12.SiteKey “gives our customers a fairly easy way of authenticating the Bank of America Web site,” said Sanjay Gupta, an e-commerce executive at the bank. “It was very well received.”

13.The Harvard and M.I.T. researchers, however, found that most online banking customers did not notice when the SiteKey images were absent. When respondents logged in during the study, they saw a site maintenance message on the screen where their image and phrases should have been pictured. The error message also had a conspicuous spelling mistake, further suggesting something fishy.

14.Mr. Gupta of Bank of America said he was not troubled by the results of the survey, and stressed that SiteKey had made the bank’s Web site more secure. He also said that the system was only a single part of a larger security blanket. “It’s not like we’re betting the bank on SiteKey,” he said.

15.Most financial institutions, like Bank of America, have other ways to tell if a customer is legitimate. The banks often drop a small software program, called a cookie, onto a user’s PC to associate the computer with the customer. If the customer logs in from another machine, he may be asked personal questions, like his mother’s maiden name.

16.Rachna Dhamija, the Harvard researcher who conducted the study, points out that swindlers can use their dummy Web sites to ask customers those personal questions. She said that the study demonstrated that site-authentication images are fundamentally flawed and, worse, might actually detract from security by giving users a false sense of confidence.

17.RSA Security, the company that bought PassMark last year, “has a lot of great data on how SiteKey instills trust and confidence and good feelings in their customers,” Ms. Dhamija said. “Ultimately that might be why they adopted it. Sometimes the appearance of security is more important than security itself.”

(811 words   nytimes.com)

Questions 1-5

Do the following statements agree with the information given in the passage? Please write

       TRUE                 if the statement agrees with the writer

       FALSE               if the statement does not agree with the writer

       NOT GIVEN if there is no information about this in the passage

1.According to internet security experts, secondary security measures provide little additional protection against fraud.

2.In the Harvard and MIT study, two subjects didn’t log on without seeing the correct pictures.

3.According to Schechter, more than 90% of online banking customers studied logged on without seeing the right pictures.

4.The image system is the only security measure that the banks mentioned in the passage have currently.

5.Bank of America is the first bank that adopted the image system.

Questions 6-13

Answer the following questions or complete the following sentences by choosing NO MORE THAN THREE WORDS for each answer.

6.What is ING Direct and Vanguard?

7.What might online banking customers be cheated to give at a fraudulent Web site?

8.What may stop online banking customers from using new verification methods?

9.The key to online banking security is to verify the ______ of customers.

10.Where is PassMark Security located?

11.What is the reason why SiteKey is popular among online banking customers?

12.What was used instead of images in the Harvard and M.I.T. study?

13.How many security methods are mentioned in this passage?

Answer keys

1. 第一段“Now a study suggests that a popular secondary security measure provides little additional protection.”似与问题文字很接近，但是原文中a popular secondary security measure是指特定的一个措施，而非泛指所有secondary security measure。原文没有其它secondary security measure安全有效性的内容。故应选择NG。

2. 见第4、5段内容。第四段 “But the researchers had secretly withdrawn the images.”即研究人员撤下了图形，第五段“Only two chose not to log on, citing security concerns.”，有两个人因为安全考虑未进入。

3. T     见第6段。

4.  F     见第11、14段。

5.  F     见第11段“Bank of America was among the first to adopt it”，可见首批采用图形识别软件的银行并非Bank of America一家。

6.  A financial institution              见第二段。

7. (their) passwords              见第三段。

8.  less convenience            见第十段。

9.  identity          见第八、十段。

10.  Silicon Valley       见第十一段。

11.  easy to use              见第十二段。

12.  site maintenance message              见第十三段“When respondents logged in during the study, they saw a site maintenance message on the screen where their image and phrases should have been pictured.”

13. 4  分别见第十段的“download new security software”和“hardware devices that feed them PIN codes”，第十五段的“a small software program, called a cookie”，以及本文提到的site-authentication images。

（by Zhou Hong）

★Hackers target the home front

Thursday February 15, 2007

The Guardian

1. One of the UK's leading banks has been forced to admit that organised hacking gangs have been targeting its executives. For the past year, Royal Bank of Scotland has been fighting systematic attempts to break into its computer systems from hackers who have sent personalised emails containing keyloggers to its senior management. This has included executives up to board level and is now the subject of a separate investigation by the Serious and Organised Crime Agency.

2. The hackers are homing in on the trend for people to work from home. The hackers make the assumption that the computers being used outside the work environment are more vulnerable than those protected by a corporate IT department.

Growing threat

3. For companies it is a growing threat as home working increases: a recent survey from the Equal Opportunities Commission found that more than 60% of the UK's population wants the option of flexible working.

4. And the hackers are employing increasingly sophisticated techniques. Each email they send is meticulously built to make it attractive to its target, who the criminals have carefully researched by trawling the internet for information. Once the email is composed, the malware is just as carefully designed: it is often modified to avoid detection by security software.

5. The keylogger contained in the email installs itself automatically and then collects details of logins and passwords from the unsuspecting user. This means that hackers can, using the usernames and passwords stolen by the keyloggers, connect to VPNs, or Virtual Private Networks, which many companies use to create an encrypted pathway into their networks.

6. Once inside a bank's network, the hackers can communicate directly with computers holding account information and manipulate funds.

7. Has this actually happened? In some cases sources claim that the login details of VPNs have been obtained and used though there has been no confirmation that any losses have occurred as a result. The attacks are not believed to have focused on RBS but to have been across the whole of the banking industry.

8. Royal Bank of Scotland said that the bank had suffered no losses as a result of the attacks and added: "RBS has extremely robust processes in place in order to protect our systems from fraud. Trojan email attacks are an industry-wide issue and are not isolated to a particular area or a particular bank."

9. It is not just banks that have been targets. Last year attempts were made to steal information from the Houses of Parliament using malicious email. Messagelabs, the company responsible for monitoring much of the email traffic of the government and big business for suspect software, said at the beginning of the year that criminals have been evolving more sophisticated techniques to attack corporate networks.

10. According to Mark Sunner, chief technology officer of Messagelabs, the number of malicious emails targeted at individuals has been increasing. Two years ago they were being seen once every two months, but now they are seeing one or two a day. This has been accompanied by an increase in quality in the creation of Trojans and spyware.

11. "The hackers are now aiming to take over computers, particularly those of home users. Some of the malicious software that we are routinely seeing for that purpose will have its own antivirus system built into it so that they can kill off the programs of their competitors."

Increased vigilance

12. Tony Neate, the head of Get Safe Online, a government-funded organisation set up to raise awareness among UK businesses of computer criminals, says: "There is now an attempt to target individuals within UK businesses - including the banking sector. What is happening is that crime is doing what it always does, which is look for the weakest link. Home working is where they perceive a weakness.

13. "This points to a need for increased vigilance and security by those working from home and by those responsible for letting them work from home. For home working to be effective, security needs to be as effective as if working in an office."

(667 words)

(by Zhang Juan)

Questions 1-4

Answer the questions below using NO MORE THAN THREE WORDS from the passage for each answer.

1. What do the hackers use to attack the computer system of the Royal Bank of Scotland?

2. Which word is most likely to be used by hackers to describe home computers?

3. What do the majority of people in the UK prefer?

4. How do hackers collect information so as to compose emails?

5. What do hackers obtain illegally to gain access to banks’ computer network?

Questions 5-12

Complete the sentences below with words from the passage. Use NO MORE THAN THREE WORDS for each answer.

6. The use of login details of VPNs by criminals does not necessarily result in any ______________.

7. Royal Bank of Scotland claimed that they are not the only victim of ______________.

8. Corporate networks will be another target of hackers with improved _______________.

9. The attacks on individuals have been greatly increased within _______________.

10.  With ________________, software used by criminals can eliminate its competing programs.

11.  Home users are chosen as a target because they are considered as a __________ .

12.  Get Safe Online is calling for an increase in _____________ to ensure safe home working.

Answers Keys:

1．答案：personalised emails/keyloggers （见第1段第2句：For the past year, Royal Bank of Scotland has been fighting systematic attempts to break into its computer systems from hackers who have sent personalised emails containing keyloggers to its senior management.）

2．答案：vulnerable （见第2段： The hackers make the assumption that the computers being used outside the work environment are more vulnerable than those protected by a corporate IT department. ）

3. 答案： flexible working （见第3段: For companies it is a growing threat as home working increases: a recent survey from the Equal Opportunities Commission found that more than 60% of the UK's population wants the option of flexible working.）

4. 答案：trawling (the) internet （见第4段第2句： Each email they send is meticulously built to make it attractive to its target, who the criminals have carefully researched by trawling the internet for information.）

5. 答案： logins and passwords/usernames and passwords （见第5段第第1、2句：The keylogger contained in the

上一页  [1] [2] [3] [4] 下一页