紐時賞析/無法入侵系統就散播假訊息 美下月恐面臨俄羅斯駭客威脅
骇客示意图。本报资料照片
Unable to Penetrate Systems, Hackers Spread Lies About Vulnerabilities
无法穿透系统防护 骇客谎称网路不安全
Hackers trying to disrupt the Paris Olympics turned to disinformation campaigns when their electronic intrusions failed, a tactic that foreign adversaries could attempt to use against the U.S. elections next month.
骇客试图扰乱巴黎奥运,当他们的电子侵入失败时,就转向假讯息行动,外国对手可能企图利用这个战术,对付美国下个月的选举。
Cybersecurity officials in France spent more than two years preparing for this summer’s Games. While there were constant cyberattacks from a variety of sources, none disrupted the Olympics, Vincent Strubel, the head of France’s cybersecurity agency, said.
法国的网路安全官员花费超过2年,为今年夏季的奥运做准备。法国网路安全机构首长施特鲁贝尔说,虽然有来自各式各样源头的持续网路攻击,但没有一个扰乱到奥运。
Strubel said one activist hacking group, the Cyber Army of Russia Reborn, claimed that it would attack the water sanitation system in Paris to disrupt the swimming competitions in the Seine.
施特鲁贝尔表示,一个激进分子骇客组织「俄罗斯重生网路军」声称,将攻击巴黎的供水卫生系统,以扰乱塞纳河的游泳比赛。
“We had to make sure that the attack could not happen from a technical side and then make sure they did not effectively make a fake claim,” Strubel said.
施特鲁贝尔说,「我们必须从技术方面确保攻击不会发生,接着确保他们无法有效发表假声明」。
U.S. officials believe the Cyber Army poses a threat in the United States. In July, the State Department imposed sanctions against two members of the group, accusing them of attacking critical infrastructure in the United States. The department said Russia provided a safe haven for such groups to disrupt American systems.
美国官员认为,这个「网路军」对美国构成威胁。7月时,美国国务院制裁该组织2名成员,指控他们攻击美国关键基础设施。国务院说,俄罗斯为这类扰乱美方系统的组织提供避风港。
While the Russian group’s “lack of sophistication and victims’ responses have thus far prevented any instances of major damage,” the State Department said, “unauthorized access to critical infrastructure systems poses an elevated risk of harm to the public.”
美国国务院表示,虽然这个俄罗斯组织「不够先进,而受害者的反应迄今也已防止任何重大损害事件」,但「未经授权存取关键基础设施系统,构成伤害大众的高度风险」。
When hackers failed to penetrate critical systems in France, they sought to strike less-protected systems. Strubel said there was a “close call” involving a ransomware attack on a group supporting a museum where fencing events were held. But French authorities responded quickly, preventing any interruption of the competition, he said.
当骇客无法渗透法国的关键系统,他们试图打击保护较少的系统。施特鲁贝尔说,有一桩「险些发生的事件」,牵涉到勒索软体攻击一个组织,该组织支援举办击剑比赛的博物馆。但他表示,法国当局迅速反应,防止任何赛事中断。
The United States could face similar challenges next month from Russian influence groups, intelligence agencies and activist hackers.
下月美国可能面临来自俄罗斯影响团体、情报机构和激进分子骇客的类似挑战。
U.S. officials have said they have spent years shoring up voting systems to make it difficult to hack into state or local governments to change vote totals. U.S. intelligence officials assess that the resilience of the system, and its hyperlocal nature, has convinced foreign adversaries that changing the results through hacking election systems is all but impossible.
美国官员已经表示,他们花费数年加强投票系统,难以骇入州或地方政府改变票数。美国情报官员评估,该系统的韧性及其超本地化的特性,已说服外国对手,透过骇攻选举系统改变结果几乎不可能。
But some foreign governments still believe they can influence what Americans think about the security of the election and could spread false claims about the ability to hack the election.
但一些外国政府仍然认为,他们可以影响美国人对选举安全的看法,并且能够传播有关骇攻选举能力的虚假说法。
文/Julian E. Barnes 译/周辰阳