Infrastructure Armageddon/網路奇襲不斷 駭客會癱瘓美國基礎建設嗎?

成功不是偶然,能力才是關鍵!【能力雜誌電子報】是專業經理人暨上班族提升競爭力最佳管道! 【Motive 商業洞察週報】為行銷人、創意人、品牌經營者提供靈感來源和知識庫,讓每個人都更懂行銷!

無法正常瀏覽圖片,請按這裡看說明   無法正常瀏覽內容,請按這裡線上閱讀
新聞  健康  財經  追星  NBA台灣  udn部落格  udnTV  讀書吧  

讀紐時學英文
2015/11/20 第92期 訂閱/退訂看歷史報份
 
 

紐時周報精選 Infrastructure Armageddon/網路奇襲不斷 駭客會癱瘓美國基礎建設嗎?

紐時周報精選
 

Infrastructure Armageddon/網路奇襲不斷 駭客會癱瘓美國基礎建設嗎?
Nicole Perlroth
李京倫譯

Over the last four years, foreign hackers have stolen source code and blueprints to the oil and water pipelines and power grid of the United States and have infiltrated the Department of Energy’s networks 150 times.

So what’s stopping them from shutting us down?

過去四年來,外國駭客竊取了美國油管、水管與電網的原始碼和分布圖,並滲透美國能源部網路150次。

那麼,是什麼因素阻擋了他們,以致他們還沒有把我們的基礎設施搞到癱瘓?

The phrase “cyber-Pearl Harbor” first appeared in the 1990s. For the last 20 years, policymakers have predicted catastrophic situations in which hackers blow up oil pipelines, contaminate the water supply, open the nation’s floodgates and send airplanes on collision courses by hacking air traffic control systems.

“They could, for example, derail passenger trains or, even more dangerous, derail trains loaded with lethal chemicals,” former Defense Secretary Leon Panetta warned in 2012. “They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”

「網路珍珠港奇襲」一詞首見於1990年代。過去20年間,決策者曾一再預測大難將要臨頭:駭客炸掉油管、汙染自來水、開啟美國的防洪閘門,並駭進航管系統,使飛機互撞。

美國國防部前部長潘內達2012年警告:「舉例來說,駭客能使載客火車出軌,或者更危險的,能讓裝有致命化學物的火車出軌。他們可以汙染美國各大城的自來水,或讓美國大半地區停電。」

It is getting harder to write off such predictions as fearmongering. The number of attacks against industrial control systems more than doubled to 675,186 in January 2014 from 163,228 in January 2013, according to Dell Security — most of those in the United States, Britain and Finland.

And in many cases, outages at airports and financial exchanges — like a computer outage that took down computers at airports across the country late Wednesday, including Kennedy International Airport in New York and Logan Airport in Boston — are never tied to hacks.

But it’s clear hackers are trying.

要把這類預測指斥為危言聳聽愈來愈難了。根據戴爾安全中心的資料,針對產業控制系統的攻擊案件2013年1月有16萬3228件,2014年1月為67萬5186件,激增一倍以上,大多數發生在美國、英國與芬蘭。

機場與金融交易所停電——就像周三(10月14日)晚間,電腦停電導致全美各地機場電腦停擺,包括紐約甘迺迪國際機場與波士頓洛根機場,往往根本與駭客無關。

不過很明顯地,駭客正試著這麼做。

Last year, the Department of Homeland Security announced that it was investigating an attack against 1,000 energy companies across Europe and North America. In 2012, 23 gas pipeline companies were hacked by online spies, according to a Homeland Security report. Private investigators later linked the attack to China.

Last year, in a disclosure overshadowed by the news of the attack on Sony, a German federal agency said that in an attack at an unnamed steel mill, hackers had managed to jump from the company’s corporate network to its production systems, causing significant damage to a blast furnace.

去年美國國土安全部宣布,正在調查一件針對歐洲與北美1000家能源公司的駭客攻擊案。根據國土安全部的報告,2012年,23家天然氣管線公司遭網路間諜入侵。後來民間調查人員指出,這起案件與中國大陸有關。

去年德國聯邦政府一個單位透露,駭客攻擊德國一家名稱未公布的鋼鐵廠,從公司內部網路跳到其生產系統,導致一個高爐嚴重損壞。這件事當時被索尼公司遭駭的大新聞掩蓋而未受注意。

And in an extensive attack at Telvent, an information technology and industrial automation company now owned by Schneider Electric, Chinese hackers made off with its product source code and blueprints to facilities operated by its customers, which include 60 percent of the pipeline operators in North America.

For now, dire predictions of destructive online attacks on U.S. targets ignore the fact that the actors with the ability to cause the gravest harm to America’s critical infrastructure — China and Russia and allies like Israel and Britain — are sufficiently deterred from doing so by fear of retaliation or because of long-standing trade and diplomatic relationships. And attacks by those aggressively trying to get such a capability — Iran, North Korea and Islamic militant groups — are still several years off.

此外,大陸駭客曾大肆攻擊資訊科技與產業自動化公司Telvent(目前為施耐德電機公司所有),取得產品原始碼和該公司客戶營運設施的規劃圖,北美管線營運商多達60%是該公司客戶。

就當下而言,有關美國目標可能遭受毀滅性網路攻擊的可怕預測,都忽略了一個事實:有能力對美國重大基礎設施造成最嚴重破壞者,如中國大陸、俄國和以色列、英國等美國盟邦,因為害怕報復或長年與美國保有貿易和外交關係,而有充分的理由不這麼做;而積極嘗試取得這種能力者,如伊朗、北韓與伊斯蘭教民兵團體,還需多年才能發動這類攻擊。

“Despite all the talks of a cyber-Pearl Harbor, I am not really worried about a state competitor like China doing catastrophic damage to infrastructure,” said Michael Hayden, former head of the National Security Agency. “It’s the attack from renegade, lower-tier nation-states that have nothing to lose.”

Just how far off are they? That is the question troubling policymakers at the National Security Council and intelligence and law enforcement agencies. Federal officials have repeatedly warned that Islamic State militants have been exploiting social media for recruitment, and are developing tools to break into their enemies’ systems.

美國國家安全局前局長麥可.海登說:「雖然有不少人談論網路的珍珠港奇襲,但我並不真擔心像中國這樣的競爭對手會對美國基礎設施造成重大損害。我擔心的是由乖僻、發展程度較低且一無所有、不怕損失的民族國家發動的攻擊。」

網路奇襲距離美國有多遠?這正是美國國家安全會議、情報與執法單位決策者煩惱的問題。聯邦政府官員曾多次警告道,激進組織「伊斯蘭國」民兵一直用社群媒體招募新血,並正在開發能侵入敵方系統的軟體。

Those capabilities were sufficient to prompt the assassination of Junaid Hussain, the chief of the Islamic State’s cyberarmy, who was killed by an airstrike in Syria in August. But for now, federal officials say, the Islamic State does not have a significant ability to cause damage through online attacks.

“It’s not easy to pull off a spectacular attack,” said James A. Lewis, a security expert at the Center for Strategic and International Studies in Washington. “People are always saying in theory they can do something, but it’s not at the level of a Pearl Harbor or a 9/11.”

伊斯蘭國擁有的能力足以讓美國決定暗殺它的網軍首腦哈山。哈山八月在敘利亞境內一場空襲中被炸死。但美國聯邦官員說,目前伊斯蘭國並沒能力透過網攻造成損害。

華府智庫戰略暨國際研究中心安全專家劉易士說:「要犯下一場驚天動地的攻擊案並不容易。大家總愛說,理論上他們做得到,但不會是珍珠港或911事件那種規模。」

 

訊息公告
 

韓良露:黑松露的奇幻心靈旅程
一場黑松露盛宴,彷彿變成一場聖宴,上天賜與的大地上野生的黑松露,也許正包含著自然的奧祕與奇蹟。只是野生的黑松露如今價格太高了,大部分的人都負擔不起,黑松露的奇幻心靈旅程,也就不容易發生了。

從生活中建立孩子的金錢概念
幼教專家表示,由於學齡前的幼兒還不能作抽象思考,因此需要透過具體的操作、實際的經驗來學習,這時爸媽不妨依據孩子的發展學習特質,透過方式從生活引導孩子。

 

本電子報著作權均屬「聯合線上公司」或授權「聯合線上公司」使用之合法權利人所有,
禁止未經授權轉載或節錄。若對電子報內容有任何疑問或要求轉載授權,請【
聯絡我們】。
  免費電子報 | 著作權聲明 | 隱私權聲明 | 聯絡我們
udnfamily : news | video | money | stars | health | reading | mobile | data | NBA TAIWAN | blog | shopping

發佈留言