評(píng)論
打印
If the Internet has one enduring constant, it's that somewhere, somehow, somebody is being hacked. Last month cyberassaults on banks, including BB&T (BBT, Fortune 500), Citigroup(C, Fortune 500), and SunTrust (STI, Fortune 500), made headlines. But a recent Ponemon Institute survey reported that the average company is attacked twice a week and loses $8.9 million a year to cybercrime. Security analysts say the first thing businesses must know is just what types of threats are lurking in the shadows. While many hackers use relatively basic tools, such as phishing or malware, they often wield them with different motives. Here are six of the most effective actors.
如果說(shuō)互聯(lián)網(wǎng)有一個(gè)永恒的主題的話,那就是總有某些人在某處被黑客以某種方式攻擊了。上個(gè)月,針對(duì)銀行發(fā)起的網(wǎng)絡(luò)攻擊再次成為頭條新聞,受害者包括BB&T公司、花旗集團(tuán)(Citigroup)和太陽(yáng)信托銀行(SunTrust)。不過最近由波尼蒙研究所(Ponemon Institute)所做的一項(xiàng)調(diào)研顯示,各公司每周平均受到兩次攻擊,每年由于網(wǎng)絡(luò)犯罪損失的金額高達(dá)890萬(wàn)美元。安全分析師稱,企業(yè)首先要了解藏在暗處的到底是何種威脅。盡管許多黑客用的只是相對(duì)基礎(chǔ)的工具,比如網(wǎng)絡(luò)釣魚或惡意軟件,但他們運(yùn)用這些工具的目的各有不同。下面我們?yōu)榇蠹冶P點(diǎn)了六類最有攻擊力的黑客。
1. State sponsored
政府撐腰的黑客
Who: Iran, Israel, Russia, U.S.
身份:伊朗,以色列,俄羅斯,美國(guó)
Objectives: Intelligence, state secrets, sabotage
目的:情報(bào),國(guó)家機(jī)密,破壞活動(dòng)
Targets: Foreign governments, terrorists, industry
目標(biāo):外國(guó)政府,恐怖分子,各種產(chǎn)業(yè)
Signature: Multi-tiered, precisely orchestrated attacks that breach computer systems
特征:精心組織的破壞計(jì)算機(jī)系統(tǒng)的多層次攻擊
Classic Case: One-fifth of Iran's nuclear centrifuges crashed after Stuxnet, a worm reportedly developed by U.S. and Israeli intelligence, penetrated computers at an Iranian enrichment facility. Iran allegedly retaliated by disrupting access to the websites of J.P.Morgan (JPM, Fortune 500), PNC (PNC, Fortune 500), Wells Fargo (WFC, Fortune 500), and others.
經(jīng)典案例:受到震網(wǎng)病毒攻擊后,伊朗核工廠五分之一的離心機(jī)崩潰了。它是一種蠕蟲病毒,據(jù)稱由美國(guó)和以色列情報(bào)機(jī)構(gòu)開發(fā),能侵入控制伊朗濃縮裝置的電腦。而伊朗隨后就發(fā)起了反擊,使用戶無(wú)法訪問摩根大通銀行(J.P.Morgan)、PNC銀行,富國(guó)銀行(Wells Fargo)及其他金融機(jī)構(gòu)的網(wǎng)站。
2. Hacktivist
維權(quán)黑客
Who: Anonymous, AntiSec, LulzSec
身份:匿名組織,反安全組織,魯茲安全
Objectives: Righting perceived wrongs, publicity, protecting Internet freedoms
目的:修正已知錯(cuò)誤,推廣自身,保護(hù)互聯(lián)網(wǎng)自由
Targets: Bullies, Scientologists, corporations, governments
目標(biāo):網(wǎng)絡(luò)壞分子,科學(xué)論派,公司,政府
Signature: Leaking sensitive information, public shaming, creepy YouTube videos
特征:泄露敏感信息,公開羞辱,潛入YouTube視頻
Classic Case: The websites of PayPal, Visa (V, Fortune 500), and MasterCard (MA,Fortune 500) were disrupted during Operation Payback, an Anonymous-led effort to punish companies that suspended the accounts of WikiLeaks in 2010. Some $5.6 million was lost by PayPal alone.
經(jīng)典案例:在所謂的“報(bào)復(fù)行動(dòng)”(Operation Payback)中,貝寶(PayPal)、維薩信用卡(Visa)和萬(wàn)事達(dá)信用卡(MasterCard)的網(wǎng)站都遭到了破壞。這是一次由匿名組織發(fā)起的行動(dòng),旨在懲罰那些2010年凍結(jié)維基解密(WikiLeaks)賬戶的公司。僅貝寶一家公司就因此損失了560萬(wàn)美元。
3. Cyber-Criminal
網(wǎng)絡(luò)犯罪
Who: Nigerian "princes," carders, identity thieves, spammers
身份:尼日利亞“王子”,信用卡盜用者,身份竊賊,垃圾郵件制造者
Objective: Treasure
目的:劫財(cái)
Targets: The gullible, online shoppers, small businesses, data-rich health care and retail companies
目標(biāo):容易上當(dāng)?shù)娜耍诰€購(gòu)物者,小企業(yè),擁有大量數(shù)據(jù)的保健機(jī)構(gòu)和零售企業(yè)
Signature: Stealing data, looting bank accounts
特征:盜竊數(shù)據(jù),洗劫銀行賬戶
Classic Case: Coreflood, malicious software that records keystrokes and passwords, infected 2.3 million computers in 2009, some in police departments, airports, banks, hospitals, and universities. Affected companies suffered six-figure fraudulent wire transfers.
經(jīng)典案例:2009年,專門記錄擊鍵動(dòng)作和密碼的惡意軟件Coreflood感染了230萬(wàn)臺(tái)電腦,其中包括一些警察局、機(jī)場(chǎng)、銀行、醫(yī)院和大學(xué)的電腦。受害公司遭到高達(dá)6位數(shù)的虛假電子轉(zhuǎn)賬侵襲。
4. Insider (You)
內(nèi)鬼
Who: Disgruntled employees, contractors, whistleblowers
身份:心懷不滿的員工,承包商,舉報(bào)人
Objectives: Score-settling, leaks, public good
目的:利益之爭(zhēng),泄露信息,公共利益
Targets: Large companies, governments
目標(biāo):大公司,政府
Signature: Document theft
特征:竊取文件
Classic Case: Maroochy Shire, an Australian district along the Sunshine Coast in Queensland, was inundated with millions of gallons of untreated sewage in 2001 when a contractor hacked and took control of 150 sewage pumping stations. He had been passed over for a job with the district. His dirty work cost Maroochy Shire upwards of $1 million.
經(jīng)典案例:馬谷志郡位于澳大利亞昆士蘭州陽(yáng)光海岸。2001年,一個(gè)承包商用黑客攻擊并控制了當(dāng)?shù)?50座污水泵站,導(dǎo)致該地區(qū)被上百萬(wàn)噸未處理的污水淹沒。他這么干的起因是在該地區(qū)的一項(xiàng)業(yè)務(wù)承包中落選。結(jié)果,這次卑鄙行為讓馬谷志郡損失了超過100萬(wàn)美元。
5. Script Kiddie
腳本小子
Who: Bored youth
身份:無(wú)聊的年輕人
Objectives: Thrills, notoriety
目的:尋求刺激,博得惡名
Targets: Low-hanging fruit such as unprotected websites and e-mail accounts
目標(biāo):容易下手的對(duì)象,比如沒有保護(hù)措施的網(wǎng)站和電子郵件賬戶
Signature: Defacing or dismantling websites
特征:丑化或破壞網(wǎng)站
Classic Case: An e-mail subject-lined I LOVE YOU duped people -- some of them inside the Pentagon -- in 2001. The virus it contained, which originated in the Philippines, destroyed files and simultaneously replicated itself, seeding in-boxes as it went. The so-called Love Bug caused an estimated $10 billion in digital damage and lost productivity.
經(jīng)典案例:2001年,一封主題為“我愛你”的電子郵件把人們弄得暈頭轉(zhuǎn)向——包括一些五角大樓的人。這封信含有來(lái)自菲律賓的病毒,它在破壞文件的同時(shí)進(jìn)行自我復(fù)制,在收件箱里扎根。所謂的“愛蟲”所引起的數(shù)據(jù)破壞和生產(chǎn)力損失估計(jì)高達(dá)100億美元。
6. Vulnerability Broker
漏洞經(jīng)紀(jì)人
Who: Endgame, Netragard, Vupen
身份:Endgame公司,Netragard公司,Vupen公司
Objective: Hacking as legitimate business
目的:把黑客行為當(dāng)成合法生意
Targets: Agnostic
目標(biāo):未可知
Signature: Finding so-called zero-day exploits -- ways to hack new software, selling them to governments and other deep-pocketed clients
特征:找到所謂的“零天攻擊”代碼(zero-day exploit)——即攻擊新軟件的方法,再把它們賣給政府和其他財(cái)大氣粗的客戶。
Classic Case: French firm Vupen hacked Google's (GOOG, Fortune 500) Chrome browser at a security conference last March. Rather than share its technique with the company (and accept a $60,000 award), Vupen has been selling the exploit to higher-paying customers.
經(jīng)典案例:去年3月舉行的一次安全會(huì)議上,法國(guó)公司Vupen黑掉了谷歌公司(Google)的Chrome瀏覽器。這家公司并沒有(收下6萬(wàn)美元,)把這項(xiàng)技術(shù)和谷歌分享,而是把代碼賣給了出價(jià)更高的客戶。
