Some of the world’s largest companies including WPP, Rosneft, Merck and AP Moller-Maersk have confirmed that they have been hit by a large-scale cyber attack that also took critical government and bank infrastructure in Ukraine offline on Tuesday.
世界上一些最大的公司包括WPP、俄罗斯石油公司(Rosneft)、默克(Merck)和AP穆勒-马士基集团(AP Moller-Maersk)证实,它们遭遇一场大规模网络攻击,此次网络攻击周二还让乌克兰政府和银行的关键基础设施陷入瘫痪。
The ransomware attack bears similarities to WannaCry, which infected hundreds of thousands of computers in 150 countries last month, according to cyber security experts. No one has yet claimed responsibility for the latest attack.
据网络安全专家们介绍,此次勒索软件攻击与上月感染150个国家数十万台计算机的“想哭”(WannaCry)有点相似。没有人声称对最新的网络攻击负责。
Researchers at Group IB, a Moscow-based cyber security company, said the hackers shut down access to computers and displayed a message demanding a $300 ransom from users, payable in bitcoins.
总部位于莫斯科的网络安全公司Group IB的研究人员表示,黑客们阻止用户使用计算机,并显示一条信息,要求用户用比特币支付300美元的赎金。
Companies affected include WPP, Rosneft, Saint Gobain, Maersk, US-based pharmaceutical company Merck, Evraz, Russia’s second-largest steelmaker, and DLA Piper, the law firm. The attacks were widespread in Ukraine, affecting Ukrenergo, the state power distributor, and several of the country’s banks.
受影响的公司包括WPP、俄罗斯石油公司、圣戈班(Saint Gobain)、马士基、美国制药公司默克、俄罗斯第二大钢铁企业耶弗拉兹(Evraz)以及欧华律师事务所(DLA Piper)。乌克兰受到大面积打击,使国有供电企业Ukrenergo以及该国几家银行受到影响。
Pavlo Rozenko, Ukraine’s deputy prime minister, tweeted a photo of a computer screen displaying an energy message. “The network is down,” he wrote.
乌克兰副总理帕夫洛?罗岑科(Pavlo Rozenko)在Twitter上贴出一张电脑屏幕照片,并写道,“网络瘫痪了。”
Some security researchers said that the attack was part of the Petya ransomware family, which has existed since at least last year and uses the same flaw exploited during the WannaCry breaches. That would make systems that have not been updated since that attack particularly vulnerable.
一些安全研究人员表示,此轮攻击是Petya勒索软件家族的一部分,这些勒索软件至少从去年开始存在,它们和“想哭”利用同一个漏洞。这意味着,在“想哭”攻击后仍未更新的系统特别脆弱。
However, Kasperksy Labs, a Moscow-based cyber security company, said that this was “a new ransomware that has not been seen before”.
不过,总部位于莫斯科的网络安全公司卡巴斯基实验室(Kaspersky Labs)表示,这是“一种以前没有见过的新型勒索软件”。
Mikko Hypponen, chief research officer at F-Secure, a Finnish cyber security company, could not confirm that the same hackers who were behind the WannaCry attack but said they were using the same vulnerability.
芬兰网络安全公司F-Secure首席研究员米科?许波宁(Mikko Hypponen)无法证实发起此轮攻击的黑客就是“想哭”袭击的幕后元凶,但表示他们利用同一个漏洞。
Rosneft, Russia’s largest oil company, said it had moved to a reserve oil production system after a “powerful” hacking attack that took down its website and that of its subsidiary Bashneft.
俄罗斯最大石油公司——俄罗斯石油公司表示,在遭遇一场“强大的”黑客攻击、导致该公司及其子公司Bashneft的网站瘫痪之后,已切换至一套后备的石油生产系统。
The company said it had contacted the authorities and warned on Twitter that “distributors of false, alarmist messages will be treated as accomplices of the organisers of the attack and held accountable”.
该公司表示已经联系当局,并在Twitter上警告说,“虚假、危言耸听消息的传播者将被视为攻击策划者的同谋犯,将被追究责任”。
Computers and internal intranet and wifi networks in the Russian company’s headquarters in Moscow were disabled on Tuesday following the attack, a company source told the FT on condition of anonymity. The person added that no core business functions were affected.
这家俄罗斯公司的一个消息人士在匿名条件下告诉英国《金融时报》,该公司莫斯科总部的计算机、内联网和WiFi网络周二在遭到袭击后被禁用。此人补充称,核心业务职能没有受到影响。
“Thanks to the fact that the company switched to a standby system for managing production processes, neither the production nor the preparation of oil was stopped,” Rosneft told the Financial Times.
“得益于公司切换至管理生产流程的一套备用系统,石油生产和准备都不会停止,”俄罗斯石油公司告诉英国《金融时报》。
WPP, the world’s biggest advertising group, said on Tuesday: “IT systems in several WPP companies have been affected by a suspected cyber attack.”
身为世界最大广告集团的WPP周二表示:“WPP旗下几家公司的IT系统受到一场疑似网络攻击的影响。”
The website for the holding group, which owns agencies such as Group M, MediaCom and Burson-Marsteller, was unavailable.
旗下拥有群邑(GroupM), MediaCom和博雅(Burson-Marsteller)等广告公司的控股集团的网站处于断线状态。
Saint Gobain, the French construction group, was also hit. A company spokesperson said: “As a security measure and in order to protect our data, we have isolated our computer systems.”
法国建筑集团圣戈班也受到打击。一名公司发言人说:“作为一项安全措施,为了保护我们的数据,我们已经隔离了本公司的计算机系统。”