2014/04/03
0 0

[爆料] 請小心網路攻勢

作者 evendie (為自己加油!!)
標題 [爆料] 請小心網路攻勢
時間 Thu Apr 3 00:20:16 2014

剛朋友突然丟給我一個翻譯小作業...
就當我說夢話吧(附帶不自殺聲明)

=作業開始=

Hi, how are you? I do not know how exactly are you involved in the student
protests against CSSTA - but if you are, or if you know someone who is (like
member of organization, NGO, student group etc), you should be more cautious
these days on the internet/cyber front. We got reports suggesting increased
likelihood of Chinese driven targeted operations against these.
and the threat of Chinese targeted cyber attacks is considered valid - this
time against the student leaders, and the opposition organizations

(打招呼省略)
如果你知道任何人有參與這場學運(例如特定團體、NGO、學生團體等的成員),近日請
多加提防網路或電腦相關事務。有收到訊息顯示,中國方面針對這些人士發起動作,可能
性已逐漸升高。

而且這些中方的網路攻擊,已受到認可-這次是針對學生領袖、以及異議組織。

I have read something and during my job I got to read some materials that are
not completely public

我由於工作的關係,讀到一些不完全公開的消息。

it will be most likely in one of following two things

有以下兩種可能:

a)denial of service - if they use some websites for cooperation,
communication, distribution of knowledge, these might get taken down

a) 拒絕網路服務-如果他們利用某些網站來串連、交流、或傳遞資訊,這些網站可能會
被撤掉

b) more personal - targeted phishing emails. Basically crafted emails to
representatives of the opposition, trying to take control of their accounts
and computers, steal data and basically all this usual stuff of espionage

b) 較個人的-針對式的釣魚郵件。針對異議領袖製作的郵件,試圖控制他們的帳號和電
腦、竊取個資、和常見的各種間諜行為。

there is not much to do, just have this in mind and be in increased
sensitivity to strange emails - Microsoft .rtf files might be used until
April 8th, masquerade .exe files and infected websites redirects the usual -
do not open attachments, do not visit links you got in the email, be more
suspicious than ever and for the denial of the service - have backups. Both
of the data (like contacts, prepared press kits etc) as well as means of
communication (phone numbers exchanged, different servers for storing
information people are informed about in advance, the usual)

目前我們也沒辦法,但請放在心上,並對奇怪的郵件多加提防-四月八日前不要用
Microsoft .rtf (因為目前 .rtf 有重大安全漏洞,預計八日更新),小心
masquerade、.exe 執行檔、網址連結或轉址…這些平常就該小心的東西。不要隨便開附
加檔案、不要打開奇怪郵件裡的連結,把警戒心拉到最高。

對於切斷網路這部分,記得備份。包括資料(對話記錄、新聞素材… 等等)和聯絡方式
(電話號碼、也許不同的伺服器存有行動預警的資訊…這些平常也是該小心的東西)。

There is right now known vulnerability in Microsoft .rtf files - without any
countermeasure other than not to open them at all. If they are used, they
might be able to take over control over the target computer there is
announced fix that should come up by the 8th of April from Microsoft

現在微軟的 .rtf 檔已知有安全漏洞,且目前沒有任何因應方式,只好根本不要打開。如
果對方使用 .rtf 檔攻擊,可能可以掌控被攻擊的電腦。目前微軟是宣布四月八日要公布
補救方法。

The rest are just common attack vectors, which are not time specific - these
types like sending you email with file with .exe extension, .swf or redirect
to a webpage where these files are stored. But this is usually a common
attack technique, so nothing specific can be done to prevent it, other than
careful thinking

除此就是常見的攻擊方式,這些就沒有時間限制。這些攻擊方式大概就像寄信給你,裡面
夾帶 .exe、.swf、或藏著這些鬼東西的網址轉址。這些東西很常見,所以也沒什麼好多
說的,就是一切小心。

this is from our sources we use in our investigations, that we consider
trusted (and pay huge money for them:)) )

這是一個我們公司作調查用、值得信賴的來源(因為我們付了很可觀的 $$ 給這些來源
(燦笑))

=作業結束=

總之請幫忙告訴你身邊的人,參與越深的越要小心

有些人很奇怪,老愛當北風,想把我們的外套吹掉...
那就給他們看看我們的實力和意志吧!大家加油!

版權沒有,歡迎隨意傳播、再製(請幫排版 大感謝)