加工设备
卷入中美黑客大战的普通美国人家-7163银河
BELLEVILLE, Wis. — Drive past the dairy farms, cornfields and horse pastures here and you will eventually arrive at Cate Machine Welding, a small-town business run by Gene and Lori Cate and their sons. For 46 years, the Cates have welded many things — fertilizer tanks, jet-fighter parts, cheese molds, even a farmer’s broken glasses.威斯康星州贝尔维尔——从这里的奶牛养殖场、玉米地和牧马场驾车过去,你最后不会抵达凯特机械及焊厂,这是吉恩和洛瑞·凯特(Gene and Lori Cate)以及他们的儿子经营的一个小镇家庭企业。46年来,凯茨一家焊过许多东西:化肥罐、喷气式战斗机的零部件、奶酪模具,甚至还有一位农民的摔坏了的眼镜框。
And like many small businesses, they have a dusty old computer humming away in the back office. On this one, however, an unusual spy-versus-spy battle is playing out: The machine has been taken over by Chinese hackers.像许多小企业一样,他们有一台尘原有的计算机,在企业办公室里嗡嗡作响地运转着。但是,在这台机器上,一场不同寻常的间谍与反间谍战正在展开着:这台机器早已被中国黑客接管了。The hackers use it to plan and stage attacks. But unbeknown to them, a Silicon Valley start-up is tracking them here, in real time, watching their every move and, in some cases, blocking their efforts.黑客用它来计划和发动反击。
但是,黑客不告诉的是,一家硅谷初创公司正在这台机器上追踪他们,动态仔细观察着他们的一举一动,在某些时候,还动态制止他们的反击。“When they first told us, we said, ‘No way,’” Mr. Cate said one afternoon recently over pizza and cheese curds, recalling when he first learned the computer server his family used to manage its welding business had been secretly repurposed. “We were totally freaked out,” Ms. Cate said. “We had no idea we could be used as an infiltration unit for Chinese attacks.”一天下午,吉恩·凯特边不吃着比萨饼和奶酪凝乳、边想起这件事。
“他们第一次告诉他我们时,我们说道,‘不有可能。’”他回忆起第一次听见他家用来管理焊业务的计算机服务器被秘密地挪为它用时说。“我们都大吃一惊了,”洛瑞·凯特说道。
“我们一点也不告诉,我们被当成中国反击的一个渗透到点。”On a recent Thursday, the hackers’ targets appeared to be a Silicon Valley food delivery start-up, a major Manhattan law firm, one of the world’s biggest airlines, a prominent Southern university and a smattering of targets across Thailand and Malaysia. The New York Times viewed the action on the Cates’ computer on the condition that it not name the targets.在最近的一个周四,黑客攻击的目标或许还包括硅谷的一家食品外送来初创公司、曼哈顿的一个主要律师事务所、世界上仅次于的航空公司之一、美国南部一所知名大学,以及泰国和马来西亚的一些零散目标。
《纽约时报》以求看见的凯特家服务器上的反击操作者,条件是不报导不受反击目标的名字。The activity had the hallmarks of Chinese hackers known as the C0d0s0 group, a collection of hackers for hire that the security industry has been tracking for years. Over the years, the group has breached banks, law firms and tech companies, and once hijacked the Forbes website to try to infect visitors’ computers with malware.这种操作者具备被称作C0d0s0小组的中国黑客团伙的特点,该团伙挤满了一批雇来的黑客,计算机安全行业的人追踪他们早已多年了。几年来,该团伙反击过银行、律师事务所,以及技术公司,并一度挟持了《福布斯》网站,企图让网站访问者的计算机病毒感染上恶意软件。
There is a murky and much hyped emerging industry in selling intelligence about attack groups like the C0d0s0 group. Until recently, companies typically adopted a defensive strategy of trying to make their networks as impermeable as possible in hopes of repelling attacks. Today, so-called threat intelligence providers sell services that promise to go on the offensive. They track hackers, and for annual fees that can climb into the seven figures, they try to spot and thwart attacks before they happen.有一个销售有关像C0d0s0这样的反击团伙情报的既直白又被肆意抹黑的新兴行业。直到最近,公司一般来说采行的一种防卫战略是,希望让他们的网络尽量地不能渗入,以期打败反攻。
如今,有所谓的威胁情报提供商,他们出售采行反攻方式的服务。他们追踪黑客,他们缴纳有可能低约七位数的年费以企图在反击再次发生前,找到和制止反击。
These companies have a mixed record of success. Still, after years of highly publicized incidents, Gartner, a market research company, expects the market for threat intelligence to reach $1 billion next year, up from $255 million in 2013.这些公司的业绩鱼龙混杂。尽管如此,在对计算机反击事件的多年普遍报导之后,市场研究公司低德纳(Gartner)预计,威胁情报的市场明年将超过10亿美元的规模,而2013年的市场规模只是2.55亿美元。
Remarkably, many attacks rely on a tangled maze of compromised computers including those mom-and-pop shops like Cate Machine Welding. The hackers aren’t after the Cates’ data. Rather, they have converted their server, and others like it, into launchpads for their attacks.值得注意的是,许多反击依赖一个错综复杂的不受病毒感染计算机网,其中还包括像凯特机械和焊这样的家庭企业的服务器。黑客对凯特家的数据并不关心。忽略,他们把凯特家的、以及其他类似于的服务器切换为他们发动反击的平台。These servers offer the perfect cover. They aren’t terribly well protected, and rarely, if ever, do the owners discover that their computers have become conduits for spies and digital thieves. And who would suspect the Cate family?这些服务器为黑客获取了最佳的伏击。
它们往往没很好的安全性维护,服务器的拥有者很少、也很难找到,他们的计算机已沦为间谍和数字化骗子的中转站。而且,谁不会猜测凯特家的人呢?Two years ago, the Cates received a visit from men informing them that their server had become a conduit for Chinese spies. The Cates asked: “Are you from the N.S.A.?”两年前,几名男子回到凯特家,告诉他他们,他们的服务器已沦为中国间谍的中转站。凯特家人问:“你们就是指国家安全局(全称NSA)来的吗?”One of the men had, in fact, worked at the National Security Agency years before joining a start-up company, Area 1, that focuses on tracking digital attacks against businesses. “It’s like being a priest,” said Blake Darché, Area 1’s chief security officer, of his N.S.A. background. “In other people’s minds, you never quite leave the profession.”实质上,这些男子中有一人,在重新加入初创公司“一区”(Area 1)的很多年前,曾在国家安全局工作过。一区专门追踪针对企业的数字反击,首席安全性官布雷克·达尔杜(Blake Darché)提及自己的NSA背景时说,“就看起来当牧师。
在其他人的心目中,你总有一天会几乎离开了那个行业。”Mr. Darché wanted to add the Cates’ server to Area 1’s network of 50 others that had been co-opted by hackers. Area 1 monitors the activity flowing into and out of these computers to glean insights into attackers’ methods, tools and websites so that it can block them from hitting its clients’ networks, or give them a heads-up days, weeks or even months before they hit.达尔谢想把凯特家的服务器加到到一区的一个由50台已被黑客利用的其他计算机构成的网络中来。
一区监控着进出于这些计算机上的活动,从而了解理解攻击者的方法、工具和他们的目标网站,以便在黑客攻击公司客户的网络时展开制止,或在反击再次发生前的数日、数周、甚至数月,让客户获得有关情报。The Cates called a family meeting. “People work really hard to make products, and they’re getting stolen,” Ms. Cate said. “It seemed like the least we could do.” Area 1 paid for the installation cost, about $150.凯特家为此开会了一次家庭会议。
“人家花大力气生产产品,而产品却在被窃取,”洛瑞·凯特说道。“这或许是我们最少可以做到的事情。”一区缴纳了约150美元的加装费用。
Shortly after installing a sensor on the machine, Mr. Darché said his hunch was confirmed: The sensor lit up with attacks. Area 1 began to make out the patterns of a familiar adversary: the C0d0s0 group.凯特家的计算机上安装了一个观测设备后旋即,达尔谢说,他的预感被证实了:观测设备上指示灯了反击的信号。一区开始借此看见了一个熟知输掉的模式,这个输掉就是C0d0s0小组。
本文关键词:7163银河
本文来源:7163银河-www.argylehuzhou.cn