-
(单词翻译:双击或拖选)
United States
美国版块
Cyber-security
网络安全
Bear hunt
猎熊
Hackers1 have vaulted2 into the heart of America’s government
黑客已经潜入美国政府的核心
On september 25th Russia’s president, Vladimir Putin, warned that a “largescale confrontation3 in the digital sphere” was looming4. He offered a solution. Russia and America would “exchange guarantees of non-interference in each other’s internal affairs, including electoral processes, including using ICT”—in short, a cybertruce. Even as he spoke5, his hackers were apparently6 deep inside some of America’s most sensitive networks.
9月25日,俄罗斯总统弗拉基米尔·普京警告称,“数字领域的大规模对抗”一触即发。他提出了一个解决办法。即俄罗斯和美国将“彼此保证不通过信息和通信技术等方式干涉对方的内政,包括选举进程”——简而言之,就是网络休战协议。就在普京讲话的时候,他手下的黑客显然已经深入到美国最敏感的一些网络中。
American officials claim that a group of hackers known as APT29, or more evocatively as Cozy7 Bear, thought to be part of the SVR, Russia’s foreign intelligence service, penetrated8 several American government bodies—the list so far includes the Treasury9, Commerce, State and Homeland Security Departments, along with the National Institutes of Health—where they could read emails at will. It appears to be one of the largest-ever acts of digital espionage10 against America.
美国官员声称,美国政府认为名为APT29的黑客组织(或者更能让人想起的舒适熊组织)隶属于俄罗斯对外情报局(SVR),该组织侵入了几个美国政府机构。迄今为止,入侵名单包括美国财政部、商务部、国土安全部,以及国立卫生研究院,黑客组织可以随意浏览这些政府机构的电子邮件。这似乎是有史以来针对美国的最大规模的数字间谍活动之一。
The intrusion took a circuitous11 route. Between March and June, SolarWinds, a Texan company, pushed out updates to its Orion software, which is widely used to help organisations monitor their networks. The malware hitched12 a ride on those updates. Once downloaded, it allowed hackers to impersonate an organisation’s system administrators13, who typically have the run of the entire network. It cleverly funnelled14 out data by disguising it as legitimate15 traffic while parrying anti-virus tools. Once inside, intruders can remain present even if Orion is disconnected.
黑客入侵采取了迂回的方式。今年3月至6月,德州公司SolarWinds推出了旗下Orion软件的更新,该软件被广泛用于帮助组织监控其网络。恶意软件搭上了更新的便车。一旦下载,黑客就可以冒充一个组织的系统管理员,而系统管理员通常负责整个网络的运行。恶意软件巧妙地将数据伪装成合法流量,同时避开反病毒工具。一旦进入,即使Orion被断开连接,入侵者也可以继续存在。
1 hackers | |
n.计算机迷( hacker的名词复数 );私自存取或篡改电脑资料者,电脑“黑客” | |
参考例句: |
|
|
2 vaulted | |
adj.拱状的 | |
参考例句: |
|
|
3 confrontation | |
n.对抗,对峙,冲突 | |
参考例句: |
|
|
4 looming | |
n.上现蜃景(光通过低层大气发生异常折射形成的一种海市蜃楼)v.隐约出现,阴森地逼近( loom的现在分词 );隐约出现,阴森地逼近 | |
参考例句: |
|
|
5 spoke | |
n.(车轮的)辐条;轮辐;破坏某人的计划;阻挠某人的行动 v.讲,谈(speak的过去式);说;演说;从某种观点来说 | |
参考例句: |
|
|
6 apparently | |
adv.显然地;表面上,似乎 | |
参考例句: |
|
|
7 cozy | |
adj.亲如手足的,密切的,暖和舒服的 | |
参考例句: |
|
|
8 penetrated | |
adj. 击穿的,鞭辟入里的 动词penetrate的过去式和过去分词形式 | |
参考例句: |
|
|
9 treasury | |
n.宝库;国库,金库;文库 | |
参考例句: |
|
|
10 espionage | |
n.间谍行为,谍报活动 | |
参考例句: |
|
|
11 circuitous | |
adj.迂回的路的,迂曲的,绕行的 | |
参考例句: |
|
|
12 hitched | |
(免费)搭乘他人之车( hitch的过去式和过去分词 ); 搭便车; 攀上; 跃上 | |
参考例句: |
|
|
13 administrators | |
n.管理者( administrator的名词复数 );有管理(或行政)才能的人;(由遗嘱检验法庭指定的)遗产管理人;奉派暂管主教教区的牧师 | |
参考例句: |
|
|
14 funnelled | |
漏斗状的 | |
参考例句: |
|
|
15 legitimate | |
adj.合法的,合理的,合乎逻辑的;v.使合法 | |
参考例句: |
|
|