併購交易信息成黑客攻擊新目標

Cyber criminals have been discovered hacking more than 100 companies, investment advisers and law firms in search of market-moving information about deals, according to researchers at cyber security company FireEye.

網絡安全公司FireEye的研究人員表示，他們發現，遭受網絡罪犯黑客攻擊的公司、投資顧問和律所已經超過100家。這些黑客攻擊的目的是獲取可驅動市場變化的交易信息。

The ‘FIN 4’ group uses targeted emails containing malicious links and downloads to get passwords for board level executives and corporate development teams, most of them US-based, as they conduct talks concerning mergers and acquisitions. Up to five organisations per deal have been hacked to build a picture of the chance of a deal’s success.

“FIN 4”團體使用含有惡意鏈接和下載內容的定向電子郵件，在董事會級高管和公司開發團隊成員（多數位於美國）進行併購談判期間獲得他們的密碼。每一筆交易而言，最多獲取5家機構的信息，就可以大致判斷一樁交易成功的可能性。

More than two-thirds of the targets are in the pharmaceutical industry, FireEye said, as hackers trawl private inboxes for information on drug trials and US Medicare reimbursement policies as well as deals, which could affect those companies’ stock prices.

FireEye表示，逾三分之二的被攻擊目標位於製藥行業，黑客們翻看私人收件箱查找有關藥品試驗、美國聯邦醫療保險計劃(Medicare)報銷政策以及交易的信息。這些信息可能影響所涉公司的股價。

Jen Weedon, threat intelligence manager at FireEye, said while it had no conclusive evidence of who was behind the hacking, it appeared to be a US or western-based group with detailed knowledge of how Wall Street works.

FireEye的威脅情報經理詹•威登(Jen Weedon)表示，儘管該公司尚未掌握黑客攻擊的幕後主使是誰的確鑿證據，但它可能是一家非常瞭解華爾街工作原理的美國或西方團體。

FireEye said it had handed the evidence on the hacking group to the SEC and other regulators and agencies, which may be interested in investigating further.

FireEye表示，已將該黑客團體的證據提交給美國證交會(SEC)等監管機構和相關部門，後者可能有興趣發起進一步調查。

This is the first time FireEye has seen a large scale operation which appears to be trying to manipulate the financial markets, she said, as previously many cyber attacks targeting sensitive M&A information have been conducted by Chinese groups trying to secure a better negotiating position for their own companies. Bankers do not appear to have been targeted by ‘FIN 4’, perhaps because banks are known to have some of the best cyber defences, Ms Weedon said.

詹•威登表示，這是FireEye首次發現似乎企圖操縱金融市場的大規模行動，而此前發現的多次瞄準敏感併購信息的網絡攻擊是中國一些團體發起的，爲的是幫助國內公司獲得更有利的談判地位。她表示，銀行從業人員似乎沒有成爲“FIN 4”團體的攻擊目標，這或許是因爲人們一向認爲銀行擁有最牢固的網絡防範措施。

It is difficult to trace manipulation in the markets based on information stolen during cyber attacks. Cyber security experts say this kind of attack is not yet common but they expect it to rise, particularly as companies make it more difficult to conduct other types of attacks, such as stealing credit card data from point of sale devices.

根據網絡攻擊中被竊取的信息來查證誰試圖操縱市場，並非易事。網絡安全專家們表示，這個類型的攻擊目前尚不普遍，但預計會有所增加，尤其公司的防範還增加了其他類型攻擊（比如通過收銀臺設備竊取信用卡數據）的實施難度。