全球多家大型企業再度遭受網絡攻擊

Some of the world’s largest companies including WPP, Rosneft, Merck and AP Moller-Maersk have confirmed that they have been hit by a large-scale cyber attack that also took critical government and bank infrastructure in Ukraine offline on Tuesday.

世界上一些最大的公司包括WPP、俄羅斯石油公司(Rosneft)、默克(Merck)和AP穆勒-馬士基集團(AP Moller-Maersk)證實，它們遭遇一場大規模網絡攻擊，此次網絡攻擊週二還讓烏克蘭政府和銀行的關鍵基礎設施陷入癱瘓。

The ransomware attack bears similarities to WannaCry, which infected hundreds of thousands of computers in 150 countries last month, according to cyber security experts. No one has yet claimed responsibility for the latest attack.

據網絡安全專家們介紹，此次勒索軟件攻擊與上月感染150個國家數十萬臺計算機的“想哭”(WannaCry)有點相似。沒有人聲稱對最新的網絡攻擊負責。

Researchers at Group IB, a Moscow-based cyber security company, said the hackers shut down access to computers and displayed a message demanding a $300 ransom from users, payable in bitcoins.

總部位於莫斯科的網絡安全公司Group IB的研究人員表示，黑客們阻止用戶使用計算機，並顯示一條信息，要求用戶用比特幣支付300美元的贖金。

Companies affected include WPP, Rosneft, Saint Gobain, Maersk, US-based pharmaceutical company Merck, Evraz, Russia’s second-largest steelmaker, and DLA Piper, the law firm. The attacks were widespread in Ukraine, affecting Ukrenergo, the state power distributor, and several of the country’s banks.

受影響的公司包括WPP、俄羅斯石油公司、聖戈班(Saint Gobain)、馬士基、美國製藥公司默克、俄羅斯第二大鋼鐵企業耶弗拉茲(Evraz)以及歐華律師事務所(DLA Piper)。烏克蘭受到大面積打擊，使國有供電企業Ukrenergo以及該國幾家銀行受到影響。

Pavlo Rozenko, Ukraine’s deputy prime minister, tweeted a photo of a computer screen displaying an energy message. “The network is down,” he wrote.

烏克蘭副總理帕夫洛?羅岑科(Pavlo Rozenko)在Twitter上貼出一張電腦屏幕照片，並寫道，“網絡癱瘓了。”

Some security researchers said that the attack was part of the Petya ransomware family, which has existed since at least last year and uses the same flaw exploited during the WannaCry breaches. That would make systems that have not been updated since that attack particularly vulnerable.

一些安全研究人員表示，此輪攻擊是Petya勒索軟件家族的一部分，這些勒索軟件至少從去年開始存在，它們和“想哭”利用同一個漏洞。這意味着，在“想哭”攻擊後仍未更新的系統特別脆弱。

However, Kasperksy Labs, a Moscow-based cyber security company, said that this was “a new ransomware that has not been seen before”.

不過，總部位於莫斯科的網絡安全公司卡巴斯基實驗室(Kaspersky Labs)表示，這是“一種以前沒有見過的新型勒索軟件”。

Mikko Hypponen, chief research officer at F-Secure, a Finnish cyber security company, could not confirm that the same hackers who were behind the WannaCry attack but said they were using the same vulnerability.

芬蘭網絡安全公司F-Secure首席研究員米科?許波寧(Mikko Hypponen)無法證實發起此輪攻擊的黑客就是“想哭”襲擊的幕後元兇，但表示他們利用同一個漏洞。

Rosneft, Russia’s largest oil company, said it had moved to a reserve oil production system after a “powerful” hacking attack that took down its website and that of its subsidiary Bashneft.

俄羅斯最大石油公司——俄羅斯石油公司表示，在遭遇一場“強大的”黑客攻擊、導致該公司及其子公司Bashneft的網站癱瘓之後，已切換至一套後備的石油生產系統。

The company said it had contacted the authorities and warned on Twitter that “distributors of false, alarmist messages will be treated as accomplices of the organisers of the attack and held accountable”.

該公司表示已經聯繫當局，並在Twitter上警告說，“虛假、危言聳聽消息的傳播者將被視爲攻擊策劃者的同謀犯，將被追究責任”。

Computers and internal intranet and wifi networks in the Russian company’s headquarters in Moscow were disabled on Tuesday following the attack, a company source told the FT on condition of anonymity. The person added that no core business functions were affected.

這家俄羅斯公司的一個消息人士在匿名條件下告訴英國《金融時報》，該公司莫斯科總部的計算機、內聯網和WiFi網絡週二在遭到襲擊後被禁用。此人補充稱，核心業務職能沒有受到影響。

“Thanks to the fact that the company switched to a standby system for managing production processes, neither the production nor the preparation of oil was stopped,” Rosneft told the Financial Times.

“得益於公司切換至管理生產流程的一套備用系統，石油生產和準備都不會停止，”俄羅斯石油公司告訴英國《金融時報》。

WPP, the world’s biggest advertising group, said on Tuesday: “IT systems in several WPP companies have been affected by a suspected cyber attack.”

身爲世界最大廣告集團的WPP週二表示：“WPP旗下幾家公司的IT系統受到一場疑似網絡攻擊的影響。”

The website for the holding group, which owns agencies such as Group M, MediaCom and Burson-Marsteller, was unavailable.

旗下擁有羣邑(GroupM), MediaCom和博雅(Burson-Marsteller)等廣告公司的控股集團的網站處於斷線狀態。

Saint Gobain, the French construction group, was also hit. A company spokesperson said: “As a security measure and in order to protect our data, we have isolated our computer systems.”

法國建築集團聖戈班也受到打擊。一名公司發言人說：“作爲一項安全措施，爲了保護我們的數據，我們已經隔離了本公司的計算機系統。”