多個組織聯(lián)合發(fā)布了一份建議，以提高網(wǎng)絡(luò)領(lǐng)域的安全性。

　　2021 年 7 月 1 日晚上 9:54

　　據(jù)國際戰(zhàn)略研究所發(fā)布的信息稱，美國當局認為俄羅斯的總參謀部 （GRU） 和某些下屬單位是進攻性網(wǎng)絡(luò)和影響行動的主要參與者。

　　英國國家網(wǎng)絡(luò)安全中心聯(lián)合發(fā)布了“俄羅斯 GRU 開展全球蠻力運動以破壞企業(yè)和云環(huán)境”的咨詢報告，敦促有關(guān)公司進一步加強網(wǎng)絡(luò)防御。

　　在一份聲明中，美國國家安全局 （NSA） 網(wǎng)絡(luò)安全主任羅布喬伊斯表示，該活動“可能在全球范圍內(nèi)持續(xù)進行”。

　　已經(jīng)有多個機構(gòu)表示，俄羅斯一直在對全球數(shù)百個組織進行積極的網(wǎng)絡(luò)攻擊（圖片：PA）。

　　蠻力攻擊涉及自動破解具有潛在密碼的網(wǎng)站，直到黑客獲得訪問權(quán)限，但該活動的具體目標并未披露。

　　美國國家安全局表示，至少從 2019 年年中開始，與 GRU 相關(guān)的特工就試圖使用 Kubernetes 闖入網(wǎng)絡(luò)，Kubernetes 是一種最初由谷歌開發(fā)的用于管理云服務(wù)的開源工具。

　　美國國家安全局表示，雖然“大量”企圖闖入的目標是使用微軟 Office 365 云服務(wù)的組織，但黑客也攻擊了其他云提供商和電子郵件服務(wù)器。

　　據(jù)美國的網(wǎng)絡(luò)監(jiān)控公司 Gigamon 的威脅分析師 Joe Slowik 表示，NSA 描述的蠻力方法和網(wǎng)絡(luò)內(nèi)部橫向移動在國家支持的黑客和犯罪勒索軟件團伙中很常見，這使得 GRU 能夠與其他參與者混為一談。

　　聯(lián)邦調(diào)查局和網(wǎng)絡(luò)安全與基礎(chǔ)設(shè)施安全局也加入了咨詢行列。

　　UK, US Agencies Accuse Russian Military Intelligence Of 'Brute Force' Cyber Campaign

　　Multiple organisations have jointly published an advisory to promote greater security in the cyber domain.

　　1st July 2021 at 9:54pm

　　The US authorities consider Russia's Directorate of the General Staff （GRU） and certain subordinate units principle actors in offensive cyber and influence operations, according to the International Institute for Strategic Studies.

　　The British National Cyber Security Centre jointly issued the advisory 'Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments' – urging companies to bolster their defences.

　　In a statement, the US National Security Agency （NSA） Cybersecurity Director, Rob Joyce, said the campaign was “l(fā)ikely ongoing, on a global scale”.

　　Russia have been conducting aggressive cyber attacks against hundred of organisations worldwide, multiple agencies have said （Picture: PA）。

　　Brute force attacks involve the automated spraying of sites with potential passwords until hackers gain access, though specific targets of the campaign were not disclosed.

　　The NSA says GRU-linked operatives have tried to break into networks using Kubernetes, an open-source tool originally developed by Google to manage cloud services, since at least mid-2019.

　　While a “significant amount” of the attempted break-ins targeted organisations using Microsoft's Office 365 cloud services, the hackers went after other cloud providers and email servers as well, the NSA said.

　　Joe Slowik, a threat analyst at the network-monitoring firm Gigamon, said the brute force method and lateral movement inside networks described by NSA are common among state-backed hackers and criminal ransomware gangs, allowing the GRU to blend in with other actors.

　　The FBI and the Cybersecurity and Infrastructure Security Agency also joined the advisory.