当前位置:首页 > 企业新闻
时间:2022-04-26 来源:lol比赛竞猜投注 浏览量 72560 次
本文摘要:China’s spy agency has ordered local hackers to abstain from global hacking contests and instead report any vulnerabilities to the security ministry or the affected company, according to cyber security experts, as Beijing seeks to tighten its control over technology and information.网络信息安全权威专家答复,中国的特工组织已指令该国网络黑客不必参加全世界网络黑客大赛,想要向安全部门或涉案人员企业汇报其寻找的一切漏洞。

China’s spy agency has ordered local hackers to abstain from global hacking contests and instead report any vulnerabilities to the security ministry or the affected company, according to cyber security experts, as Beijing seeks to tighten its control over technology and information.网络信息安全权威专家答复,中国的特工组织已指令该国网络黑客不必参加全世界网络黑客大赛,想要向安全部门或涉案人员企业汇报其寻找的一切漏洞。北京市层面现阶段正在尝试放开对高新科技和信息内容的操控。

The guidance from the Ministry of State Security, which comes as China is taking an increasingly isolationist approach to technology, was aimed at boosting its stash of intelligence, experts said.中国国家安全部门发号施令这一指令之时,中国已经采行一种日渐单边主义的高新科技线路。权威专家答复,这一指令用意不断发展中国操控的资源贮备。“Clearly this is about local control,” said Christopher Ahlberg, co-founder and chief executive of US-based cyber intelligence firm Recorded Future. “Vulnerabilities could be problems in software but are also an opportunity to get backdoors into them.”“好像这与当地操控相关。

”美国网络资源企业Recorded Future带头创办人、CEO克里斯托弗?阿尔伯格(Christopher Ahlberg)讲到,“漏洞有可能是手机软件中的难题,但他们也是在手机软件的身上福侧门的机遇。”The move is the latest bid by China to secure control of technology and information. It follows initiatives such as Made in China 2025 — a scheme to restructure China’s industrial policy — and last year’s cyber security law that requires foreign companies to store data locally and allow data surveillance by China’s security apparatus.这一举动是中国为确保对高新科技和信息内容的操控所采行的最近试着。

先前,中国还执行了一些对策,还包含《中国生产2025》(一项调节中国国家产业政策的方案),及其上年执行的、回绝国外公司在本地存储数据信息和允许中国安全系数组织监管数据信息的国家安全法。The guidance also eliminates some of the key players from what has become a globally popular way of discovering vulnerabilities, so that vendors can fix them before cybercriminals jump in.这一指令还促使一些最重要的参加者缺阵一种全世界流行的寻找漏洞的方法。运用这类方法,手机软件经销商可在漏洞遭受互联网犯罪嫌疑人运用前修补他们。Tencent Keen Labs, part of Chinese technology titan Tencent, prompted Tesla to fix vulnerabilities after hacking into its cars. Chinese hackers have also been credited with discovering vulnerabilities at US-based tech multinationals including Google, Apple and Microsoft, according to FireEye, a cyber security company. Tencent did not respond to request for comment.腾讯官方沃斯特试验室(Keen Security Lab of Tencent)归属于中国互联网巨头腾讯官方(Tencent),曾成功入侵特斯拉汽车(Tesla)的轿车,促使特斯拉汽车整修漏洞。


While no formal edict has been issued on relevant Chinese state websites, Chinese participants were absent from the annual Pwn2Own hacking contest this month and the Black Hat event in Singapore last week. “They’ve been given guidance that they should no longer participate in events where vulnerabilities are publicly disclosed,” said Bryce Boland, chief technology officer at FireEye.虽然中国政府部门涉及到网址上未发布一切月指令,但中国选手缺阵了当月举行的一年一度的Pwn2Own网络黑客大赛和上星期在马来西亚举行的“黑帽优化网络信息安全交流会”(Black Hat)。FireEye技术总监布赖斯?博兰(Bryce Boland)讲到:“她们接到指令,回绝她们依然参加公布发布表露漏洞的比赛。

”“Pwn2Own used to be basically flooded with Chinese who won all the competitions, but this time there were more or less no Chinese there,” added Mr Ahlberg. Now Chinese hackers could only take a discovery to the vendor or the Ministry “who might notify the vendor or might not”.“以往Pwn2Own大赛上大部分仅有是中国人,她们斩获了全部的比赛,但这一次彻底没中国人比赛,”阿尔伯格补充称作。如今中国网络黑客不可以把寻找的漏洞请示报告给手机软件经销商或安全部门,而安全部门“很有可能会通告经销商,也是有很有可能不通告”。MSS has already offered clues on its stance with its National Vulnerability database, CNNVD, a repository of known vulnerabilities in different software products. Analysis by Recorded Future showed it had altered publication dates for at least 267 vulnerabilities — a lag, the group said, that highlighted identities the MSS was “likely considering for use in offensive cyber operations”.从中国国家网络信息安全漏洞库(CNNVD)能够在一定水平上显出安全部门的观点。国家网络信息安全漏洞库收录与了各种各样软件项目的不明漏洞。


Recorded Future的分析表明,国家网络信息安全漏洞库修改了至少267个漏洞的发布时间——该企业答复,这一缓慢突显安全部门“很可能会充分考虑将(这种已证实的漏洞)作为攻击能力互联网行動”。Mr Boland said that if the block on attending public contests was designed to have hackers report directly to the CNNVD it would create a “significant threat” because of the scope for Chinese hackers to exploit a huge pool of vulnerabilities.博兰答复,假如劝阻网络黑客参加联赛事的目地是让网络黑客必需向国家网络信息安全漏洞库请示报告,这将可以说出有一个“全局性威协”,由于中国网络黑客将具有运用很多漏洞的室内空间。

“It’s like putting a vulnerabilities database with the CIA,” said Mr Ahlberg, referring to the US intelligence agency. “You’re really putting the hen in with the foxes. That’s the policy problem here but they’ve done it for a very good reason: they want total control.”“这就看上去把漏洞库放进美国中情局(CIA)一样。”阿尔伯格拿英国的情报组织比喻讲到,“你这本质上是把老母鸡放进小狐狸填里。这就是这里边不会有的现行政策难题,但她们早就那么保证了,原因很充份:她们想基本上的操控。



版权所有台湾市 Riot Games股份有限公司 台ICP备32315130号-2

公司地址: 台湾省台湾市台湾区平来大楼79号 联系电话:0698-949713756

Copyright © 2018 Corporation,All Rights Reserved.