导读:据全球金融网络组织Swift透露,近日又发生了一起网络攻击银行案件,作案人员所使用的工具和技术都和二月份的孟加拉国央行失窃案件十分相似。
A cyber-attack, similar to one that saw $81m (56m dollar) stolen from Bangladesh’s central bank, has hit a second bank.
前些日子,孟加拉国央行曾被盗8100万美元(约合5600万英镑),而近日类似的网络攻击又袭击了第二所银行。
The warning about the second attack came from Swift, which oversees the financial messaging network that underpins global money transfers.
这一次(实际上是第二次)的网络袭击由Swift预警。该组织负责监督全球金融通讯网络,以求加强全球资金转移安全。
Swift said the target was a commercial bank but did not name the organisation or reveal if any cash had been taken.
Swift说这次袭击的目标是一家商业银行,但是并没有指出这家银行的名字,也未透露是否已经有资金被盗取。
The attack used techniques and tools resembling those used to steal cash from Bangladesh in February, it said.
据Swift透露,这次攻击所使用的技术和工具都和二月份孟加拉国央行发生的现金盗窃案件很相似。
Swift is used by about 11,000 financial institutions around the world to move large amounts of cash.
全世界有大约11000家金融机构使用Swift来转移大量现金。
The attackers had a "deep and sophisticated knowledge of specific operational controls" at the targeted bank, and could have been aided in their theft by "malicious insiders", said Swift.
据Swfit透露,发动这起攻击的人“对目标银行的具体操作有一个深入而详细的了解,”所以这起盗窃行动很有可能得到了该银行“内部人员”的协助。
In both attacks the thieves sought to submit fraudulent messages to the Swift network to transfer large amounts of cash to accounts they controlled.
在这两起网络攻击案件中,犯罪嫌疑人都企图在Swift的网络系统中发布欺诈性的信息,以此将大量的现金转移到他们控制的账户上。
Analysis of February’s attack suggested the gang aimed to steal about $1bn by moving cash from an account held by Bangladesh’s central bank at New York’s Federal Reserve to other accounts.
根据对二月份那起网络攻击的分析显示,该犯罪团伙企图从纽约联邦储备银行孟加拉国央行账户上偷取10亿美元的现金,然后转移到其他账户上。
A spelling mistake in one of the transfer orders alerted staff and stopped much of the money going astray.
但是在转账过程中一个拼写错误使得工作人员变得警惕起来,最终阻止了更大金额的资金被盗取。
The second attack showed that the Bangladesh theft was not an isolated incident but "part of a wider and highly adaptive campaign targeting banks", said Swift.
据Swift透露,这第二次的攻击事件表明,孟加拉国央行失窃案件并不是个案,而是“一场针对银行的、更广泛的高度适应性行动的一部分。”
It added that its core network remained secure despite the attempts by cyberthieves to manipulate it.
据Swift透露,尽管犯罪分子曾经企图控制他们的网络系统,但是目前Swift的核心网络依然是安全的。
In April, Swift released software updates that it said would help customers improve security.
在四月份的时候,Swift曾进行了软件更新,称其可以提高客户的安全性。
An investigation into February’s attack revealed that the cyberthieves won access to the central bank network because of poor security controls.
对二月份孟加拉国央行失窃事件的调查显示,由于糟糕的安全控制系统,窃贼才得以进入央行网络系统。
The bank had no firewall, which is designed to block unauthorised access requests. It also used second-hand internet routers, which had cost $10, to connect to global financial networks.
失窃银行没有防火墙,因而无法阻止未经授权的访问。它还使用了一些成本仅为10美元的二手路由器,以此来连接全球金融网络。