第五空间的战争编辑本段回目录
Cyberwar
War in the fifth domain
Are the mouse and keyboard the new weapons of conflict?
Jul 1st 2010
原文发表时间:2010年7月1日
AT THE height of the cold war, in June 1982, an American early-warning satellite detected a large blast in Siberia. A missile being fired? A nuclear test? It was, it seems, an explosion on a Soviet gas pipeline. The cause was a malfunction in the computer-control system that Soviet spies had stolen from a firm in Canada. They did not know that the CIA had tampered with the software so that it would “go haywire, after a decent interval, to reset pump speeds and valve settings to produce pressures far beyond those acceptable to pipeline joints and welds,” according to the memoirs of Thomas Reed, a former air force secretary. The result, he said, “was the most monumental non-nuclear explosion and fire ever seen from space.”
鼠标和键盘会成为冲突中的新武器吗?
在冷战的高潮时期,1982年的6月,一个美国的早期预报卫星探测到了在西伯利亚的一次大爆炸。导弹发射?核试验?但看起来这是一次苏联的输气管道爆炸。造成此次爆炸的原因是苏联从一家加拿大公司盗窃来的控制系统中的故障。他们不知道中央情报局篡改了软件,结果是“表面正常的间隔之后,系统突然失控,重新设定了泵机的速度,产生的气压大大超过管道的接口和焊接点所的承受力,”据前美国空军部长托马斯·里德(Thomas Reed)的回忆录记载。他说,结果“造成了最为壮观的一次非核爆炸,火焰甚至可以从太空中看到。”
This was one of the earliest demonstrations of the power of a “logic bomb”. Three decades later, with more and more vital computer systems linked up to the internet, could enemies use logic bombs to, say, turn off the electricity from the other side of the world? Could terrorists or hackers cause financial chaos by tampering with Wall Street’s computerised trading systems? And given that computer chips and software are produced globally, could a foreign power infect high-tech military equipment with computer bugs? “It scares me to death,” says one senior military source. “The destructive potential is so great.”
这可谓是“逻辑炸弹”1的威力初露端倪。30年后,当越来越多的关键的计算机系统接入互联网,敌人是否可以用逻辑炸弹从地球的另一端制造停电呢?恐怖分子或者黑客是否能通过篡改华尔街的电脑交易系统制造金融混乱呢?考虑到计算机芯片和软件制造的全球化,外国势力能否以计算机病毒感染高科技的军事设备呢?一位高层军方人士说。“破坏潜力如此深不可测,让我惊恐不已。”
After land, sea, air and space, warfare has entered the fifth domain: cyberspace. President Barack Obama has declared America’s digital infrastructure to be a “strategic national asset” and appointed Howard Schmidt, the former head of security at Microsoft, as his cyber-security tsar. In May the Pentagon set up its new Cyber Command (Cybercom) headed by General Keith Alexander, director of the National Security Agency (NSA). His mandate is to conduct “full-spectrum” operations—to defend American military networks and attack other countries’ systems. Precisely how, and by what rules, is secret.
继陆地、海洋、天空和太空之后,战争已经进入了第五空间:网络空间。总统奥巴马已经宣布,美国的数字化基础设施属于“国家战略资产”,并任命微软的前安全总管霍华德·施密特(Howard Schimidt)作为网络安全总指挥。五月,五角大楼成立了一个新的网络司令部(Cybercom),担任领导的是国家安全局局长基思·亚历山大(Keith Alexander)将军,他的任务是开展“全方位”行动——以保卫美国的军事网络和攻击他国的系统。至于更为确切地以什么样的方式,在什么样的规则下行动则是机密。
Britain, too, has set up a cyber-security policy outfit, and an “operations centre” based in GCHQ, the British equivalent of the NSA. China talks of “winning informationised wars by the mid-21st century”. Many other countries are organising for cyberwar, among them Russia, Israel and North Korea. Iran boasts of having the world’s second-largest cyber-army.
英国也建立起了一整套网络安全政策体系,和总部设在英国国家通讯总部(GCHQ)的“行动中心”,GCHQ相当于美国国家安全局。中国在讨论“如何到21世纪中期打赢信息化战争”。许多国家也在组建各自的网络战机构,包括俄国,以色列和北韩。伊朗自称已拥有了全世界第二大的网军。
What will cyberwar look like? In a new book Richard Clarke, a former White House staffer in charge of counter-terrorism and cyber-security, envisages a catastrophic breakdown within 15 minutes. Computer bugs bring down military e-mail systems; oil refineries and pipelines explode; air-traffic-control systems collapse; freight and metro trains derail; financial data are scrambled; the electrical grid goes down in the eastern United States; orbiting satellites spin out of control. Society soon breaks down as food becomes scarce and money runs out. Worst of all, the identity of the attacker may remain a mystery.
网络战会是什么样?负责反恐和网络安全的白宫前幕僚理查德·克拉克(Richard Clarke)在他的新书中设想了十五分钟之内造成的灾难性破坏。计算机病毒让军方的Email系统瘫痪;造成炼油厂和输油管道爆炸;空中交通管制系统瘫痪;货运和城市铁路列车出轨;金融数据被涂改;美东电网断电;轨道卫星运转失控。随着食物紧缺,资金链断裂,整个社会很快分崩离析。最糟糕的是,攻击者的身份一直成谜。
In the view of Mike McConnell, a former spy chief, the effects of full-blown cyberwar are much like nuclear attack. Cyberwar has already started, he says, “and we are losing it.” Not so, retorts Mr Schmidt. There is no cyberwar. Bruce Schneier, an IT industry security guru, accuses securocrats like Mr Clarke of scaremongering. Cyberspace will certainly be part of any future war, he says, but an apocalyptic attack on America is both difficult to achieve technically (“movie-script stuff”) and implausible except in the context of a real war, in which case the perpetrator is likely to be obvious.
在前情报主管迈克·麦康奈尔(Mike McGonnell)看来,大规模网络战的爆发造成的后果与核攻击不分伯仲。网络战已经开始了,他说,“而且我们正在输掉这场战争。”还没有,施密特先生反驳说。根本没有什么网络战。IT行业的安全专家布鲁斯·施奈尔(Bruce Schneier)指责麦康奈尔先生危言耸听。他说,在未来战争中,网络空间肯定是战场之一,但除非是在真正的战争环境中,否则要对美国施行毁灭性攻击从技术上来说困难重重(只是“电影中的玩意”),也不符合常理,而如果真正的战争爆发的话,攻击者可能是显而易见的。
For the top brass, computer technology is both a blessing and a curse. Bombs are guided by GPS satellites; drones are piloted remotely from across the world; fighter planes and warships are now huge data-processing centres; even the ordinary foot-soldier is being wired up. Yet growing connectivity over an insecure internet multiplies the avenues for e-attack; and growing dependence on computers increases the harm they can cause.
对高层领导来说,计算机技术是一柄双刃剑。炸弹可以由GPS卫星导航;飞机可以通过远程遥控飞行全世界;当今的战斗机和军舰本身就是巨大的数据处理中心,即使是普通的步兵在上网。但是不断增加的互联互通和不安全的互联网让电子攻击的手段不断翻新;对计算机的日益依赖也增加了它们可能造成的损失。
Enlarge
放大图片
By breaking up data and sending it over multiple routes, the internet can survive the loss of large parts of the network. Yet some of the global digital infrastructure is more fragile. More than nine-tenths of internet traffic travels through undersea fibre-optic cables, and these are dangerously bunched up in a few choke-points, for instance around New York, the Red Sea or the Luzon Strait in the Philippines (see map). Internet traffic is directed by just 13 clusters of potentially vulnerable domain-name servers. Other dangers are coming: weakly governed swathes of Africa are being connected up to fibre-optic cables, potentially creating new havens for cyber-criminals. And the spread of mobile internet will bring new means of attack.
互联网可以把数据分拆,通过多个路由传输,即使在大部分网络受损的时候它仍能幸免于难。但是一些全球性的数字基础设施则更为脆弱。超过十分之九的互联网访问是通过海底光纤电缆传输的,这些电缆只在少有的几处咽喉要道危险地聚集在一起,比如说,在纽约、红海或菲律宾的吕宋海峡(见上图)。互联网的流量仅由13组潜在攻击风险的域名服务器集群导引。其他的危险也近在眼前:政府管辖不力的非洲正大片地连接至光纤,可能为网络罪犯创造了新的避风港。而正在扩张的无线互联网带来了新的攻击手段。
The internet was designed for convenience and reliability, not security. Yet in wiring together the globe, it has merged the garden and the wilderness. No passport is required in cyberspace. And although police are constrained by national borders, criminals roam freely. Enemy states are no longer on the other side of the ocean, but just behind the firewall. The ill-intentioned can mask their identity and location, impersonate others and con their way into the buildings that hold the digitised wealth of the electronic age: money, personal data and intellectual property.
互联网的设计目标是方便和可靠,而不是安全。而通过全球网络化,鲜花和野草良莠不齐地同时出现了。网络空间无需护照。警察们被限于国界之内,罪犯却可以逍遥自在地四处漫游。敌国不在遥远的大洋彼岸,而就在防火墙之后。心怀不轨的人可以掩盖真实身份和地址,冒充他人,一路骗进高楼大厦,盗走电子时代的数字财富:金钱、个人信息和知识产权。
Mr Obama has quoted a figure of $1 trillion lost last year to cybercrime—a bigger underworld than the drugs trade, though such figures are disputed. Banks and other companies do not like to admit how much data they lose. In 2008 alone Verizon, a telecoms company, recorded the loss of 285m personal-data records, including credit-card and bank-account details, in investigations conducted for clients.
奥巴马先生引用的数据称,去年因网络犯罪造成的损失接近$1万亿,尽管这一数字存在争议,这确是一个比毒品交易的金额还要庞大的秘密世界。银行和其他公司不喜欢承认丢失了多少数据。2008年,在为客户进行的调查中,区区一家电信公司Verizon就报告丢失2.85亿条个人信息记录,包括信用卡和银行帐号等细节。
About nine-tenths of the 140 billion e-mails sent daily are spam; of these about 16% contain moneymaking scams (see chart 1), including “phishing” attacks that seek to dupe recipients into giving out passwords or bank details, according to Symantec, a security-software vendor. The amount of information now available online about individuals makes it ever easier to attack a computer by crafting a personalised e-mail that is more likely to be trusted and opened. This is known as “spear-phishing”.
根据安全软件提供商赛门铁克的说法,每天发出的1400亿封电子邮件中有将近90%都是垃圾邮件;其中有将近16%是想诈骗钱财(见图1),其中包括“钓鱼式攻击”,这种攻击骗取收信人给出的密码或银行详细资料。网络上唾手可得的海量个人信息可以让个人化的email变得轻而易举,收信人更容易信任或打开这样的邮件,攻击他们的计算机也就变得更容易。这就是所谓“鱼叉式钓鱼”。
The ostentatious hackers and virus-writers who once wrecked computers for fun are all but gone, replaced by criminal gangs seeking to harvest data. “Hacking used to be about making noise. Now it’s about staying silent,” says Greg Day of McAfee, a vendor of IT security products. Hackers have become wholesale providers of malware—viruses, worms and Trojans that infect computers—for others to use. Websites are now the favoured means of spreading malware, partly because the unwary are directed to them through spam or links posted on social-networking sites. And poorly designed websites often provide a window into valuable databases.
爱出风头的黑客和病毒制造者曾经仅仅为了好玩而破坏电脑。现在这已成为过去,取而代之的是想要盗取丰富数据的犯罪集团。“黑客一度喜欢制造轰动,现在他们都在暗中潜伏,”,IT安全产品制造商McAfee的雷格·戴(Greg Day)这么说。黑客已经成了“肉鸡”2批发商,他们通过恶意软件——病毒、蠕虫和木马——来感染计算机,然后把这些“肉鸡”销售给他人。网站现在成了受黑客青睐的传播恶意软件的工具,部分原因是通过社交媒体网站发送垃圾邮件或链接可以让计算机神不知鬼不觉地被感染。而设计简陋的网站通常提供了进入到宝贵的数据库的窗口。
Malware is exploding (see chart 2). It is typically used to steal passwords and other data, or to open a “back door” to a computer so that it can be taken over by outsiders. Such “zombie” machines can be linked up to thousands, if not millions, of others around the world to create a “botnet”. Estimates for the number of infected machines range up to 100m (see map for global distribution of infections). Botnets are used to send spam, spread malware or launch distributed denial-of-service (DDoS) attacks, which seek to bring down a targeted computer by overloading it with countless bogus requests.
恶意软件在爆炸似的增长(见图2)。通常通过盗用密码和其他的数据,给计算机开一个“后门”,然后这台电脑就可以被外人操纵。这些全球互连的“肉鸡”电脑即使不到数百万台,也可以达到数千台,这就创造了一个“僵尸网络”。据估计,这种被感染了的电脑可以达到上亿台(见全球受感染电脑分布图)僵尸网络被用来发送垃圾邮件,传播恶意软件,和发动分布式拒绝服务攻击(DDoS),这种攻击可以通过发送无穷多的假冒请求而让目标电脑超载,最终崩溃。
The spy who spammed me
给我发送垃圾邮件的间谍
Criminals usually look for easy prey. But states can combine the criminal hacker’s tricks, such as spear-phishing, with the intelligence apparatus to reconnoitre a target, the computing power to break codes and passwords, and the patience to probe a system until it finds a weakness—usually a fallible human being. Steven Chabinsky, a senior FBI official responsible for cyber- security, recently said that “given enough time, motivation and funding, a determined adversary will always—always—be able to penetrate a targeted system.”
罪犯通常寻找容易下手的猎物。但是国家可以结合黑客罪犯的伎俩,例如鱼叉式钓鱼可以与情报部门联手侦查目标,计算能力可以用来破解源码和密码,而非凡耐力可以监视某系统直到找到漏洞——通常是一个粗心大意的人。负责网络安全的联邦调查局的一名高级官员,斯蒂芬·查彬斯基(Steven Chabinsky)最近说,“只要有足够的时间、动机和资金,有决心的对手总是、总会有办法侵入目标系统。”
Traditional human spies risk arrest or execution by trying to smuggle out copies of documents. But those in the cyberworld face no such risks. “A spy might once have been able to take out a few books’ worth of material,” says one senior American military source, “Now they take the whole library. And if you restock the shelves, they will steal it again.”
传统的间谍人员冒着被捕或死刑的风险想方设法将文件副本偷运出境。但是那些网络空间中的间谍就没有这样的风险。“一名间谍一次可能拿走相当于几本书的材料,”一名高级美国军方人士说,“现在他们可以把整个图书馆偷走。而且如果你把书又重新上架了的话,他们还会再来偷一遍。”
China, in particular, is accused of wholesale espionage, attacking the computers of major Western defence contractors and reputedly taking classified details of the F-35 fighter, the mainstay of future American air power. At the end of 2009 it appears to have targeted Google and more than a score of other IT companies. Experts at a cyber-test-range built in Maryland by Lockheed Martin, a defence contractor (which denies losing the F-35 data), say “advanced persistent threats” are hard to fend off amid the countless minor probing of its networks. Sometimes attackers try to slip information out slowly, hidden in ordinary internet traffic. At other times they have tried to break in by leaving infected memory-sticks in the car park, hoping somebody would plug them into the network. Even unclassified e-mails can contain a wealth of useful information about projects under development.
中国因为这种大规模的窃密而受到了特别指控,被攻击的目标是主要西方军事承包商的计算机,据称他们窃取了F-35战斗机——构成未来美国空军的主力机型的材料。2009年年末,他们可能把目标对准了Google和几十家其他的IT公司。马里兰的网络测试基地由洛克希德·马丁 (Lockheed Martin)建造,这是美国军方的承包商之一(他们否认F-35材料失窃)。在对系统的无数次的小刺探之下,“先进的持续的攻击”很难防范。有时候攻击者试图躲在貌似平常的互联网通讯中,慢慢地 “顺”走信息。其他的时候,他们将受到病毒感染的记忆棒放在停车场,指望有人将其插入网络,以此实现入侵;甚至未加密的email中也可能包含了正在开发中的项目的有用信息。
“Cyber-espionage is the biggest intelligence disaster since the loss of the nuclear secrets [in the late 1940s],” says Jim Lewis of the Centre for Strategic and International Studies, a think-tank in Washington, DC. Spying probably presents the most immediate danger to the West: the loss of high-tech know-how that could erode its economic lead or, if it ever came to a shooting war, blunt its military edge.
“自从[1940年代后期]丢失过核机密以来,网络窃密是最大的情报灾难,”总部在华盛顿的智库,战略与情报研究中心(CSIS)的吉米·路易斯(Jim Lewis)说。间谍可能是西方面临的最直接的威胁:失去高科技技术可以让西方逐渐丧失经济领先优势,如果真的置身于战争之中,窃密也可以削弱其军事优势。
Western spooks think China deploys the most assiduous, and most shameless, cyberspies, but Russian ones are probably more skilled and subtle. Top of the league, say the spooks, are still America’s NSA and Britain’s GCHQ, which may explain why Western countries have until recently been reluctant to complain too loudly about computer snooping.
西方的间谍认为中国部署了最勤恳的和最无耻的网络间谍。但是俄国间谍在技术上可能更熟练,也更狡诈。间谍们说,在这一军团中,首当其冲的还是美国的国家安全局和英国的GCHQ,这也解释了为什么西方国家直到最近都不愿意大声谴责计算机窃密。
The next step after penetrating networks to steal data is to disrupt or manipulate them. If military targeting information could be attacked, for example, ballistic missiles would be useless. Those who play war games speak of being able to “change the red and blue dots”: make friendly (blue) forces appear to be the enemy (red), and vice versa.
一旦入侵了网络、盗取了数据之后,下一步就是干扰或操纵数据。比如说,如果军方的目标信息遭到了劫持,弹道导弹就没用了。军事演习中提到了“交换红方和蓝方”的可能性:让友军(蓝方)的力量看起来是敌军(红方),或者反向操作。
General Alexander says the Pentagon and NSA started co-operating on cyberwarfare in late 2008 after “a serious intrusion into our classified networks”. Mr Lewis says this refers to the penetration of Central Command, which oversees the wars in Iraq and Afghanistan, through an infected thumb-drive. It took a week to winkle out the intruder. Nobody knows what, if any, damage was caused. But the thought of an enemy lurking in battle-fighting systems alarms the top brass.
亚历山大将军说,在2008年下半年,五角大楼和国家安全局在“一次严重地非法入侵机密网络”之后,就已经开始在网络战上进行合作。路易斯先生说这指的是一次通过某个受病毒感染的指纹驱动器入侵到中央指挥系统,这个系统监督的是伊拉克和阿富汗战争。足足一个星期之后入侵者才被剔除,如果有损失的话,没有人知道这次入侵导致的损失是什么。但是敌人可能埋伏在战斗系统中,这一想法为高层将领们拉响了警报。
That said, an attacker might prefer to go after unclassified military logistics supply systems, or even the civilian infrastructure. A loss of confidence in financial data and electronic transfers could cause economic upheaval. An even bigger worry is an attack on the power grid. Power companies tend not to keep many spares of expensive generator parts, which can take months to replace. Emergency diesel generators cannot make up for the loss of the grid, and cannot operate indefinitely. Without electricity and other critical services, communications systems and cash-dispensers cease to work. A loss of power lasting just a few days, reckon some, starts to cause a cascade of economic damage.
尽管如此,攻击者可能还是更喜欢这种非机密的军方后勤补给系统,甚至是民用基础设施。如果人们对金融数据或电子转账失去信心,可能导致经济动荡。更大的担心是电网被攻击。电力公司往往不会准备很多昂贵的备用发电机零件,这些零件也需要数月才能更换。紧急柴油发电机无法弥补电网的损失,也不能永久运转。没有了电和其他至关重要的服务,通讯系统和现金自动售货机就会停止工作。有些人猜想,如果停电持续几天就会出现一连串的经济损失。
Experts disagree about the vulnerability of systems that run industrial plants, known as supervisory control and data acquisition (SCADA). But more and more of these are being connected to the internet, raising the risk of remote attack. “Smart” grids”, which relay information about energy use to the utilities, are promoted as ways of reducing energy waste. But they also increase security worries about both crime (eg, allowing bills to be falsified) and exposing SCADA networks to attack.
专家们不认为运行机械化工厂的系统都如此脆弱,但是这些被称为监督控制和数据收集的系统(SCADA)越来越多的地连上了互联网,这提升了被远程攻击的风险。“智能电网”将能耗方面的数据传给公用工程以减少能源浪费,因而获得了推广。但是这也增加了安全方面的隐患,比如犯罪(例如提供了伪造账单的机会)和让SCADA系统暴露于攻击之下。
General Alexander has spoken of “hints that some penetrations are targeting systems for remote sabotage”. But precisely what is happening is unclear: are outsiders probing SCADA systems only for reconnaissance, or to open “back doors” for future use? One senior American military source said that if any country were found to be planting logic bombs on the grid, it would provoke the equivalent of the Cuban missile crisis.
亚历山大将军提到了“为了远程破坏而入侵目标系统的可能”。但到底会发生什么还不清楚:外来者探索SCADA系统是为了侦察,还是打开“后门”以备日后使用?一位美国高层军方人士说如果发现任何国家往电网里植入了逻辑炸弹的话,这就相当于挑起了古巴导弹危机。
Estonia, Georgia and WWI
爱沙尼亚、格鲁吉亚和第一次网络世界大战(WWI)
Important thinking about the tactical and legal concepts of cyber-warfare is taking place in a former Soviet barracks in Estonia, now home to NATO’s “centre of excellence” for cyber-defence. It was established in response to what has become known as “Web War 1”, a concerted denial-of-service attack on Estonian government, media and bank web servers that was precipitated by the decision to move a Soviet-era war memorial in central Tallinn in 2007. This was more a cyber-riot than a war, but it forced Estonia more or less to cut itself off from the internet.
关于网络战的战术和合法性概念的重要思想在爱沙尼亚的一间前苏联的兵营里逐渐成形,这里现在是北约负责网络防务的“卓越中心”(center of excellence)的所在地。这个中心的建立是为了应对后来被称为的“第一次网络世界大战”(Web War 1)。2007年,当政府作出了要挪动塔林3中心的苏联时代的战争纪念碑的决定后,突如其来地出现了一次多方合作的的拒绝服务式攻击(DDoS),目标包括政府、媒体和银行的网络服务器。这更象是一次网络骚乱,而不是战争,但是这迫使爱沙尼亚或多或少地与互联网隔开了一些距离。
Similar attacks during Russia’s war with Georgia the next year looked more ominous, because they seemed to be co-ordinated with the advance of Russian military columns. Government and media websites went down and telephone lines were jammed, crippling Georgia’s ability to present its case abroad. President Mikheil Saakashvili’s website had to be moved to an American server better able to fight off the attack. Estonian experts were dispatched to Georgia to help out.
第二年,当俄国与格鲁吉亚爆发战争期间,类似的攻击则显得更为可怕,因为这样的攻击似乎是与先进的俄罗斯军方联手发起的。政府和媒体的网站无法登录,电话线也一直占线,格鲁吉亚无法将情况通报到国外。总统米哈伊尔·萨卡什维利(Mikheil Saakashvili)的网站不得不换到了一台美国的服务器以便更好地抵御攻击,爱沙尼亚派遣专家援助格鲁吉亚。
Many assume that both these attacks were instigated by the Kremlin. But investigations traced them only to Russian “hacktivists” and criminal botnets; many of the attacking computers were in Western countries. There are wider issues: did the cyber-attack on Estonia, a member of NATO, count as an armed attack, and should the alliance have defended it? And did Estonia’s assistance to Georgia, which is not in NATO, risk drawing Estonia into the war, and NATO along with it?
许多人猜测两次攻击都由克里姆林宫发动。但是调查仅追踪到了俄罗斯的“黑客积极分子”和犯罪 “僵尸网络”;许多攻击用的电脑位于西方国家。还有更大的问题:针对北约成员国爱沙尼亚发动的网络攻击,算不算是武装袭击呢?盟军是否应该协助抵抗?爱沙尼亚不是北约成员国,但它帮助了格鲁吉亚,风险是爱沙尼亚也可能被卷入战争,北约也会被一道卷入吗?
Such questions permeate discussions of NATO’s new “strategic concept”, to be adopted later this year. A panel of experts headed by Madeleine Albright, a former American secretary of state, reported in May that cyber-attacks are among the three most likely threats to the alliance. The next significant attack, it said, “may well come down a fibre-optic cable” and may be serious enough to merit a response under the mutual-defence provisions of Article 5.
这样的问题都贯穿在对北约的新“战略构想”的讨论中,这一构想将在今年下半年付诸实施。由前美国国务卿马德琳·奥尔布赖特(Madeleine Albright)领导的一个专家小组,在5月份所做的关于网络攻击的报告中说,网络攻击是北约联盟最有可能遭受的三大威胁之一。这份报告说,下一轮重大的攻击“很有可能摧毁光纤电缆”,情况可能会严重到需要根据共同防御构想第五条款来实施反击。
During his confirmation hearing, senators sent General Alexander several questions. Would he have “significant” offensive cyber-weapons? Might these encourage others to follow suit? How sure would he need to be about the identity of an attacker to “fire back”? Answers to these were restricted to a classified supplement. In public the general said that the president would be the judge of what constituted cyberwar; if America responded with force in cyberspace it would be in keeping with the rules of war and the “principles of military necessity, discrimination, and proportionality”.
在听证期间,参议员向亚历山大将军提了几个问题。他有没有 “强大的”进攻性网络武器?这会不会鼓励别国的跟风?如何才算完全确认攻击者的身份以便发动“反击”?这些问题的答案记录在一份秘密附件中。将军的公开场合回复是总统将判断是不是已经到达了网络战级别;如果美国在网络空间以武力回击,那也将会遵循战争的法则和“军事必要性、区别对待和均衡性这些原则”。
General Alexander’s seven-month confirmation process is a sign of the qualms senators felt at the merging of military and espionage functions, the militarisation of cyberspace and the fear that it may undermine Americans’ right to privacy. Cybercommand will protect only the military “.mil” domain. The government domain, “.gov”, and the corporate infrastructure, “.com” will be the responsibility respectively of the Department of Homeland Security and private companies, with support from Cybercom.
亚力山大将军经过了七个月的批准程序才得以上任,这是参议员们有所疑虑的表现——军事和窃密功能的融合,网络空间变得军事化,和担心美国人的隐私权会因此而受到侵蚀。网络司令部将只受命保护军队(有“.mil”后缀的主域名)。而政府(域名 “.gov”)和公司基础设置(域名“.com”)将分别由安全部获得了网络司令部支持的私人公司负责。
One senior military official says General Alexander’s priority will be to improve the defences of military networks. Another bigwig casts some doubt on cyber-offence. “It’s hard to do it at a specific time,” he says. “If a cyber-attack is used as a military weapon, you want a predictable time and effect. If you are using it for espionage it does not matter; you can wait.” He implies that cyber-weapons would be used mainly as an adjunct to conventional operations in a narrow theatre.
一名高层军官说亚历山大将军的重点将放在提升军事网络的防御能力。另一名要员对网络攻击提出了质疑。“很难在某个特定的时间进行网络攻击,”他说,“如果网络攻击被当作军事武器,你需要预先设定时间和攻击效果。如果只是被用窃密中,时间等等就不重要了,你可以等待。”他暗示网络武器可能仅仅是在有限的范围内,作为常规行动的辅助手段。
The Chinese may be thinking the same way. A report on China’s cyber-warfare doctrine, written for the congressionally mandated US-China Economic and Security Review Commission, envisages China using cyber-weapons not to defeat America, but to disrupt and slow down its forces long enough for China to seize Taiwan without having to fight a shooting war.
中国也许有同样的想法。一份为国会授权的美中经济和安全委员会准备的关于中国的网络战理论的报告中设想中国使用网络武器不是为了打败美国,而是为了干扰或拖延其武力行动,好让中国有时间不费一兵一卒地攻下台湾。
Apocalypse or asymmetry?
毁灭性攻击?非对称攻击?
Deterrence in cyber-warfare is more uncertain than, say, in nuclear strategy: there is no mutually assured destruction, the dividing line between criminality and war is blurred and identifying attacking computers, let alone the fingers on the keyboards, is difficult. Retaliation need not be confined to cyberspace; the one system that is certainly not linked to the public internet is America’s nuclear firing chain. Still, the more likely use of cyber-weapons is probably not to bring about electronic apocalypse, but as tools of limited warfare.
与核战略等相比,网络战中的威胁还要变幻无常:双方无法共同确认损失,战争和犯罪之间的界限模糊,发动攻击的电脑常常难以确认身份,更不要说幕后的操作者了。还击不一定要局限于网络空间,因为美国的核发射链条肯定没有与公共网络相连。网络武器可能更容易被用于局部战争,而不是电子化的毁灭性攻击。
Cyber-weapons are most effective in the hands of big states. But because they are cheap, they may be most useful to the comparatively weak. They may well suit terrorists. Fortunately, perhaps, the likes of al-Qaeda have mostly used the internet for propaganda and communication. It may be that jihadists lack the ability to, say, induce a refinery to blow itself up. Or it may be that they prefer the gory theatre of suicide-bombings to the anonymity of computer sabotage—for now.
网络武器在大国的手中使用起来最为有效。但是它们因为价廉物美,对相对弱势的一方来说更有用,他们也很适合恐怖分子。幸运的是,类似于基地组织这样的恐怖团体看起来主要是用互联网进行宣传和通讯,可能是缺乏让炼油厂自爆的技术能力,或许他们更喜欢用自杀性炸弹制造血腥场面,而不喜欢电脑破坏这样的匿名行动——至少现在还是如此。
Briefing
简报
本译文仅用于学习和交流目的。非商业转载请注明译者、出处,并保留文章在译言的完整链接。
- 原文来源:economist.com
- 原文标题:第五空间的战争
- 原文地址:http://www.economist.com/node/16478792
