多個(gè)組織聯(lián)合發(fā)布了一份建議，以提高網(wǎng)絡(luò)領(lǐng)域的安全性。

　　2021 年 7 月 1 日晚上 9:54

　　據(jù)國(guó)際戰(zhàn)略研究所發(fā)布的信息稱，美國(guó)當(dāng)局認(rèn)為俄羅斯的總參謀部 （GRU） 和某些下屬單位是進(jìn)攻性網(wǎng)絡(luò)和影響行動(dòng)的主要參與者。

　　英國(guó)國(guó)家網(wǎng)絡(luò)安全中心聯(lián)合發(fā)布了“俄羅斯 GRU 開(kāi)展全球蠻力運(yùn)動(dòng)以破壞企業(yè)和云環(huán)境”的咨詢報(bào)告，敦促有關(guān)公司進(jìn)一步加強(qiáng)網(wǎng)絡(luò)防御。

　　在一份聲明中，美國(guó)國(guó)家安全局 （NSA） 網(wǎng)絡(luò)安全主任羅布喬伊斯表示，該活動(dòng)“可能在全球范圍內(nèi)持續(xù)進(jìn)行”。

　　已經(jīng)有多個(gè)機(jī)構(gòu)表示，俄羅斯一直在對(duì)全球數(shù)百個(gè)組織進(jìn)行積極的網(wǎng)絡(luò)攻擊（圖片：PA）。

　　蠻力攻擊涉及自動(dòng)破解具有潛在密碼的網(wǎng)站，直到黑客獲得訪問(wèn)權(quán)限，但該活動(dòng)的具體目標(biāo)并未披露。

　　美國(guó)國(guó)家安全局表示，至少?gòu)?2019 年年中開(kāi)始，與 GRU 相關(guān)的特工就試圖使用 Kubernetes 闖入網(wǎng)絡(luò)，Kubernetes 是一種最初由谷歌開(kāi)發(fā)的用于管理云服務(wù)的開(kāi)源工具。

　　美國(guó)國(guó)家安全局表示，雖然“大量”企圖闖入的目標(biāo)是使用微軟 Office 365 云服務(wù)的組織，但黑客也攻擊了其他云提供商和電子郵件服務(wù)器。

　　據(jù)美國(guó)的網(wǎng)絡(luò)監(jiān)控公司 Gigamon 的威脅分析師 Joe Slowik 表示，NSA 描述的蠻力方法和網(wǎng)絡(luò)內(nèi)部橫向移動(dòng)在國(guó)家支持的黑客和犯罪勒索軟件團(tuán)伙中很常見(jiàn)，這使得 GRU 能夠與其他參與者混為一談。

　　聯(lián)邦調(diào)查局和網(wǎng)絡(luò)安全與基礎(chǔ)設(shè)施安全局也加入了咨詢行列。

　　UK, US Agencies Accuse Russian Military Intelligence Of 'Brute Force' Cyber Campaign

　　Multiple organisations have jointly published an advisory to promote greater security in the cyber domain.

　　1st July 2021 at 9:54pm

　　The US authorities consider Russia's Directorate of the General Staff （GRU） and certain subordinate units principle actors in offensive cyber and influence operations, according to the International Institute for Strategic Studies.

　　The British National Cyber Security Centre jointly issued the advisory 'Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments' – urging companies to bolster their defences.

　　In a statement, the US National Security Agency （NSA） Cybersecurity Director, Rob Joyce, said the campaign was “l(fā)ikely ongoing, on a global scale”.

　　Russia have been conducting aggressive cyber attacks against hundred of organisations worldwide, multiple agencies have said （Picture: PA）。

　　Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access, though specific targets of the campaign were not disclosed.

　　The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid-2019.

　　While a “significant amount” of the attempted break-ins targeted organisations using Microsoft's Office 365 cloud services, the hackers went after other cloud providers and email servers as well, the NSA said.

　　Joe Slowik, a threat analyst at the network-monitoring firm Gigamon, said the brute force method and lateral movement inside networks described by NSA are common among state-backed hackers and criminal ransomware gangs, allowing the GRU to blend in with other actors.

　　The FBI and the Cybersecurity and Infrastructure Security Agency also joined the advisory.