请各单位注意，请各单位注意！

5月12日晚上20时左右，全球爆发大规模勒索软件（RansomWare）感染事件，用户只要开机上网就可被攻击。

短短5个小时，英国、俄罗斯、整个欧洲以及国内多个高校校内网、大型企业内网和政府机构专网纷纷中招，被勒索支付高额赎金(有的需要比特币)才能解密恢复文件，这场攻击甚至造成了教学系统瘫痪，包括校园一卡通系统。

那么问题来了，勒索软件到底是啥？让我们先来普及一下，哈哈！

☟

下面，我们一起来看看外媒是如何报道的、

☟

The ransomware causing chaos globally

Tens of thousands of organisations have been caught out by a computer virus called WannaCry. The malicious software locks data away and demands a payment of up to $300 (£230) a time before it will restore scrambled files.

In the UK, many hospitals fell victim and some health organisations diverted[1] ambulances and cancelled non-essential services as they sought to contain and clean up the infection.

[1]divert/daɪˈvɜːt/ 

1)to cause something or someone to change direction 使改变方向，使转向 

Traffic will be diverted through the side streets while the main road is resurfaced. 

这条主干道重铺路面时，车辆行人将被分流到小路通行。

2)to use something for a different purpose 将…用于其他目的；改变…的用途 

Should more funds be diverted from roads into railways? 

是否应该将更多的资金从公路转投到铁路上？

Infections in more than 99 nations are being reported by security firms. It appears that the hardest hit are Russia and Spain.

What has happened?

The most widespread and public malware outbreak for years has managed to infect a huge number of large organisations.

The culprit[2] is malware called WannaCry - which encrypts[3] a computer's files and demands a ransom[4] payment before allowing access again.

[2]culprit/ˈkʌl.prɪt/: a fact or situation that is the reason for something bad happening 问题的起因；罪魁祸首 

Children in this country are getting much too fat, and sugar and sweets are the main culprits. 

该国儿童过于肥胖，糖和甜食是罪魁祸首。

[3]encrypt/ɪnˈkrɪpt/: to change electronic information or signals into a secret code (= system of letters, numbers, or symbols) that people cannot understand or use on normal equipment 将…译成密码；把…编码；把…加密 

Your financial information is fully encrypted and cannot be accessed. 

有关你财务状况的信息已被完全加密，别人无法看到。

[4]ransom/ˈræn.səm/: a large amount of money that is demanded in exchange for someone who has been taken prisoner, or sometimes for an animal 赎金 

a ransom demand/note 索要赎金／勒索赎金的字条 

They demanded a huge ransom for the return of the little girl whom they had kidnapped. 

他们索要巨额赎金作为放回被绑小女孩的条件。

It seems to have spread via a computer virus known as a worm.

Unlike many other malicious programs, this one has the ability to move around a network by itself. Most others rely on humans to spread by tricking them into clicking on an attachment harbouring [5] the attack code.

[5]harbour/ˈhɑː.bər/: to protect someone or something bad, especially by hiding that person or thing when the police are looking for him, her, or it 庇护，窝藏，藏匿（罪犯或赃物） 

to harbour a criminal 窝藏罪犯

By contrast, once WannaCry is inside an organisation it will hunt down vulnerable machines and infect them too. This perhaps explains why its impact is so public - because large numbers of machines at each victim organisation are being compromised.

Who made the WannaCry worm?

Currently, we do not know. Ransomware has been a firm favourite of cyber-thieves for some time as it lets them profit quickly from an infection. They can cash out easily thanks to the use of the Bitcoin[6] virtual currency, which is difficult to trace.

[6]Bitcoin is a decentralized digital currency that enables instant payments to anyone, anywhere in the world. Bitcoin uses peer-to-peer technology to operate with no central authority: transaction management and money issuance are carried out collectively by the network.

Bitcoin是最早实现“加密货币”这一概念的系统，该设想最早由戴伟（Dai Wei,音译）于1998年在cypherpunks函件用户组首次提出的。 它建立在这样一个概念之上，即货币可以是任何东西或记录，只要它在一个国家或社会经济体系内被接受为商品服务的支付方式，或是债务偿还的方式。比特币的设计核心思想是以数学题答案作为货币，其发行权独立于任何中央机构之外。

The competition among different ransomware gangs has led them to look for ever more effective ways of spreading their malicious code.

WannaCry seems to be built to exploit a bug found by the US National Security Agency. When details of the bug were leaked, many security researchers predicted it would lead to the creation of self-starting ransomware worms. It may, then, have only taken a couple of months for malicious hackers to make good on[7] that prediction.

[7]make good on: When someone makes good something, they either pay for it, or make it happen. 偿付；支付；履行；成功 

My uncle owed thousands, but eventually he made good on all of his debts. 

我的叔叔负债好几千，但最终他全部还清了。

Why has the NHS been hit so hard?

There could be a lot of reasons. The most likely one is because it is a huge organisation supported by a massive IT infrastructure. It also has lots of partners and suppliers that connect to its core network.

Complexity is the enemy of security and it is a fair bet that some bits of that network, especially those operated by suppliers, are not as well maintained as they should be. This could mean that patches that would have thwarted[8] WannaCry were not applied. So, as soon as the worm got in, it could run rampant.

[8]thwart/θwɔːt/:to stop something from happening or someone from doing something 反对；阻挠；挫败 

Our holiday plans were thwarted by the airline pilots' strike. 

因为飞行员的罢工，我们的度假计划泡汤了。

Is my computer at risk?

It depends. The WannaCry virus only infects machines running Windows. If you do not update Windows and do not take care when opening and reading emails then you could be at risk.

You can protect yourself by running updates, using firewalls and anti-virus software and by being wary when reading emailed messages. It might also be worth taking a back up of key data so you can restore without having to pay up should you be infected.

Can these infections be stopped?

Not really. However, organisations can, and do, work hard to protect themselves. They set up firewalls, install anti-virus programs, apply file filters, run intrusion detection and regularly update software to keep malware and hackers out.

However, no protection can ever be 100% perfect. Why? Because organisations are run by people and they make mistakes. Recognising this, many cyber thieves now rely on tricking insiders into opening booby-trapped[9] attachments or links in emails to start off an infection - a practice known as phishing[10].

[9]booby trap(n)/ˈbuː.bi ˌtræp/: something dangerous, especially a bomb, that is hidden inside somewhere that looks safe 陷阱；（尤指）饵雷 

The bodyguard was killed while checking the president's car for booby traps. 

保镖在检查总统专车有无饵雷时被炸身亡。

[10]phishing/ˈfɪʃ.ɪŋ/: an attempt to trick someone into giving information over the internet or by email that would allow someone else to take money from them , for example by taking money out of their bank account “网络钓鱼”（骗取他人网上银行账户的有关信息从而盗取他人资金的行为）

And then there are the billions of login names and passwords stolen and shared by hackers over the last few years. Some cyber gangs now comb through[11] these to find credentials[12] from organisations they want to target. That lets them log in as if they were an employee and start their attack from the inside.

[11]comb through: If you comb through information, you look at it very carefully in order to find something. 仔细查看

Eight policemen then spent two years combing through the evidence.

8名警察后来用了两年的时间仔细审查那些证据。

[12]credential/krɪˈden.ʃəl/: a piece of information that is sent from one computer to another to check that a user is who they claim to be or to allow someone to see information （计算机用户的）身份验证信息

In this case, a patch to close the bug has been available since 14 March but many organisations have clearly failed to apply it in time.

最后，建议大家赶紧尽快使用360安全卫士推出的“NSA武器库免疫工具”进行防御，该工具能够一键检测修复NSA黑客武器攻击的漏洞！

下载NSA武器库免疫工具，请点击阅读原文~