-blog","status-publish","has-post-thumbnail","hentry","blog-category-secops-security","blog-category-cloud-siem"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/blog\/55151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/users\/57"}],"version-history":[{"count":1,"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/blog\/55151\/revisions"}],"predecessor-version":[{"id":55155,"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/blog\/55151\/revisions\/55155"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/media\/45483"}],"wp:attachment":[{"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/media?parent=55151"}],"wp:term":[{"taxonomy":"blog-category","embeddable":true,"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/blog-category?post=55151"},{"taxonomy":"blog-tag","embeddable":true,"href":"https:\/\/www.sumologic.com\/ko\/wp-json\/wp\/v2\/blog-tag?post=55151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}