【新唐人2013年12月12日訊】美國一家網路安全公司近期發佈報告指出,中國黑客在今年20國集團會議期間,攻擊了五個歐盟國家的電腦系統。中共外交部對此矢口否認,但美國《紐約時報》表示,通過追蹤發現,黑客的攻擊的確源自中國。
據《紐約時報》報導,美國網路安全公司「火眼」(FireEye),12月10號發佈報告顯示,在今年9月舉行的20國集團會議前夕,中國黑客利用發送電子郵件的方式,攻擊了歐盟五個國家的外交部電腦系統。
報告說,狡猾的黑客把郵件內容偽裝成會議關注的議題,聲稱其中包含有關美國軍隊可能軍事干預敘利亞的信息。實際上,一旦文件被打開,病毒立刻會被植入電腦,讓黑客可以監視主機的通信和竊取數據。
「火眼公司」的報告顯示,早在2011年10月,在巴黎舉行的20國集團會議期間,多名財政部長成為了攻擊目標。黑客們向攻擊目標發送電子郵件,為了引誘目標們點擊郵件,他們把郵件偽裝成含有法國前總統妻子裸照的鏈接。
《紐約時報》提醒說,中國黑客至今依然在發動以郵件為基礎的攻擊,入侵政府和企業的電腦系統。而且利用時事來引誘目標,那是他們慣用的手段。
而在2012年倫敦奧運會的前幾個月,這個黑客組織又把電子郵件偽裝成與倫敦奧運會相關的內容。
美國「全球自由信息」運動創辦人張新宇:「從現實來看,中國網路攻擊能力不可小看,能力還是挺強的,是因為它人數特別多,花中國國家的、納稅人的錢,在這方面,在全國是一個非常大的群體,就是做網路安全的,因此它具有這個條件。」
在報告中,「火眼公司」並沒有透露受黑客攻擊的國家名稱,只說已經通過聯邦調查局(FBI)向這些國家發出了通告。但《紐約時報》聲稱,通過他們的追蹤發現,被攻擊的五國分別為:捷克共和國、葡萄牙、保加利亞、拉脫維亞和匈牙利。
協助「火眼公司」調查的研究人員納爾特•維爾納夫說:「其他組織往往攻擊商業目標,與此不同的是,這一行動專門針對負責外交事務的部門。」
《紐約時報》引述安全專家的話表示,各國外交部一直是中國黑客的攻擊目標。前美國國務院官員也指出,澳大利亞、英國、德國、法國、印度和加拿大的外交部,都曾遭受黑客攻擊,這些攻擊都被追到了中共政府頭上。
對此,中共外交部發言人洪磊在12月10號的記者會上,否認了有關指責。
張新宇:「因為它(中共)是獨裁統治的這種獨裁集團,謊言說過1000遍就變成真理,它們深信這個東西。再沒有比美國的政府作出的報告,總的統計比它更真實,所以我覺得這個是沒有懷疑的。」
調查人員表示,雖然他們無法看出攻擊者盜走了哪些文件,但這次觀察讓他們看到了攻擊者的技術,以及有關攻擊者來源的線索。攻擊者的惡意軟體包含多個漢字串,一個用於侵入電腦的網頁也是用漢字。攻擊者還曾用好幾臺機器來測試自己的惡意軟體,機器的默認語言也是漢語。
維爾納夫說,「我們只知道攻擊者是中國人,但卻不知道他們是誰,也無法推測他們的動機。」
時事評論員趙培:「中共歷來是以自由世界為敵的,它就把自由世界看成是對它的威脅,它一直對自由世界進行一系列的監控,甚至攻擊自由世界。」
「火眼」還透露,雖然研究人員確認了23個黑客操控的服務器,但卻通過相關網址查到了總計99個服務器——所有服務器都設在中國、香港和美國。他們認為,已經被侵入的電腦數量比他們能看到的多得多。
採訪/陳漢 編輯/張天宇 後製/周天
Chinese Hackers Target European Diplomats Using Baited Emails
A US-based computer security company has
recently reported that Chinese hackers attacked
five European diplomats’ computer systems.
The incident took place during the G20 Summit this year.
As predicted, the Chinese Foreign
Ministry has denied the allegations.
The New York Times (NYT) reports that
the hackers were traced back to China.
NYT reported that ‘FireEye’, a computer security
company released a report on December 10.
The report alleges that Chinese hackers used
simple email-based attacks to break into foreign
ministries computer systems of five countries.
The report said the attackers used current events
to bait targets, who would click on a link in an email.
One of the links contained information about
possible US military intervention in Syria.
As soon as a target clicked on the file, malware
immediately spread into the targets’ computer.
Hackers were then able to monitor the
computer and take data from them.
FireEye said that in early October 2011, a group of 20
finance ministers were targeted during a G20 summit.
The attackers sent their targets emails with
a link, claiming to contain naked photos of
the wife of the former French President.
NYT said that Chinese hackers continue to
break into computer systems of governments
and firms, using simple email-based attacks.
It is common practice for hackers
to use current events to bait targets.
In 2012, a few months before the London Olympics,
the same group of hackers sent an email, claiming
to contain information about the London Olympics.
Zhang Xinyu, founder of US-based Global Information
Freedom Movement: “We must not underestimate
China’s ability of cyber attacks, it is very capable.
Because China has a large population, hackers
are spending the money of taxpayers and the state.
There is a very large group in the country, who specifically
work on the network security, so they have this environment.”
FireEye’s report didn’t reveal the name
of the countries that have been hacked.
FireEye said it reported the attacks to the victims
through the Federal Bureau of Investigation.
NYT identified that the Czech Republic, Portugal,
Bulgaria, Latvia and Hungary had been hacked.
Nart Villeneuve, researcher leading FireEye investigation:
“Unlike other groups, who tend to attack commercial targets,
this campaign specifically targeted foreign affairs ministries.”
NYT cited security experts, suggesting that foreign
ministries have long been a target for Chinese hackers.
A former State Department official said that past
hacking attacks on foreign ministries from Australia,
UK, Germany, France, India and Canada have all
been traced back to the Chinese Communist regime.
On December 10, Chinese foreign ministry spokesman
Hong Lei denied the allegations in a press conference.
Zhang Xinyu: “Because China is an authoritarian dictatorship,
if a lie is repeated 1,000 times, it may well become a truth.
The CCP deeply believes this. There is nothing more
real than the US government report. There are no doubts.”
Researchers said that although they were unable
to see which files the attackers had taken, they did
find the attackers’ techniques and clues to their origin.
Hackers malware contained Chinese character
strings, and one of the web pages that was used
to compromise computers was written in Chinese.
They also used several machines to test their malware,
which used Chinese language as the default setting.
Nart Villeneuve: “Beyond the fact they are Chinese,
we don』t know who the attackers are, or their motivations.”
Zhao Pei, current affairs commentator: “The CCP always
treats democratic countries as enemies and threats.
It always implements monitoring and
attacks towards democratic countries.”
FireEye disclosed that although researchers have
only identified 23 of the attackers’ servers, they
mapped web addresses back to a total of 99 servers.
All of them were based in China, Hong Kong and the US.
Researchers believe the number of compromised
computers is much larger than those they can see.
