2011《财富》最愚蠢商业事件大盘点（上）

黑客攻陷RSA网络安全公司

    今年三月，著名的安全与解码技术企业RSA遭黑客攻击。攻击世界上最成功的安全公司？匪夷所思的是，黑客是怎么做到的？答案是，他们向RSA的员工发送了带有恶意附件的网络钓鱼邮件，邮件主题是“2011年招聘计划”。

    一位员工打开了邮件中的Excel附件，释放了一个程序，黑客随后控制了这名员工的电脑。此后，黑客在RSA的系统中一路畅通无阻。

    据一位研究人员的调查显示，这次大规模的黑客攻击涉及了至少760家公司，RSA自然首当其冲，RSA深受欢迎的SecurID标签也不再安全。

    黑客利用RSA攻击中获取的信息，在几个月后又攻击了国防承包公司洛克希德马丁公司（Lockheed Martin）。据该公司称，此次黑客攻击事件是对其基础设施的一次“重大且顽强的”网络攻击。——戴维•古德曼

RSA - the security company - gets hacked

    RSA, a preeminent security and encryption vendor, was itself hacked in March. How do you hack one of the most successful security companies? Send its employees phishing e-mails with malicious attachments containing the subject line "2011 Recruitment Plan."

    One worker opened the Excel file attached to the e-mail, which set loose a program letting the attacker control the employee's PC. From there, the attackers roamed through RSA's systems.

    The massive attack, which ensnared at least 760 companies, according to one researcher's investigation, hit RSA the hardest, rendering its popular SecurID tags less secure.

    Using information obtained in the RSA hack, attackers hit the IT systems of defense contractor Lockheed Martin a few months later, in what the company called a "significant and tenacious" cyber attack on its infrastructure. -- David Goldman