【新唐人2013年12月12日讯】美国一家网路安全公司近期发布报告指出,中国黑客在今年20国集团会议期间,攻击了五个欧盟国家的电脑系统。中共外交部对此矢口否认,但美国《纽约时报》表示,通过追踪发现,黑客的攻击的确源自中国。
据《纽约时报》报导,美国网路安全公司“火眼”(FireEye),12月10号发布报告显示,在今年9月举行的20国集团会议前夕,中国黑客利用发送电子邮件的方式,攻击了欧盟五个国家的外交部电脑系统。
报告说,狡猾的黑客把邮件内容伪装成会议关注的议题,声称其中包含有关美国军队可能军事干预叙利亚的信息。实际上,一旦文件被打开,病毒立刻会被植入电脑,让黑客可以监视主机的通信和窃取数据。
“火眼公司”的报告显示,早在2011年10月,在巴黎举行的20国集团会议期间,多名财政部长成为了攻击目标。黑客们向攻击目标发送电子邮件,为了引诱目标们点击邮件,他们把邮件伪装成含有法国前总统妻子裸照的链接。
《纽约时报》提醒说,中国黑客至今依然在发动以邮件为基础的攻击,入侵政府和企业的电脑系统。而且利用时事来引诱目标,那是他们惯用的手段。
而在2012年伦敦奥运会的前几个月,这个黑客组织又把电子邮件伪装成与伦敦奥运会相关的内容。
美国“全球自由信息”运动创办人张新宇:“从现实来看,中国网路攻击能力不可小看,能力还是挺强的,是因为它人数特别多,花中国国家的、纳税人的钱,在这方面,在全国是一个非常大的群体,就是做网路安全的,因此它具有这个条件。”
在报告中,“火眼公司”并没有透露受黑客攻击的国家名称,只说已经通过联邦调查局(FBI)向这些国家发出了通告。但《纽约时报》声称,通过他们的追踪发现,被攻击的五国分别为:捷克共和国、葡萄牙、保加利亚、拉脱维亚和匈牙利。
协助“火眼公司”调查的研究人员纳尔特•维尔纳夫说:“其他组织往往攻击商业目标,与此不同的是,这一行动专门针对负责外交事务的部门。”
《纽约时报》引述安全专家的话表示,各国外交部一直是中国黑客的攻击目标。前美国国务院官员也指出,澳大利亚、英国、德国、法国、印度和加拿大的外交部,都曾遭受黑客攻击,这些攻击都被追到了中共政府头上。
对此,中共外交部发言人洪磊在12月10号的记者会上,否认了有关指责。
张新宇:“因为它(中共)是独裁统治的这种独裁集团,谎言说过1000遍就变成真理,它们深信这个东西。再没有比美国的政府作出的报告,总的统计比它更真实,所以我觉得这个是没有怀疑的。”
调查人员表示,虽然他们无法看出攻击者盗走了哪些文件,但这次观察让他们看到了攻击者的技术,以及有关攻击者来源的线索。攻击者的恶意软体包含多个汉字串,一个用于侵入电脑的网页也是用汉字。攻击者还曾用好几台机器来测试自己的恶意软体,机器的默认语言也是汉语。
维尔纳夫说,“我们只知道攻击者是中国人,但却不知道他们是谁,也无法推测他们的动机。”
时事评论员赵培:“中共历来是以自由世界为敌的,它就把自由世界看成是对它的威胁,它一直对自由世界进行一系列的监控,甚至攻击自由世界。”
“火眼”还透露,虽然研究人员确认了23个黑客操控的服务器,但却通过相关网址查到了总计99个服务器——所有服务器都设在中国、香港和美国。他们认为,已经被侵入的电脑数量比他们能看到的多得多。
采访/陈汉 编辑/张天宇 后制/周天
Chinese Hackers Target European Diplomats Using Baited Emails
A US-based computer security company has
recently reported that Chinese hackers attacked
five European diplomats’ computer systems.
The incident took place during the G20 Summit this year.
As predicted, the Chinese Foreign
Ministry has denied the allegations.
The New York Times (NYT) reports that
the hackers were traced back to China.
NYT reported that ‘FireEye’, a computer security
company released a report on December 10.
The report alleges that Chinese hackers used
simple email-based attacks to break into foreign
ministries computer systems of five countries.
The report said the attackers used current events
to bait targets, who would click on a link in an email.
One of the links contained information about
possible US military intervention in Syria.
As soon as a target clicked on the file, malware
immediately spread into the targets’ computer.
Hackers were then able to monitor the
computer and take data from them.
FireEye said that in early October 2011, a group of 20
finance ministers were targeted during a G20 summit.
The attackers sent their targets emails with
a link, claiming to contain naked photos of
the wife of the former French President.
NYT said that Chinese hackers continue to
break into computer systems of governments
and firms, using simple email-based attacks.
It is common practice for hackers
to use current events to bait targets.
In 2012, a few months before the London Olympics,
the same group of hackers sent an email, claiming
to contain information about the London Olympics.
Zhang Xinyu, founder of US-based Global Information
Freedom Movement: “We must not underestimate
China’s ability of cyber attacks, it is very capable.
Because China has a large population, hackers
are spending the money of taxpayers and the state.
There is a very large group in the country, who specifically
work on the network security, so they have this environment.”
FireEye’s report didn’t reveal the name
of the countries that have been hacked.
FireEye said it reported the attacks to the victims
through the Federal Bureau of Investigation.
NYT identified that the Czech Republic, Portugal,
Bulgaria, Latvia and Hungary had been hacked.
Nart Villeneuve, researcher leading FireEye investigation:
“Unlike other groups, who tend to attack commercial targets,
this campaign specifically targeted foreign affairs ministries.”
NYT cited security experts, suggesting that foreign
ministries have long been a target for Chinese hackers.
A former State Department official said that past
hacking attacks on foreign ministries from Australia,
UK, Germany, France, India and Canada have all
been traced back to the Chinese Communist regime.
On December 10, Chinese foreign ministry spokesman
Hong Lei denied the allegations in a press conference.
Zhang Xinyu: “Because China is an authoritarian dictatorship,
if a lie is repeated 1,000 times, it may well become a truth.
The CCP deeply believes this. There is nothing more
real than the US government report. There are no doubts.”
Researchers said that although they were unable
to see which files the attackers had taken, they did
find the attackers’ techniques and clues to their origin.
Hackers malware contained Chinese character
strings, and one of the web pages that was used
to compromise computers was written in Chinese.
They also used several machines to test their malware,
which used Chinese language as the default setting.
Nart Villeneuve: “Beyond the fact they are Chinese,
we don’t know who the attackers are, or their motivations.”
Zhao Pei, current affairs commentator: “The CCP always
treats democratic countries as enemies and threats.
It always implements monitoring and
attacks towards democratic countries.”
FireEye disclosed that although researchers have
only identified 23 of the attackers’ servers, they
mapped web addresses back to a total of 99 servers.
All of them were based in China, Hong Kong and the US.
Researchers believe the number of compromised
computers is much larger than those they can see.
