評論
打印
Computerised espionage
計(jì)算機(jī)間諜活動
The spy who hacked me
我被間諜給黑了
Malicious computer code is making the spook's job easier than ever
惡意計(jì)算機(jī)編碼使間諜活動比以前更容易
IT IS 30 years since William Gibson, an American-Canadian author, wrote “Neuromancer”, in which he coined the term “cyberspace” and imagined a future of hackers for hire and giant corporations raiding each other's computer systems in search of secrets. He was right about the direction of travel, but wrong about some of the details. For it is governments, not corporations or anti-social teenagers, who have become the world's best hackers.
美籍加拿大作家威廉·吉布森的著作《神經(jīng)漫游者》的問世距今已有30年。在此書中,威廉提出“網(wǎng)絡(luò)空間”一詞,并勾勒出未來大型公司雇傭黑客潛入競爭對手的電腦系統(tǒng)竊取機(jī)密的場景。但他只預(yù)言中了大致的方向,細(xì)節(jié)上有很大的出入。如今,政府成為世上最厲害的黑客,而非大型公司或反社會青年。
The latest example came on November 23rd, when Symantec, an American antivirus firm, announced the discovery of a piece of software called Regin, which it had found lurking on computers in Russia, Saudi Arabia and several other countries, sniffing for secrets. Its sophistication and stealth led Symantec to conclude that it must have been written by a nation-state.
比如,美國殺毒軟件公司---諾頓殺毒于11月23日宣布發(fā)現(xiàn)了一種名為“雷金”的病毒軟件。該軟件潛伏在俄羅斯、沙特阿拉伯和其他國家的電腦上竊取機(jī)密。根據(jù)其復(fù)雜性和機(jī)密性,諾頓殺毒斷定,此病毒軟件一定是由某國政府編寫。
Regin (the arbitrarily chosen name comes from a text string found in the bug's innards) is only the latest in a long line of government-sponsored malware (see table). The most famous is Stuxnet, discovered in 2010, which was designed, almost certainly by America and Israel, to hijack industrial-control systems. It was deployed against Iran's nuclear programme, and destroyed centrifuges that were being used to enrich uranium. Unlike the vast surveillance dragnets revealed by Edward Snowden, a former American contractor who leaked thousands of secret documents in 2013, these computerised bugs are tailored and aimed at defined targets.
“雷金”(該名字來源于病毒內(nèi)部的文本字符串)只是由政府贊助的惡意程序的冰山一角。最有名的病毒是2001年發(fā)現(xiàn)的震網(wǎng),該病毒極有可能由美國和以色列政府編寫,針對工業(yè)控制系統(tǒng),攻擊伊朗核計(jì)劃,破壞用于鈾濃縮的離心器。2003年,一名美國承包商泄露了上千份機(jī)密文件,這是針對特定目標(biāo)發(fā)生的有目的性的電腦故障,不同于愛德華·斯諾登揭露的大范圍拉網(wǎng)式監(jiān)控。
The sort of direct sabotage carried out by Stuxnet is unusual. Most government malware (or at least, most that security researchers know about) seems to be for information-gathering. In 2006, for instance, it emerged that someone had hacked electronic equipment belonging to Vodafone's Greek subsidiary and listened to the mobile-phone conversations of the Greek cabinet. But such attacks can still do damage: Regin's most common targets were individuals and small businesses, but telecoms firms, energy companies and airlines were affected, too.
但像震網(wǎng)一樣能造成直接傷害的惡意軟件并不常見。大多數(shù)政府支持(或至少,大多數(shù)安全研究員知曉)的惡意軟件似乎只是為了竊取信息。比如,2006年,有人黑了沃達(dá)豐希臘子公司的電子設(shè)備,并竊聽電話通話。但此類攻擊依然具有破壞性:雷金的目標(biāo)大多是個人和小公司,但電信公司、能源公司和航空公司也牽扯其中。
Working out who has created a piece of malware is not easy. Computer code has no nationality. Programmers sometimes leave hints, or use suggestive phrases, but these are not proof. The targets can provide clues, as can comparisons with known malware. DarkHotel, which targets corporate executives and other bigwigs by hijacking hotel Wi-Fi systems and which was discovered only weeks before Regin, has been tentatively pinned on South Korea. Korean characters, and a reference to a known South Korean coder, were found in its code. The targets included people from Taiwan, Japan, China—and a few from America, South Korea's most important ally.
要查出惡意程序的制造者可不是一件容易事兒。電腦編碼無國界。有時(shí),程序員會留下線索或使用暗示語,但這并不能證明什么。受害目標(biāo)能夠提供線索,也可以與已知的惡意程序相比較。比雷金早幾周發(fā)現(xiàn)的“暗黑賓館”是一款通過黑進(jìn)旅館Wi-Fi系統(tǒng),攻擊公司高管及其他權(quán)貴人物的惡意軟件。有跡象表明此軟件來源于韓國,因?yàn)樵谲浖a中發(fā)現(xiàn)了韓文和韓文編碼器。此軟件的目標(biāo)包括臺灣人、日本人、中國人和少數(shù)美國人,盡管美國是韓國的最重要盟友。
There are similar clues in Regin. Symantec says Regin's most frequent targets were computers in Russia, which accounted for 28% of the total, and Saudi Arabia, which made up 24%. But the full list includes countries as diverse as Afghanistan, Ireland and Mexico. One of Regin's modules is called “LEGSPIN”, a cricketing term. And experts say that it seems very similar to malware used in an attack on Belgacom, a Belgian telecoms firm, in which the British are the chief suspects. (Government Communications Headquarters, Britain's electronic-spying agency, refused to comment.) But such clues may be designed to mislead: when the Russians began their computerised espionage, they would often try to make it seem as if the software was Chinese. “They hid behind China's notoriety,” says Mikko Hypponen of F-Secure, a Finnish computer-security firm.
雷金也是如此。賽門鐵克公司稱,雷金的主要目標(biāo)是俄羅斯的電腦用戶,占總數(shù)的28%,還有沙特阿拉伯,占總數(shù)的24%。但是攻擊清單上也包括阿富汗、愛爾蘭和墨西哥。雷金的其中一個模塊名為右旋球(板球術(shù)語)。專家稱,攻擊比利時(shí)電信公司的惡意軟件也類似如此,而英國是最大的嫌疑。但英國電子間諜機(jī)構(gòu)—政府通信總部拒絕承認(rèn)。但此類線索也許會產(chǎn)生誤導(dǎo):當(dāng)俄羅斯利用計(jì)算機(jī)進(jìn)行間諜活動時(shí),他們可能會偽裝,讓別人誤以為是中國軟件。芬蘭計(jì)算機(jī)安全公司芬殺客的米克·席博尼說,“這樣一來,中國變得臭名昭著,而他們躲在后面坐享其成。”
Such deniability is one attraction of computerised espionage. Another is that modern software is so complex that it is riddled with security holes, most of which can be exploited from a safe distance. Once one is found, data can easily and cheaply be smuggled out and sent round the world.
這種推諉是計(jì)算機(jī)間諜活動的吸引力之一。另外一個就是,現(xiàn)代軟件很復(fù)雜,且充斥著安全漏洞。而這些漏洞大多都可以遠(yuǎn)程操控,一旦被發(fā)現(xiàn)其中一個,數(shù)據(jù)就會很輕易地泄露出去,并散播到世界各地。
This means that the big powers are not the only cyber-spies. The cutting-edge stuff is done by America, China and Russia, says Mr Hypponen, but F-secure thinks Pakistan, North Korea and some African countries are doing it, too. The low cost means that governments and firms can expect to suffer from more and more of it. Some are already taking drastic measures: Russia has ordered 20 typewriters, reportedly because of the vulnerability of computers. To paraphrase Mr Gibson: it seems that the future is already here, and it is becoming ever more evenly distributed.
這意味著,參與網(wǎng)絡(luò)間諜的不僅僅是大國。米克·席博尼說,芬殺客公司認(rèn)為,除了美國、中國和俄羅斯這些尖端技術(shù)大國,巴基斯坦、朝鮮和一些非洲國家在進(jìn)行網(wǎng)絡(luò)間諜活動。低成本意味著政府和公司承擔(dān)著更多的費(fèi)用。一些國家已經(jīng)采取了嚴(yán)厲的措施:俄羅斯訂購了20臺打字機(jī),據(jù)說是因?yàn)橛?jì)算機(jī)容易出現(xiàn)漏洞。用吉布森先生的話來結(jié)尾:未來似乎觸手可及,且越來越均勻分布。譯者:戴秀平 校對:江虹蕾
譯文屬譯生譯世
