TEL AVIV — The emails landed on March 23 in the inboxes of scientists and engineers at several of Russia’s military research and development institutes, purportedly sent by Russia’s Ministry of Health. They carried a subject line that offered seemingly tantalizing information about a “list of persons under U.S. sanctions for invading Ukraine.”
特拉维夫——3月23日,俄罗斯几所军事研发机构的科学家与工程师收到了据称是俄罗斯卫生部发来的电子邮件。邮件主题栏的信息看起来引人瞩目,是关于一份“因入侵乌克兰而被美国制裁的人员名单”。
But the emails were actually sent by state-sponsored hackers in China seeking to entice their Russian targets to download and open a document with malware, according to a new report to be released Thursday by the Israeli-American cybersecurity firm Check Point.
但以色列-美国网络安全公司Check Point周四发布的一份新报告表示,这些邮件实际上是由中国政府支持的黑客发出的,目的是诱使俄罗斯的目标人物下载并打开含有恶意软件的文件。
The report provides new evidence of Chinese efforts to spy on Russia, pointing to the complexity of the relations between two countries that have drawn closer in solidarity against the United States. It also underscores the sprawling, and increasingly sophisticated, tactics China’s cyberspies have used to collect information on an ever-expanding array of targets, including countries it considers friends, like Russia.
这份报告为中国对俄罗斯的间谍活动提供了新证据,说明这两个团结起来对抗美国的国家关系依然很复杂。该报告也凸显出,中国网络间谍的大规模信息收集策略愈发精细,其目标范围不断扩大,连俄罗斯等被中国视为盟友的国家也不例外。
Despite the growing global outrage over Russia’s war in Ukraine, China has refused to criticize Moscow and has echoed Russian propaganda to depict the United States and NATO as aggressors in the conflict. But Check Point’s research showed that despite the countries’ deepening ties, China appeared to view Russia as a legitimate target for the theft of sensitive military technological information.
The Chinese campaign targeted Russian institutes that research airborne satellite communications, radar and electronic warfare, Check Point said in its report. The institutes belong to Rostec Corporation, the Russian military conglomerate that is one of the largest and most powerful entities in Russia’s defense establishment.
Check Point在报告中指出,中国的行动针对俄罗斯研究机载卫星通信、雷达和电子战的机构。这些机构隶属军事企业俄罗斯国家技术集团,这是俄罗斯国防部门中规模最大、实力最强的实体之一。
![2020年,位于莫斯科的俄罗斯国家技术集团总部。](https://static01.nyt.com/images/2022/05/19/world/19china-hacking-02/merlin_207114210_b4cf345b-a4bd-4512-ba4b-fc87a47f9310-master1050.jpg)
The Chinese espionage operation began as early as July 2021, before Russia invaded Ukraine, the Check Point report said. The March emails revealed that China’s hackers had quickly exploited narratives about the war in Ukraine for their purposes.
该报告称,中国的间谍行动早在2021年7月就已经开始,当时俄罗斯尚未入侵乌克兰。3月的电子邮件攻击表明,中国黑客迅速利用了乌克兰战争的叙事来达到他们的目的。
“This is a very sophisticated attack,” said Itay Cohen, the head of cyber research at Check Point, adding that it demonstrated capabilities “usually reserved for state-backed intelligence services.” The hackers used methods and codes similar to those used in previous attacks attributed to hacking groups affiliated with the Chinese state, he said.
“这是一次非常复杂的攻击,”Check Point的网络研究负责人伊泰·科恩表示,他补充称,这场行动展示了“通常只有国家支持的情报机构才会使用的”能力。他说,黑客使用的方法和代码类似于以前与中国有关的黑客组织所使用的攻击。