成人小说亚洲一区二区三区,亚洲国产精品一区二区三区,国产精品成人精品久久久,久久综合一区二区三区,精品无码av一区二区,国产一级a毛一级a看免费视频,欧洲uv免费在线区一二区,亚洲国产欧美中日韩成人综合视频,国产熟女一区二区三区五月婷小说,亚洲一区波多野结衣在线

立即打開
德勤被黑事件,目前能知道些什么?

德勤被黑事件,目前能知道些什么?

Jeff John Roberts 2017年09月28日
德勤的主要業(yè)務(wù)之一就是提供網(wǎng)絡(luò)安全咨詢,它居然被黑可謂是一大丑聞。

本周一的爆炸性新聞報(bào)道稱,德勤(Deloitte)遭到了大規(guī)模的網(wǎng)絡(luò)攻擊,電子郵件系統(tǒng)和某些客戶的檔案遭到泄露。這一消息對于全球“四大”會計(jì)和咨詢公司之一而言,可謂是一大丑聞——尤其德勤的主要業(yè)務(wù)之一就是提供網(wǎng)絡(luò)安全咨詢。

整個(gè)黑客事件的波及范圍目前尚不清楚,不過細(xì)節(jié)已經(jīng)開始浮出水面,其中包括布萊恩?克雷布斯提供的消息。這位飽受尊敬的安全記者表示他獲得了與德勤來往密切的消息源的說法。以下的問答環(huán)節(jié)展示了關(guān)于這次最新的備受矚目的安全攻擊,我們所知道和不知道的內(nèi)容。

黑客偷走了什么?

德勤遭到攻擊的最初新聞來源于《衛(wèi)報(bào)》(Guardian),其中指出黑客盜得了“部分藍(lán)籌客戶的機(jī)密郵件和計(jì)劃”。公司回應(yīng)稱自己確實(shí)遭到了網(wǎng)絡(luò)攻擊,但是淡化了事態(tài)的嚴(yán)重性,表示“只有極少數(shù)客戶受到了影響”。

然而,克雷布斯援引與德勤來往密切的消息源的說法,表示攻擊造成的影響很可能比這更嚴(yán)重。消息源聲稱,黑客進(jìn)入了公司全部的內(nèi)部郵件數(shù)據(jù)庫和所有的管理員賬號。更糟糕的是,他們似乎還轉(zhuǎn)移或復(fù)制了相當(dāng)一部分機(jī)密數(shù)據(jù):

這個(gè)消息源還表示,司法調(diào)查者已經(jīng)確認(rèn)有數(shù)GB的數(shù)據(jù)被傳到了英國的某個(gè)服務(wù)器上,并進(jìn)一步指出,黑客自由入侵網(wǎng)絡(luò)已有“很長時(shí)間”,德勤還不知道究竟有多少數(shù)據(jù)遭竊。

與此同時(shí),克雷布斯的消息源也稱德勤還沒確定攻擊的涉及范圍。

哪些公司受到了影響?

德勤只稱他們通知了六家公司和一些政府機(jī)構(gòu),但沒有透露這些機(jī)構(gòu)的名字?!缎l(wèi)報(bào)》補(bǔ)充道這些公司都家喻戶曉,但同樣沒有提供進(jìn)一步細(xì)節(jié)。

德勤這類公司會給金融、制藥、媒體等行業(yè)的跨國巨頭提供咨詢,所以潛在的受害者有很多。而且實(shí)際上的受害者可能也不止六家,尤其是考慮到德勤還沒有完全弄清這次攻擊的真相。

攻擊帶來的影響有多糟糕?

對德勤來說,非常糟糕。公司網(wǎng)絡(luò)安全咨詢業(yè)務(wù)的聲譽(yù)將會受損,不僅僅是因?yàn)楣颈蝗肭至恕H绻缎l(wèi)報(bào)》報(bào)道的信息屬實(shí),那么德勤并未采用雙重認(rèn)證等基礎(chǔ)的安全措施。公司似乎還使用了單一密碼來保護(hù)大量數(shù)據(jù)。

對德勤的客戶而言,危害的程度還不太清楚。如果黑客確實(shí)掌握了所有德勤的電子郵件,這些信息可能會泄露客戶機(jī)密的公司戰(zhàn)略或敏感的知識產(chǎn)權(quán)。與此同時(shí),騙子可以利用其中所有的郵件地址,針對頂層高管進(jìn)行網(wǎng)絡(luò)釣魚。

我們什么時(shí)候能知道更多?

報(bào)告指出,德勤早在去年10月就知道情況有些不對勁。所以幾乎可以肯定,公司掌握的消息比披露出來的更多。德勤發(fā)表了一份聲明作為對《衛(wèi)報(bào)》的回應(yīng),,不過尚未對克雷布斯提供的細(xì)節(jié)有所說明。

我們期待著德勤在未來透露更多,不過安全圈子內(nèi)外也可能會流出更多消息。 (財(cái)富中文網(wǎng))

譯者:嚴(yán)匡正

A bombshell report on Monday revealed that Deloitte was hit by a major cyber attack that compromised its email system and certain client records. The news is a major black eye for one of the world’s “big four” accountancy and consulting firms—especially since a major part of Deloitte’s business is selling cyber security.

The full extent of the hacking episode isn’t clear, but details are beginning to trickle out, including from Brian Krebs, a well-respected security journalist who says he has heard from sources close to the Deloitte. Here’s a Q&A about we know and don’t know about the latest high profile security attack.

What did the hackers steal?

The initial report of the Deloitte breach came from the Guardian, which revealed hackers had compromised the “confidential emails and plans of some of its blue-chip clients.” In response, the firm confirmed it had suffered a cyber-attack, but played down the significance by saying “only very few clients were impacted.”

Krebs, however, cites sources close to Deloitte who suggest the hack was likely more severe than that. The sources claimed the hackers accessed the entirety of the firm’s internal email database, and all administrative accounts. Worse, it appears the hackers transferred or copied a significant amount of that confidential data:

This same source said forensic investigators identified several gigabytes of data being exfiltrated to a server in the United Kingdom. The source further said the hackers had free reign in the network for “a long time” and that the company still does not know exactly how much total data was taken.

Meanwhile, Krebs’ sources say Deloitte has yet to identify the full pervasiveness of the attack.

What companies are affected?

Deloitte has only said it notified six companies and some government agencies, but it has not identified them. The Guardian adds that those companies are household names, but likewise doesn’t provide further details.

A firm like Deloitte advises giant multinationals in sectors like finance, pharma, and media, so the length of potential victims is long. It’s also possible the list of actual victims will come to number more than six—especially if Deloitte has yet to get to the bottom of the hack.

How bad is this?

For Deloitte, it’s very bad. The reputation of company’s cyber-security consulting business will take a hit, and not just because it got breached. If details in the Guardian’s report are true, Deloitte failed to deploy elementary security measures such as requiring two-factor authentication. The firm also appears to have guarded large pools of data with a single password.

For Deloitte’s clients, the extent of the harm is less clear. If hackers indeed got hold of all of Deloitte’s emails, those messages may have revealed their client’s secret corporate strategies or sensitive intellectual property. Meanwhile, all of those email addresses would provide crooks with ample opportunities for spear-phishing scams targeted at top executives.

When will we know more?

Reports suggests Deloitte knew something was amiss as long ago as last October so the firm almost certainly knows more than it is disclosing. In response to the Guardian’s report, the company issued a statement but has yet to address the additional details described by Krebs.

Look for more information to trickle out in coming days from the company, but also in the form of leaks from the security community and beyond.

掃碼打開財(cái)富Plus App
亚洲国产成人综合精品| 丰满人妻熟妇乱又伦精品| 人人妻人人妻人人片色AV| 国产精品香蕉自产拍在线观看| a 日本一区二区在线看| 无码精品国产一区二区VR| 最近中文字幕在线中文视频| 日日狠狠久久偷偷色综合0| 亚洲综合欧美色五月俺也去| 欧洲人妻丰满AV无码久久不卡| 久久中文字幕人妻熟AV女| 国产成人精品热玖玖玖| 免费视频无遮挡在线观看| 免费无码αv片在线观看潮喷| 精品亚洲AV无码区最新| 国产成人无码VA在线播放| 九九99久久精品国产按摩| 国产三区在线成人AV| 亚洲AV一宅男色影视| 国内揄拍国内精品少妇| 亚洲欧美日韩国产综合中文100| 国产成人精品系列在线观看| 国产白嫩护士被弄高潮| 伊人久久精品无码麻豆一区| 日韩人妻中文字幕毛片a√| 亚洲成熟丰满熟妇高潮XXXXX| 欧美成人性毛片视频| 欧洲最大但人文艺术114| 国产精品爽爽V在线观看无码| 日本熟妇色熟妇在线视频播放| 国产乱码一二三区精品| 精品无码午夜福利理论片| 国产VA免费精品高清在线观看| 曰本一区二区视频在线观看| 一级做a爰片久久毛片潮喷| 亚洲精品国产字幕久久不卡| 久久精品无码一区二区三区| 成人电影在线播放| 国产女人与黑人精品中文| 亚洲欧洲日产国码久在线| 国产一区二区精品久久岳√|