Chinese hackers are targeting organisations in India to glean strategic and commercially sensitive material, according to a leading cyber security specialist, in a move likely to deepen tensions between Asia’s two largest emerging economies.
一家领先的网络安全公司表示,中国黑客把目标瞄准了印度境内机构,旨在收集战略性和商业敏感性资料。这类举动可能加剧这两个亚洲最大新兴经济体之间的紧张关系。
FireEye, a US network security company, on Friday released information identifying an unnamed group it said was “almost certainly” based in China that has attacked more than 70 institutions in India in recent years using a script called “watermain”. Information on India-based activists working on issues linked to the disputed Chinese region of Tibet was also among the material targeted.
上周五,美国网络安全公司FireEye公布信息,表示发现近年来有个团体使用“watermain”脚本对70多家印度机构发起了攻击,该团体名字不详,“几乎肯定”位于中国。他们瞄准的资料,包括印度境内致力于西藏相关问题的活动人士的信息。
Although Chinese-backed groups are better known for attacking the US — including a suspected recent data theft from the government’s human resources arm — the news India is also being targeted underlines the extent to which China’s hackers are now a concern for nations across Asia.
尽管中国团体攻击美国目标的事情——包括不久前一起涉嫌窃取美国政府人事部门数据的事件——为更多人所知晓,但印度也在中国目标之列,凸显出中国黑客如今已是亚洲各国关切的一个问题。
The watermain attacks originated from what FireEye calls an advanced persistent threat (APT) group that employs a “spear-phishing” technique to gain access to sensitive information.
watermain脚本攻击是由FireEye所称的一个“高级持续性威胁”(APT)团体发起的,该团体使用一种“鱼叉式网络钓鱼”(spear-phishing)手法获取敏感信息。
Targeting employees in organisations including government agencies and universities, the attacks involve fake emails with attachments apparently relevant to their recipients’ work. When opened, the attachments allow hackers to monitor and search for data covertly.
攻击瞄准包括政府部门和大学等机构的雇员,使用了带有附件的虚假邮件,而附件内容表面上与收件人的工作相关。附件被打开后,黑客们就可以暗地里监控和搜索数据了。
The attacks also targeted dozens of organisations in Bangladesh, Nepal and Pakistan, also seeking information on border issues relating to India.
攻击也瞄准了孟加拉国、尼泊尔和巴基斯坦的数十家机构,同样是在寻找与印度相关的边界问题的信息。
Bryce Boland, FireEye’s chief technology officer in Asia, said: “Collecting intelligence on India remains a key strategic goal for China-based APT groups, and these attacks on India’s neighbouring countries reflect growing interest in its foreign affairs.”
FireEye亚洲首席技术官布赖斯?博兰(Bryce Boland)说:“收集有关印度的情报仍是中国各APT团体的一个关键战略目标,对印度邻国的攻击反映出,他们对印度外交事务越来越感兴趣。”
“This particular group seems to be focused on border disputes relating to India. But we know there are other groups targeting India, and these attacks can be very significant in terms of things such as trade negotiations, intellectual property, or negotiation of construction contracts.”
“这个特定团体似乎重点关注与印度相关的边境争端。但我们知道,还有其他团体瞄准着印度,这些攻击可能在贸易谈判、知识产权或建设合同谈判等方面发挥重大作用。”
India has suffered a series of long-running border disputes with China, one of which prompted a minor confrontation between the two country’s armies last year. India also has border issues with other neighbours, notably Pakistan.
长期以来,印度与中国之间一直存在着许多边境争端,去年其中一处争端引发两国军队发生小规模对抗。印度还与巴基斯坦等其他邻国存在边境争议。
Tibet is a further cause of tension. China occupied Tibet in 1950, and is sensitive to threats of separatism, particularly from groups linked to the Dalai Lama, the pacifist spiritual leader who lives in exile in northern India.
西藏是中印关系紧张的一个更深层原因。1950年,中国占领了西藏,如今中国对分裂主义威胁、尤其是对来自与达赖喇嘛(Dalai Lama)有关的团体的威胁很敏感。达赖喇嘛是持和平主义立场的西藏精神领袖,在印度北部流亡。
Facing what many analysts describe as a common threat, India and the US are increasing co-operation on digital security.
面对许多分析人士所称的共同威胁,印度和美国正逐渐加强数字安全方面的合作。
Senior officials from both countries met in Washington last week for a bilateral “cyber dialogue”, which they said had “identified a variety of opportunities for increased collaboration on cyber security?.?.?.?combating cyber crime [and] international security”.
上周,印美两国高级官员在华盛顿会面,举行了双边“网络对话”。他们表示,这次对话“确认了在网络安全……打击网络犯罪(和)和国际安全方面加强合作的大量机会”。
But Sameer Patil, a national security analyst at the Mumbai-based Gateway House think-tank, said India’s government was only in the early stages of developing a response to the threat posed by Chinese-backed groups.
但孟买智库Gateway House的国家安全分析师萨米尔?帕蒂尔(Sameer Patil)表示,在研究对策以应对中国团体所构成的威胁方面,印度政府目前还处于早期阶段。
“They are certainly aware of the rising cyber threat posed by China, both on diplomatic disputes and wider commercial issues,” he said. “They have developed a broad cyber security strategy, but so far this has come with few specifics, or much co-operation between the government and the private sector.”
“他们当然意识到,中国造成的网络威胁越来越大,无论是在外交争端方面还是更广泛的商业问题上,”他说,“他们已制定了一项网络安全战略纲要,但迄今还未拿出多少细则,政府和私人部门之间的合作也不多。”