中國黑客被控入侵美國律師電腦，獲利400萬美元

Law firms that advise on mergers once had to worry about a rogue employee trading on deal tips. Now, they have to worry about hackers doing the same.

以前，負(fù)責(zé)并購交易的律師事務(wù)所需要擔(dān)心行為不軌的員工用與交易有關(guān)的內(nèi)部信息買賣股票?，F(xiàn)在，他們也要小心黑客會做出同樣的行為。

Federal prosecutors in Manhattan have charged three Chinese citizens with making more than $4 million by trading on information they got by hacking into some of the top merger-advising law firms in New York. The three men targeted at least seven New York law firms to try to obtain information about deals in the works, according to an indictment unsealed on Tuesday.

曼哈頓的聯(lián)邦檢察官已起訴三名中國公民，指控他們用黑客手法，從紐約幾家最大的律師事務(wù)所竊取信息，并用有關(guān)信息進(jìn)行股票交易，獲利逾400萬美元，被竊取信息的律師事務(wù)所均從事并購業(yè)務(wù)。據(jù)周二公布的起訴書顯示，這三人的目標(biāo)包括至少七家紐約律師事務(wù)所，他們試圖獲取律所正在進(jìn)行的并購業(yè)務(wù)相關(guān)信息。

The men were successful in hacking two firms, stealing emails of partners who work on mergers, prosecutors said. The three then bought shares of target companies, selling them after the deals were announced, prosecutors said.

三人成功地對兩家律師事務(wù)所進(jìn)行了黑客攻擊，竊取了從事并購業(yè)務(wù)的律所合伙人的電子郵件，檢察官說。然后，這三人買入目標(biāo)公司的股票，在收購宣布后，再將股票賣出，檢察官說。

Shares of targets in most such transactions tend to trade higher when a deal is announced because they are usually purchased for more than their market price.

在此類并購交易中，大多數(shù)目標(biāo)公司股票的交易價往往會在并購宣布后上漲，因為這些公司的并購價通常高于其股市價格。

Hackers’ ability to breach the defenses of big law firms in search of confidential information about corporate clients — including tips about coming mergers and acquisitions — has long been a concern of federal authorities. Most major law firms have played down the threat posed by hackers and have been reluctant to discuss breaches or even attempted breaches.

聯(lián)邦當(dāng)局長期以來一直關(guān)注的一個問題是，黑客為獲得律師事務(wù)所企業(yè)客戶的機(jī)密信息，包括有關(guān)并購的內(nèi)部信息，攻破大型律師事務(wù)所的網(wǎng)絡(luò)防御。大多數(shù)大型律師事務(wù)所都不重視黑客的威脅，不愿討論遭受黑客攻擊的問題，甚至不愿討論未能成功的攻擊。

“This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world,” Preet Bharara, the United States attorney in Manhattan, said in a statement. “You are and will be targets of cyberhacking because you have information valuable to would-be criminals.”

曼哈頓的聯(lián)邦檢察官普里特·巴拉拉(Preet Bharara)在一份聲明中說，“這個網(wǎng)絡(luò)與證券欺詐結(jié)合的案件應(yīng)當(dāng)為世界各地的律師事務(wù)所敲響警鐘：你們是、并且會成為網(wǎng)絡(luò)黑客的目標(biāo)，因為你們手握對潛在的犯罪者有價值的信息。”

The law firms were not identified in the indictment or in a parallel civil complaint brought by the Securities and Exchange Commission.

在這份起訴書和證監(jiān)會提出的相關(guān)民事起訴狀中，都沒有披露相關(guān)律師事務(wù)所的名字。

Earlier this year, one large New York firm, Cravath, Swaine & Moore, confirmed that it had been the victim of a “limited breach” of its computer network in the summer of 2015. At the time, the law firm said it was “not aware that any of the information that may have been accessed has been used improperly.”

今年早些時候，大型紐約律所科瓦斯-斯懷恩-摩爾國際律師事務(wù)所(Cravath, Swaine & Moore)承認(rèn)，他們的計算機(jī)網(wǎng)絡(luò)在2015年夏遭到了“小破壞”。當(dāng)時該律所表示，他們“沒發(fā)現(xiàn)有人不當(dāng)使用了任何可能被盜竊的信息”。

Cravath did not immediately respond to phone calls and emails seeking comment on Tuesday.

該律所沒有立即回應(yīng)本周二尋求置評的電話和電子郵件。

“Law firms have been identified as the weakest link, and it is great to see the U.S. attorney taking an interest,” said Daniel Garrie, a law firm security consultant.

“律師事務(wù)所被認(rèn)為是最薄弱的環(huán)節(jié)，”律所安全顧問丹尼爾·加里(Daniel Garrie)說，“很高興看到聯(lián)邦檢察官對此表現(xiàn)出興趣”。

The three men charged with insider trading and hacking are Iat Hong, Bo Zheng and Chin Hung, the United States attorney’s office and the Federal Bureau of Investigation said. Mr. Hong, a resident of Macau, was arrested in Hong Kong on Christmas. 美國聯(lián)邦檢察官辦公室和聯(lián)邦調(diào)查局說，遭到內(nèi)幕交易和黑客罪名指控的三個人是康樂(Iat Hong，音)、鄭波(Bo Zheng，音)和洪展(Chin Hung，音)。其中Iat Hong是澳門居民，已于圣誕在香港被捕。

The indictment and the S.E.C. complaint detailed a number of major deals in which confidential information had been retrieved.

起訴書和證交會的民事起訴狀詳細(xì)介紹了被盜走的機(jī)密信息所涉及一些的重大交易。

One law firm was hacked in connection with the sale of Intermune, an American drug maker, to Roche of Switzerland, and the sale of Altera, a circuit manufacturer, to Intel. In both cases, the three men entered the law firm’s servers after unlawfully obtaining an employee’s credentials. They then installed malware on the law firm’s web server, prosecutors said, enabling them to obtain information about live deals, including the price at which they were being negotiated.

一家遭入侵的律師事務(wù)所和瑞士羅氏公司(Roche)收購美國因特姆爾制藥公司(Intermune)，以及英特爾收購?fù)乩拾雽?dǎo)體(Altera)的交易有關(guān)系。在這兩宗并購案中，三個人在非法獲得雇員的登錄資料后，入侵了該律師事務(wù)所的服務(wù)器。檢察官說，然后他們在該律所的網(wǎng)絡(luò)服務(wù)器上安裝了惡意軟件，以便隨時掌握交易信息，包括當(dāng)時正在談判的價格等等。

The three successfully penetrated the servers of another law firm to obtain details about the acquisition by Pitney Bowes of Borderfree, prosecutors said.

檢察官表示，三人還成功入侵了另一家律師事務(wù)所的服務(wù)器，獲取了必能寶(Pitney Bowes)收購無國界電子商務(wù)公司(Borderfree)的詳細(xì)信息。

They were extraordinarily active in pursuing information. The indictment says that from March to September 2015, the three men “attempted to cause unauthorized access to the networks and servers of the targeted law firms on more than 100,000 occasions.”

他們在尋求信息方面非常活躍。起訴書說，從2015年3月到9月，這三個人“企圖在未經(jīng)授權(quán)的情況下進(jìn)入一些律所的網(wǎng)絡(luò)和服務(wù)器，次數(shù)超過10萬次”。

Lawyers for the three men could not immediately be located.

目前尚未聯(lián)系到這三個人的律師。

The three were also involved with a start-up robotics company that was developing controller chips and control system solutions. They were accused of having sought confidential information like proprietary designs from two other robotics companies.

三人還與一家正在開發(fā)控制器芯片和控制系統(tǒng)解決方案的機(jī)器人初創(chuàng)公司有關(guān)聯(lián)。他們被指控試圖竊取其他兩家機(jī)器人公司的專利設(shè)計等機(jī)密信息。