首页 - 译文学习区 登录 注册
上周大范围网络袭击事件的细节和一个活动频繁、与朝鲜政府有关的网络犯罪团伙很相似。

英媒:网络安全专家称“想哭”勒索病毒与朝鲜有关

  • 15295阅读
  • 0
  • 4评论
译者:yuanchan
发布:2017-05-18 22:14:44 挑错

Two top security firms have found evidence linking the WannaCry ransomware to the prolific North Korean cybergang known as Lazarus Group.

两家顶级信息安全公司发现,“想哭”勒索病毒与一名为拉撒路的朝鲜网络攻击组织有关。

Kaspersky and Symantec both said on Monday that technical details within an early version of the WannaCry code are similar to code used in a 2015 backdoor created by the government-linked North Korean hackers, who were implicated in the 2014 attack on Sony Pictures and an $81m heist on a Bangladeshi bank in 2016. Lazarus Group has also been known to use and target Bitcoin in its hacking operations. The similarities were first spotted by Google security researcher Neal Mehta and echoed by other researchers including Matthieu Suiche from UAE-based Comae Technologies.

周一,卡巴斯基和赛门铁克均称,“想哭”代码的一较早版本的技术参数,和一个与朝鲜政府有关的黑客组织于2015年制造的后门软件所用代码相似。该黑客组织曾涉及2014年索尼影业袭击案和2016年孟加拉国银行8100万美元网络盗窃案。据了解,拉撒路组织在其袭击行动中使用并有意获取比特币。谷歌信息安全研究员尼尔梅赫塔首先发现“想哭”的代码和这一黑客组织之间有关联,随后其他研究人员纷纷响应,其中包括阿联酋网络安全公司的Matthieu Suiche。

Shared code doesn’t always mean the same hacking group is responsible – an entirely different group may have simply reused Lazarus group’s backdoor code from 2015 as a “false flag” to confuse anyone trying to identify the perpetrator. However the reused code appears to have been removed from later versions of WannaCry, which according to Kaspersky gives less weight to the false flag theory.

共享代码也不总意味着和同一个黑客组织有关,别的组织可能使用了拉撒路2015年的后门代码作为“虚假标记”,以迷惑任何试图查出犯罪真凶的人。然而,再次利用的代码似乎从之后的“想哭”勒索病毒版本中移除。据卡巴斯基分析,这说明“虚假标记”猜测的可能性更小了。

“We believe it’s important that other researchers around the world investigate these similarities and attempt to discover more facts about the origin of WannaCry,” said Kaspersky Lab in a blog post, pointing out that in the early days of the Bangladesh bank attack, there were scant clues linking it to the Lazarus group. However, over time researchers found more clues to build the case against the North Korea-linked cybergang.

卡巴斯基实验室在一篇博文中称:“我们坚信,世界其他地区研究人员调查这一关联,试图发现更多制造‘想哭’勒索软件真凶的线索,十分重要。”实验室指出,之前孟加拉国银行盗窃案并未发现足够线索证明和拉撒路有关。然而,研究人员逐渐发现更多线索,足以控告与朝鲜有关的网络犯罪团伙。

Kaspersky is among the research teams to have been studying Lazarus Group for years, and in April it published a detailed “under the hood” report exposing the group’s modus operandi.

卡巴斯基是已研究拉撒路多年的公司之一,曾在今年4月推出一篇详细的“在后台”报告,揭露该组织的犯罪手法。

“This level of sophistication is something that is not generally found in the cybercriminal world. It’s something that requires strict organization and control at all stages of operation. That’s why we think that Lazarus is not just another advanced persistent threat actor,” said Kaspersky, which also found attacks originating from IP addresses in North Korea.

卡巴斯基也发现攻击源于朝鲜的IP地址,并表示:“这样复杂的犯罪在网络犯罪中不太常见,它依赖于各阶段严格组织和操控。这就是我们认为拉撒路不单单是又一个高级且顽固的威胁的原因。”

The WannaCry ransomware attack has now hit more than 200,000 computers in 150 countries, crippling hospitals, governments and businesses.

“想哭”勒索病毒现已袭击150个国家超过20万台计算机,导致医院、政府部门及企业陷入瘫痪。

The links to North Korea come at a time when security researchers and technology companies are criticizing the US government for stockpiling cyberweapons including the malicious software used in WannaCry.

当网络安全研究人员和技术公司正指责,美国政府储备包括“想哭”使用的恶意软件在内的网络武器之时,该勒索软件与朝鲜的关联浮出水面。

The WannaCry exploits used in the attack were drawn from a cache of exploits stolen from the NSA by the Shadow Brokers in August 2016. The NSA and other government agencies around the world create and collect vulnerabilities in popular pieces of software (such as Windows) and cyberweapons to use for intelligence gathering and cyberwarfare.

“想哭”在袭击过程中使用的漏洞,是黑客组织“影子经济人”于2016年8月从美国国家安全局盗取的漏洞缓存中提取的。国家安全局和世界其他政府机构制造并收集许多大众常用软件(如Windows)的安全漏洞和网络武器,用于情报收集和网络战争。

Once these vulnerabilities were leaked by the Shadow Brokers, they became available for cybercriminals to adapt for financial gain by creating ransomware. This ransomware spread rapidly on Friday by exploiting a vulnerability contained in the NSA leak, targeting computers running Microsoft’s Windows operating system, taking over users’ files and demanding $300 to restore them. 

有一次,这些安全漏洞被“影子经济人”遗漏,网络罪犯可对其进行修改,通过制造勒索软件谋利。通过利用美国国家安全局的一个漏洞,针对运行微软Windows操作系统的计算机,锁住文件并要求用户支付300美元赎金以恢复文件,这一勒索软件于周五迅猛蔓延。

 “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem,” said Brad Smith, president and chief legal officer of Microsoft, in a blog post.

微软总裁兼首席法务官布莱德史密斯在一篇博文中说道到:“这一袭击还就政府储备安全漏洞会成为这么个麻烦的原因提供了另一案例。”

“Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage. An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.”

“政府部门掌握的安全漏洞再三泄露到公共域,造成大范围危害。常规武器也有同样案例,如美国部队一些战斧式巡航导弹被盗。”

The blog posts mentions that vulnerabilities stockpiled by the CIA also ended up in the public domain via Wikileaks.

博文中提到,中央情报局储备的网络安全漏洞也通过维基解密暴露在公共领域。

 “This is an emerging pattern in 2017,” Smith said, adding that the latest attack represents a “completely unintended but disconcerting link” between nation-state action (the NSA) and organized criminal action (the ransomware creator).

史密斯说道:“这是2017年的一种新兴模式,”并称,最新的攻击代表了国家行为(美国国家安全局)和有组织的犯罪行为(勒索软件制造者)之间存在一种“完全意想不到却令人惶恐的关联。”

“The governments of the world should treat this attack as a wake-up call,” said Smith, urging nations to treat cyber weapons in the same way that physical weapons are treated.

史密斯说:“各国政府当以此次为警告”,以敦促各国像看待实物武器一样去看待网络武器。

“We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.”

“储备并利用这些安全漏洞,各国政府应当考虑这给普通民众造成的伤害。”

Jeremy Wittkop, chief technology officer of security company Intelisecure, argues that if governments are to stockpile weapons they need to secure them better.

网络安全公司Intelisecure的首席技术官Jeremy Wittkop认为,政府部门想要储备武器,就要更好地保管这些武器。

“The government has a responsibility like with nuclear weapons to make sure they don’t fall into the hands of the wrong people,” he said. “If you are going to create something that can cause this much damage you have to protect it.”

他说:“政府有责任像保管核武器一样,确保它们不会落入恶人之手。如果打算制造某些可能导致更大危害的东西,就必须保管好它。”

Microsoft has called for a “Digital Geneva Convention” requiring governments to report vulnerabilities to the creators of the software instead of stockpiling, selling or exploiting them.

微软公司呼吁签订一个“数字日内瓦公约”,要求各国政府向软件开发者告知相应的网络漏洞,而不是储备、售卖并利用它们。



相关译文来自无觅插件
共计4条评论
Jenny_Peng发表于:2017-05-22 09:52:03

【研究人员逐渐发现更多线索,直指cybergang与朝鲜有关。】over time researchers found more clues to build the case against the North Korea-linked cybergang. build a case (against someone): to put together the evidence needed to make a legal or disciplinary case against someone. 建议译为:随着时间研究人员发现了更多线索,足以控告与朝鲜有关的网络犯罪团伙。(参阅:http://idioms.thefreedictionary.com/build+a+case)

【危害波及医院、政府部门及企业】crippling hospitals, governments and businesses. “cripple”的意思没译出来,可以译为“导致医院、政府部门及企业陷入瘫痪”。

【中央情报局储备的网络安全漏洞也被维基解密在公共域中终止了】vulnerabilities stockpiled by the CIA also ended up in the public domain via Wikileaks 理解有误,to end up in sp. is to reach or come to a place that was not planned or expected. 而非“终止”,所以应译为“中央情报局储备的网络安全漏洞也通过维基解密暴露在公共领域”。(参阅:https://www.merriam-webster.com/dictionary/end%20up)

回复

Jenny_Peng发表于:2017-05-22 13:40:07

【2016年孟加拉国银行8100百万美元网络盗窃案】an $81m heist on a Bangladeshi bank in 2016,“8100万美元”误写成了“8100百万美元”。

回复

yuanchan发表于:2017-05-23 10:30:51
Jenny_Peng:【2016年孟加拉国银行8100百万美元网络盗窃案】an $81m heist on a Bangladeshi bank in 2016,“8100万美元”误写成了“8100百万美元”。

@Jenny_Peng:哇,大失误大失误!谢谢啦!

回复

yuanchan发表于:2017-05-23 10:59:33
Jenny_Peng:【研究人员逐渐发现更多线索,直指cybergang与朝鲜有关。】over time researchers found more clues to build the case against the North Korea-linked cybergang. build a case (against someone): to put together the evidence needed to make a legal or disciplinary case against someone. 建议译为:随着时间研究人员发现了更多线索,足以控告与朝鲜有关的网络犯罪团伙。(参阅:http://idioms.thefreedictionary.com/build+a+case)

【危害波及医院、政府部门及企业】crippling hospitals, governments and businesses. “cripple”的意思没译出来,可以译为“导致医院、政府部门及企业陷入瘫痪”。

【中央情报局储备的网络安全漏洞也被维基解密在公共域中终止了】vulnerabilities stockpiled by the CIA also ended up in the public domain via Wikileaks 理解有误,to end up in sp. is to reach or come to a place that was not planned or expected. 而非“终止”,所以应译为“中央情报局储备的网络安全漏洞也通过维基解密暴露在公共领域”。(参阅:https://www.merriam-webster.com/dictionary/end%20up)

@Jenny_Peng:这几次译的时候都感觉不太妥,但偷懒没查字典。你太棒了,谢谢哦!

回复

×提示

您已经赞过此文了。

确定