m********a
发帖数: 1041 | 1 這幾年﹐華盛頓一直把中國看作是地緣政治的“伏地魔”(Lord Voldemort)﹐一個不可
直接說出名號的敵人﹐以免在經濟和外交方面釀成大禍。這一政策似乎在近幾週行將結
束﹐而托馬斯(Timothy Thomas)認為現在正是該結束的時候。
最明顯的改變跡象是美國總統奧巴馬的國家安全顧問多尼隆(Tom Donilon)於3月11日發
表的講話。他譴責源自中國的規模空前的網絡攻擊﹐稱國際社會不能容忍任何國家發起
這類活動。多尼隆說﹐中國的網絡攻擊對國際貿易、中國產業的名聲以及美中兩國的整
體關係造成了威脅﹐北京方面必須予以制止。
托馬斯當我們坐在美國外軍研究局(Foreign Military Studies Office)里時﹐托馬斯
問:為什麼我們要等這麼久?這位64歲的美國退役陸軍中校在這裡研究中國網絡戰略已
有20年時間。他說﹐我們很久以前就掌握了足夠多的證據﹐面對北京及其對此事的否認
﹐美國完全可以說:很遺憾﹐老兄﹐你的說法站不住腳。
中國涉嫌發起的網絡攻擊所針對的美國目標包括新聞機構(如《華爾街日報》、《紐約
時報》(New York Times)、彭博社(Bloomberg))、科技公司(如谷歌(Google)、奧多比(
Adobe)、雅虎(Yahoo))、跨國企業(如可口可樂(Coca-Cola)、陶氏化學(Dow Chemical)
)、防務承包商(如洛克希德-馬丁(Lockheed Martin)和諾斯洛普格拉曼(Northrop
Grumman))、聯邦機構(如國土安全部、國務院、能源部和商務部)、美國高官(如希拉里
•克林頓(Hillary Clinton)和馬倫(Mike Mullen))、核武實驗室(如洛斯阿拉莫
斯(Los Alamos)和橡樹嶺(Oak Ridge))以及差不多所有的美國商業、基礎設施和政府部
門網站。秘密消息來源的身份、人權異見人士的藏身處、大公司的談判策略、F-35戰鬥
機的機密航空電子技術以及美國電網的底細等等﹐這些都是黑客所尋找的信息。他們不
僅竊取機密﹐可能還會為日後的破壞行動打下基礎。
托馬斯說﹐到目前為止中國的網絡攻擊一直在繼續﹐因為他們沒理由不這麼做。美國在
保護其網絡系統方面存在困難﹐而網絡這一較新領域目前還沒有國際規范﹐並且多年的
網絡入侵幾乎沒有引發美國方面的反應。托馬斯說﹐我認為他們現在願意冒險﹐因為他
們覺得我們不能把他們怎樣。他說﹐你必須改變他們的遊戲場所﹐如果不這樣﹐他們就
不會改變﹐他們會竭盡所能地繼續竊取一切信息。
鑒於此﹐華盛頓承諾將在政策上有明顯變化。托馬斯說﹐事情開始有了變化﹐多尼隆的
演講只是其中一部分。他堅持認為﹐上月更重要的新聞是有消息稱﹐美軍網絡司令部(
2009年成立)將首次發展成立13支進攻型網絡戰隊伍。托馬斯說﹐中國人現在明白﹐我
們隨時會發動攻擊﹐一些東西落到實處後﹐我覺得會改變他們的看法。
這並不是說托馬斯指望北京能有所讓步。相反﹐托馬斯以中國人民解放軍的文獻為證指
出﹐中國網絡戰略有著深厚甚至是古老的根基。
托馬斯說﹐中國關於網絡戰的思想精髓其實是“勢”的概念。大約2,500年前﹐《孫子
兵法》一書最先提出了這個概念。有關這個概念的英文翻譯現在還有爭議﹐但托馬斯認
同中國將領陶漢章的譯法﹐後者將“勢”解釋為戰鬥開始前享有的戰略優勢狀態。
托馬斯在解釋中國的這種思維時說:當我偵查你們網絡系統時﹐我尋找的是你們的弱點
﹐我在建立戰略優勢﹐讓我在打響首場戰鬥之前就能贏得勝利。這是另一個經典概念﹐
源於中國兵書《三十六計》。托馬斯說﹐用美國人的話來說就是﹐我建立了戰場﹐並且
做好了準備。
托馬斯說﹐或者用中國將領戴清民2002年在《直面信息戰》一書中的話來說﹐計算機網
絡偵察是奪取戰爭勝利的先決條件﹐有助於選擇合適的時機、地點和手段來實施攻擊。
托馬斯說﹐戴清民在10年前的那本書里直言﹐如果我們要取勝﹐就必須搞偵察。
喬良和王湘穗這兩位中國將領在1999年合寫的一本書里則將這個思想闡述得更為咄咄逼
人(儘管只用了一句很長的話):如果攻擊一方在敵國完全不知情的情況下秘密積累了大
量資本﹐並對敵國的金融市場發動偷襲﹐那麼在引發金融危機後﹐會提前在敵國的計算
機系統里埋下病毒和黑客人馬﹐同時對敵國發動網絡攻擊﹐這樣民用電力網絡、交通調
度網絡、金融交易網絡、電話通訊網絡以及大眾傳媒網絡都將徹底癱瘓﹐這會讓敵國陷
入社會恐慌﹐出現街頭暴亂和政治危機。絕不是開玩笑。
這段話來自一本1999年的書﹐讀起來像是私營安全公司Mandiant上月發佈的有關“
61398部隊”報告的概要。該部隊位於上海﹐2006年以來一直發動網絡攻擊戰﹐從美國
實體中竊取了大量代碼和信息。該部隊的目標之一是Telvent Canada﹐該公司為北美和
拉美超過60%的油氣管道企業提供遠程接入軟件。
61398部隊據說展開的是“釣魚式攻擊”﹐那些準網絡入侵者發送帶有鏈接和附件的電
子郵件﹐如果這些鏈接和附件被點開﹐就會在目標計算機上安裝惡意軟件。規模較小的
黑客會在冒充尼日利亞王子時進行“釣魚”﹐但61398部隊想出了更複雜的辦法﹐如用
日常語言模仿企業和政府內部的往來郵件。
此外﹐“釣魚”還借鑒了中國傳統兵法。托馬斯在2007年寫道:中國人努力讓對手遵循
他們設置好的推理方式。他說﹐有了這種不對稱的方法﹐任何人都可能會成為毫無戒心
的同謀。
在這種背景下﹐托馬斯提到了去年刊登在《Army》雜志上的一幅卡通﹐中國的一名將軍
對另一名中國將軍說﹐去他的戰爭藝術﹐我們用黑客手段攻擊他們的基礎設施得了。也
許是個不錯的笑話﹐但是托馬斯警告說﹐不要把這個信息看的太認真。他說﹐中國的黑
客行動事實上是戰爭藝術的展現﹐如果美國軍方認識不到這一點﹐可能會釀成錯誤。托
馬斯說﹐如果你想要像他們一樣思考的話﹐你需要堅持他們的思考方式。
他後來感嘆道﹐天哪﹐美國需要更多說漢語的人。這個觀點也凸顯出他是個不會說漢語
的人。他閱讀翻譯過來的中國軍事文獻﹐這些文獻有些是美國政府的開源中心發表的﹐
有些是他自己找的。幾年前﹐他去上海旅行時碰巧看到了戴清民的《直面信息戰》。當
時﹐一名助手帶著他(和一名翻譯)去一個位於城市郊區一棟建築頂層的一個毫無特色
的軍事書店。他回憶說﹐當我走進去的時候﹐我能明顯感到收款機後面的人看到我時的
震驚。他說﹐在公共書店﹐涉及中國國家安全的材料在封面內頁通常標注有不對外國人
銷售的文字。
來自美國俄亥俄州的托馬斯能說俄語﹐他在服役期間(從1973年西點軍校畢業到1993年)
將主要精力放在研究蘇聯上。這一語言技能仍然能夠派上用場﹐這不僅僅因為俄羅斯涉
嫌在2007年和2008年分別對愛沙尼亞和格魯吉亞實施了網絡襲擊。
看看Mandiant的報告中繪製的中國網絡入侵圖(至少是那些與61398部隊有關的網絡攻擊
):都未觸及俄羅斯。托馬斯說﹐那是一大片地區……我真的會猜測他們為什麼攻擊南
非、阿聯酋和新加坡﹐而不攻擊俄羅斯。還有盧森堡。他們攻擊盧森堡﹐但不攻擊俄羅
斯?他說﹐中國、俄羅斯和伊朗組成的不是“邪惡軸心國”﹐而是“網絡軸心國”。
那麼應該做些什麼呢?安全公司正在努力加強網絡防衛能力以防止黑客入侵﹐國會議員
正在推進立法﹐以便使政府既能夠與互聯網服務提供商更密切地合作﹐同時又不讓這些
公司面臨訴訟危險或陷入侵犯公民自由的境地。華盛頓可以用有針對性的經濟制裁來挑
戰中國的網絡間諜活動。與此同時﹐圍繞建立網絡空間國際標準有著大量的討論﹐但這
種討論背後的動機是什麼尚不清楚──這或許可以解釋為什麼華盛頓和北京的高層官員
都支持這個想法。
在托馬斯看來﹐這些似乎都不會有什麼效果。他強調通過進攻能力形成威懾力﹐比如美
國網絡司令部新成立的13個小組。他此話暗含的意思是﹐好的進攻就是最好的防御。
這難道不是在表示美國和中國正朝著同歸於盡的網絡格局前進嗎?托馬斯說﹐看起來似
乎是這樣。
那麼聽到中國軍事文學並非全都對美國擺出咄咄逼人的架勢應該是可喜的。這些作品包
括有關“中國夢”的文章。“中國夢”的設想是到本世紀中葉中國將在經濟和軍事方面
超過美國。“中國夢”已被作為中國新任國家主席習近平提出的標志性口號。
托馬斯說﹐他們會把兩個版本都給你。他們會給你一個章節﹐說我們永遠不會打美國﹐
我們將致力於展開合作。一個章節後﹐他們又說在被逼無奈的情況下﹐我們將可能不得
不採取一些措施﹐可能會打仗。
但有人說美國是在“掉鱷魚的眼淚”又是怎麼回事?美國和以色列幾乎肯定是迄今所知
最成功的網絡攻擊背後的策劃者:他們開發的震網(Stuxnet)病毒阻礙了伊朗的鈾濃縮
計劃。托馬斯說﹐知道美國正在以其人之道還治其人之身可能會讓人略感安慰﹐但我們
似乎沒有對方那麼有攻擊性。他說﹐這一點從中國政府支持的商業間諜活動中尤其可見
一斑。他常常聽到與中國企業打交道的美國公司抱怨連連﹐因為對方知道它們的秘密。
他還說﹐我認為人們沒有真正理解安全簡報中談到的網絡攻擊的嚴重程度。
還有人說這一切都是夸大其詞﹐因為從來沒有一場網絡攻擊殺死過人。托馬斯有些不耐
煩地回答說﹐如果我進入了你的銀行賬戶﹐你會擔心嗎?如果我進入了你家的安全系統
﹐你會擔心嗎?如果我能進入通到你家房子裡的管道﹐你會擔心嗎?不僅是你的安全系
統﹐還有你的天然氣﹐你的電力──而你是五角大樓﹐你會擔心嗎?
他還說﹐也許還沒有人被殺死﹐但我不希望你有把我劫為人質的能力。我不想那樣。我
不想你能夠隨時可以敲詐我。他提到了1999年兩位中國將領想象的“社會恐慌”和“街
頭騷亂”。如果誰都無法從銀行中取出錢來﹐會發生什麼事。我看過銀行體系崩潰時的
俄羅斯人﹐他們排著隊……一無所有。
(編者按:本文作者David Feith是《華爾街日報》社論專題助理編輯。) | m********a
发帖数: 1041 | 2 Timothy Thomas: Why China Is Reading Your Email
Fort Leavenworth, Kan.
For several years, Washington has treated China as the Lord Voldemort of
geopolitics—the foe who must not be named, lest all economic and diplomatic
hell break loose. That policy seemed to be ending in recent weeks, and
Timothy Thomas thinks it's about time.
The clearest sign of change came in a March 11 speech by Tom Donilon,
President Obama's national security adviser, who condemned "cyber intrusions
emanating from China on an unprecedented scale" and declared that "the
international community cannot tolerate such activity from any country."
Chinese cyber aggression poses risks "to international trade, to the
reputation of Chinese industry and to our overall relations," Mr. Donilon
said, and Beijing must stop it.
"Why did we wait so long?" wonders Mr. Thomas as we sit in the U.S. Army's
Foreign Military Studies Office, where the 64-year-old retired lieutenant
colonel has studied Chinese cyber strategy for two decades. More than enough
evidence accumulated long ago, he says, for the U.S. to say to Beijing and
its denials of responsibility, "Folks, you don't have a leg to stand on,
sorry."
U.S. targets of suspected Chinese cyber attacks include news organizations (
this newspaper, the New York Times, Bloomberg), tech firms (Google, Adobe,
Yahoo ), multinationals (Coca-Cola, Dow Chemical ), defense contractors (
Lockheed Martin, Northrop Grumman ), federal departments (Homeland Security,
State, Energy, Commerce), senior officials (Hillary Clinton, Adm. Mike
Mullen), nuclear-weapons labs (Los Alamos, Oak Ridge) and just about every
other node of American commerce, infrastructure or authority. Identities of
confidential sources, hide-outs of human-rights dissidents, negotiation
strategies of major corporations, classified avionics of the F-35 fighter
jet, the ins and outs of America's power grid: Hackers probe for all this,
extracting secrets and possibly laying groundwork for acts of sabotage.
China's aggression has so far persisted, Mr. Thomas says, because "it makes
perfect sense to them." The U.S. has difficulty defending its cyber systems,
the relatively new realm of cyber isn't subject to international norms, and
years of intrusions have provoked little American response. "I think they'
re willing to take the risk right now because they believe that we can't do
anything to them," he says. "You have to change the playing field for them,
and if you don't, they're not going to change. They're going to continue to
rip off every bit of information they can."
Hence the promise of Washington's apparent shift in policy. "There's
something going on," Mr. Thomas says, and the Donilon speech was only one
part. This month's more significant news, he argues, was the announcement
that the U.S. military's Cyber Command (founded in 2009) would for the first
time develop and field 13 offensive cyber-warfare teams. The Chinese "now
know we are ready to go on the offense. There's something that's been put in
place that I think is going to change their view."
Not that he expects Beijing to back down lightly. On the contrary, Mr.
Thomas points to the literature of the People's Liberation Army to
demonstrate that China's cyber strategy has deep—even ancient—roots.
The essence of China's thinking about cyber warfare is the concept of shi,
he says, first introduced in Sun Tzu's "The Art of War" about 2,500 years
ago. The concept's English translation is debated, but Mr. Thomas subscribes
to the rendering of Chinese Gen. Tao Hanzhang, who defines shi as "the
strategically advantageous posture before a battle."
"When I do reconnaissance activities of your [cyber] system," Mr. Thomas
explains of China's thinking, "I'm looking for your vulnerabilities. I'm
establishing a strategic advantage that enables me to 'win victory before
the first battle' "—another classic concept, this one from the "36
Stratagems" of Chinese lore. "I've established the playing field. I have '
prepped the battlefield,' to put it in the U.S. lexicon."
Or, as Chinese Gen. Dai Qingmin wrote in his 2002 book, "Direct Information
Warfare": "Computer network reconnaissance is the prerequisite for seizing
victory in warfare. It helps to choose opportune moments, places and
measures for attack." Says Mr. Thomas: "He's telling you right there—10
years ago—that if we're going to win, we have to do recon."
A 1999 book by two Chinese colonels put it more aggressively (albeit in a
sentence as verbose as it is apocalyptic): "If the attacking side secretly
musters large amounts of capital without the enemy nations being aware of
this at all and launches a sneak attack against its financial markets,"
wrote Qiao Liang and Wang Xiangsui, "then, after causing a financial crisis,
buries a computer virus and hacker detachment in the opponent's computer
system in advance, while at the same time carrying out a network attack
against the enemy so that the civilian electricity network, traffic
dispatching network, financial transaction network, telephone communications
network, and mass media network are completely paralyzed, this will cause
the enemy nation to fall into social panic, street riots, and a political
crisis." No kidding.
This vision from 1999 reads like an outline of the report published last
month by Mandiant, a private-security firm, about "Unit 61398," a Shanghai-
based Chinese military team that since 2006 has mounted cyber assaults to
steal terabytes of codes and other information from U.S. assets. Among the
targets of Unit 61398 was Telvent Canada, which provides remote-access
software for more than 60% of the oil and gas pipelines in North America and
Latin America.
Unit 61398 is said to engage in "spearphishing," whereby would-be cyber
intruders send emails with links and attachments that, if clicked, install
malware on target computers. Lesser hackers might spearphish while posing as
Nigerian princes, but Unit 61398 developed sophisticated ways, including
colloquial language, to mimic corporate and governmental interoffice emails.
Spearphishing, too, draws on traditional Chinese stratagems: "The Chinese
strive to impel opponents to follow a line of reasoning that they (the
Chinese) craft," Mr. Thomas wrote in 2007. With this kind of asymmetric
approach, he says, "anybody can become an unsuspecting accomplice."
In this context Mr. Thomas mentions a cartoon published last year in Army
magazine in which one Chinese general says to another: "To hell with 'The
Art of War,' I say we hack into their infrastructure." Good for a chuckle,
perhaps, but Mr. Thomas warns against taking the message seriously. China's
hacking is in fact "a manifestation of 'The Art of War,' " he says, and if
the U.S. military doesn't realize that, it "can make mistakes. . . . You
have to stay with their line of thought if you're going to try to think like
them."
"Boy," he later laments, "we need a lot more Chinese speakers in this
country"—a point underscored by the fact that he isn't one himself. He
reads Chinese military texts in translation, some published by the U.S.
government's Open Source Center and some he has found himself. He stumbled
upon Gen. Dai's "Direct Information Warfare" on a trip several years ago to
Shanghai, when an associate led him (and an interpreter) to an unmarked
military bookstore on the top floor of a building on the outskirts of town.
"I could tell when I walked in that the people behind the cash register were
stunned I was there," he recalls. In public bookstores, he says, material
addressing Chinese national security is often marked "not for foreign sale"
on the inside cover.
The Ohio native does speak Russian, having focused most of his military
service (from West Point graduation in 1973 until 1993) on the Soviet Union.
That language skill still comes in handy, and not just because Russia is
suspected of having carried out cyber assaults against Estonia in 2007 and
Georgia in 2008.
Look at the Mandiant report's map of Chinese cyber intrusions (at least
those tied to Unit 61398): Russia is untouched. "That's a huge area. . . . I
really would wonder why they're after South Africa, the U.A.E. and
Singapore but not Russia. And Luxembourg. They went after Luxembourg but not
Russia?" Together with Iran, he argues, China and Russia make up "not the
axis of evil but the axis of cyber."
So what is to be done? Security firms are working to harden networks against
hackers, and members of Congress are promoting legislation to let the
government work more closely with Internet service providers without opening
up the companies to lawsuits or infringing on civil liberties. Washington
could challenge Chinese cyber espionage with targeted economic sanctions.
Meanwhile, there is much talk about establishing international standards for
cyber space, but it is unclear what that would mean—which probably
explains why top officials in Washington and Beijing have both endorsed the
idea.
None of this seems promising to Mr. Thomas, who stresses building deterrence
through offensive capabilities, such as the 13 new teams at U.S. Cyber
Command. The implication is that the best defense is a good offense.
And doesn't that suggest, in turn, that the U.S. and China are headed toward
a dynamic of mutually assured cyber destruction? "It seems like it," he
says.
It's heartening to hear, then, that Chinese military literature isn't
uniformly aggressive toward America. This includes writings about the "China
Dream," which posits that China will overtake the U.S. economically and
militarily by midcentury—and which has been adopted as the signature cause
of new President Xi Jinping.
"They give you both versions," says Mr. Thomas. "They give you a model that
says, 'There will be no way we'll ever fight [the U.S.], we'll work on
cooperation.' A chapter later, 'There could be a time where if pushed hard
enough, we'll have to do something and there will be a battle.' "
But what about the argument that the U.S. is shedding crocodile tears?
America (and Israel) were almost certainly behind the most successful known
cyber attack to date: the Stuxnet virus that impeded Iran's uranium-
enrichment program. There might be some comfort in knowing that the U.S. is
doing unto China what China is doing unto the U.S., says Mr. Thomas, but "we
don't seem as intrusive as the other side." That is illustrated especially,
he says, by China's state-sponsored commercial espionage. He frequently
hears complaints from U.S. firms dealing with Chinese counterparts who know
their secrets, adding that "I don't think people really get the security
briefing of just how invasive it is."
Then there's the argument that all this is overblown because no cyber attack
has ever killed anyone. Mr. Thomas responds, somewhat impatiently: "If I
had access to your bank account, would you worry? If I had access to your
home security system, would you worry? If I have access to the pipes coming
into your house? Not just your security system but your gas, your electric—
and you're the Pentagon?"
He adds: "Maybe nobody's been killed yet, but I don't want you having the
ability to hold me hostage. I don't want that. I don't want you to be able
to blackmail me at any point in time that you want." He cites the Chinese
colonels' vision, back in 1999, of "social panic" and "street riots." "I
wonder what would happen if none of us could withdraw money out of our banks
. I watched the Russians when the crash came and they stood in line and . .
. they had nothing." | k****k
发帖数: 3322 | | g*******1
发帖数: 2799 | | l****z
发帖数: 29846 | 5 中国正面不能和美国对抗,只好在网络这种方面先搞起来了. | h*********n
发帖数: 11319 | 6 13台DNS 根服务器,12台在美国
要说过滤全球互联网信息,除了美国没有人敢自夸。
【在 m********a 的大作中提到】
: 這幾年﹐華盛頓一直把中國看作是地緣政治的“伏地魔”(Lord Voldemort)﹐一個不可
: 直接說出名號的敵人﹐以免在經濟和外交方面釀成大禍。這一政策似乎在近幾週行將結
: 束﹐而托馬斯(Timothy Thomas)認為現在正是該結束的時候。
: 最明顯的改變跡象是美國總統奧巴馬的國家安全顧問多尼隆(Tom Donilon)於3月11日發
: 表的講話。他譴責源自中國的規模空前的網絡攻擊﹐稱國際社會不能容忍任何國家發起
: 這類活動。多尼隆說﹐中國的網絡攻擊對國際貿易、中國產業的名聲以及美中兩國的整
: 體關係造成了威脅﹐北京方面必須予以制止。
: 托馬斯當我們坐在美國外軍研究局(Foreign Military Studies Office)里時﹐托馬斯
: 問:為什麼我們要等這麼久?這位64歲的美國退役陸軍中校在這裡研究中國網絡戰略已
: 有20年時間。他說﹐我們很久以前就掌握了足夠多的證據﹐面對北京及其對此事的否認
| g*******1
发帖数: 2799 | |
|
