李京倫譯
Over the last four years, foreign hackers have stolen source code and blueprints to the oil and water pipelines and power grid of the United States and have infiltrated the Department of Energy's networks 150 times.
So what's stopping them from shutting us down?
過去四年來,外國駭客竊取了美國油管、水管與電網的原始碼和分布圖,並滲透美國能源部網路150次。
那麼,是什麼因素阻擋了他們,以致他們還沒有把我們的基礎設施搞到癱瘓?
The phrase "cyber-Pearl Harbor" first appeared in the 1990s. For the last 20 years, policymakers have predicted catastrophic situations in which hackers blow up oil pipelines, contaminate the water supply, open the nation's floodgates and send airplanes on collision courses by hacking air traffic control systems.
"They could, for example, derail passenger trains or, even more dangerous, derail trains loaded with lethal chemicals," former Defense Secretary Leon Panetta warned in 2012. "They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country."
「網路珍珠港奇襲」一詞首見於1990年代。過去20年間,決策者曾一再預測大難將要臨頭:駭客炸掉油管、汙染自來水、開啟美國的防洪閘門,並駭進航管系統,使飛機互撞。
美國國防部前部長潘內達2012年警告:「舉例來說,駭客能使載客火車出軌,或者更危險的,能讓裝有致命化學物的火車出軌。他們可以汙染美國各大城的自來水,或讓美國大半地區停電。」
It is getting harder to write off such predictions as fearmongering. The number of attacks against industrial control systems more than doubled to 675,186 in January 2014 from 163,228 in January 2013, according to Dell Security — most of those in the United States, Britain and Finland.
And in many cases, outages at airports and financial exchanges — like a computer outage that took down computers at airports across the country late Wednesday, including Kennedy International Airport in New York and Logan Airport in Boston — are never tied to hacks.
But it's clear hackers are trying.
要把這類預測指斥為危言聳聽愈來愈難了。根據戴爾安全中心的資料,針對產業控制系統的攻擊案件2013年1月有16萬3228件,2014年1月為67萬5186件,激增一倍以上,大多數發生在美國、英國與芬蘭。
機場與金融交易所停電——就像周三(10月14日)晚間,電腦停電導致全美各地機場電腦停擺,包括紐約甘迺迪國際機場與波士頓洛根機場,往往根本與駭客無關。
不過很明顯地,駭客正試著這麼做。
Last year, the Department of Homeland Security announced that it was investigating an attack against 1,000 energy companies across Europe and North America. In 2012, 23 gas pipeline companies were hacked by online spies, according to a Homeland Security report. Private investigators later linked the attack to China.
Last year, in a disclosure overshadowed by the news of the attack on Sony, a German federal agency said that in an attack at an unnamed steel mill, hackers had managed to jump from the company's corporate network to its production systems, causing significant damage to a blast furnace.
去年美國國土安全部宣布,正在調查一件針對歐洲與北美1000家能源公司的駭客攻擊案。根據國土安全部的報告,2012年,23家天然氣管線公司遭網路間諜入侵。後來民間調查人員指出,這起案件與中國大陸有關。
去年德國聯邦政府一個單位透露,駭客攻擊德國一家名稱未公布的鋼鐵廠,從公司內部網路跳到其生產系統,導致一個高爐嚴重損壞。這件事當時被索尼公司遭駭的大新聞掩蓋而未受注意。
And in an extensive attack at Telvent, an information technology and industrial automation company now owned by Schneider Electric, Chinese hackers made off with its product source code and blueprints to facilities operated by its customers, which include 60 percent of the pipeline operators in North America.
For now, dire predictions of destructive online attacks on U.S. targets ignore the fact that the actors with the ability to cause the gravest harm to America's critical infrastructure — China and Russia and allies like Israel and Britain — are sufficiently deterred from doing so by fear of retaliation or because of long-standing trade and diplomatic relationships. And attacks by those aggressively trying to get such a capability — Iran, North Korea and Islamic militant groups — are still several years off.
此外,大陸駭客曾大肆攻擊資訊科技與產業自動化公司Telvent(目前為施耐德電機公司所有),取得產品原始碼和該公司客戶營運設施的規劃圖,北美管線營運商多達60%是該公司客戶。
就當下而言,有關美國目標可能遭受毀滅性網路攻擊的可怕預測,都忽略了一個事實:有能力對美國重大基礎設施造成最嚴重破壞者,如中國大陸、俄國和以色列、英國等美國盟邦,因為害怕報復或長年與美國保有貿易和外交關係,而有充分的理由不這麼做;而積極嘗試取得這種能力者,如伊朗、北韓與伊斯蘭教民兵團體,還需多年才能發動這類攻擊。
"Despite all the talks of a cyber-Pearl Harbor, I am not really worried about a state competitor like China doing catastrophic damage to infrastructure," said Michael Hayden, former head of the National Security Agency. "It's the attack from renegade, lower-tier nation-states that have nothing to lose."
Just how far off are they? That is the question troubling policymakers at the National Security Council and intelligence and law enforcement agencies. Federal officials have repeatedly warned that Islamic State militants have been exploiting social media for recruitment, and are developing tools to break into their enemies' systems.
美國國家安全局前局長麥可.海登說:「雖然有不少人談論網路的珍珠港奇襲,但我並不真擔心像中國這樣的競爭對手會對美國基礎設施造成重大損害。我擔心的是由乖僻、發展程度較低且一無所有、不怕損失的民族國家發動的攻擊。」
網路奇襲距離美國有多遠?這正是美國國家安全會議、情報與執法單位決策者煩惱的問題。聯邦政府官員曾多次警告道,激進組織「伊斯蘭國」民兵一直用社群媒體招募新血,並正在開發能侵入敵方系統的軟體。
Those capabilities were sufficient to prompt the assassination of Junaid Hussain, the chief of the Islamic State's cyberarmy, who was killed by an airstrike in Syria in August. But for now, federal officials say, the Islamic State does not have a significant ability to cause damage through online attacks.
"It's not easy to pull off a spectacular attack," said James A. Lewis, a security expert at the Center for Strategic and International Studies in Washington. "People are always saying in theory they can do something, but it's not at the level of a Pearl Harbor or a 9/11."
伊斯蘭國擁有的能力足以讓美國決定暗殺它的網軍首腦哈山。哈山八月在敘利亞境內一場空襲中被炸死。但美國聯邦官員說,目前伊斯蘭國並沒能力透過網攻造成損害。
華府智庫戰略暨國際研究中心安全專家劉易士說:「要犯下一場驚天動地的攻擊案並不容易。大家總愛說,理論上他們做得到,但不會是珍珠港或911事件那種規模。」