|
|
布娃娃@译言
中国对美国的网络攻击
假如发现中国人的炸弹遍布我们的国家电器系统,那么我们会将其视为战争行为。中国的数字炸弹给我们造成了严重的威胁。
理查德.克拉克
奥巴马政府引用“国际保护责任”作为美国卷入利比亚斗争的合法依据,当他国政府遭遇大规模武装暴动时,国际社会有责任保护他们的公民。然而在计算机网络领域,当美国的公民成为外国政府的攻击目标时,美国政府却忽视了其保护自己公民的基本责任。
美国高级官员十分了解中国政府是在有组织的攻击他们政府和企业网络。中国政府成功盗取了美国的研发资料,软件源代码,制造业技术和政府计划。在以知识经济为主的全球竞争中,中国的网络活动是对美国利益的侵犯。
中国政府愤慨地否认这些指控,并声明攻击者来自中国民间,或者冒充中国的他国政府,再或者是美国反华势力杜撰的网络攻击。美国及其同盟国的专家觉得这些声明不值得相信。
三年前,英国安全部写信给几百家英国公司的CEO,提示他们的企业网络很可能已被中国政府攻击。而在美国,无论是联邦调查局还是国土安全局都没有向本国公司发布过类似的提示,但大部分公司管理人都已经知道了。
有些公司,如谷歌,承认他们是中国黑客的受害者。我们现在知道除了谷歌,“极光”同时也攻击了多家信息技术公司——包括Adobe,Juniper,和Cisco——并企图获取他们的源代码。“极光”不是个孤立的事件。这个月,谷歌更新了对中国的起诉,它发现一些美国高级官员的Gmail账户经由中国的一台服务器泄露出去了。将特定的美国高级官员设为攻击目标可不是区区某个黑客团伙能办到的。
继“极光”之后有计划的网络攻击侵袭了一个又一个行业。在一系列被称为 “夜龙”的攻击事件中,侵入者明显来自中国,它的目标不仅是美国境内的而且包括了全球的主要油气公司。德国政府断言,中国政府非法闯入了总理安吉拉.默尔克的个人电脑。澳大利亚也宣称其首相被来自中国的黑客所攻击。
近期,计算机安全公司RSA(美国EMC分公司)的网络遭到非法侵入,侵入者目的像是要窃取公司安全ID后的秘密系统。那套系统被人们普遍用来保护重要计算机网络。而且这个月,美国最大的国防承包商,洛克希德,也遭遇网络间谍闯入,闯入者使用的显然是从RSA盗取的数据。网络罪犯没有攻击洛克希德的网络——他们的目标是银行和信用卡。尽管中国政府公开否认,这次攻击以及许多其他的侵入事件都有明显的中国政府操作的痕迹。
2009年,新闻报道称美国电网的控制系统被黑,且侵入者建立了秘密入口以便随时返回。奥巴马总统没有否认这些事件,他说“网络黑客已经侵入了我们的电网系统。”
攻击国家电网没有钱可偷,也没有有价值的情报可窃取,那么唯一能解释这次网络间谍行为的原因就是:以摧毁其经济基础的威胁来与美国军事优势相抗衡。中国的军事战略曾写过,像中国这样的国家,如何通过此种方式取得与美国军事优势平起平坐的地位。
如果发现中国的炸弹已遍布我国的电气系统,我们该怎么办?公众会要求政府给予回应。可如果是破坏力更强的数字炸弹,我们的反应——尤其是政府的回应显然是羸弱的。
国会还没有发布过一条有实际意义的网络安全法规。当美国高级官员指控中国政府盗取美国数以兆兆计的资料然后被否认后,国会不该再把疑惑留给美国人民了。它被要求回答这些基本的问题:
关于攻击美国公共和个人计算机网络,中国政府的在扮演什么样的角色?
如果发生中国政府大规模侵入美国敏感网络和要害基础设施,那么美国政府如何与中国政府交涉?特别是,今年春天奥巴马总统和胡锦涛主席在白宫会面时是否表示过他对这些事件的关注?
既然像杀毒软件和防火墙这样的防范措施都无法阻止中国黑客的侵入,那么政府有没有应对类似网络攻击的计划?
美国官员私下里承认政府并没有制定阻止中国网络攻击的防御计划。与其以防守的形式保护美国企业,国防部似乎热衷于“主动防御”,也就是主动进攻的方式。如果中国继续发动大规模网络战役,那么美国可能采取主动网络防御。但是在平日里与中国进行的网络游击战看来,我们的政府只是在保护他们自己的网络。而并没有尽到保护美国民众免受中国网络攻击的义务。
克拉克先生是白宫国家安全官员,历经三位总统。他是好港顾问公司的主席,政府及企业安全风险管理咨询顾问。
China's Cyberassault on America
If we discovered Chinese explosives laid throughout our national electrical system, we'd consider it an act of war. China's digital bombs pose as grave a threat.
Article
Comments (201)有兴趣的建议看看留言!
By RICHARD CLARKE
In justifying U.S. involvement in Libya, the Obama administration cited the "responsibility to protect" citizens of other countries when their governments engage in widespread violence against them. But in the realm of cyberspace, the administration is ignoring its primary responsibility to protect its own citizens when they are targeted for harm by a foreign government.
Senior U.S. officials know well that the government of China is systematically attacking the computer networks of the U.S. government and American corporations. Beijing is successfully stealing research and development, software source code, manufacturing know-how and government plans. In a global competition among knowledge-based economies, Chinese cyberoperations are eroding America's advantage.
The Chinese government indignantly denies these charges, claiming that the attackers are nongovernmental Chinese hackers, or other governments pretending to be China, or that the attacks are fictions generated by anti-Chinese elements in the United States. Experts in the U.S. and allied governments find these denials hard to believe.
Three years ago, the head of the British Security Service wrote to hundreds of corporate chief executive officers in the U.K. to advise them that their companies had in all probability been hacked by the government of China. Neither the FBI nor the Department of Homeland Security has issued such a notice to U.S. executives, but most corporate leaders already know it.
Some, like Google, have the courage to admit that they have been the victims of Chinese hacking. We now know that the "Aurora" attack (so named by the U.S. government because the English word appears in the attack software) against Google in 2009 also hit dozens of other information technology companies—allegedly including Adobe, Juniper and Cisco—seeking their source code. Aurora wasn't an isolated event. This month Google renewed its charge against China, noting that the Gmail accounts of senior U.S. officials had been compromised from a server in China. The targeting of specific U.S. officials is not something that a mere hacker gang could do.
The Aurora attacks were followed by systematic penetrations of one industry after another. In the so-called Night Dragon series, attackers apparently in China went after major oil and gas companies, not only in the U.S. but throughout the world. The German government claims that the personal computer of Chancellor Angela Merkel was hacked by the Chinese government. Australia has also claimed that its prime minister was targeted by Chinese hackers.
Recently the computer-security company RSA (a division of EMC) was penetrated by an intrusion which appears to have stolen the secret sauce behind the company's SecureID. That system is widely used to protect critical computer networks. And this month, the largest U.S. defense contractor, Lockheed, was subject to cyberespionage, apparently by someone using the stolen RSA data. Cyber criminals don't hack defense contractors—they go after banks and credit cards. Despite Beijing's public denials, this attack and many others have all the hallmarks of Chinese government operations.
In 2009, this newspaper reported that the control systems for the U.S. electric power grid had been hacked and secret openings created so that the attacker could get back in with ease. Far from denying the story, President Obama publicly stated that "cyber intruders have probed our electrical grid."
There is no money to steal on the electrical grid, nor is there any intelligence value that would justify cyber espionage: The only point to penetrating the grid's controls is to counter American military superiority by threatening to damage the underpinning of the U.S. economy. Chinese military strategists have written about how in this way a nation like China could gain an equal footing with the militarily superior United States.
What would we do if we discovered that Chinese explosives had been laid throughout our national electrical system? The public would demand a government response. If, however, the explosive is a digital bomb that could do even more damage, our response is apparently muted—especially from our government.
Congress hasn't passed a single piece of significant cybersecurity legislation. When the Chinese deny senior U.S. officials' claims (made in private) that Beijing is stealing terabytes of data in the U.S., Congress should not leave the American people in doubt. It should demand answers to basic questions:
What does the administration know about the role of the Chinese government in cyberattacks on public and private computer networks in the United States?
If there is widespread Chinese hacking of sensitive U.S. networks and critical infrastructure, what has the administration said about it to the Chinese government? Specifically, did President Obama raise concerns about these attacks with Chinese President Hu Jintao at the White House this spring?
Since defensive measures such as antivirus software and firewalls appear unable to stop the Chinese penetrations, does the administration have any plan to address these cyberattacks?
In private, U.S. officials admit that the government has no strategy to stop the Chinese cyberassault. Rather than defending American companies, the Pentagon seems focused on "active defense," by which it means offense. That cyberoffense might be employed if China were ever to launch a massive cyberwar on the U.S. But in the daily guerrilla cyberwar with China, our government is engaged in defending only its own networks. It is failing in its responsibility to protect the rest of America from Chinese cyberattack.
Mr. Clarke was a national security official in the White House for three presidents. He is chairman of Good Harbor Consulting, a security risk management consultancy for governments and corporations. |
|
狗仔卡
楼主
提升卡
变色卡
抢沙发
千斤顶
显身卡
发表于 2011-7-5 10:40
