{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在美國多家關鍵機構接連遭勒索軟件入侵後,美國司法部決定把黑客襲擊與恐怖襲擊並列爲其優先調查事項。"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"6 月 3 日,美國司法部發布了一份應對勒索軟件的內部指引,決定把這類黑客襲擊與恐怖襲擊並列爲其優先調查事項。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據路透社報道,目前具體說明已經於週四發佈至全國各地的檢察官辦公室。指導方針概述了調查勒索攻擊的協調方法,其中還包括一項規定,即此類調查必須與華盛頓特區司法部剛剛成立的反勒索軟件特別工作組進行“集中協調”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“我們以前在恐怖主義方面使用過這種模型,但從未用於勒索軟件”,美國司法部官員表示。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"美國司法部向媒體給出了完整的備忘錄內容。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/wechat\/images\/d6\/d6545e247a2f7810465390a5e8981e27.png","alt":null,"title":null,"style":null,"href":null,"fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這份簡短的指導文件還提到,“爲了確保建立起這樣一套能夠覆蓋美國國內乃至全球範圍的案例與調查體系,也爲了切實勾勒出當前國家與經濟安全面臨的現實威脅態勢,我們必須加強並集中內部追蹤力量。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"司法部代理檢察長 John Carlin 在接受採訪時表示,“通過這一特殊流程,我們將確保能夠對一切發生在國內外的勒索攻擊進行跟蹤,藉此將攻擊者同攻擊行爲聯繫起來、破壞掉整個勒索攻擊鏈條。我們之前一直使用這種方式對付恐怖主義活動,這是第一次把它引入勒索軟件領域。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/wechat\/images\/b3\/b3a34a4655acf430740809ff802e0c09.png","alt":null,"title":null,"style":null,"href":null,"fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"繼進入國家緊急狀態後再遭攻擊"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"5 月 7 日,美國最大的燃油管道運營商 Colonial Pipeline 遭勒索軟件襲擊,一度被迫停運。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Colonial Pipeline 是美國最大的燃油、燃氣管道運營商,該公司因遭受黑客攻擊被迫臨時關閉了一條輸油管道。這條輸油管道西南起自得克薩斯州,向東北方向橫跨十七州至新澤西州,輸送加工後的墨西哥灣油氣資源,承擔了美國東海岸 45% 的油氣供應。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"隨後,美國交通部於 5 月 9 日宣佈 17 個州和華盛頓特區進入緊急狀態,以應對這一條輸油管道關閉後的局面。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/wechat\/images\/85\/85b7c55c4565c7d8492a325f3aecb04e.png","alt":null,"title":null,"style":null,"href":null,"fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據《華爾街日報》5 月 19 日消息,該公司 CEO 約瑟夫·布朗特拍板,用約 75 個比特幣向黑客支付了 440 萬美元贖金,並稱“這是爲國家做的正確事情”。據布朗特稱,公司是在諮詢了多位曾跟犯罪組織打過交道的專家後,才選擇了支付贖金。他稱,過去 5 年間該公司在維護這段 5500 英里長的管道上投入了 15 億美元,在 IT 方面花了 2 億美元。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Colonial Pipeline 向黑客(DarkSide)支付贖金之後,收到了一個解密工具,解鎖了之前被入侵的系統。儘管這個工具有一些作用,但無法讓該公司的整個管道系統立即恢復正常運轉。最終,這次事件造成輸油管道長達 6 天的關閉,東岸的油價也因此上升到 6 年多以來的最高位,且數千個加油站缺油。因此,這筆 440 萬美元的贖金只是這家公司損失中的一小部分,而整起事件給公司帶來的全部損失高達數千萬美元。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但在勒索病毒逼迫一個國家宣佈進入緊急狀態之後,在同一個月內,黑客再次攻佔了全球最大肉類加工廠。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"5 月 30 日,全球最大肉類加工商 JBS 確認遭勒索軟件襲擊,澳洲和北美的服務器被侵入,公司在兩地的生產、加工、物流全部受到影響。由於服務器被黑無法正常運作,公司不得不關閉全美所有的肉類加工廠,停止美國、加拿大等多個地區的肉類運輸。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"該公司擁有 245,000 名員工,爲來自六大洲 190 個國家 \/ 地區的多家客戶和知名品牌提供服務。JBS 是美國的供貨大戶,在超過十個州設有加工廠,供應了全美四分之一的牛肉。這種 JBS 攻擊的連鎖反應最終會影響到多個國家,如果黑客遲遲不放手,全球的肉類供應鏈短缺也是遲早的事。在澳大利亞,這種情況對當地供應鏈產生了特別明顯的影響,澳大利亞工會發出警告,如果網絡攻擊導致的停產持續過久,可能導致全球肉類蛋白質緊缺問題。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"JBS 在受到攻擊後迅速通知了美國白宮,FBI 介入了調查,美國安全局火速向 JBS 提供技術支持,幫助啓用公司的備用服務器。隨後 FBI 發佈調查報告認爲此次攻擊來自一個名爲 REvil 的組織,其專家認爲 REvil 是與俄羅斯有關聯的黑客組織。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"JBS 公司於週二發佈聲明表示已經在談判中“取得重大進展”,預計將在週三恢復加工廠的生產和肉類運輸。澳洲的許多工人不得不加班處理此前受黑客攻擊導致中斷的訂單。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據悉,在遭受攻擊前,JBS 在網絡安全上已經花費了鉅額資金,聘請了德勤和安永等公司的顧問,試圖在其 IT 網絡中尋找“漏洞”,但 JBS 依然沒有避免網絡攻擊導致的停產。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"勒索軟件攻擊怎麼就全面失控了?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"指向大型企業與關鍵基礎設施的攻擊已經令整個美國陷入恐慌,但問題的根源似乎早在幾年前就已經顯現。在美國重要輸油管道和全球最大肉類供應商淪爲勒索軟件的受害者之後,還會曝出哪些新事件?犯罪分子會把矛頭指向醫院與學校嗎?會進一步追擊美國各城市、市政部門乃至是軍隊嗎?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"事實上,這一切早已成爲現實。前段時間出現的這些重磅攻擊看似新鮮,但黑客通過劫持服務要求受害者支付贖金的活動其實早已有之。在去年新冠疫情最嚴重的階段,先後有數十座美國城市遭到勒索軟件破壞,就連醫院也無法倖免。而在 2019 年,美軍也進入勒索攻擊的視野。那麼,目前的狀況跟過去那麼有何不同?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"麻省理工科技評論指出,勒索軟件危機的全面爆發,與一些不作爲態度有很大關係。在此之前,全球勒索軟件危機已經發展到令人難以置信的程度。儘管期間美國多處關鍵基礎設施、城市及輸油管道受到打擊,特朗普政府仍然沒有做出任何應對措施,大多數美國人也對此冷漠無感。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"五年之前勒索軟件行業纔剛剛起步,那時候勒索攻擊的商業模式也與現在完全不同——至少要簡單得多。勒索軟件團伙最初是無差別對一切易受感染的機器發動攻擊,並不太關心自己到底在針對誰、到底想打擊誰。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但到如今,這些團伙的運營體系要複雜得多、成本也開始急劇上漲。勒索軟件團伙開始僱用專業黑客組織“大規模圍獵(big game hunting)”,物色那些有望支付鉅額贖金的大型目標。黑客們會將竊取到的憑證出售給其他犯罪團伙,再由後者實際進行勒索。各個參與方都能從中拿到豐厚的回報,這也讓勒索攻擊積聚起強大的吸引力與資源儲備。"},{"type":"text","marks":[{"type":"strong"}],"text":"更重要的是,大型圍獵下幾乎各方參與者都無需承擔任何後果。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"另一方面,黑客可以在讓自己免受起訴的國家 \/ 地區開展行動。爲了改變這種狀況,各國必須共同努力對抗那些肆意向醫院及輸油管道企業發動攻擊並勒索贖金的黑客組織。而最有效的對抗手段,一是搗毀犯罪分子的避風港,二是控制各類不受監管的加密貨幣。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"另外,我們還得直面這樣一個無法迴避的事實:無處不在的網絡連接加上薄弱的網絡安全態勢,就構成了攻擊團伙夢寐以求的“完美世界”。從工廠到醫院,這些設施都與互聯網相連,但其中大部分並不具備充分的安全保障。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"隨着勒索軟件與網絡犯罪逐步發展爲新的國家安全威脅,特別是對人身安全構成風險(例如針對醫院開展攻擊),大家必須儘快採取行動。截至目前,世界各主要國家都已遭受到勒索攻擊的影響。要改變這一局面,需要全球合作伙伴關係共同對抗勒索軟件。這是一條漫長的抗爭之路,而我們纔剛剛邁出第一步,美國遭受的這些攻擊事件,正在給全球的聯網企業敲響警鐘。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"參考鏈接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/gizmodo.com\/doj-to-treat-ransomware-hacks-like-terrorism-now-heres-1847027610","title":"","type":null},"content":[{"type":"text","text":"https:\/\/gizmodo.com\/doj-to-treat-ransomware-hacks-like-terrorism-now-heres-1847027610"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/www.technologyreview.com\/2021\/06\/03\/1025679\/explainer-is-ransomware-getting-worse\/","title":"","type":null},"content":[{"type":"text","text":"https:\/\/www.technologyreview.com\/2021\/06\/03\/1025679\/explainer-is-ransomware-getting-worse\/"}]}]}]}
繼進入緊急狀態後,美國再次提升優先級,將黑客攻擊與恐怖襲擊並列
{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"在美國多家關鍵機構接連遭勒索軟件入侵後,美國司法部決定把黑客襲擊與恐怖襲擊並列爲其優先調查事項。"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"6 月 3 日,美國司法部發布了一份應對勒索軟件的內部指引,決定把這類黑客襲擊與恐怖襲擊並列爲其優先調查事項。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據路透社報道,目前具體說明已經於週四發佈至全國各地的檢察官辦公室。指導方針概述了調查勒索攻擊的協調方法,其中還包括一項規定,即此類調查必須與華盛頓特區司法部剛剛成立的反勒索軟件特別工作組進行“集中協調”。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“我們以前在恐怖主義方面使用過這種模型,但從未用於勒索軟件”,美國司法部官員表示。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"美國司法部向媒體給出了完整的備忘錄內容。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/wechat\/images\/d6\/d6545e247a2f7810465390a5e8981e27.png","alt":null,"title":null,"style":null,"href":null,"fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"這份簡短的指導文件還提到,“爲了確保建立起這樣一套能夠覆蓋美國國內乃至全球範圍的案例與調查體系,也爲了切實勾勒出當前國家與經濟安全面臨的現實威脅態勢,我們必須加強並集中內部追蹤力量。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"司法部代理檢察長 John Carlin 在接受採訪時表示,“通過這一特殊流程,我們將確保能夠對一切發生在國內外的勒索攻擊進行跟蹤,藉此將攻擊者同攻擊行爲聯繫起來、破壞掉整個勒索攻擊鏈條。我們之前一直使用這種方式對付恐怖主義活動,這是第一次把它引入勒索軟件領域。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/wechat\/images\/b3\/b3a34a4655acf430740809ff802e0c09.png","alt":null,"title":null,"style":null,"href":null,"fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"繼進入國家緊急狀態後再遭攻擊"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"5 月 7 日,美國最大的燃油管道運營商 Colonial Pipeline 遭勒索軟件襲擊,一度被迫停運。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Colonial Pipeline 是美國最大的燃油、燃氣管道運營商,該公司因遭受黑客攻擊被迫臨時關閉了一條輸油管道。這條輸油管道西南起自得克薩斯州,向東北方向橫跨十七州至新澤西州,輸送加工後的墨西哥灣油氣資源,承擔了美國東海岸 45% 的油氣供應。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"隨後,美國交通部於 5 月 9 日宣佈 17 個州和華盛頓特區進入緊急狀態,以應對這一條輸油管道關閉後的局面。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/wechat\/images\/85\/85b7c55c4565c7d8492a325f3aecb04e.png","alt":null,"title":null,"style":null,"href":null,"fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據《華爾街日報》5 月 19 日消息,該公司 CEO 約瑟夫·布朗特拍板,用約 75 個比特幣向黑客支付了 440 萬美元贖金,並稱“這是爲國家做的正確事情”。據布朗特稱,公司是在諮詢了多位曾跟犯罪組織打過交道的專家後,才選擇了支付贖金。他稱,過去 5 年間該公司在維護這段 5500 英里長的管道上投入了 15 億美元,在 IT 方面花了 2 億美元。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Colonial Pipeline 向黑客(DarkSide)支付贖金之後,收到了一個解密工具,解鎖了之前被入侵的系統。儘管這個工具有一些作用,但無法讓該公司的整個管道系統立即恢復正常運轉。最終,這次事件造成輸油管道長達 6 天的關閉,東岸的油價也因此上升到 6 年多以來的最高位,且數千個加油站缺油。因此,這筆 440 萬美元的贖金只是這家公司損失中的一小部分,而整起事件給公司帶來的全部損失高達數千萬美元。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但在勒索病毒逼迫一個國家宣佈進入緊急狀態之後,在同一個月內,黑客再次攻佔了全球最大肉類加工廠。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"5 月 30 日,全球最大肉類加工商 JBS 確認遭勒索軟件襲擊,澳洲和北美的服務器被侵入,公司在兩地的生產、加工、物流全部受到影響。由於服務器被黑無法正常運作,公司不得不關閉全美所有的肉類加工廠,停止美國、加拿大等多個地區的肉類運輸。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"該公司擁有 245,000 名員工,爲來自六大洲 190 個國家 \/ 地區的多家客戶和知名品牌提供服務。JBS 是美國的供貨大戶,在超過十個州設有加工廠,供應了全美四分之一的牛肉。這種 JBS 攻擊的連鎖反應最終會影響到多個國家,如果黑客遲遲不放手,全球的肉類供應鏈短缺也是遲早的事。在澳大利亞,這種情況對當地供應鏈產生了特別明顯的影響,澳大利亞工會發出警告,如果網絡攻擊導致的停產持續過久,可能導致全球肉類蛋白質緊缺問題。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"JBS 在受到攻擊後迅速通知了美國白宮,FBI 介入了調查,美國安全局火速向 JBS 提供技術支持,幫助啓用公司的備用服務器。隨後 FBI 發佈調查報告認爲此次攻擊來自一個名爲 REvil 的組織,其專家認爲 REvil 是與俄羅斯有關聯的黑客組織。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"JBS 公司於週二發佈聲明表示已經在談判中“取得重大進展”,預計將在週三恢復加工廠的生產和肉類運輸。澳洲的許多工人不得不加班處理此前受黑客攻擊導致中斷的訂單。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"據悉,在遭受攻擊前,JBS 在網絡安全上已經花費了鉅額資金,聘請了德勤和安永等公司的顧問,試圖在其 IT 網絡中尋找“漏洞”,但 JBS 依然沒有避免網絡攻擊導致的停產。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"heading","attrs":{"align":null,"level":2},"content":[{"type":"text","text":"勒索軟件攻擊怎麼就全面失控了?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"指向大型企業與關鍵基礎設施的攻擊已經令整個美國陷入恐慌,但問題的根源似乎早在幾年前就已經顯現。在美國重要輸油管道和全球最大肉類供應商淪爲勒索軟件的受害者之後,還會曝出哪些新事件?犯罪分子會把矛頭指向醫院與學校嗎?會進一步追擊美國各城市、市政部門乃至是軍隊嗎?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"事實上,這一切早已成爲現實。前段時間出現的這些重磅攻擊看似新鮮,但黑客通過劫持服務要求受害者支付贖金的活動其實早已有之。在去年新冠疫情最嚴重的階段,先後有數十座美國城市遭到勒索軟件破壞,就連醫院也無法倖免。而在 2019 年,美軍也進入勒索攻擊的視野。那麼,目前的狀況跟過去那麼有何不同?"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"麻省理工科技評論指出,勒索軟件危機的全面爆發,與一些不作爲態度有很大關係。在此之前,全球勒索軟件危機已經發展到令人難以置信的程度。儘管期間美國多處關鍵基礎設施、城市及輸油管道受到打擊,特朗普政府仍然沒有做出任何應對措施,大多數美國人也對此冷漠無感。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"五年之前勒索軟件行業纔剛剛起步,那時候勒索攻擊的商業模式也與現在完全不同——至少要簡單得多。勒索軟件團伙最初是無差別對一切易受感染的機器發動攻擊,並不太關心自己到底在針對誰、到底想打擊誰。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但到如今,這些團伙的運營體系要複雜得多、成本也開始急劇上漲。勒索軟件團伙開始僱用專業黑客組織“大規模圍獵(big game hunting)”,物色那些有望支付鉅額贖金的大型目標。黑客們會將竊取到的憑證出售給其他犯罪團伙,再由後者實際進行勒索。各個參與方都能從中拿到豐厚的回報,這也讓勒索攻擊積聚起強大的吸引力與資源儲備。"},{"type":"text","marks":[{"type":"strong"}],"text":"更重要的是,大型圍獵下幾乎各方參與者都無需承擔任何後果。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"另一方面,黑客可以在讓自己免受起訴的國家 \/ 地區開展行動。爲了改變這種狀況,各國必須共同努力對抗那些肆意向醫院及輸油管道企業發動攻擊並勒索贖金的黑客組織。而最有效的對抗手段,一是搗毀犯罪分子的避風港,二是控制各類不受監管的加密貨幣。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"另外,我們還得直面這樣一個無法迴避的事實:無處不在的網絡連接加上薄弱的網絡安全態勢,就構成了攻擊團伙夢寐以求的“完美世界”。從工廠到醫院,這些設施都與互聯網相連,但其中大部分並不具備充分的安全保障。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"隨着勒索軟件與網絡犯罪逐步發展爲新的國家安全威脅,特別是對人身安全構成風險(例如針對醫院開展攻擊),大家必須儘快採取行動。截至目前,世界各主要國家都已遭受到勒索攻擊的影響。要改變這一局面,需要全球合作伙伴關係共同對抗勒索軟件。這是一條漫長的抗爭之路,而我們纔剛剛邁出第一步,美國遭受的這些攻擊事件,正在給全球的聯網企業敲響警鐘。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"參考鏈接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/gizmodo.com\/doj-to-treat-ransomware-hacks-like-terrorism-now-heres-1847027610","title":"","type":null},"content":[{"type":"text","text":"https:\/\/gizmodo.com\/doj-to-treat-ransomware-hacks-like-terrorism-now-heres-1847027610"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/www.technologyreview.com\/2021\/06\/03\/1025679\/explainer-is-ransomware-getting-worse\/","title":"","type":null},"content":[{"type":"text","text":"https:\/\/www.technologyreview.com\/2021\/06\/03\/1025679\/explainer-is-ransomware-getting-worse\/"}]}]}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章