美國披露索尼受網絡攻擊細節
The director of the Federal Bureau of Investigation has offered fresh details of the cyber attack on Sony Pictures as he defended the US claim that North Korea was responsible.
Some internet security consultants have cast doubt on Pyongyang’s involvement in the data breach, but James Comey, the FBI director, said he had “high confidence” in the bureau’s conclusion and cited recently declassified material.
部分互聯網安全顧問對於朝鮮政府曾參與過這次數據泄露事件十分懷疑。不過FBI局長詹姆斯•科米(James Comey)表示,他對FBI的結論有着“高度的信心”,並提到了最近解密的材料。Guardians of Peace, the group claiming credit for the attack, used proxy services to disguise their location when sending emails threatening Sony employees and posting statements online explaining their work, he said. But, he added, they got “sloppy”.
他說,在發出電子郵件威脅索尼員工並在網上貼出解釋其工作的聲明時,聲稱爲此次網絡襲擊負責的“和平衛士(Guardians of Peace)”使用了代理服務掩飾他們的位置。不過,他補充說,這些人的處理“十分草率”。
“Several times either because they forgot or they had a technical problem they connected directly and we could see them. And we could see that the IP addresses that were being used to post and to send the emails were coming from IPs that were exclusively used by the North Koreans,” he said.
他說:“有那麼幾次,要麼是由於他們忘了,要麼是由於他們遇到了技術問題,他們採取了直接連接的方式,從而令我們可以發現他們。此外,我們還發現他們用於發佈聲明和發送電子郵件的IP地址,來自朝鮮專用的IP地址。”His comments came in response to recent allegations by a private computer security firm that said the cyber attack, which revealed embarrassing emails, salary information about employees, and other sensitive information, was more likely to be an inside job. Sony’s chief executive called the attack “vicious”.
他這番言論是對近期一傢俬營電腦安全公司指控的迴應。這家公司表示這次網絡襲擊更有可能是一次索尼人員的內部行爲。這次網絡襲擊披露了一些令人尷尬的電子郵件內容、索尼員工的薪資信息、以及其他敏感信息。索尼首席執行官曾稱這次襲擊“十分惡毒”。Mr Comey said the FBI was still looking to identify the “vector” of the attack but said “the likely vector for the entry into Sony” evolved from a spear phishing attempt on the company as late as last September. Spear phishing is a technique deployed by hackers who send emails posing as someone known to the recipient, seeking information such as passwords.
科米表示,FBI仍在辨認此次襲擊的“媒介”。不過他表示,“攻入索尼的可能媒介”與針對索尼的魚叉式網絡釣魚(Spear phishing)攻擊有關,這些攻擊最晚發生在去年9月。魚叉式網絡釣魚是黑客使用的一種技術,這些黑客會僞裝成接收者認識的人,向其發送電子郵件並套取密碼等信息。Mr Comey was speaking at a cyber conference held by the FBI and Fordham University.
科米是在FBI和福坦莫大學(Fordham University)召開的有關網絡的會議上發表上述言論的。
