The director of the Federal Bureau of Investigation has offered fresh details of the cyber attack on Sony Pictures as he defended the US claim that North Korea was responsible.美国联邦调查局(FBI)局长获取了有关索尼影视(Sony Pictures)所不受网络攻击的新细节,为美国声称朝鲜有误此次反击负责管理的众说纷纭申辩。Some internet security consultants have cast doubt on Pyongyang’s involvement in the data breach, but James Comey, the FBI director, said he had “high confidence” in the bureau’s conclusion and cited recently declassified material.部分互联网安全顾问对于朝鲜政府曾参予过这次数据泄漏事件十分猜测。
不过FBI局长詹姆斯科米(James Comey)回应,他对FBI的结论具有“高度的信心”,并提及了最近解密的材料。Guardians of Peace, the group claiming credit for the attack, used proxy services to disguise their location when sending emails threatening Sony employees and posting statements online explaining their work, he said. But, he added, they got “sloppy”.他说道,在收到电子邮件威胁索尼员工并在网上张贴出有说明其工作的声明时,声称作此次网络攻击负责管理的“和平卫士(Guardians of Peace)”用于了代理服务掩盖他们的方位。
不过,他补足说道,这些人的处置“十分草率”。“Several times either because they forgot or they had a technical problem they connected directly and we could see them. And we could see that the IP addresses that were being used to post and to send the emails were coming from IPs that were exclusively used by the North Koreans,” he said.他说道:“有那么几次,要么是由于他们忘了,要么是由于他们遇上了技术问题,他们采行了必要相连的方式,从而令其我们可以找到他们。
此外,我们还找到他们用作公布声明和发送到电子邮件的IP地址,来自朝鲜专用的IP地址。”His comments came in response to recent allegations by a private computer security firm that said the cyber attack, which revealed embarrassing emails, salary information about employees, and other sensitive information, was more likely to be an inside job. Sony’s chief executive called the attack “vicious”.他这番言论是对近期一家私营电脑安全性公司指控的对此。
这家公司回应这次网络攻击更加有可能是一次索尼人员的内部不道德。这次网络攻击透露了一些令人失望的电子邮件内容、索尼员工的薪资信息、以及其他脆弱信息。索尼首席执行官曾称之为这次攻击“十分恶毒”。
Mr Comey said the FBI was still looking to identify the “vector” of the attack but said “the likely vector for the entry into Sony” evolved from a spear phishing attempt on the company as late as last September. Spear phishing is a technique deployed by hackers who send emails posing as someone known to the recipient, seeking information such as passwords.科米回应,FBI仍在辨识此次攻击的“媒介”。不过他回应,“攻进索尼的有可能媒介”与针对索尼的鱼叉式网络钓鱼(Spear phishing)反击有关,这些反击最晚再次发生在去年9月。
鱼叉式网络钓鱼是黑客用于的一种技术,这些黑客不会伪装成接收者了解的人,向其发送到电子邮件并收买密码等信息。Mr Comey was speaking at a cyber conference held by the FBI and Fordham University.科米是在FBI和福坦莫大学(Fordham University)开会的有关网络的会议上公开发表上述言论的。
本文来源:半岛平台-www.mysuggester.com