US law firms rush to improve defences after China hack
中国黑客入侵促使美国律所加强网络安全
广州法律翻译公司:在三名中国黑客被控窃取数家华尔街律所的数据并从交易中获利后,美国大型律所加强针对网络攻击的防御。
Some of the biggest law firms on Wall Street are scrambling to shore up their defences against cyber attacks, in the wake of a raid by Chinese hackers which led to millions of dollars of profits from insider trading.
华尔街一些最大的律师事务所争相加强针对网络攻击的防御,此前传出的消息称,中国黑客发起的一起攻击导致了数百万美元的内幕交易利润。广州法律翻译公司。
Preet Bharara, US attorney for the southern district of New York, this week charged three individuals who he said infiltrated law firms over a period of about 18 months by hacking in to networks and servers.
纽约南区联邦检察官普里特•巴拉拉(Preet Bharara)本周对三人提出刑事控罪,他表示,这些人在大约18个月期间通过侵入网络和服务器,对律师事务所进行渗透。
Once inside, the gang targeted the email accounts of senior partners who worked on mergers and acquisitions. They then bought stock in at least five publicly traded companies which were the target of deals, netting profits of about $4m once the transactions were announced.
侵入系统后,这个团伙把目标对准处理并购业务的高级合伙人的电子邮件账户。然后他们买入至少五家属于交易目标的上市公司的股票,在交易公布后斩获约400万美元利润。
Reports of the probe earlier this year prompted law firms to try to plug gaps, efforts that are likely to be stepped up after the disclosure of criminal charges against the trio.
今年早些时候有关这项调查的报道,促使各律师事务所努力堵住安全漏洞。在检方宣布对三人提出刑事指控之后,各律所很可能加大这方面的力度。
On Wednesday, New York’s Department of Financial Services added to the urgency by updating a proposed rule on cyber security regulation, which is due to come into force in March.
周三,纽约州金融服务管理局(New York State Department of Financial Services)更新了一项拟议的网络安全监管规则,该规则将于3月生效,此举加大了强化网络安全的紧迫性。广州法律翻译公司。
The rule, the first in the US, requires banks and insurers to make certain that their systems, and the systems of third-party vendors such as law firms, can handle the risks associated with cyber threats.
这套规则将是美国第一项此类规则,它要求银行和保险公司确保其系统和第三方供应商(如律师事务所)的系统能够应对与网络威胁相关的风险。
Two of the law firms advising on deals from which the hackers profited were Cravath, Swaine & Moore and Weil, Gotshal & Manges, according to announcements at the time. Both law firms declined to comment.
根据当时公布的资料,让黑客得逞的为交易提供咨询的律所中,有两家是柯史莫法律事务所(Cravath, Swaine & Moore)和威嘉律师事务所(Weil, Gotshal & Manges)。这两家律所都拒绝置评。
“It wasn’t us this time, but it could have been,” said a senior partner at another white-shoe law firm. “Every day people are trying to get in.”
“这次不是我们,但我们也可能成为受害者,”另一家“白鞋”律师事务所的一位高级合伙人表示。“每天都有人试图侵入系统。”
The action is the latest in a series of cases of so-called “outsider trading”, which watchdogs see as an increasingly serious threat to securities markets.
此案是一系列所谓“外线交易”案件中的最新一例,监管机构认为此类案件对证券市场构成日益严重的威胁。
Unlike classic insider trading, where executives trade stock based on material, non-public information learnt at the office, outsider traders typically have no connection to the company concerned and do not owe a fiduciary duty to anyone.
与典型的内幕交易(高管根据在办公室获得的实质性的、非公开的信息买卖股票)不同,外部交易者一般与相关公司没有联系,也不对任何人负有受托责任。
Last August, US authorities charged a gang of Ukrainian hackers, alleging that they made $30m in illegal profits by trading on stolen information from 150,000 press releases before they were made public.
去年8月,美国有关部门对一伙乌克兰黑客提出刑事指控,声称他们通过窃取15万份未发布新闻稿的信息并据此交易,赚取了3000万美元非法利润。广州法律翻译公司。
That case inspired other Ukraine-based criminals to test the defences of big law firms, according to Flashpoint, an intelligence agency which says it picked up discussion on dark-web forums about a year ago.
商业风险情报公司闪点(Flashpoint)表示,该案激发了乌克兰其他犯罪分子试探大型律师事务所的防御。该公司大约一年前在一些暗网(dark-web)论坛上注意到了相关讨论。
The company put out an alert in March raising awareness of the risk of so-called “spear phishing”, in which hackers use highly targeted emails to trick users into inadvertently downloading software which then attacks their machines.
该公司在今年3月发出警告,旨在提升对所谓“鱼叉式网络钓鱼”(spear phishing)风险的认知,这是指黑客使用高度针对性的电子邮件欺骗用户在不经意间下载软件,这些软件随后攻击他们的机器。
Similar techniques were used in the China attack, said the US government.
美国政府表示,类似方法被用于中国黑客的攻击。
Law firms were seen as “kind of a soft target, because of their perceived lack of proper security hygiene”, said Vitali Kremez, a New York-based analyst in Flashpoint’s cyber crime intelligence unit.
闪点公司网络犯罪情报部门常驻纽约的分析师维塔利•克雷梅兹(Vitali Kremez)介绍说,律师事务所被视为“某种软目标,因为他们被认为缺乏恰当的安全防护”。
