2018开年2家中国香港旅行社数据遭窃并遭遇比特币勒索

It took Chinese police only four days to arrest a hacker they believe breached the servers of two Hong Kong travel agencies, stole their data, and then asked for a ransom in Bitcoin.中国警方只用了四天的时间就逮捕了一个他们认为黑掉了两家中国香港旅行社服务器的黑客，窃取了他们的数据，然后索要比特币赎金。

The hacks took place in the first days of January and hit Big Line Holiday and Goldjoy Travel.黑客事件发生在2018年1月的头几天，被黑的旅行社是Big Line Holiday（大航假期有限公司）和Goldjoy Travel（金怡旅行社有限公司）。

Neither police or the travel agencies revealed how the hacker got in, but they said he obtained a copy of their databases, which included customer names, ID numbers, passport numbers, telephone numbers, and in some cases, payment card details.警方和旅行社都没有透露黑客是怎么黑进服务器的，但他们说黑客得到了他们数据库的副本，其中包括客户姓名，身份证号码，护照号码，电话号码，以及某些情况下的支付卡细节。

After making copies of these databases, the hacker emailed both companies, threatening to release the data online unless he was paid a ransom of 1 Bitcoin (around $15,000 at the time of the ransom demand). The hacker claimed to have information on around 200,000 customers.在复制这些数据库之后，黑客通过电子邮件向两家公司发送电子邮件，威胁要在网上发布数据，除非支付给他1比特币的赎金（在赎金需求时约为15,000美元）。黑客声称拥有约20万客户的信息。

Both travel agencies contacted the police and issued public statements disclosing the hack [1, 2], apologizing for the incident, and announcing subsequent maintenance operations for improving their IT infrastructure.两家旅行社都联系了警方，并发表公开声明[1，2]，为事件道歉，并宣布后续维护行动以改善其IT基础设施。

Hacker arrested over the weekend

According to reports from local Hong Kong press [1, 2], police arrested a 30-year-old man on Saturday, January 6. The yet-to-be-named hacker faces up to 14 years in a Chinese prison.据中国香港当地媒体报道，1月6日星期六，警方逮捕了一名30岁的男子，这名未成年的黑客面临长达14年监禁。

The man was an IT engineer, police said. Officers arrested the man at his home on the Cheung Chau island. They searched his home and his shop in the city of Kwun Tong, Hong Kong, from where they seized two desktop computers, two laptops, one tablet and five mobile smartphones.这名男子是一名IT工程师，警方说。 警员在中国香港新界长洲岛嫌疑人的家中拘捕该名男子。他们搜查了他在中国香港观塘区的家和他的店铺，他们在那里查获了两台台式电脑，两台笔记本电脑，一台平板电脑和五部移动智能手机。

Superintendent Swalikh Mohammed of the Cyber Security and Technology Crime Bureau said investigators tracked down the man's IP address using server logs retrieved from the two hacked travel agencies.网络安全和技术犯罪局长官Swalikh Mohammed表示，调查人员使用从两家被黑旅行社的服务器获取日志来追查该男子的IP地址。

Police investigating ties to WWPKG ransom incident

Police are still investigating if the suspect is also behind the hack of WWPKG Holdings, Hong Kong's largest travel agency.警方仍在调查这名嫌疑人是否也是中国香港最大旅行社WWPKG Holdings（縱橫遊控股有限公司）的黑客。

Back in November 2017, a hacker breached WWPKG's server, stole data on 200,000 customers, and demanded a ransom payment. The hacker encrypted some of WWPKG's files in that incident.早在2017年11月，一名黑客黑掉了WWPKG的服务器，盗取了20万客户的数据，并要求支付赎金。 黑客在这个事件中加密了一些WWPKG的文件。

Instead of paying the ransom, WWPKG filed a police complaint and managed to decrypt the files with the police's help.WWPKG没有支付赎金，而是向警方报案并在警方的帮助下解密了档案。

要是大家觉得旅行社的网络风险不是个问题那不妨想想以前的携程和缤客事件

What is Cyber

什么是赛博

Cyber一词源于希腊语，意指在掌控或管治方面是很有技能的人、动物和任何东西。美国东西方研究所与莫斯科国立大学情报安全学院成立的联合工作小组在一份报告中指出，Cyber是“信息”超集的一个子集，人们可以从这一“信息子集”中获得“利益”和“好处”。

保险

旨在保护我们以防发生意外。

企业实施安全方案是为了防止他人入侵。

但现在的问题是…

安全方案所抵御的企业防线突破不再是“会不会(Yes or No)”发生

而是“何时(When)”发生

比IT懂一些承保，比承保懂一些理赔，比理赔懂一些财务，比财务懂一些市场，比市场懂一些IT，到头来越来越不懂。—Kenson Wu