原创翻译:龙腾网 http://tmskj.com 翻译:偷吃月亮的狗 转载请注明出处

A U.S. cybersecurity company says Russian military agents have successfully hacked the Ukrainian gas company at the center of the scandal that led to President Donald Trump''s impeachment.


Russian agents launched a phishing campaign in early November to steal the login credentials of employees of Burisma Holdings, the gas company, according to Area 1 Security, a Silicon Valley company that specializes in e-mail security.

据硅谷电子邮件安全公司Area 1 Security称,俄罗斯特工在11月初发起了一场网络钓鱼入侵活动,意在窃取天然气公司Burisma Holdings的员工登录凭证.

Hunter Biden, son of former U.S. vice president and Democratic presidential hopeful Joe Biden, previously served on Burisma''s board.


It was not clear what the hackers were looking for or may have obtained, said Area 1''s CEO, Oren Falkowitz, who called the findings "incontrovertible" and posted an eight-page report. But the timing of the operation suggests that the Russian agents could be searching for material that damaging to the Bidens.

Area 1公司的首席执行官奥伦·法尔科维茨表示,目前尚不清楚黑客在寻找什么,也不清楚他们已经得到了什么.法尔科维茨称此次网络钓鱼事件是"无可争议"的,并提交了一份长达8页的报告.但这次行动的时机表明,俄罗斯特工可能在寻找对拜登父子不利的材料.

Burisma did not immediately respond to a request for comment. A spokesman for Biden said in a statement that the incident shows that not just Trump but also Russian President Vladimir Putin "sees Joe Biden as a threat."


Some cybersecurity experts cautioned against blaming Russian military agents without more evidence, however, saying the report indicates Area 1 investigators didn''t have access to Burisma''s internal logs and compromised email accounts in making the determination.


"That''s problematic," tweeted Thomas Rid of Johns Hopkins. "Caution advised based on what we currently know."


And while many experts said it''s a good bet the phishing amounts to a Kremlin attempt to smear the Bidens, there are other possibilities. Michael Connell, a former Army intelligence officer and researcher at the government-funded Center for Naval Analyses, notes that Russian agents have previously attacked energy-related computer systems in other countries, most notably Germany.


"The goal of the hackers was probably information gathering, but it also likely included creating backdoors to allow future access (for intel or destructive cyberattacks)," he wrote in an email.


Russian hackers from the same military intelligence unit that Area 1 said was behind the operation targeting Burisma have been indicted for hacking emails from the Democratic National Committee and the chairman of Hillary Clinton''s campaign during the 2016 presidential race.

Area 1公司表示,对Burisma实施攻击的是同一个军事情报部门的俄罗斯黑客,在2016年总统大选期间,他们就被指控入侵民主党全国委员会和希拉里·克林顿竞选团队主席的电子邮件.

Stolen emails were released online at the time by Russian agents and WikiLeaks in an effort to favor Trump, special counsel Robert Mueller determined in his investigation.


Area 1 discovered the phishing campaign by the Russian military intelligence unit, known as the GRU, on New Year''s Eve, said Falkowitz, who would not discuss whom he notified prior to going public. He said he followed the industry standard process of responsible disclosure, which would include notifying Burisma.

法尔科维茨说,Area 1公司在新年前夕发现了俄罗斯军事情报机构GRU发起的网络钓鱼活动.法尔科维茨不想讨论在此事公开前已经通知了哪些人.他说,他只是遵守行业标准即有责任公开此类事件,其中包括通知Burisma.

In the report, he said the GRU agents used fake, lookalike domains in the phishing campaign that were designed to mimic the sites of real Burisma subsidiaries.


Falkowitz said the operation targeting Burisma involved tactics, techniques and procedures that GRU agents had used repeatedly in other phishing operations, matching "several patterns that lots of independent researchers agree mimic this particular Russian actor." Area 1 says it has been tracking the Russian agents for several years.

法尔科维茨说,针对Burisma的行动中所涉及的战术、技术和程序是GRU的特工在网络钓鱼行动中反复使用的手段,其与许多研究人员一致认同的几种所谓的"俄罗斯模式"相吻合."Area 1公司表示,他们已经追踪俄罗斯特工好几年了.

The discovery''s timing — just weeks before presidential primaries begin in the United States — highlights the need to protect political campaigns from targeted phishing attacks, which are behind 95 percent of all information breaches, said Falkowitz.


"This is a real specific, timely case that has real implications," he said. "To discover it and potentially get out in front of it is a significant departure from what''s typical in the cyber security community, where someone just tells you, yeah, you''re dead."


Area 1 said its researchers connected the phishing campaign targeting Burisma to an effort earlier last year that targeted Kvartal 95, a media organiza tion founded by Ukrainian President Volodymyr Zelenskiy.

Area 1公司表示,他们的研究人员将此次针对Burisma的网络钓鱼活动同去年早些时候针对Kvartal 95的行动联系起来.Kvartal 95是一家由乌克兰总统沃洛迪米尔泽伦斯基创办的媒体组织.

In this case, the Russian military agents, from a group security researchers call "Fancy Bear," peppered Burisma employees with emails designed to look like internal messages.

该事件中,被安全研究人员称为"Fancy Bear"的组织的一名俄罗斯军事特工,向Burisma公司的员工发送了大量的电子邮件,这些邮件的设计看起来像是公司内部的消息通知.

In order to detect phishing attacks, Area 1 maintains a global network of sensors designed to sniff out and block them before they reach their targets.

为了监测网络钓鱼攻击,Area 1公司创建了一个全球传感器网络,旨在找出它们并且在到达目标之前阻止它们.

In July, the U.S. Federal Elections Commission gave Area 1 permission to offer its services to candidates for federal elected office and political committees at the same low rates it charges non-profits.

今年7月,美国联邦选举委员会同意Area 1公司向联邦选举办公室和政治委员会的候选人提供服务,收费标准和向非营利组织收取的费用同样低.