在线词典,在线翻译

黑客大战

所属:生活杂谈 阅读:6775 次 评论:0 条 [我要评论]  [+我要收藏]

小编摘要:俗话说,道高一尺,魔高一丈,在计算机安全领域,黑白之争向来难分胜负,不过本文所描述的事件又多了一层意思,不仅阐释了安全领域的复杂与暧昧,也警示了那些涉足其间的企业,怎样避免沦落到文中HBGary那步田地,值

Greg Hoglund's nightmare began on Super Bowl Sunday. On Feb. 6 the high-tech entrepreneur was sitting in his home office, trying to get to the bottom of some unusual traffic he was seeing on the Internet. Two days earlier he'd noticed troubling activity hitting the website of HBGary Federal, the Sacramento startup he helped launch in 2009. He suspected some kind of hacker assault and had spent the weekend helping to shore up the company's systems. A few hours before Green Bay kicked off to Pittsburgh, Hoglund logged into his corporate account on Google (GOOG)—and confirmed his fears.


格雷格·霍格伦德(Greg Hoglund)的梦魇始于超级碗星期日。2月6日,这位高科技企业家正端坐于办公室,之前他在互联网上看到了一些不寻常的流量,因而想弄个水落石出。两天前,他就已经留意到有令人不安的活动在冲击HBGary Federal的网站,HBGary Federal是他于2009年协助成立的一家位于萨克拉门托的新创企业。他怀疑有某类黑客在发起攻击,于是利用这个周末来帮助维护该公司的系统。就在绿湾队与匹兹堡队比赛开球前几个小时,霍格伦德登录进入他在谷歌的企业帐号——他的担心被证实了!

黑客


He couldn't get in. Someone had changed the password and locked him out of his own e-mail system.


他进不去了。有人修改了密码,将他挡在了自家的邮件系统之外。


Stolen passwords and hackers are facts of life in the Internet Age. Twitter, Facebook, MasterCard (MA), the Washington Post Co. (WPO), the New York Stock Exchange (NYSE), the U.S. State Dept., and countless other organizations large and small have had to deal with cyber-assaults. More often than not, the security hole is plugged and, if the victims are lucky, the plague abates. Not this time. HBGary Federal is a spinoff of Hoglund's HBGary Inc., a cyber-security firm that offers protection to corporations and governments from cyber-attack. Hoglund built his career on the business of hacker-proofing—getting hacked meant HBGary failed at the very thing it's paid to get right.


在互联网时代,窃取密码与黑客可谓司空见惯。Twitter、Facebook、万事达卡、华盛顿邮报公司、纽约交易所、美国国务院以及其他无数大大小小的组织都必须对付网络攻击。多数情况下,安全漏洞是堵上了的,如果受攻击者还算幸运,灾难面前尚可全身而退。不过这次的情况完全有别。HBGary Federal是霍格伦德的HBGary公司旗下的一家网络安全公司,而HBGary专为企业和政府提供安全保护以免遭网络攻击。霍格伦德的事业就建立于防黑客的生意之上——被黑等于是说HBGary搞砸了自家的饭碗。


Hoglund called Google's corporate technical support to shut down the account, but a representative told him that doing so would take time. It didn't matter. Intruders were already helping themselves to tens of thousands of internal documents and e-mails, some of them personal exchanges between Hoglund and his wife, Penny Leavy, president of HBGary. Then the hackers—who turned out to be members of the anarchic cyber-guerrilla organization that calls itself Anonymous—triumphantly posted their electronic booty on an online file-sharing service for all the world to see.


霍格伦德致电谷歌企业技术支持,要求关闭该账号,但一名技术代表告诉他,这样做是需要时间的。于事无补。入侵者已经自行获取了数万个内部文档与邮件,其中一些是霍格伦德与妻子HBGary总裁佩妮·利维(Penny Leavy)之间的私人往来信件。随后,黑客得意洋洋地在一个文件共享网站上贴出了他们的电子战利品,让全世界都看得一清二楚。后来证明,这群黑客原来是无政府网络游击组织(自称为“匿名”)的成员。


That's when Hoglund's real problems began, and the resulting controversy—involving a high-powered Washington (D.C.) law firm, the Justice Dept., and the whistle-blower site WikiLeaks—hasn't just been entertaining geek theater but a rare look into the esoteric realm of cyber-security. It's a world where only a select few understand the workings of the computers and networks we all use, where publicly antagonizing the wrong people can have disastrous consequences, and where some participants tend toward self-aggrandizement and flexible differentiations between right and wrong.


这才是霍格伦德真正麻烦的肇始,随之而来的争议将华盛顿一家高级律师事务所、司法部与揭发内幕网站维基泄密均裹挟其中,这不仅给极客影院提供了消遣素材,也是对隐秘的网络安全领域难得的一次窥探。在这个世界里,只有少数出类拔萃者才懂得我们所使用的电脑与网络的工作原理;公开与坏人作对可能带来灾难性的后果;有些参与者趋向自我膨胀,模糊了好坏之间的差别。


The HBGary Federal documents—to Hoglund's surprise, he says—revealed unethical and potentially criminal plans to build a digital-espionage-for-hire business. "They really showed how bad things are getting," says Bruce Schneier, a renowned computer security expert. "Blackmail, espionage, data theft. These are things that were proposed as reasonable things to do. And no one said, 'Are you crazy?' "


按霍格伦德所言,HGGary Federal的文档让他感到震惊,它们揭露了不道德的潜在犯罪计划——借此创立“数字间谍出租”的业务。“文档确实表明了情况有多糟糕,”著名计算机安全专家布鲁斯·谢内尔(Bruce Schneier)说道。“勒索、刺探、数据窃取,这些被当作合理的事情提议出来。而且竟然没人说,‘你疯了吗?’”


The plans were conceived in part by HBGary Federal's top executive, a former U.S. Navy cryptologist named Aaron Barr. Barr was working in conjunction with two other security companies. In a bit of cloak-and-dagger grandiosity, the firms dubbed their collaboration Team Themis, after a titan of Greek mythology who embodied natural law. (Forsaking Themis brings on Nemesis.) Team Themis proposed to electronically infiltrate grass-roots organizations opposed to the U.S. Chamber of Commerce, the powerful Washington lobbying organization. In a separate and even more legally dubious proposal intended for Bank of America (BAC), the group laid out a plan to infiltrate WikiLeaks and intimidate its supporters.


HBGary Federal的高级主管、前美国海军密码学家艾伦·巴尔(Aaron Barr)参与了该计划的设计。他是时在与另两家安全公司联手合作。带着对这项秘密行动的些许炫耀之情,这些公司将他们的合作命名为忒弥斯团队(Team Themis),忒弥斯是希腊神话中执掌自然法则的泰坦神。(抛弃忒弥斯,结果引来了复仇女神涅墨西斯。)忒弥斯团队建议以电子方式渗入那些对抗强大华盛顿游说组织——美国商会的民间组织。另一份为美国银行设计的建议书在法律上甚至更站不住脚,该组织在其中制定计划要渗入维基解密并恫吓其支持者。


Team Themis's machinations were exposed before they got past the proposal stage. But the schemes the security firms came up with were Nixonian in scope and Keystone Kops-like in execution. In a 12-page PDF sent to Hunton & Williams, the Washington law firm representing the U.S. Chamber, Team Themis suggested creating dummy documents and online personae, and scouring social networks such as Facebook for intelligence on their prospective client's most vocal critics. In the proposal for Bank of America, the security firms suggested hacking WikiLeaks itself to expose its sources.


忒弥斯团队的图谋还在立项阶段就被曝光了。不过,安全公司鼓捣出来的方案就范围而言是尼克松似的【译注:尼克松似的意指极度隐匿或堕落】,在实施上则有如启斯东警察一般【译注:启斯东警察是滑稽喜剧片中的角色,是一帮愚蠢无能的警察】。在发给代表美国商会的华盛顿何威律师事务所的一份12页的PDF文档中,忒弥斯团队建议创建假文档和网络伪身份,搜索Facebook之类社交网络,以获取对他们潜在客户抨击最为激烈者的情报。在面向美国银行的建议书中,安全公司则建议黑掉维基泄密自身,以便揭露其消息来源。


For Hoglund and his 30-person company, the fallout from the revelations continues to grow. Employees of HBGary and their families have been besieged with hostile phone calls and e-mails, including some death threats, and the company canceled its presentations at the annual RSA cyber-security conference in February. News sites that cover computer security have plumbed the document dump, turning HBGary and Barr into objects of ridicule. Barr resigned on Mar. 1 and declines to speak publicly about the ordeal.


对于霍格伦德及其30人的公司而言,这场曝光的余波可谓此起彼伏。HBGray的员工及其家人被敌视的电话和邮件团团包围,有些甚至还发出了死亡威胁,而公司也取消了2月在RSA网络安全年度大会上的演示。那些报道计算机安全的新闻网站对转储的文档进行深入挖掘,将HBGary与巴尔当作了嘲弄的靶子。巴尔于3月1日黯然辞职,他拒绝就这一痛苦经历公开发言。


All of it makes Greg Hoglund furious. "These individuals are not hacktivists, they are criminals," he tells Bloomberg Businessweek, referring to his Anonymous adversaries. "If you let a gang of cyber-thugs hack into systems with impunity and get away with it, what kind of precedent does that set for cyber-security?"


所有这些令霍格伦德怒不可遏。“这些家伙就不是什么激进黑客,而是犯罪分子,”谈及“匿名”对手时,他对《彭博商业周刊》大发感慨。“如果让一帮网络暴徒毫发无损地攻进系统,又逍遥法外,那为网络安全所设的判例究竟是什么?”


Hoglund, 38, is widely respected in the computer security world for his expertise with "rootkits," software that facilitates privileged access to a computer while evading detection. The HBGary chief executive officer never went to college and learned his trade on the fly, spending time with other hackers and writing his own security software. He co-founded HBGary in 2004, providing corporations with tools to detect, analyze, and combat sophisticated malware attacks from hostile foreign governments. (The firm's name is derived from Hoglund and his two original partners, Shawn Bracken and Jon Gary.) Among the companies HBGary has worked with are Morgan Stanley (MS), Sony (SNE), and Walt Disney (DIS).


霍格伦德现年38岁,因其对“rootkit”(该软件可在避开侦测的同时轻松获取计算机的访问权限)的了如指掌而在计算机安全领域里广受尊敬。这位HBGary首席执行官从未上过大学,生意也是即学即用,他喜欢与其它黑客呆在一起,并编写自己的安全软件。他于2004年联合创立了HBGary,为企业提供工具来侦测、分析和抗击来自敌对外国政府的复杂恶意软件攻击。(该公司得名于霍格伦德及另两位初始合作伙伴肖恩·布莱肯(Shawn Bracken)与乔·加里(Jon Gary))。HBGary服务的公司包括摩根斯坦利、索尼与迪斯尼。


Fifteen months ago, Hoglund decided to branch out into a new market and spun off HBGary Federal to perform classified work for the U.S. government. Employees of the subsidiary would have military experience and top security clearances. To run the operation, Hoglund tapped Barr, then an engineer in the Intelligence Systems Division of military contractor Northrop Grumman (NOC).


15个月前,霍格伦德决定开辟新的分支市场,于是拆出HBGary Federal来为美国政府完成机密工作。该子公司的员工要具备军事经验,并拥有最高安全许可。为了开展业务,霍格伦德相中了巴尔,当时他是军事任务承包商诺斯罗普·格鲁曼公司情报系统部门的工程师。


"Aaron has a very high IQ. He's a very smart individual," says Hoglund. "He also has an incredibly good reputation, or he did at the time."


“艾伦天资聪颖,是个非常机敏的人,”霍格伦德坦言。“他声誉颇佳,至少当时是如此。”


In the year after he was hired, Barr had little success building HBGary Federal's business. The firm initially attempted to break into the "incident response" market, selling its spycraft to government agencies so they could shut down leaks and identify cyber-attackers. That field is competitive, and paying work sparse for startups. By October 2010, in the e-mails that later became public, Hoglund warned Barr that HBGary Federal was "out of money and none of the work you had planned has come in." In his reply, Barr agreed.


巴尔上任之后的一年里,他在HBGary Federal的业务开拓上收效甚微。公司起初试图打入“事件响应”市场,销售间谍工具给政府机构使其能阻止信息外泄和识别网络攻击者。但这一领域竞争十分激烈,对新创企业来说利润空间不大。据后来公开的邮件显示,到了2010年10月,霍格伦德警告巴尔说,HBGary Federal“财政捉襟见肘,而你所计划的工作了无成效。”在回复中,巴尔对此予以承认。


Barr did have one possible lifeline. On Oct. 19, Palantir Technologies, a Palo Alto (Calif.) cyber-security company whose terrorism analysis software is used by the Pentagon and the CIA, reached out to HBGary Federal and another security firm, Virginia-based Berico Technologies, with a tempting offer. Palantir said it had been approached by Hunton & Williams, a century-old firm with ties to the Republican Party and the defense industry. The firm needed investigative services on behalf of a high-profile, deep-pocketed client.


巴尔确有一根可能的救命稻草。10月19日,位于加州帕洛阿尔托的网络安全公司Palantir科技(五角大楼和CIA都使用了它的恐怖行动分析软件)向HBGary Federal和另一家安全公司、位于弗吉尼亚州的Berico科技伸出了橄榄枝,报价煞是诱人。Palantir说,拥有百年历史、与共和党及军工业关系不浅的何威律师事务所曾与其接洽。作为一位大名鼎鼎、财大气粗客户的代表,该事务所亟需调查服务。


Barr and representatives from the other companies discussed the project via e-mail and visited Hunton & Williams in November to meet with Richard Wyatt, co-head of the firm's litigation group. A person who was at the meeting says Wyatt wore suspenders, smoked a cigar, and propped up his cowboy boots on his desk—a cartoonish vision of a D.C. power broker. But the security professionals were impressed when they learned the identity of the prospective client: the U.S. Chamber of Commerce, which had just backed a wave of successful conservative candidates for Congress.


巴尔与其他公司的代表通过邮件对该项目进行了讨论,并于11月造访何威,会见了事务所诉讼组联席主管理查德·怀亚特(Richard Wyatt)。一名与会人员描述,怀亚特身着背带裤、抽着雪茄,脚上蹬的牛仔靴翘到了桌子上——活灵活现一位特区的政治掮客模样。但安全专家听闻他们潜在客户的身份之后更是刻骨铭心,因为这位客户就是美国商会,它刚为国会输送了一大批颇有成就的保守派候选人。


The Chamber, it seemed, had a public-relations problem: Activist organizations such as U.S. ChamberWatch, Velvet Revolution, and Change to Win were accusing it of financial improprieties and using foreign donations for political purposes. The Chamber believed all these grass-roots organizations were working in concert with the surreptitious backing of major unions. According to the e-mails released by Anonymous, Hunton & Williams was already amassing reams of information, including union rosters, and needed expert help in digesting the data. The security firms' mission, should they choose to accept it: Infiltrate the activist groups and their leadership, compile dossiers, and help the law firm "truly understand and eliminate emerging threats that could cause harm to their clients," according to a Team Themis document.


商会看来遇到了公共关系方面的麻烦:激进组织,如美国ChamberWatch、天鹅绒革命与变革取胜团体正指责它金融违规,将国外捐款用于政治目的。商会认为所有这些民间组织在主要工会的暗中支持下沆瀣一气。根据“匿名”发布的邮件,何威已经收集了大量信息,包括工会名单,它需要专家帮助消化这些数据。按照忒弥斯团队的一份文件的说法,如果安全公司选择接受的话,那它们的任务是:渗入激进组织及其领导层,收集档案,协助律师事务所“如实了解并消除那些可能对其客户造成伤害的威胁苗头”。


The team's members spent much of November working up their proposal. They highlighted how they would funnel their gleanings through Palantir Technologies' military-grade terrorist-tracking software. "We need to blow these guys away with descriptions of our capabilities," wrote Matthew Steckman, an engineer at Palantir, in one of the e-mails in the published documents. "Make them think that we are Bond, Q, and money penny [sic] all packaged up with a bow."


团队成员11月份大部分时间都在制定建议书。他们着重介绍了如何借助Palantir科技的军事级恐怖活动追踪软件提炼所收集的信息。“我们需要通过功能描述震住这些家伙,”Palantir的工程师马修·斯特克曼(Matthew Steckman)在曝光文件的一封邮件里这么写道。“让他们以为我们是邦德、Q和芒尼潘妮【原文如此】的混合体【译注:Q和芒尼潘妮都是邦德电影中的角色,其中Q是军情六处研发部门的头,而芒尼潘妮是邦德顶头上司、军情六处的头M的秘书】。”


Then there was the matter of price. Such private online espionage was hardly common practice, and there was no industry-standard pay scale. Team Themis landed on $2 million. For that sum, the client would get a "daily intelligence summary," "link diagrams," and "target impact analysis," among other services. Hunton & Williams, on behalf of the Chamber, balked at the price, so the security companies agreed to do a pilot on spec. (The law firm has not commented on the matter.)


接下来是价钱问题。这类私人网络间谍可不是平常业务,也没有行业标准性的报酬等级可供参考。忒弥斯团队开价2百万美元。以此价格,客户会获得一份“每日情报汇总”、“链接图表”与“目标影响分析”及其他服务。何威代表商会拒绝接受该价格,因此安全公司同意按细则先行试用。(律师事务所尚未就此发表意见。)


Hunton & Williams clearly saw potential in Team Themis. On Dec. 2, in a message with the subject line "Urgent: Opportunity," a partner at the firm asked the group to come up with a new plan, this time to combat WikiLeaks on behalf of a different prospective client—Bank of America, which believed WikiLeaks was about to publish a cache of its documents. (The Justice Dept., the e-mails suggested, had recommended that Bank of America hire Hunton & Williams.)


何威显然看到了忒弥斯团队的潜能。在12月2日一份标题为“紧急信息:机遇”的邮件中,事务所的一名合伙人请该团队提交新计划,这次是要对抗维基泄密,代表的是一位不同的潜在客户——美国银行,因为美国银行认为维基泄密将要公布一些它的文件。(邮件暗示,司法部曾推荐美国银行雇佣何威。)


Barr took the lead in crafting what would become an infamous 24-slide PowerPoint presentation that called for a cyber-campaign of disinformation against WikiLeaks. The document analyzes WikiLeaks' server infrastructure, talks about planting news stories about the exposure of its confidential informants, and proposes online attacks. Some of the language is comical, like a verbal version of an old Spy Vs. Spy cartoon from Mad magazine: "Speed is crucial!" blares one slide. "The threat demands a comprehensive analysis capability now." A person familiar with the creation of the presentation said it was the result of late-night brainstorming, and that the security firms knew Bank of America would likely reject the most aggressive tactics.


巴尔牵头精心炮制了一份后来声名狼藉的24页幻灯演示文档,呼吁发动一场散布假情报的网络战役来对抗维基泄密。该文档分析了维基泄密的服务器基础设施,谈到植入揭露告密者的新闻故事,并建议实施网络攻击。有些语言甚为搞笑,一副《Mad》杂志中老式谍战卡通的口吻:“速度是关键!”响彻于整张幻灯片。“如今解决这种威胁要求具备全面的分析能力。”一名熟悉演示创制过程的人称这是深夜集体讨论的结果,而安全公司明白美国银行可能会拒绝采用最激进的策略。


As with the Chamber of Commerce scheme, the WikiLeaks proposal never got a final hearing. While HBGary Federal and the other security firms awaited a formal go-ahead from Hunton & Williams and its clients, Barr decided to deploy his new research techniques on Anonymous.


与商会方案一样,维基泄密的建议书永远都不会进入最后听证阶段了。当HBGary Federal与其它安全公司翘首以盼何威及其客户正式通过的批复时,巴尔决定对“匿名”采用其新研究的技术。


Anonymous has had a busy winter. The group, which appears to be less a formal organization than a loose coalition of tech-savvy radicals, attacked government websites in Egypt and Tunisia. It launched denial-of-service attacks on Amazon.com (AMZN), PayPal, MasterCard, and Visa (V) after those companies declined to do business with WikiLeaks. Barrett Brown, an unofficial spokesman for the group, says its goal is "a perpetual revolution across the world that goes on until governments are basically overwhelmed and results in a freer system."


“匿名”这个冬天很繁忙。它不像个正规的组织,而是技术娴熟的激进分子结成的松散同盟,曾攻击过埃及和突尼斯的政府网站。在亚马逊、贝宝、万事达卡和Visa拒绝与维基泄密做交易之后,该组织向它们发动过拒绝服务攻击。该组织的非官方发言人巴雷特·布朗(Barrett Brown)说,其目标是“在全世界开展永久革命,直到政府基本被扫除,形成一个更自由的社会体系。”


Barr had come to believe that companies would have to defend themselves against this anarchic sensibility using the same tactics as the mischief makers. He also believed he had the skills and experience to join the battle. His principal weapon was a method he developed to associate the real identities found in social networks such as Facebook and LinkedIn with the anonymous profiles of hackers. So while Hunton & Williams weighed Team Themis's proposals, and with the ultimate fate of HBGary Federal hanging in the balance, Barr figured the time was right to demonstrate how social networks could yield an intelligence bonanza.


巴尔认识到公司不得不进行自我防护,以免遭受这种无政府主义情绪的侵害,使用的策略就是把水搅混。他自信拥有足够的技艺与经验加入这场战斗。他的主要武器便是他所开发的一种方法,该方法可以将社交网络如Facebook与LinkedLn中发现的真实身份与黑客的匿名资料关联起来。因此,何威还在评估忒弥斯团队的建议书,HBGary Federal的最终命运尚悬于一线这个节骨眼上,巴尔认为恰是时候来展示社交网络如何能够成为情报的金矿。


Barr began by hanging out in an online forum called Internet Relay Chat (IRC), using a fake identity. At the same time, on social networks, he "friended" people thought to be senior members of the Anonymous collective. Barr then compared the times that suspected hackers logged into IRC chat rooms anonymously and into their own identifiable social networking accounts.


巴尔先使用假身份挂在一个IRC网络论坛里。与此同时,在社交网络上,他加了一些他认为是“匿名”组织高级成员的人为“好友”。随后巴尔比较了嫌疑黑客匿名登录ICR聊天室和登录自己可识别社交网络账号的时间。


The exposed HBGary e-mails would later reveal that Barr's own employees thought he was overreaching and that they feared retribution from the vengeful Anonymous. But Barr plunged ahead. He proposed a talk at the RSA conference in San Francisco titled "Who Needs NSA when we have Social Media?" Then he promoted the talk by suggesting he would expose the identities of the primary members of the group.


曝光的HBGary邮件后来显示,巴尔手下员工认为他做事过头了,他们担心遭到复仇心重的“匿名”报复。但巴尔仍旧一头扎了进去。他打算在旧金山RSA会议上发表题为“当我们有了社交媒体,谁还需要NSA?”的演讲。之后为了给这一演讲造势,他暗示将揭秘该组织主要成员的身份。


On Feb. 4, a Friday, Barr bragged to the Financial Times about his upcoming talk and claimed he had obtained the identities of the group's de facto leaders. Bad idea. As Stephen Colbert summed it up, lampooning the HBGary affair on his TV show, "Anonymous is a hornet's nest. And Barr said, 'I'm gonna stick my penis in that thing.' "


2月4日,星期五,巴尔向《金融时报》吹嘘他即将进行的演讲,并声称他获得了该组织实际领导者的身份。糟糕的点子。斯蒂芬·科贝特(Stephen Colbert)在其电视秀上讽刺HBGary丑闻时如是概括道,“‘匿名’是个马蜂窝。而巴尔说,‘我要把我的命根子插到那东西里。’”


When hackers taunt, they often use the term "pwned"—as in, "I so pwned you, newbie." No one seems to agree where the word came from. Google it, and you'll find claims that it's a corruption of "owned," or that it's from a computer game, or maybe it's just a shortened form of the chess term "pawned." Whatever its origins, the term connotes humiliating domination by another person or group.


当黑客嘲弄人时,他们常会用到术语“玩弄”(pwned)——比如说,“我就这样玩弄了你,菜鸟。”关于这个单词的出处,大家莫衷一是。用谷歌搜索你会发现,有人说它是“占有”(owned)的误写,有人说它出自某款计算机游戏,还有人说它也许只是国际象棋术语“卒”(pawned)的简写。不论源自何处,该术语都含有“被其他人或组织耻辱性地控制”之意。


That's roughly what happened next to Barr, Hoglund, and HBGary. Responding to Barr's public claims, the Anonymous hackers exploited a vulnerability in the software that ran HBGary Federal's website, obtained an encrypted list of the company's user names and passwords, and decoded them. Barr and some of his colleagues, Anonymous then discovered, had committed computer security's biggest sin: They used the same password on multiple accounts. The hackers commandeered Barr's Twitter and LinkedIn accounts, lacing both with obscenities. One of the passwords also opened the company's corporate Google account. Jackpot. In less than 48 hours after Barr's Financial Times interview appeared, the hackers had the keys to the kingdom.


接下来在巴尔、霍格伦德与HBGary身上发生的事情和这没什么差别。为了回击巴尔的公开声明,“匿名”黑客利用了HBGary Federal网站运行软件中的一个漏洞,获取了该公司用户名与密码的加密列表,并对之进行了解密。“匿名”随后发现,巴尔与他的一些同事竟然犯了计算机安全的大忌:对多个账号使用相同密码。黑客劫获了巴尔的Twitter与Linkedln账号,用下流话在里面灌水。其中一个密码同时可打开该公司的谷歌企业账号。中了头彩了!就在巴尔的《金融时报》专访刊出不到48小时,黑客就拿到了进入这一王国【译注:指HBGary Federal】的钥匙。


They immediately started downloading HBGary's e-mails. All told, Anonymous got hold of 60,000-plus—about 4.7 gigabytes worth, including attachments—and quickly put them all online in conveniently searchable form. The material details online security holes at HBGary clients and prospects such as Sony, Johnson & Johnson (JNJ), Disney, ConocoPhillips (COP), and dozens of others. The e-mails showed that DuPont (DD) was breached in 2009 (by the same hackers who hit Google) and again in late 2010. DuPont employees on a business trip to China even found that their laptops had been implanted with spyware while the hardware was supposedly locked inside a hotel safe.


他们马上开始下载HBGary的邮件。“匿名”总共得到了60000多个邮件(包括附件在内,大约有4.7G),并迅速以方便搜索的格式将它们放到网上。这些材料详细描述了HBGary客户与潜在主顾如索尼、强生、迪斯尼、康菲及其他几十家公司的网上安全漏洞。邮件显示,杜邦曾于2009年被侵入(攻击谷歌的同一批黑客所为),2010年末又被侵入了一次。在一次中国商务之旅期间,杜邦员工甚至发现他们的笔记本电脑被植入了间谍软件,而当时硬件应该是锁在饭店保险箱里的。


In the ensuing days, Barr and Leavy, HBGary's president, took to IRC channels to plead with Anonymous for mercy. None was forthcoming. Members of the group and their supporters gleefully defaced and posted photos of Barr, published personal details about his family, tweeted his Social Security number, and generally gloated about pwning a professional adversary. They said the "ninja team" that hacked HBGary included a 16-year-old girl named Kayla. (Rumors online suggest that "Kayla" is actually a 26-year-old man living in New Jersey. Who's right? Not even Anonymous may know.) "We have no choice but to defend ourselves and defend WikiLeaks by these means," says Brown, the unofficial Anonymous spokesman. "This has just begun. We're absolutely at war now."


随后的日子里,巴尔与HBGary的总裁利维通过IRC渠道向“匿名”恳求宽恕。无人乐意伸出援手。该组织成员及其支持者欣然贴出了被毁损的巴尔照片,公布了有关他家庭的个人信息,转推了他的社会保险号码,对于玩弄一个专业对手,大家都幸灾乐祸。他们说黑掉HBGary的“忍者组”包括一名16岁的女孩凯拉(Kayla)。(网上传闻暗示“凯拉”实际是一名住在新泽西的26岁男子。孰对孰错?甚至就连“匿名”或许也不知道。)“我们别无选择,只有通过这些办法捍卫自己,捍卫维基泄密,”“匿名”非官方发言人布朗(Brown)坦言。“这还只是开始。我们现在完全进入战争状态。”


Meanwhile, the other members of Team Themis deny they wanted to push the operations as far as Barr did—despite the volumes of incriminating e-mails. Palantir Technologies CEO Alex Karp blames HBGary for conceiving the plot, decries any attempt to develop "offensive cyber capabilities," and has placed on leave Steckman, the engineer who coordinated with Team Themis. Palantir also issued a public apology to Glenn Greenwald, a Salon.com journalist who was singled out in a Themis proposal as a WikiLeaks defender and thus a possible target. In a statement, Berico Technologies says it "does not condone or support any effort that proactively targets American firms, organizations, or individuals." At the same time, it cut ties with HBGary.


与此同时,虽然受牵连的邮件如雪片般飞来,忒弥斯团队的其他成员还是否认了他们打算像巴尔一样开展业务。Palantir科技的CEO阿历克斯·卡普(Alex Karp)怪罪HBGary设计了这个阴谋,谴责任何开发“攻势性网络功能”的企图,并安排斯特克曼,那个与忒弥斯团队协调的工程师休假。Palantir还向格伦·格林沃尔德(Glenn Greenwald)发布了公开道歉,他是Salon.com的一名记者,在忒弥斯建议书中被选出来作为维基泄密的拥护者,由此成为可能的目标。在一份声明中,Berico科技说它“不会容忍或支持任何主动瞄准美国公司、组织或个人的尝试。”同时,它还与HBGary断绝了来往。


The U.S. Chamber of Commerce said in a press release that it's "incredulous that anyone would attempt to associate such activities with the Chamber," adding that it had not seen the incendiary proposals before they were made public. Morgan Stanley dropped HBGary as a security contractor. Barr never delivered his speech and when he tendered his resignation three weeks after the Anonymous attack, he said he was confident HBGary would be able to "weather this storm."


美国商会在一份新闻稿中表示,“不敢相信有人会试图将这类行为与商会联系在一起,”并补充说,商会在煽动建议书曝光之前从未看到过它。摩根斯坦利不再聘用HBGary作为安全承包商。巴尔的演讲也成了镜花水月,“匿名”攻击三周之后,他正式提交了辞呈,并称他相信HBGary有能力“度过难关。”


As for Hoglund, even his friends in the security industry wonder how long HBGary can survive amid the onslaught of negative publicity. But the CEO claims his company has undergone a rigorous security review and is back on track. He says the hackers "made a hole-in-one from 200 yards away" and that it will never happen again. "They are nowhere near as sophisticated and scary and large as they would like people to think they are," he says.


至于霍格伦德,甚至他安全界的朋友都认为HBGary在负面消息公开的沉重打击下无法幸免于难。但这位CEO声称他的公司能够经受严格的安全审查,重新走上正轨。他说,黑客“在200码之外一击进洞”,这种情况今后不会再发生。“他们想要人们以为他们老谋深算、恐怖吓人、势焰熏天,但其实远未有这样,”他强调说。


And while the lesson of the HBGary saga may be that it's not always easy to tell the black hats from the white hats in the ambiguous game of computer security, Hoglund has no doubt which is which. "It will get worse," he says. "This whole event has only emboldened them. I hope this isn't the way the Internet has to be. Right now it's a domain of lawlessness. This is bigger than HBGary, than my company. Right now, the pendulum has swung way over to the bad guys' side."


HBGary事件的教训也许是:在计算机安全这场暧昧的游戏里,要区分黑帽子和白帽子可不那么容易【译注:黑帽子指黑客一类攻击者,白帽子指防范黑客的安全工程师】,虽然如此,霍格伦德却对谁是谁看得格外真切。“这会变得更糟,”他感慨道。“整个事件只会给他们壮胆。我希望这不是互联网应该的样子。现在这是个无法无天的领域。这事比我的HBGary公司还要大。当下,天平可是倾向坏家伙那边去了。”

 

1
2011-03-31 10:36 编辑:kuaileyingyu
分享到:
关注海词微博:
下一篇:定位
发表评论:
表达一些您的想法吧!已有0条评论>>
登录,再发表评论
文明上网,理性发言!
您可能还感兴趣的文章:
>>精华推荐阅读
热门评论文章