成人小说亚洲一区二区三区,亚洲国产精品一区二区三区,国产精品成人精品久久久,久久综合一区二区三区,精品无码av一区二区,国产一级a毛一级a看免费视频,欧洲uv免费在线区一二区,亚洲国产欧美中日韩成人综合视频,国产熟女一区二区三区五月婷小说,亚洲一区波多野结衣在线

立即打開
德勤被黑事件,目前能知道些什么?

德勤被黑事件,目前能知道些什么?

Jeff John Roberts 2017年09月28日
德勤的主要業(yè)務(wù)之一就是提供網(wǎng)絡(luò)安全咨詢,它居然被黑可謂是一大丑聞。

本周一的爆炸性新聞報(bào)道稱,德勤(Deloitte)遭到了大規(guī)模的網(wǎng)絡(luò)攻擊,電子郵件系統(tǒng)和某些客戶的檔案遭到泄露。這一消息對于全球“四大”會計(jì)和咨詢公司之一而言,可謂是一大丑聞——尤其德勤的主要業(yè)務(wù)之一就是提供網(wǎng)絡(luò)安全咨詢。

整個(gè)黑客事件的波及范圍目前尚不清楚,不過細(xì)節(jié)已經(jīng)開始浮出水面,其中包括布萊恩?克雷布斯提供的消息。這位飽受尊敬的安全記者表示他獲得了與德勤來往密切的消息源的說法。以下的問答環(huán)節(jié)展示了關(guān)于這次最新的備受矚目的安全攻擊,我們所知道和不知道的內(nèi)容。

黑客偷走了什么?

德勤遭到攻擊的最初新聞來源于《衛(wèi)報(bào)》(Guardian),其中指出黑客盜得了“部分藍(lán)籌客戶的機(jī)密郵件和計(jì)劃”。公司回應(yīng)稱自己確實(shí)遭到了網(wǎng)絡(luò)攻擊,但是淡化了事態(tài)的嚴(yán)重性,表示“只有極少數(shù)客戶受到了影響”。

然而,克雷布斯援引與德勤來往密切的消息源的說法,表示攻擊造成的影響很可能比這更嚴(yán)重。消息源聲稱,黑客進(jìn)入了公司全部的內(nèi)部郵件數(shù)據(jù)庫和所有的管理員賬號。更糟糕的是,他們似乎還轉(zhuǎn)移或復(fù)制了相當(dāng)一部分機(jī)密數(shù)據(jù):

這個(gè)消息源還表示,司法調(diào)查者已經(jīng)確認(rèn)有數(shù)GB的數(shù)據(jù)被傳到了英國的某個(gè)服務(wù)器上,并進(jìn)一步指出,黑客自由入侵網(wǎng)絡(luò)已有“很長時(shí)間”,德勤還不知道究竟有多少數(shù)據(jù)遭竊。

與此同時(shí),克雷布斯的消息源也稱德勤還沒確定攻擊的涉及范圍。

哪些公司受到了影響?

德勤只稱他們通知了六家公司和一些政府機(jī)構(gòu),但沒有透露這些機(jī)構(gòu)的名字?!缎l(wèi)報(bào)》補(bǔ)充道這些公司都家喻戶曉,但同樣沒有提供進(jìn)一步細(xì)節(jié)。

德勤這類公司會給金融、制藥、媒體等行業(yè)的跨國巨頭提供咨詢,所以潛在的受害者有很多。而且實(shí)際上的受害者可能也不止六家,尤其是考慮到德勤還沒有完全弄清這次攻擊的真相。

攻擊帶來的影響有多糟糕?

對德勤來說,非常糟糕。公司網(wǎng)絡(luò)安全咨詢業(yè)務(wù)的聲譽(yù)將會受損,不僅僅是因?yàn)楣颈蝗肭至恕H绻缎l(wèi)報(bào)》報(bào)道的信息屬實(shí),那么德勤并未采用雙重認(rèn)證等基礎(chǔ)的安全措施。公司似乎還使用了單一密碼來保護(hù)大量數(shù)據(jù)。

對德勤的客戶而言,危害的程度還不太清楚。如果黑客確實(shí)掌握了所有德勤的電子郵件,這些信息可能會泄露客戶機(jī)密的公司戰(zhàn)略或敏感的知識產(chǎn)權(quán)。與此同時(shí),騙子可以利用其中所有的郵件地址,針對頂層高管進(jìn)行網(wǎng)絡(luò)釣魚。

我們什么時(shí)候能知道更多?

報(bào)告指出,德勤早在去年10月就知道情況有些不對勁。所以幾乎可以肯定,公司掌握的消息比披露出來的更多。德勤發(fā)表了一份聲明作為對《衛(wèi)報(bào)》的回應(yīng),,不過尚未對克雷布斯提供的細(xì)節(jié)有所說明。

我們期待著德勤在未來透露更多,不過安全圈子內(nèi)外也可能會流出更多消息。 (財(cái)富中文網(wǎng))

譯者:嚴(yán)匡正

A bombshell report on Monday revealed that Deloitte was hit by a major cyber attack that compromised its email system and certain client records. The news is a major black eye for one of the world’s “big four” accountancy and consulting firms—especially since a major part of Deloitte’s business is selling cyber security.

The full extent of the hacking episode isn’t clear, but details are beginning to trickle out, including from Brian Krebs, a well-respected security journalist who says he has heard from sources close to the Deloitte. Here’s a Q&A about we know and don’t know about the latest high profile security attack.

What did the hackers steal?

The initial report of the Deloitte breach came from the Guardian, which revealed hackers had compromised the “confidential emails and plans of some of its blue-chip clients.” In response, the firm confirmed it had suffered a cyber-attack, but played down the significance by saying “only very few clients were impacted.”

Krebs, however, cites sources close to Deloitte who suggest the hack was likely more severe than that. The sources claimed the hackers accessed the entirety of the firm’s internal email database, and all administrative accounts. Worse, it appears the hackers transferred or copied a significant amount of that confidential data:

This same source said forensic investigators identified several gigabytes of data being exfiltrated to a server in the United Kingdom. The source further said the hackers had free reign in the network for “a long time” and that the company still does not know exactly how much total data was taken.

Meanwhile, Krebs’ sources say Deloitte has yet to identify the full pervasiveness of the attack.

What companies are affected?

Deloitte has only said it notified six companies and some government agencies, but it has not identified them. The Guardian adds that those companies are household names, but likewise doesn’t provide further details.

A firm like Deloitte advises giant multinationals in sectors like finance, pharma, and media, so the length of potential victims is long. It’s also possible the list of actual victims will come to number more than six—especially if Deloitte has yet to get to the bottom of the hack.

How bad is this?

For Deloitte, it’s very bad. The reputation of company’s cyber-security consulting business will take a hit, and not just because it got breached. If details in the Guardian’s report are true, Deloitte failed to deploy elementary security measures such as requiring two-factor authentication. The firm also appears to have guarded large pools of data with a single password.

For Deloitte’s clients, the extent of the harm is less clear. If hackers indeed got hold of all of Deloitte’s emails, those messages may have revealed their client’s secret corporate strategies or sensitive intellectual property. Meanwhile, all of those email addresses would provide crooks with ample opportunities for spear-phishing scams targeted at top executives.

When will we know more?

Reports suggests Deloitte knew something was amiss as long ago as last October so the firm almost certainly knows more than it is disclosing. In response to the Guardian’s report, the company issued a statement but has yet to address the additional details described by Krebs.

Look for more information to trickle out in coming days from the company, but also in the form of leaks from the security community and beyond.

掃碼打開財(cái)富Plus App
久久精品视频免费播放| 亚洲AV日韩AV永久无码色欲| 手机永久无码国产av毛片| 精品久久久无码人妻中文字幕| AV无码人妻一区二区三区| 9 9久热RE在线精品视频| 国产在线亚洲精品观看不卡| 双性当众潮喷粗大灌满NP| 亚洲中国久久精品无码| 国产精品不卡在线观看| 国产亚洲欧美另类一区二区三区| 亚洲av无码一区东京热不卡| 五十路熟妇仑熟女一区二区| 久久人妻内射无码一区三区| 欧美东京热大黑资源成年轻人网站免费视频| 小宝极品内射国产在线| 日本高清视频在线www色| 日韩av一区二区精品不卡| 无码视频 国产精品| 91精品国产免费免费久久久| 国产美女高潮久久久久白浆| 狠狠色婷婷久久综合频道日韩| 在线不卡av片免费观看| 欧美自拍另类欧美综合图区| 国产aⅴ精品一区二区三区久久| 日韩一级一片内射文字幕高清| 国产成人色视频一区二区三区| 国产精品成人午夜电影| 亚洲av婷婷五月产av中文| 一区二区天堂资源中文最新版在线一区| 亚洲人成在线观看影院| 国产强伦姧人妻毛片| 欧洲无码亚洲精品无码| 精品多毛少妇人妻AV免费久久| 国产人成视频在线免费观看| 久久久亚洲精品无码| 久久午夜无码鲁丝片午夜精品| a在线视频亚洲精品国产综合久久一线| 麻豆成人精品国产免费| 精品久久久无码中文字幕边打电话| 国产亚洲欧美精品久久久|