2011《財富》最愚蠢商業事件大盤點（上）

黑客攻陷RSA網絡安全公司

????今年三月，著名的安全與解碼技術企業RSA遭黑客攻擊。攻擊世界上最成功的安全公司？匪夷所思的是，黑客是怎么做到的？答案是，他們向RSA的員工發送了帶有惡意附件的網絡釣魚郵件，郵件主題是“2011年招聘計劃”。

????一位員工打開了郵件中的Excel附件，釋放了一個程序，黑客隨后控制了這名員工的電腦。此后，黑客在RSA的系統中一路暢通無阻。

????據一位研究人員的調查顯示，這次大規模的黑客攻擊涉及了至少760家公司，RSA自然首當其沖，RSA深受歡迎的SecurID標簽也不再安全。

????黑客利用RSA攻擊中獲取的信息，在幾個月后又攻擊了國防承包公司洛克希德馬丁公司（Lockheed Martin）。據該公司稱，此次黑客攻擊事件是對其基礎設施的一次“重大且頑強的”網絡攻擊?！骶S?古德曼

RSA - the security company - gets hacked

????RSA, a preeminent security and encryption vendor, was itself hacked in March. How do you hack one of the most successful security companies? Send its employees phishing e-mails with malicious attachments containing the subject line "2011 Recruitment Plan."

????One worker opened the Excel file attached to the e-mail, which set loose a program letting the attacker control the employee's PC. From there, the attackers roamed through RSA's systems.

????The massive attack, which ensnared at least 760 companies, according to one researcher's investigation, hit RSA the hardest, rendering its popular SecurID tags less secure.

????Using information obtained in the RSA hack, attackers hit the IT systems of defense contractor Lockheed Martin a few months later, in what the company called a "significant and tenacious" cyber attack on its infrastructure. -- David Goldman