Now, we've already had a podcast about computer hacking，we're talking about a different kind of cybercrime, ransomware. Richard, what is ransomware? Well, it's a specific type of malware that blocks access to a computer and then demands money to release that computer. Oh, you mean like a ransom? It is a ransom, yes.我们之前做过一期关于电脑黑客的播客，但今天我们要讨论另一种网络犯罪——勒索软件。Richard，什么是勒索软件？嗯，它是一种特定的恶意软件，会阻止你访问电脑，然后要求付钱才能解锁。哦，就像是勒索？没错，就是勒索。

And it's in the news at the moment because? A lot of big companies have been hit with a latest piece of software. And basically they can't work unless they pay money. Yes, unless you've got a backup, of course.那它最近为什么上新闻呢？因为很多大公司都被最新的这款软件攻击了。基本上，他们付钱之前什么也做不了。是的，除非你有备份。

Right, okay. How does it work, Richard? How does ransomware work? Well, to get it on your computer, you have to open often an email that has an infected Word document or PDF. And then once you've opened that document, it's on your computer, and then it can spread to other computers on your network.好，那它是怎么运作的呢，Richard？勒索软件到底如何运行？通常，你需要打开一封包含受感染 Word 文档或 PDF 的邮件。一旦你打开了那个文档，它就进入你的电脑，然后可以扩散到你网络中的其他电脑。

If you're in a big company, it can go through the network very quickly. So you get it on your computer, right? Then what happens? Well, once it's on your computer, it encrypts all the files on that computer. Which means you can't access them? You can't.如果你是在一家大公司，它会非常迅速地在网络中传播。所以感染进入你的电脑后，会发生什么？它会加密你电脑上的所有文件。也就是说，你无法访问了？完全无法。

And a message pops up asking for payment to decrypt your computer and instructions on how to pay. And it threatens to destroy all the data on your computer if you don't pay, often within a time limit. And so what kind of amounts are they asking for? Not huge amounts per computer.然后屏幕上会弹出一个消息，要求你付钱才能解密你的电脑，并告诉你如何付款。如果你不付钱，它会威胁要销毁你电脑中的所有数据，通常还会设定时间限制。他们一般索要多少钱？对每台电脑来说不算很高。

This latest attack was $300. Right. And it's always, the problem is, of course, the payment is by Bitcoin.最近一次攻击的金额是 300 美元。对。而麻烦的是，他们总是要求用比特币支付。

Oh, no. Okay, we did another podcast all about Bitcoins. So that's the cyber currency.哦，不会吧。我们之前还做过一期关于比特币的播客。那是一种网络货币。

Yes. So presumably difficult to trace. Well, because I was going to ask you, Richard, who's behind it? Well, exactly.对。所以 presumably 就很难追踪。其实我正想问你，Richard，到底是谁在背后操控这些？没错，这正是问题所在。

No one knows. If anyone does pay up, they are instructed to pay with Bitcoin, which is notoriously difficult to trace. However, because this latest attack was so widespread, there are a lot of people working on it to trace these guys.没人知道。如果有人付钱，他们会被要求用比特币付款，而比特币出了名地难以追踪。不过，由于最近这次攻击范围很广，已经有很多专业人员在试图追查幕后黑手。

Okay. So what can people do about this? Is there some kind of defense? Very, very simple. Keep your computer up to date with the latest software.那人们能做些什么？有没有防御方法？非常简单：保持你的电脑软件是最新版本。

Oh, really? Yes. Okay. So in Britain, right, the NHS, a huge institution, was affected by this ransomware.哦，真的吗？是的。好，那英国的 NHS（国家医疗体系）这么大的机构也受到了攻击？

Are you telling me they just simply weren't keeping up to date with the latest software? Yes. This particular piece of malware uses a vulnerability in Windows computers, which has been known about since April. Microsoft issued a patch, but not everyone patched their software, including the NHS, Telefonica in Spain, and a number of other big companies.你是说他们只是没有更新软件？没错。这款恶意软件利用了 Windows 的一个漏洞，这个漏洞从四月起就已经被公开了。微软也发布了补丁，但不是每个人都更新了，包括 NHS、西班牙的 Telefónica，以及许多其他大公司。

So basic just human error, really, people too busy or not realizing the importance? Well, some of these corporate systems are enormous, so it's very difficult to keep them all up to date.所以基本就是人为疏忽，人太忙或不了解其重要性？嗯，其中一些大型机构的系统庞大得惊人，要全部保持最新确实非常困难。

Well, ransomware is the big thing in the news at the moment, Richard, but as far as business is concerned, it's not a one-off, is it? It certainly isn't. In a recent survey by a computer security firm, they found that 50% of businesses in the UK have been targeted by ransomware in the last year alone.现在勒索软件正是新闻热点，Richard，但对于企业而言，这并不是偶发事件，对吧？当然不是。某家计算机安全公司最近的调查显示，仅过去一年，英国有 50% 的企业都曾成为勒索软件攻击的目标。

But are you really saying that all people need to do is to keep up to date with their software? Yes, it's as simple as that. These vulnerabilities in computer software are found all the time, and then the manufacturers release a patch, make sure you have your software completely up to date at all times, and then you'll be safe.但你真的是在说，人们所需要做的只是保持软件更新吗？是的，就这么简单。电脑软件中的漏洞一直在被发现，而厂商也会不断发布补丁。确保你的软件始终保持最新，你就能安全。