并购交易信息成黑客攻击新目标

Cyber criminals have been discovered hacking more than 100 companies, investment advisers and law firms in search of market-moving information about deals, according to researchers at cyber security company FireEye.

网络安全公司FireEye的研究人员表示，他们发现，遭受网络罪犯黑客攻击的公司、投资顾问和律所已经超过100家。这些黑客攻击的目的是获取可驱动市场变化的交易信息。

The ‘FIN 4’ group uses targeted emails containing malicious links and downloads to get passwords for board level executives and corporate development teams, most of them US-based, as they conduct talks concerning mergers and acquisitions. Up to five organisations per deal have been hacked to build a picture of the chance of a deal’s success.

“FIN 4”团体使用含有恶意链接和下载内容的定向电子邮件，在董事会级高管和公司开发团队成员（多数位于美国）进行并购谈判期间获得他们的密码。每一笔交易而言，最多获取5家机构的信息，就可以大致判断一桩交易成功的可能性。

More than two-thirds of the targets are in the pharmaceutical industry, FireEye said, as hackers trawl private inboxes for information on drug trials and US Medicare reimbursement policies as well as deals, which could affect those companies’ stock prices.

FireEye表示，逾三分之二的被攻击目标位于制药行业，黑客们翻看私人收件箱查找有关药品试验、美国联邦医疗保险计划(Medicare)报销政策以及交易的信息。这些信息可能影响所涉公司的股价。

Jen Weedon, threat intelligence manager at FireEye, said while it had no conclusive evidence of who was behind the hacking, it appeared to be a US or western-based group with detailed knowledge of how Wall Street works.

FireEye的威胁情报经理詹•威登(Jen Weedon)表示，尽管该公司尚未掌握黑客攻击的幕后主使是谁的确凿证据，但它可能是一家非常了解华尔街工作原理的美国或西方团体。

FireEye said it had handed the evidence on the hacking group to the SEC and other regulators and agencies, which may be interested in investigating further.

FireEye表示，已将该黑客团体的证据提交给美国证交会(SEC)等监管机构和相关部门，后者可能有兴趣发起进一步调查。

This is the first time FireEye has seen a large scale operation which appears to be trying to manipulate the financial markets, she said, as previously many cyber attacks targeting sensitive M&A information have been conducted by Chinese groups trying to secure a better negotiating position for their own companies. Bankers do not appear to have been targeted by ‘FIN 4’, perhaps because banks are known to have some of the best cyber defences, Ms Weedon said.

詹•威登表示，这是FireEye首次发现似乎企图操纵金融市场的大规模行动，而此前发现的多次瞄准敏感并购信息的网络攻击是中国一些团体发起的，为的是帮助国内公司获得更有利的谈判地位。她表示，银行从业人员似乎没有成为“FIN 4”团体的攻击目标，这或许是因为人们一向认为银行拥有最牢固的网络防范措施。

It is difficult to trace manipulation in the markets based on information stolen during cyber attacks. Cyber security experts say this kind of attack is not yet common but they expect it to rise, particularly as companies make it more difficult to conduct other types of attacks, such as stealing credit card data from point of sale devices.

根据网络攻击中被窃取的信息来查证谁试图操纵市场，并非易事。网络安全专家们表示，这个类型的攻击目前尚不普遍，但预计会有所增加，尤其公司的防范还增加了其他类型攻击（比如通过收银台设备窃取信用卡数据）的实施难度。