SAN FRANCISCO — The same tools that help millions of Americans work from home are being exploited by cybercriminals to break into the computer networks of retailers like Target and Neiman Marcus.旧金山——协助数以百万计的美国人从家里下班的某种程度工具于是以被网络犯罪分子利用,沦为入侵塔吉特百货(Target)和尼曼(Neiman Marcus)等零售商计算机网络的手段。The Homeland Security Department, in a new report, warns that hackers are scanning corporate systems for remote access software — made by companies like Apple, Google and Microsoft — that allows outside contractors and employees to tap into computer networks over an Internet connection.美国国土安全部在一份新的报告中警告说道,黑客在搜查企业计算机系统以找到其中的远程访问软件,这类软件由苹果(Apple)、谷歌(Google)和微软公司等公司获取,能让外部承包商和公司员工通过互联网转入公司的计算机网络。
When the hackers discover such software, they deploy high-speed programs that guess login credentials until they hit the right one, offering a hard-to-detect entry point into computer systems.当黑客找到这种软件后,他们用于较慢猜测指定信息的程序,直到遇上一个准确的,这就给他们获取了一个无法揭穿的打入计算机系统的切入点。The report, which Homeland Security produced with the Secret Service, the National Cybersecurity and Communications Integration Center, Trustwave SpiderLabs, an online security firm based in Chicago, and other industry partners, is expected to be released on Thursday. It provides insight into what retailers are up against as hackers find ways into computer networks without tripping security systems.这份报告是国土安全部与其他部门合作产生的,合作单位还包括特勤局(Secret Service)、国家网络安全和通信构建中心(National Cybersecurity and Communications Integration Center)、总部设于芝加哥的在线安全性公司Trustwave SpiderLabs,以及其他行业的合作伙伴,报告预计于周四发布。它为零售商面对的挑战获取了了解理解,黑客在找寻不启动时安全性系统报警的方法转入计算机网络。
It is also a reminder that a typical network is more a sprawl of loosely connected computers than a walled fortress, providing plenty of vulnerabilities — and easily duped humans — for determined hackers.报告也警告人们,典型的网络由牢固相连的计算机构成,不是一个有围墙的堡垒,对有决意的黑客来说,这样的网络不存在着大量的漏洞,还有更容易随便的用户。“As we start to make more secure software and systems, the weakest link in the information chain is the human that sits on the end — the weak password they type in, the click on the email from the contact they trust,” said Vincent Berq of FlowTraq, a network security firm.“随着我们开始把软件和系统显得更加安全性,信息链中最脆弱的环节就是那些躺在用户端的人:他们键入很弱密码,他们页面所信任的联系人发去的电子邮件,”网络安全公司FlowTraq的文森特·伯尔克(Vincent Berq)说道。While the report does not identify the victims of these attacks, citing a policy of not commenting on current investigations, two people with knowledge of these investigations say that more than a dozen retailers have been hit. They include Target, P. F. Chang’s, Neiman Marcus, Michaels, Sally Beauty Supply, and as recently as this month, Goodwill Industries International, the nonprofit agency that operates thrift stores around the country.虽然这份报告援引不评论目前调查的政策为由,没说明反击的受害者,但两位对调查知情的人士说道,有十多家零售商都受到过网络攻击,还包括塔吉特百货、华馆(P. F. Chang)、尼曼、迈克尔斯公司(Michaels)、莎莉美容用品(Sally Beauty Supply),以及直到本月还接受反击的国际心意企业(Goodwill Industries International),这是一家在美国各地的经营旧货店的非营利机构。
Once inside the network, the hackers deploy malicious software called Backoff that is devised to steal payment card data off the memory of in-store cash register systems, the report says. After that information is captured, the hackers send it back to their computers and eventually sell it on the black market, where a single credit card number can go for $100.报告说道,黑客一旦转入网络,他们用于一个取名为Backoff的恶意软件,从店内缴银器系统的内存上盗取支付卡的数据。在捕捉到这些信息后,黑客将其发送到返自己的计算机,并最后将信息在黑市出售,一个信用卡号在黑市上可卖到100美元(相等于620元人民币)。In each case, criminals used computer connections that would normally be trusted to gain their initial foothold. In the Target breach, for example, hackers zeroed in on the remote access granted through the retailer’s computerized heating and cooling software, the two people with knowledge of the inquiry said.在每次这种反击中,犯罪分子用的都是一般来说被信任的相连,让他们取得进入计算机的最初立足点。
比如,在塔吉特百货的例子中,让黑客钻空子的,是该零售商计算机化的制热制冷系统软件的远程指定许可,两位理解调查情况的人回应。In an interview, Brad Maiorino, recently hired as Target’s chief information security officer, said a top priority was what he called “attack surface reduction.”在拒绝接受记者专访时,塔吉特百货最近聘用的首席信息安全官布拉德·努奥里诺(Brad Maiorino)回应,当务之急是他称作“增加不受攻击面”的工作。“You don’t need military-grade defense capabilities to figure out that you have too many connections,” Mr. Maiorino said. “You have to simplify and consolidate those as much as possible.”努奥里诺说道,“你不必须军用级的防御能力就告诉你有过于多的相连。你必须尽量地修改和拆分这些相连。
”The Secret Service first discovered the Backoff malware (named for a word in its code) in October 2013. In the last few weeks, the agency said that it had come across the malware in three separate investigations. Most troubling, the agency said that even fully updated antivirus systems were failing to catch it.特勤局是在2013年10月首次找到Backoff这个恶意软件的(其名称来自软件编码中的一个词)。该机构回应,在过去几周里,它已在三个有所不同的调查中遇上这个恶意软件。
该机构说道,最令人不安的是,就连全面改版的防病毒系统都没能追查这个恶意软件。Low detection rates meant that “fully updated antivirus engines on fully patched computers could not identify the malware as malicious,” the report concluded.较低追查亲率意味著“打了所有补丁的计算机系统上的全面改版的防病毒引擎无法辨识这个恶意软件是蓄意的”,上述报告的结论说道。Backoff and its variants all perform four functions. First, they scrape the memory of in-store payment systems for credit and debit card “track” data, which can include an account number, expiration dates and personal identification numbers, or PINs.Backoff及其变异版本都有四项功能。
首先,它们从店内缴纳系统的内存中提供信用卡和借记卡的“踪迹”数据,这些数据有可能还包括账户号、有效期,以及个人识别码(全称PIN)。The malware logs keystrokes, as when a customer manually enters her PIN, and communicates back to the attackers’ computers so they can remove payment data, update the malware or delete it to escape detection.这个恶意软件能记录按键动作,比如一个顾客用手输出自己的PIN这种动作,把其传到攻击者的计算机,使他们需要获得缴纳数据,改版恶意软件或将其移除以免被找到。The hackers also install a so-called backdoor into in-store payment machines, ensuring a foothold even if the machines crash or are reset. And they continue to tweak the malware to add functions and make it less detectable to security researchers.黑客还在店内缴付机上安装所谓的后门软件,保证即使在机器死机或重置后仍能转入系统。
他们大大调整恶意软件,加添新功能,使其更加容易被研究计算机安全的人察觉到。Security experts say antivirus software alone will not prevent these attacks. They recommend companies take what is called a “defense in depth” approach, layering different technologies and empowering security professionals to monitor systems for unusual behavior.安全性专家说道,杀毒软件本身并无法制止这些反击。他们建议公司采行所谓的“两翼防卫”方法,用有所不同层次的技术,许可安全性专家来监视系统中的不奇怪不道德。
Among the report’s recommendations: Companies should limit the number of people with access to its systems; require long, complex passwords that cannot be easily cracked, and lock accounts after repeated login requests.这份报告的建议还包括:公司不应容许指定其系统的人数;拒绝指定者用于无法被只能密码的宽且简单的密码,经常出现多次重复的指定催促后封锁帐户。The report also suggests segregating crucial systems like in-store payment systems from the corporate network and making “two factor authentication”— a process by which employees must enter a second, one-time password in addition to their usual credentials — the status quo.报告还建议,把关键系统,比如店内缴纳系统,与企业的网络隔绝,让“双重证书”程序沦为常态,“双重证书”所指的是除了一般来说必须的指定密码外,员工必需另外输出第二个、重复使用的密码。The report also recommends encrypting customers’ payment data from the moment their cards are swiped at the store, logging all network activity and deploying security systems that can alert staff to unusual behavior, like a server communicating with a strange computer in Russia.报告还建议,从顾客在商店刷卡的那一刻起就加密客户的缴纳数据,记录所有的网络活动,落成有出现异常不道德时,比如一台服务器与一个俄罗斯的陌生计算机通信,能警告有关人员的安全性系统。
At Target, Mr. Maiorino said he planned to build a security program as tough as what was expected from military contractors.努奥里诺说道,他计划在塔吉特百货创建一个强度可超过军事承包商所拒绝的安全性系统。“All of the same tools and techniques that nation states are using for attacks have been commoditized and are available for sale in the black market,” Mr. Maiorino said. “And for the right amount of money you can go out and create a cybercrime ring at a relatively low cost.”“与国家用于的网络攻击工具和技术完全相同的东西都早已商品化了,而且都在黑市上有卖的,”努奥里诺说道。
“只要有充足的钱,你就可以去用比较较低的成本重新组建一个网络犯罪团伙。
本文来源:yabo888亚博网站-www.dqhryoga.com
Copyright © 2008-2023 www.dqhryoga.com. yabo888亚博网站科技 版权所有 地址:新疆维吾尔自治区塔城地区裕民县东天大楼4619号 ICP备93153275号-5