勒索病毒WannaCry到底是什么?怎么预防?
What does the WannaCry virus do?
问:WannaCry(“想哭”)病毒到底是做什么的?
It locks computers so that users cannot access their files or programs. Hackers ask for payment to safely release the computer.
答:WannaCry病毒会给用户电脑加密,令用户无法访问电脑中的文件或程序。
This type of virus is also known as ransomware.
黑客要求用户支付赎金来解锁电脑。
WannaCry and its variants like Wana- Crypt and Wanna Decryptor target computers that use Microsoft's Windows operating system.
这类病毒被称为勒索病毒。WannaCry病毒及其变种,如Wana-Crypt和Wanna Decryptor的攻击对象是使用微软Windows操作系统的电脑。
How does it infect computers?
问:病毒如何感染电脑?
By e-mail. Users receive a file, usually in a .zip format. When the user clicks on the file or opens it, the virus will automatically spread and lock up files and programs.
答:通过电子邮件。通常情况下,用户先是收到后缀名为.zip的文件,用户点击文件或打开文件后,病毒会自动传播并锁住文件和程序。
Once the computer is fully infected, the user can access only two files - instructions on what to do next and the virus program itself.
一旦电脑被完全感染,用户只能访问两个文件:下一步操作指示和病毒程序本身。
Other forms of ransom- ware lure users into clicking on a fake link in an e-mail or on a bogus website. It will then release a virus that corrupts the computer.
其他形式的勒索病毒会诱使用户点击电子邮件或虚假网站上的虚假链接,继而放出病毒侵入电脑。
Ransomware is not new. Why the panic?
问:勒索病毒不是最近才出现的。为何引起恐慌?
The speed and scale of WannaCry's spread has alarmed security experts.
答:WannaCry病毒传播速度之快、规模之大,震惊了网络安全专家。
Within hours of it being discovered on Friday, over 57,000 attacks were reported across 99 countries, with Russia, Ukraine and Taiwan reportedly the top targets.
周五发现病毒后,数小时内,全球共发生57000多起病毒袭击事件,波及99个国家。俄罗斯、乌克兰和台湾地区成为攻击的主要目标。
Operations in large organisations like Britain's National Health Service, global shipper FedEx in the United States and the Russian Interior Ministry have been affected.
诸如英国国家卫生服务局、美国联邦快递和俄罗斯内务部等大型机构部门的业务均受到影响。
Experts say the malicious software is spreading at a rate of five million e-mails per hour.
专家表示,恶意软件正以每小时500万封电子邮件的速度扩散。
This virus has been designed as a "worm", which means it can automatically spread to other computers in the same network.
这种病毒设计采用“蠕虫”式,意味着它可以自动传播感染同一网络中的其他电脑。
How can one protect one's computer?
问:用户该如何保护自己的电脑?
Microsoft has issued automatic Windows updates to defend its clients from it.
答:微软公司已经发布了Windows自动更新来保护客户电脑。
Additional measures include using a reputable antivirus software and a firewall, backing up files in a separate system and setting a popup blocker.
其他措施包括使用知名杀毒软件、设置防火墙、在其他系统中备份文件以及设置弹出窗口阻止程序。
Beware of clicking links or files in e-mails or on suspicious websites.
注意不要轻易点击电子邮件或可疑网站上的链接或文件。
Users who receive a ransom note should disconnect the computer from the Internet and alert the authorities.
收到赎金要求的用户应立即断网并上报有关部门。
Who are these hackers?
问:这些黑客是什么来头?
No one has claimed responsibility so far.
答:截至目前还没有人声称对此次事件负责。
Experts speculate that it could be a large cyber-criminal gang.
专家猜测,这可能是一个大型的网络犯罪团伙。
What do they want?
问:他们想要什么?
The hackers are asking for payment of US$300 to US$600 in bitcoin, a digital currency, to restore access. Users are warned that if they do not pay up in a few days, their files will be deleted.
答:黑客要求用户以比特币的形式支付价值300美元到600美元的赎金来恢复文件,并威胁用户几天之内支付,不然文件将遭到删除。
The hackers give instructions on how to buy bitcoin and which bitcoin address to send it to.
黑客们甚至给出操作指南,指导用户购买比特币并发到指定的比特币收款地址。
Governments have advised users not to pay the ransom, as it encourages these hackers.
政府建议用户不要支付赎金,否则只会助长黑客的嚣张气焰。
Where did this virus come from?
问:这病毒从哪来的?
The US National Security Agency was the first to discover a flaw in Microsoft's Windows operating system that allowed it to develop a way to hack, or gain access to, computers used by terrorists and enemy states.
答:美国国家安全局最早发现微软Windows操作系统存在漏洞,并利用这个漏洞开发出病毒武器来入侵、访问恐怖分子和敌国的计算机。
The flaw, and a tool to exploit it with malicious software, was made public last month by a hacker collective known as Shadow Brokers.
上个月,名为“影子经纪人”的黑客团体公开了这个漏洞和利用漏洞的恶意软件工具。