敘利亞電子軍的"白宮爆炸案大捷"
When the Syrian Electronic Army managed to hack the Twitter account of the Associated Press and sneak out a false report of explosions at the White House to the news agency’s 1.9m followers it scored its biggest coup to date.
當“敘利亞電子軍”(Syrian Electronic Army,簡稱SEA)成功侵入美聯社(AP)的Twitter賬號,並向這個帳號的190萬名粉絲髮布白宮爆炸的假消息時,它獲得了它歷史上最重大的一次勝利。The report caused a brief but sharp dip in the US stock market. It also illustrated how the Syrian hackers, who target entities opposed to the regime of President Bashar al-Assad, could use relatively simple techniques to turn their gadfly disruptions into something more menacing.
這條假消息導致美國股市出現短暫而劇烈的下跌。它顯示出,敘利亞黑客可以運用相對簡單的技術,將平常的網絡干擾升級成更具威脅的攻擊。這些黑客以反對總統巴沙爾•阿薩德(Bashar al-Assad)政權的實體爲攻擊對象。“When you start to do things that have a big impact on the stock market, you are getting away from hacking and moving much closer to something that resembles an actual cyber attack on the US – which takes things into a different area altogether,” said one former US official involved in cyber security.
一位曾負責網絡安全事務的前美國官員表示:“當你做的事情對股市產生重大影響時,你做的就不再是一般的黑客襲擊,而是更接近於對美國發起的一場網絡攻擊,這就讓事情的性質完全變了樣。”
The leading S and P 500 share index briefly plunged almost 1 per cent on Tuesday after the false post on the AP Twitter account, which claimed that President Barack Obama had been injured in a double blast in the White House.
週二,美聯社Twitter賬號發佈的白宮發生兩起爆炸、致使美國總統巴拉克•奧巴馬(Barack Obama)受傷的假消息,讓美國主要股指——標普500指數一度暴跌近1%。While AP said it had been hacked, the claimed Syrian Electronic Army Twitter feed crowed: “Ops! @AP get owned by Syrian Electronic Army! #SEA #Syria #ByeByeObama.”
在美聯社宣佈遭受黑客攻擊之後,SEA宣稱對此負責,並興高采烈地發帖稱:“噢,敘利亞電子軍接管了美聯社Twitter賬戶。#SEA#敘利亞#再見奧巴馬。”The attack is the latest and most infamous in a string of such actions by the SEA since the start more than two years ago of the Syrian conflict , which has claimed more than 70,000 lives. Other alleged targets have included Harvard University, the Qatar-government-funded television channel Al Jazeera, and the BBC weather site, which posted praise for Mr Assad in its Twitter feed last month.
自兩年多前敘利亞衝突爆發以來,SEA發起了一系列黑客攻擊活動,最新這次襲擊是最爲惡劣的一起。其他據稱遭受襲擊的機構包括哈佛大學(Harvard University)、卡塔爾政府資助的半島電視臺(Al Jazeera)以及英國廣播公司(BBC)天氣預報網站。上個月,SEA曾一度控制BBC天氣預報的Twitter賬號,併發布了讚揚阿薩德的帖子。敘利亞衝突已導致逾7萬人喪生。Analysts say the SEA is at the least tacitly supported by Mr Assad’s regime and is hosted on Syria’s national computer network, which remains under government control. Mr Assad – who was president of the Syrian Computer Society before he rose to national power in 2000 – has publicly praised the SEA’s work.
分析人士表示,SEA肯定受到阿薩德政權的某種暗中支持,其網站託管在敘利亞國家計算機網絡的服務器之上——後者依然處於政府控制之下。阿薩德曾公開讚揚SEA的工作。在2000年執掌全國政權之前,阿薩德曾擔任敘利亞計算機協會(Syrian Computer Society)會長。Sean Sullivan, a researcher at F-Secure, a Helsinki-based electronic security company, said the SEA’s martial pretensions and fondness for altering websites resembled the activities of hackers in neighbouring Turkey.
F-Secure的研究員肖恩•沙利文(Sean Sullivan)表示,SEA的軍隊做派和篡改網站的偏好,與其鄰國土耳其的黑客活動有些類似。F-Secure是一家總部位於赫爾辛基的電子安全公司。“There is a long history in Turkey of clubs where people give themselves ranks of lieutenant-general and colonel,” he said. “So it could easily cross over the border into Syria.”
他說:“土耳其黑客們喜歡自封爲中將和上校。這種習慣很容易越過邊境傳到敘利亞。”The SEA says it supports the Assad regime but denies being part of it. In an email interview, an individual contacted via the purported electronic army Twitter feed said the group was made up of “Syrian youth [who] want to defend their country”.
SEA表示支持阿薩德政權,但否認是其下屬機構。記者通過一個據稱是SEA的Twitter賬戶聯繫上其中一名成員,並通過電子郵件進行了採訪。這位成員表示,該組織是由“希望保衛自己國家的敘利亞年輕人”組成的。The person, who did not give a name and signed the email as “Th3Pr0”, said the electronic army had attacked targets in western and Gulf countries over their support for anti-Assad rebels. Operations had focused lately on the US media, in retaliation for US sanctions on Syria that had caused an internet service provider to shut down the SEA’s main website, Th3Pr0 added.
這位成員沒有透露自己的姓名,在郵件中用使用的落款是“Th3Pr0”。他表示,SEA已向西方和海灣國家的一些目標發動襲擊,因爲後者向反對阿薩德的叛軍提供了支持。他補充稱,最近的襲擊主要針對美國媒體,以作爲對美國製裁敘利亞的報復。由於美國製裁,一家互聯網服務提供商已經關閉了SEA的主網站。“All the countries who support the terrorists groups in Syria are targets for us – their media/government website/social media accounts,” said Th3Pr0. “Our demands [are] to stop suspending our accounts and domain names so we can enjoy the ‘Freedom speech of America’.”
Th3Pr0表示:“所有支持敘利亞境內恐怖組織的國家都是我們的襲擊目標——它們的媒體、政府、網站和社交媒體賬號等。我們的要求(是)解禁我們的賬號和域名,讓我們享受到‘美國的言論自由’。”Analysts say the electronic army appears to have developed a greater sense of purpose and has expanded its hacking repertoire, although they are sceptical of the group’s claims that it is mounting more sophisticated attacks by using malware or assaulting web servers.
分析人士表示,SEA似乎已變得更有針對性,攻擊手段更加豐富。但對於該組織宣稱的將實施更復雜攻擊的說法——或者通過使用惡意軟件,或者通過攻擊網絡服務器——分析人士表示懷疑。“They moved from defacing websites to focusing on compromising high-profile, widely followed Twitter accounts,” said Helmi Noman, a researcher at Citizen Lab, a University of Toronto group that focuses on the intersection of digital media, global security and human rights. “SEA’s power now is not on the sophistication of their tools, but their ability to capitalise on the security vulnerabilities of both [the] Twitter access system, and also Twitter account operators.”
公民實驗室(Citizen Lab)的研究員海爾米•諾曼(Helmi Noman)說:“他們已從在網站上‘塗抹’,轉變爲攻擊粉絲衆多的知名Twitter賬號。目前SEA的厲害之處不是其攻擊手段有多複雜,而是它能夠利用Twitter登陸系統和Twitter賬戶運營商的安全漏洞發起攻擊。”公民實驗室是多倫多大學(University of Toronto)下屬的一家致力於研究數字媒體、全球安全和人權活動相互影響問題的組織。The SEA denies responsibility for what Syrian activists say is the planting by the regime of malware on their computers. But the pro-government hackers have still been publicly waging cyber war against Assad regime opponents.
敘利亞人權活動家聲稱,SEA在他們的電腦上植入了惡意軟件。SEA對此予以否認,但這些親政府的黑客們仍公開與阿薩德政權的反對者大打網絡戰。After the hacking group Anonymous claimed in 2011 to have taken down the website of the Syrian defence ministry, the electronic army responded by posting images on an Anonymous website.
2011年,黑客組織Anonymous侵入了敘利亞國防部的網站,SEA隨即還以顏色,侵入Anonymous的一家網站並掛上一些圖片。For now, the SEA appears to be taking delight in its freshly proved capacity to cause mischief, posting a series of defiant tweets about its claimed past triumphs, even as it flitted from one Twitter account – suspended in the wake of Tuesday’s attack – to another.
就目前而言,SEA似乎對於剛剛證明了自己的破壞能力而感到高興,在Twitter上就“輝煌戰績”發佈了一系列挑釁性言論。不過,由於其賬號在週二襲擊活動之後被關閉,他們不得不換了另一個Twitter賬號。“Seventh account of Syrian Electronic Army on #Twitter,” proclaimed the main new feed.
他們在新的Twitter主賬號上宣稱:“這是敘利亞電子軍的第7個Twitter賬號。”
