If the Internet has one enduring constant, it's that somewhere, somehow, somebody is being hacked. Last month cyberassaults on banks, including BB&T (BBT, Fortune 500), Citigroup(C, Fortune 500), and SunTrust (STI, Fortune 500), made headlines. But a recent Ponemon Institute survey reported that the average company is attacked twice a week and loses $8.9 million a year to cybercrime. Security analysts say the first thing businesses must know is just what types of threats are lurking in the shadows. While many hackers use relatively basic tools, such as phishing or malware, they often wield them with different motives. Here are six of the most effective actors.
如果说互联网有一个永恒的主题的话,那就是总有某些人在某处被黑客以某种方式攻击了。上个月,针对银行发起的网络攻击再次成为头条新闻,受害者包括BB&T公司、花旗集团(Citigroup)和太阳信托银行(SunTrust)。不过最近由波尼蒙研究所(Ponemon Institute)所做的一项调研显示,各公司每周平均受到两次攻击,每年由于网络犯罪损失的金额高达890万美元。安全分析师称,企业首先要了解藏在暗处的到底是何种威胁。尽管许多黑客用的只是相对基础的工具,比如网络钓鱼或恶意软件,但他们运用这些工具的目的各有不同。下面我们为大家盘点了六类最有攻击力的黑客。
1. State sponsored
政府撑腰的黑客
Who: Iran, Israel, Russia, U.S.
身份:伊朗,以色列,俄罗斯,美国
Objectives: Intelligence, state secrets, sabotage
目的:情报,国家机密,破坏活动
Targets: Foreign governments, terrorists, industry
目标:外国政府,恐怖分子,各种产业
Signature: Multi-tiered, precisely orchestrated attacks that breach computer systems
特征:精心组织的破坏计算机系统的多层次攻击
Classic Case: One-fifth of Iran's nuclear centrifuges crashed after Stuxnet, a worm reportedly developed by U.S. and Israeli intelligence, penetrated computers at an Iranian enrichment facility. Iran allegedly retaliated by disrupting access to the websites of J.P.Morgan (JPM, Fortune 500), PNC (PNC, Fortune 500), Wells Fargo (WFC, Fortune 500), and others.
经典案例:受到震网病毒攻击后,伊朗核工厂五分之一的离心机崩溃了。它是一种蠕虫病毒,据称由美国和以色列情报机构开发,能侵入控制伊朗浓缩装置的电脑。而伊朗随后就发起了反击,使用户无法访问摩根大通银行(J.P.Morgan)、PNC银行,富国银行(Wells Fargo)及其他金融机构的网站。
2. Hacktivist
维权黑客
Who: Anonymous, AntiSec, LulzSec
身份:匿名组织,反安全组织,鲁兹安全
Objectives: Righting perceived wrongs, publicity, protecting Internet freedoms
目的:修正已知错误,推广自身,保护互联网自由
Targets: Bullies, Scientologists, corporations, governments
目标:网络坏分子,科学论派,公司,政府
Signature: Leaking sensitive information, public shaming, creepy YouTube videos
特征:泄露敏感信息,公开羞辱,潜入YouTube视频
Classic Case: The websites of PayPal, Visa (V, Fortune 500), and MasterCard (MA,Fortune 500) were disrupted during Operation Payback, an Anonymous-led effort to punish companies that suspended the accounts of WikiLeaks in 2010. Some $5.6 million was lost by PayPal alone.
经典案例:在所谓的“报复行动”(Operation Payback)中,贝宝(PayPal)、维萨信用卡(Visa)和万事达信用卡(MasterCard)的网站都遭到了破坏。这是一次由匿名组织发起的行动,旨在惩罚那些2010年冻结维基解密(WikiLeaks)账户的公司。仅贝宝一家公司就因此损失了560万美元。
3. Cyber-Criminal
网络犯罪
Who: Nigerian "princes," carders, identity thieves, spammers
身份:尼日利亚“王子”,信用卡盗用者,身份窃贼,垃圾邮件制造者
Objective: Treasure
目的:劫财
Targets: The gullible, online shoppers, small businesses, data-rich health care and retail companies
目标:容易上当的人,在线购物者,小企业,拥有大量数据的保健机构和零售企业
Signature: Stealing data, looting bank accounts
特征:盗窃数据,洗劫银行账户
Classic Case: Coreflood, malicious software that records keystrokes and passwords, infected 2.3 million computers in 2009, some in police departments, airports, banks, hospitals, and universities. Affected companies suffered six-figure fraudulent wire transfers.
经典案例:2009年,专门记录击键动作和密码的恶意软件Coreflood感染了230万台电脑,其中包括一些警察局、机场、银行、医院和大学的电脑。受害公司遭到高达6位数的虚假电子转账侵袭。
4. Insider (You)
内鬼
Who: Disgruntled employees, contractors, whistleblowers
身份:心怀不满的员工,承包商,举报人
Objectives: Score-settling, leaks, public good
目的:利益之争,泄露信息,公共利益
Targets: Large companies, governments
目标:大公司,政府
Signature: Document theft
特征:窃取文件
Classic Case: Maroochy Shire, an Australian district along the Sunshine Coast in Queensland, was inundated with millions of gallons of untreated sewage in 2001 when a contractor hacked and took control of 150 sewage pumping stations. He had been passed over for a job with the district. His dirty work cost Maroochy Shire upwards of $1 million.
经典案例:马谷志郡位于澳大利亚昆士兰州阳光海岸。2001年,一个承包商用黑客攻击并控制了当地150座污水泵站,导致该地区被上百万吨未处理的污水淹没。他这么干的起因是在该地区的一项业务承包中落选。结果,这次卑鄙行为让马谷志郡损失了超过100万美元。
5. Script Kiddie
脚本小子
Who: Bored youth
身份:无聊的年轻人
Objectives: Thrills, notoriety
目的:寻求刺激,博得恶名
Targets: Low-hanging fruit such as unprotected websites and e-mail accounts
目标:容易下手的对象,比如没有保护措施的网站和电子邮件账户
Signature: Defacing or dismantling websites
特征:丑化或破坏网站
Classic Case: An e-mail subject-lined I LOVE YOU duped people -- some of them inside the Pentagon -- in 2001. The virus it contained, which originated in the Philippines, destroyed files and simultaneously replicated itself, seeding in-boxes as it went. The so-called Love Bug caused an estimated $10 billion in digital damage and lost productivity.
经典案例:2001年,一封主题为“我爱你”的电子邮件把人们弄得晕头转向——包括一些五角大楼的人。这封信含有来自菲律宾的病毒,它在破坏文件的同时进行自我复制,在收件箱里扎根。所谓的“爱虫”所引起的数据破坏和生产力损失估计高达100亿美元。
6. Vulnerability Broker
漏洞经纪人
Who: Endgame, Netragard, Vupen
身份:Endgame公司,Netragard公司,Vupen公司
Objective: Hacking as legitimate business
目的:把黑客行为当成合法生意
Targets: Agnostic
目标:未可知
Signature: Finding so-called zero-day exploits -- ways to hack new software, selling them to governments and other deep-pocketed clients
特征:找到所谓的“零天攻击”代码(zero-day exploit)——即攻击新软件的方法,再把它们卖给政府和其他财大气粗的客户。
Classic Case: French firm Vupen hacked Google's (GOOG, Fortune 500) Chrome browser at a security conference last March. Rather than share its technique with the company (and accept a $60,000 award), Vupen has been selling the exploit to higher-paying customers.
经典案例:去年3月举行的一次安全会议上,法国公司Vupen黑掉了谷歌公司(Google)的Chrome浏览器。这家公司并没有(收下6万美元,)把这项技术和谷歌分享,而是把代码卖给了出价更高的客户。