Major Security Breach of Fortinet Network Infrastructure by Russian-Speaking Groups
俄語團體對 Fortinet 網絡基礎設施造成重大安全漏洞
Introduction
A large-scale security breach has affected tens of thousands of Fortinet firewalls worldwide, giving unauthorized access to many international companies and government organizations.
一次大規模的安全漏洞影響了全球數萬個 Fortinet 防火牆,導致許多國際公司與政府機構遭到未經授權的存取。
Main Body
The breach, known as 'FortiBleed,' started when attackers scanned FortiGate login pages on the internet. Instead of using unknown software bugs, the attackers used a method called 'credential spraying.' This involved using a custom program to test thousands of common passwords against the systems. Once they gained access, the attackers stole authentication data, which they then cracked using a powerful cluster of 45 GPUs to discover more passwords.
這次漏洞被稱為「FortiBleed」,始於攻擊者在網際網路掃描 FortiGate 登入頁面。攻擊者並非使用未知的軟體漏洞,而是採用一種稱為「認證噴灑」(credential spraying)的方法。這涉及使用自訂程式,針對系統測試數千個常用密碼。一旦取得存取權限,攻擊者便竊取驗證數據,隨後利用由 45 個 GPU 組成的強大集群進行破解,以發現更多密碼。
The impact is significant, with estimates suggesting that between 30,000 and 74,000 devices were compromised. This represents nearly half of all Fortinet firewalls connected to the internet. Affected organizations include well-known companies such as Oracle, Samsung, Lenovo, and PwC, as well as government agencies. The highest number of affected devices were found in India, the United States, Taiwan, and Mexico. Furthermore, it was confirmed that classified defense documents were stolen from a Turkish NATO contractor.
影響十分顯著,估計約有 30,000 至 74,000 台設備遭到入侵。這幾乎佔了所有連接網際網路的 Fortinet 防火牆的一半。受影響的組織包括 Oracle、Samsung、Lenovo 和 PwC 等知名公司,以及政府機關。受影響設備數量最多的地區為印度、美國、台灣和墨西哥。此外,已確認一家土耳其 NATO 承包商的機密國防文件被盜。
After entering the networks, the attackers moved sideways to target central authentication systems, such as Microsoft Active Directory. Although the password-cracking tools were advanced, researchers emphasized that the attackers made mistakes in their own security, leaving clues behind on their control servers.
進入網路後,攻擊者採取橫向移動以針對中央驗證系統,例如 Microsoft Active Directory。儘管密碼破解工具相當先進,但研究人員強調,攻擊者在自身的安全性上犯了錯誤,在他們的控制伺服器上留下了線索。
Conclusion
The situation remains critical because a large number of the compromised devices are still online and active.
情況依然危急,因為大量被入侵的設備仍處於在線且運作狀態。
Vocabulary Learning
⚡ The Power of "Passive Voice" for Professionalism
At the A2 level, you usually say: "Attackers stole documents." (Subject Action Object).
To reach B2, you need to move the focus. In professional reports or news, we often care more about what happened than who did it. This is where the Passive Voice becomes your best tool.
🔍 Spotting it in the text
Look at these phrases from the article:
- *"...devices were compromised."
- *"...documents were stolen."
- *"...it was confirmed that..."
Notice that the 'doer' (the attackers) is either at the end of the sentence or completely missing. This makes the text sound objective and formal.
🛠️ How to build the B2 Bridge
To move from A2 to B2, stop using only simple active sentences. Use this formula: [The Object] + [Was/Were] + [Past Participle (V3)]
| A2 Style (Active) | B2 Style (Passive) |
|---|---|
| Attackers scanned the pages. | The pages were scanned. |
| Someone cracked the passwords. | The passwords were cracked. |
| Groups affected the firewalls. | The firewalls were affected. |
💡 Pro-Tip for Fluency
Use the passive voice when:
- The actor is unknown (e.g., "The data was leaked").
- The action is more important than the person (e.g., "The system was updated").
- You want to sound more academic or official.