雅虎在當(dāng)?shù)貢r(shí)間周三在向美國(guó)證券交易委員會(huì)提交的文件中承認(rèn),2年前黑客攻擊事件發(fā)生后不久,至少部分高管就獲悉這一情況。而不久前雅虎才表示,它直到2016年8月份才首次發(fā)現(xiàn)曾遭到黑客攻擊。
測(cè)試中可能遇到的詞匯和知識(shí):
sponsored贊助的;發(fā)起的['sp?ns?d]
scope范圍;余地;視野[sk??p]
sophisticated復(fù)雜的;精致的[s?'f?st?ke?t?d]
filing文件歸檔['fa?l??]
forensic法院的;辯論的[f?'rens?k]
intruder侵入者;干擾者[?n'tru?d?]
By Hannah Kuchler in San Francisco
Yahoo has admitted that at least some staff knew that a state-sponsored hacker had accessed its network shortly after an attack took place two years ago,adding to the uncertainty around Verizon’s $4.8bn deal to acquire the internet company’s operations.
An independent committee of Yahoo’s board has launched an investigation into“the scope of the knowledge within the company in 2014”regarding the security breach,which it announced six weeks ago.
Yahoo had said it first discovered the cyber attack — which affected data belonging to at least 500m users — in August 2016,a month after Verizon agreed to acquire the company’s core assets. Verizon,which would not comment on Wednesday’s filing,has previously said it wants to know whether the attack will have a material impact on Yahoo.
But in the filing with the US Securities and Exchange Commission,Yahoo said:“The company had identified that a state-sponsored actor had access to the company’s network in late 2014.”
One person familiar with the investigation said Yahoo originally did not have a“full picture”of what happened because of the“sophisticated nature of state-sponsored attacks”. When it brought in outside experts to investigate the claim of a separate breach,which turned out to be false,it developed a more complete picture,the person said.
In the same filing,Yahoo also said that forensic experts are investigating evidence that indicates an intruder,possibly the same hacker,created a way to access users’account information without their passwords,raising the possibility that a cyber criminal could have access even after passwords are changed. The person close to the investigation said Yahoo did not believe it was currently possible for attackers to forge the Yahoo Mail cookies to allow access without a password.
The company also said in the filing that law enforcement agencies had begun sharing data provided by a hacker purporting to be Yahoo account information. It is not clear whether this information is thought to be from the same attack or a separate one.
A Yahoo spokeswoman said:“We are confident in Yahoo’s value and we continue to work towards integration with Verizon.”
Verizon’s general counsel said last month that the telecoms group had a“reasonable basis”to believe that the massive data breach would have a“material”impact on its deal,with Verizon’s chief financial officer saying it was working on the assumption that the breach would have an impact on the price.
However,Yahoo has insisted the attack did not have a material impact. Marissa Mayer,Yahoo chief executive,said in its earnings statement last month that she had been heartened by user loyalty and engagement trends which showed page views,searches and mail messages sent and read had all stayed flat before and after the announcement of the breach on September 22. The filing said the hack had cost Yahoo $1m in the quarter ending on September 30.
Shares in both Yahoo and Verizon were flat in after-hours trading in New York.
1. Who wanted to acquire Yahoo as mentioned?
A. SEC
B. Verizon
C. Wanda
D. Google
答案(1)
2. When did Verizon agree to acquire the Yahoo’s core assets?
A. June
B. July
C. August
D. October
答案(2)
3. Which one is not mentioned as Yahoo said in the filing?
A. possibly the same hacker fall
B. the hacker did not need the passwords
C. attackers forged the Yahoo Mail cookies to allow access without a password.
D. law enforcement agencies had begun sharing the data
答案(3)
4. How much was lost to Yahoo because of the hack before September 30?
A. ¥1m
B. ¥100m
C. $1m
D. $10m
答案(4)
(1) 答案:B.Verizon
解釋?zhuān)何恼绿岬较胧召?gòu)雅虎的是Verizon。SEC是美國(guó)證券交易委員會(huì)(the US Securities and Exchange Commission)
(2) 答案:B.July
解釋?zhuān)貉呕⒅氨硎景l(fā)現(xiàn)黑客攻擊是在8月——Verizon與其達(dá)成收購(gòu)協(xié)議后的一個(gè)月。
(3) 答案:C.attackers forged the Yahoo Mail cookies to allow access without a password.
解釋?zhuān)簱?jù)一位知情人士透露,雅虎目前不相信攻擊者有能力偽造有效的雅虎郵件cookies。
(4) 答案:C.$1m
解釋?zhuān)汉诳凸粼诮刂?月30日的財(cái)季中給雅虎造成100萬(wàn)美元損失。