上週五全球74個國家遭受一場規模浩大、傳播迅速的勒索軟件攻擊(huge, fast-moving and global ransomware attack),每臺電腦被要求提供等價於300美元的比特幣贖金,受到影響的有英國公共衛生體系國民保健制度的服務系統、西班牙最大的電信供應商、意大利的多所大學、聯邦快遞的多臺電腦和俄羅斯內政部(但其發言人表示信息並未遭到洩漏)。我國部分高校網絡系統淪為重災區,致使畢業論文季的許多實驗室數據和畢業設計被鎖,同時還確認受到攻擊的還有中石油加油站的網絡支付系統。據稱,西班牙最大的電信供應商目前為解鎖被加密的電腦(to unlock all encrypted computers)已支付了高達55萬美元的贖金。
要是考官看最近病毒之事甚囂塵上,一拍腦門決定出一個網絡安全問題的大作文,你有什麼話可以說嗎?
《每日郵報》發佈的一篇題為“What We Currently Know about the Global Cyberattack” 或者可以給大家提供一些素材和語料。
As danger from a global cyberattack that hit some 150 nations continues to fade, analysts are starting to assess the damage.
一場波及超過150個國家的全球網絡攻擊,隨著其危害漸漸降低,分析師開始評估其造成的損失。
生詞:cyberattack 網絡攻擊
Hard-hit organizations such as the U.K.'s National Health Serviceappear to be bouncing back, and few people seem to have actually paid the ransom. But the attack has served as a live demonstration of a new type of global threat, one that could encourage future hackers.
遭受嚴重打擊的那些機構組織,如英國NHS,似乎正在恢復正常,而真正支付贖金的人也並不多。然而,這次的網絡攻擊實實在在證明了一種新型全球性威脅的存在,併為未來的黑客攻擊開了個好頭。
生詞:ransom 贖金
語料:hard-hit 遭受沉重打擊的;appear to 似乎;bounce back 迅速恢復
Here's what we currently know about the ransomware known as WannaCry, which locked up digital photos, documents and other files to hold them for ransom.
下文所列是我們所知名為WannaCry的勒索病毒的相關信息,這種病毒加密你電腦中的照片、文檔和其他文件,並以此勒索贖金。
生詞:ransomware 勒索軟件
病毒從哪裡來?
Researchers are stillpuzzling outhow WannaCry got started. Figuring that out could yield important clues to the identity of its authors.
研究人員仍然在試圖搞清楚,WannaCry是怎麼開始傳播的。如果這一問題能夠得到解答,就可以抓住確定始作俑者身份的重要線索。
語料:puzzle out 苦苦思索要弄清楚;yield 屈服,產生
The malwarespread rapidly inside computer networks by taking advantage of vulnerabilities in mostly older versions of Microsoft Windows. That weakness was purportedly identified and stockpiledfor use by the U.S. National Security Agency; it was subsequently stolen and published on the internet.
惡意軟件藉助大多數老舊的微軟windows系統中存在的漏洞得以快速在計算機網絡中傳播,據稱,這一漏洞最早由美國國家安全局發現並加以利用,只不過後來被竊取併發布。
生詞:malware 惡意軟件;vulnerability 弱點
語料:take advantage of 利用;purportedly 據稱;stockpile 貯存;subsequently 隨後
But it remains unclear how WannaCry got onto computers in the first place. Experts said its rapid global spread suggests it did not rely on phishing, in which fake emailstempt theunwaryto click on infected documents or links. Analysts at the European Union cybersecurity agency said the hackers likely scanned the internet for systems that were vulnerable to infection and exploited those computers remotely.
然而我們仍然不知道WannaCry一開始是如何感染電腦的。專家說,病毒在全球網絡的快速傳播,說明它並不是依賴於釣魚,既使用虛假的郵件引誘粗心的用戶點擊受感染的文件或鏈接。歐盟網絡安全機構表示,黑客很有可能通過遠程掃描並找出那些容易受到攻擊的系統,家易感染和利用這些計算機。
生詞:phish 網絡釣魚;tempt 引誘;unwary 不警惕的
語料:in the first place 首先,起初
Once established, WannaCry encryptedcomputer files and displayed a message demanding $300 to $600 worth of the digital currency bitcoin to release them. Failure to pay would leave the data scrambled and likelybeyond repair unless users had unaffected backup copies.
一旦感染病毒,WannaCry就會加密電腦中的文件,並彈出消息,要求支付約合300美元到600美元不等的數字貨幣——比特幣作為贖金,才能解密。不支付贖金,那麼除非你有備份,否則別想拿回被加密的文件,也無法修復。
生詞:encrypt 加密
語料:beyond repair 無法修理
贖金支付
Investigators are closely watching three bitcoin accounts associated with WannaCry, where its victims were directed to send ransom payments. The digital currency is anonymized, but it's possible to track funds as they move from place to place until theyend up withan identifiable person.
調查人員嚴密監控了三個與WannaCry有關的比特幣賬戶,受害者就是被指定到這裡支付贖金。數字貨幣查不到姓名,但是卻可以追蹤這些被轉來轉去的資金,直到它們落入一個具體可確定身份的人手裡。
生詞:anonymize 匿名
語料:end up with 以...告終
So far, there have been no withdrawals from those accounts.
目前為止,並沒有人提取這些賬戶裡的錢。
Given the scope of the attack, relatively few people appear to have actually paid the ransom. According to a Twitter account that monitors those accounts , they've received only about 250 payments worth a total of slightly more than $72,000.
儘管這次的網絡攻擊範圍廣,但真正支付了贖金的人還是相當的少。 根據監控這些賬戶的推特,他們只收到了大約250份贖金,加起來約合72000美元。
其他相關句子解析
The breadth of the attack seems to indicate that the software had been spreading around the globe possibly for weeks but lay dormantwhen first introduced into a network, said Sean Dillon, a senior security analyst with RiskSenseInc.
這次襲擊的範圍似乎顯示該軟件可能已經在全球傳播了幾周,但在最開始引入一個網絡時處於潛伏狀態,RiskSense的高級安全分析師Sean Dillon如是說。
生詞:breadth 廣度;範圍;indicate 顯示;dormant 潛伏的,靜止的;security analyst 安全分析師;RiskSense 全球最具創新力的網絡風險管理供應商之一
The ransomware used in Friday’s attack wreaked havoc on organisations including FedEx and Telefónica, as well as the UK’s National Health Service (NHS), where operations were cancelled, X-rays, test results and patient records became unavailable and phones did not work.
在週五的攻擊中使用的勒索病毒對很多結構都造成了極大的破壞,這些機構包括聯邦快遞,telefonica公司以及英國的國家健康服務系統。在NHS,手術被取消了,X光和檢測結果以及病人的病例都無法查看,電話也無法使用。
語料:wreaked havoc on 對…造成破壞
總結
生詞
cyberattack 網絡攻擊
ransom 贖金
ransomware 勒索軟件
malware 惡意軟件
vulnerability 弱點
phish 網絡釣魚
tempt 引誘
unwary 不警惕的
encrypt 加密
anonymize 匿名
breadth 廣度;範圍
indicate 顯示
dormant 潛伏的,靜止的
security analyst 安全分析師
RiskSense 全球最具創新力的網絡風險管理供應商之一
作文語料
hard-hit 遭受沉重打擊的
appear to 似乎
bounce back 迅速恢復
puzzle out 苦苦思索要弄清楚
yield 屈服,產生
take advantage of 利用
purportedly 據稱
stockpile 貯存
subsequently 隨後
in the first place 首先,起初
beyond repair 無法修理
end up with 以...告終
wreaked havoc on 對…造成破壞
原文剩餘部分
North Korea
Several sets of investigators have now reported tentative findings that suggest hackers linked to North Korea might have been involved with WannaCry. But they could all be drawing conclusions from a very small set of clues.
On Monday, the Russian security firm Kaspersky Lab said portions of the WannaCry program use the same code as malware previously distributed by the Lazarus Group, a hacker collective behind the 2014 Sony hack. Another security company, Symantec, related the same findings, which it characterized as intriguing but "weak" associations, since the code could have been copied from the Lazarus malware.
Two law enforcement officials likewise said U.S. investigators suspect North Korea based on code similarities; the officials called that finding preliminary. The officials spoke to The Associated Press on condition of anonymity because they aren't authorized to speak publicly about an ongoing investigation.
But WannaCry remains a puzzle, in part because some of its elements seemed amateurish. Salim Neino, CEO of the Los Angeles-based security firm Kryptos Logic, said the WannaCry worm was "poorly designed" — patched together and consisting of a "sum of different parts" with an unsophisticated payment system.
Typical ransomware also generates a unique bitcoin account for each payment to make tracing difficult. That wasn't done here.
Digging out
One of the organizations hardest hit by WannaCry — the U.K.'s National Health Service — appears to be recovering. On Friday, many NHS hospitals had to turn away patients after WannaCry locked up computers, forcing the closure of wards and emergency rooms.
NHS Digital, the body that oversees cybersecurity in Britain's health system, said that as of now, it has "no evidence that patient data has been compromised." The agency told hospitals to disconnect all infected computers, apply a Microsoft patch that closes the vulnerability, then "roll back" the infected computers and restore them from backed-up files.
U.K. hospitals are supposed to back up data frequently and at multiple locations. It's possible that some data that wasn't backed up could be lost.
Sign of hacks to come
WannaCry could also serve as a kind of template for future cyberattacks.
Neino of Kryptos Logic, for instance, said the leak of the NSA hacking tools have significantly narrowed the gap between nations and individuals or cyber gangs.
"The concern has always been, when are the real bad guys, the ones that don't care about rules of engagement, the ones who are really out to hurt us, will they become cyber-capable?" he said in an interview Monday night with The Associated Press. "I think today we found out that those who really want to hurt us have begun to, because they became cyber-capable the moment that the NSA cybertools were released."
