早期的黑客攻擊多是頑皮少年躲在自家地下室，用電腦上網惡作劇，早已今非昔比，現在最大也最惡劣的黑客組織背后可能有國家支持。黑客組織在網絡黑話中被稱為“高級持續威脅”，簡稱APT，從名字就能看出其最大也最根本的特點：兇猛。以下列出了幾個名聲最差，同時也最可怕的政府支持黑客集團。（對一些特定黑客推斷的根據為頂尖計算機證據收集公司。）

奇幻熊（又名Sofacy， Pawn Storm）/安逸熊（又名CozyDuke、辦公猴子）

這兩只“熊”都來自俄羅斯，因去年美國大選期間號稱突破了民主黨全國委員會的電腦系統為人關注。奇幻熊源自俄羅斯軍方情報機構格魯烏，自成立起就開始干涉歐洲的大選。安逸熊則代表俄羅斯聯邦安全局，也即前蘇聯時代的克格勃，主要攻擊目標是美國的智庫。

Lazarus Group（又名黑暗首爾、和平衛士）

Lazarus Group團伙作戰頑強，一般認為是朝鮮的黑客組織。2009年Lazarus初露面就對美國和韓國的網站發動了拒絕服務攻擊。五年后，Lazarus對索尼影業發動了大規模攻擊，2016年又從孟加拉國中央銀行和環球同業銀行金融電訊協會盜得8100萬美元。此外今年5月肆虐全球的?WannaCry勒索病毒據稱也與之有關。

方程式組織

俄羅斯殺毒軟件公司卡巴斯基有次發現一個黑客團伙，起了這個名字。據稱該團伙與美國國家安全局有關，尤其是獲取特定情報行動辦公室，簡稱TAO。這些不是好人，是吧？倒也不是每個人都這么想。很多專家相信方程式組織曾成功破解伊朗的核項目。最近該組織不少黑客工具被另一個神秘的黑客集團Shadow Brokers（據稱跟俄羅斯有關系）盜取，還在網上公布，引發了不小的騷亂。

Sandworm（又名Electrum）

Sandworm因代碼中提到經典科幻小說《沙丘》而得名，人們相信該組織也與俄羅斯有關。Sandworm曾攻擊與北約和烏克蘭政府相關人士，很可能是為了收集情報。此外Sandworm還喜歡攻擊與關鍵基礎設施相關的公司。去年這幫黑客關閉了烏克蘭的電網。（財富中文網）

譯者：Charlie

審稿：夏林

Hacking has come a long way from the days of maladjusted teenagers wreaking digital havoc from their basements. As Fortune explains in the cover story of our Jul. 1 issue, today the biggest and baddest hacker groups are backed by nation-states. They’re called “advanced persistent threats” or APTs, in the cyber jargon, a phrase meant to convey their supreme and underlying quality: ferocity. Below are a few of the most notorious—and feared—state-affiliated hacking groups around. (Links to specific hacks below are based on leading theories put forward by top computer forensic firms.)

Fancy Bear (a.k.a. Sofacy, Pawn Storm) / Cozy Bear (a.k.a. CozyDuke, Office Monkeys)

Rival agencies in the Russian spy services, the two “Bears” were thrust into the spotlight during last year’s U.S. presidential election for their roles in allegedly breaching the Democratic National Committee’s system. Fancy Bear, which comes out of the GRU, Russia’s military intelligence agency, has been meddling in European elections since then. Cozy Bear, which represents the FSB, Russia’s successor to the Soviet-era KGB, has hit U.S. think tanks.

Lazarus Group (a.k.a. DarkSeoul, Guardians of Peace)

Widely believed to be associated with North Korea, this gang refuses to die. Lazarus got its start by pummeling American and South ?Korean websites with denial-of-?service attacks in 2009. Five years later, it perpetrated a massive hack of Sony Pictures Entertainment. In 2016, Lazarus stole $81 million in a heist targeting Bangladesh’s central bank and the SWIFT financial network. And it has been linked to the ?WannaCry ransomware worm that ground businesses around the globe to a halt in May.

Equation Group

This is the nickname given by Russian antivirus firm Kaspersky to a team believed to be associated with the U.S. National Security Agency—specifically the NSA’s Tailored Access Operations unit, or TAO. They’re the good guys, right? Not in everyone’s eyes. Many experts believe the Equation Group successfully attacked Iran’s nuclear program in the mid-aughts. But recently a selection of the squad’s hacking tools were stolen and leaked by the Shadow Brokers, another mysterious hacker group (believed to be Russia-affiliated), and are now being used to cause mayhem.

Sandworm (a.k.a. Electrum)

Named for allusions to the sci-fi classic Dune found in its code, Sandworm is another group believed to be associated with the Russians. The crew has hacked people affiliated with NATO and the Ukrainian government, presumably to gather intelligence. Sandworm is also known for breaking into companies that deal with critical infrastructure. Last year the group shut down a power grid in Ukraine.