[2022-09-10] 华盛顿邮报 - 中国对美国间谍活动的抱怨令许多人感到可笑
THE CYBERSECURITY 202 A newsletter briefing on cybersecurity news and policy. 网络安全 202 关于网络安全新闻和政策的简报。
Welcome to The Cybersecurity 202! 欢迎来到网络安全 202!
“No, duh.” China keeps alleging the U.S. is hacking it, confusing cyber analysts “不,呃。” 中国不断声称美国正在对其进行黑客攻击,使网络分析师感到困惑
This week China accused the National Security Agency of hacking into the computers of a Beijing-funded university the United States says conducts research for the military. 本周,中国指责国家安全局侵入了北京资助的一所大学的计算机,美国称该大学为军方进行研究。
It was the latest entry in a series of recent complaints from China about U.S. cyber-snooping, following allegations dating back to February. 这是继自 2 月以来的指控之后,中国最近对美国网络窥探的一系列投诉中的最新条目。
The gripes, though, have baffled cybersecurity experts of many stripes. 然而,这些抱怨让许多网络安全专家感到困惑。
They’re uncertain what China is hoping to accomplish, all the more so because they scoff at what they describe as the shoddy and often dated nature of the Chinese findings. 他们不确定中国希望完成什么,尤其是因为他们嘲笑中国调查结果中他们认为劣质而且都是过时的内容。
Additionally, alleged targets like this week’s Northwestern Polytechnical University are what most nations would consider “fair game” for government-to-government espionage, prompting reactions of, essentially, “No duh.” 此外,像本周的西北工业大学这样的所谓目标是大多数国家认为的政府间间谍活动的“公平游戏”,这引发了基本上“不,没有”的反应。
In some cases, China has drawn on publicly available media reports for their “revelations.” State media has bolstered the government message and echoed its oddly non-revelatory nature. One outlet this week, for instance, reported that it had “learned from a source” that the NSA’s Rob Joyce had once led the agency’s hacking division, Tailored Access Operations (TAO) — a fact commonly mentioned in his online biographies. 在某些情况下,中国利用公开的媒体报道进行“揭露”。 官方媒体支持了政府的信息,并呼应了其奇怪的非启示性性质。 例如,本周一家媒体报道称,它“从消息来源获悉”美国国家安全局的罗伯·乔伊斯曾领导该机构的黑客部门定制访问行动 (TAO)——他的在线传记中经常提到这一事实。
The Chinese claims were “highly amusing,” tweeted European security researcher Lukasz Olejnik: 中国的说法“非常有趣”,欧洲安全研究员 Lukasz Olejnik 在推特上写道:
The confusing nature of some elements of the accusations from China's National Computer Virus Emergency Response Center (CVERC) also makes it difficult to verify them, which sometimes only identify older hacking tools and therefore raise questions about how effective China’s cybersecurity apparatus is. 中国国家计算机病毒应急响应中心 (CVERC) 指控的某些内容令人困惑,也使得它们难以核实,有时只能识别较旧的黑客工具,因此引发了对中国网络安全机构有效性的质疑。
“Additional technical reporting from CVERC [is] needed to enable independent validation of analytic findings by industry peers,” Silas Cutler, senior director for cyberthreat research and analysis at the Institute for Security and Technology, told me via email. “需要 CVERC 提供额外的技术报告,以便能够独立验证行业同行的分析结果,”安全与技术研究所网络威胁研究和分析高级主管 Silas Cutler 通过电子邮件告诉我。
SentinelOne’s Juan Andres Guerrero-Saade further broke down the technical side of things in a Twitter thread: SentinelOne 的 Juan Andres Guerrero-Saade 在 Twitter 线程中进一步分解了事物的技术方面:
I've been rather glib in addressing this CN report on 'TAO' malware at Northwestern Polytechnical University in China. So what do we really learn from this? 我认为中国关于西北工业大学“TAO”恶意软件的报告漏洞百出。 那么我们真正从中学到了什么?
Just why 只是为什么
There are a few possible explanations for why Chinese entities — sometimes the government, sometimes companies, sometimes both — are doing this of late, Adam Meyers, senior vice president of threat intelligence at cybersecurity company CrowdStrike told me: 网络安全公司 CrowdStrike 的威胁情报高级副总裁 Adam Meyers 告诉我,为什么中国实体——有时是政府,有时是公司,有时两者兼而有之,最近这些举动的一些可能的解释:
Chinese cybersecurity firms might be trying to bring attention to their threat intelligence products. 中国网络安全公司可能正试图引起人们对其威胁情报产品的关注。
Or: “They’re working in concern with the Chinese government in order to demonstrate that this works both ways, that China can claim the U.S. is attacking them and they can use that to push back on any claims of U.S. businesses and entities saying the Chinese are stealing their intellectual property.” 或者:“他们正在与中国政府合作,以证明这是双向的,中国可以声称美国正在攻击他们,他们可以利用这一点来反驳美国企业和实体声称 中国人正在窃取他们的知识产权。”
Or: They’re trying to send a message to the U.S. government, which has repeatedly accused China of cyber malfeasance. “We’re going to start putting pressure on you because you’ve been putting pressure on us,” Meyers said. 或者:他们试图向美国政府传递信息,美国政府一再指责中国网络渎职。 “我们将开始向你施加压力,因为你一直在向我们施加压力,”迈耶斯说。
It’s possible that all three theories are simultaneously true, Meyers said. 迈耶斯说,这三种理论可能同时为真。
Another possible explanation is that China wants to diminish the United States in the eyes of regional players like South Korea, Japan and Taiwan, Josh Lospinoso, who once worked for the NSA’s TAO and now is CEO of cybersecurity firm Shift5, told me. 另一种可能的解释是,中国希望在韩国、日本和台湾等地区参与者的眼中削弱美国,乔什·洛斯皮诺索(Josh Lospinoso)告诉我,他曾在 NSA 的 TAO 工作,现在是网络安全公司 Shift5 的首席执行官。
While the reports from China of late are more formal, government officials there have often verbally responded to past allegations of Chinese hacking by pointing to U.S. cyberspace operations, Lospinoso pointed out. 洛斯皮诺索指出,虽然最近来自中国的报道更加正式,但那里的政府官员经常通过指出美国的网络空间行动来口头回应过去对中国黑客行为的指控。
Propaganda 宣传
If there’s one consensus, it’s that China is making its recent spree of allegations to influence opinions. 如果有一个共识,那就是中国最近发起了一系列指控以影响舆论。
“I would offer that Beijing seems to be making a recent habit of repackaging old news — suggesting its utility is primarily propaganda,” Gavin Wilde, a senior fellow at the Carnegie Endowment for International Peace, told me via email. 卡内基国际和平基金会高级研究员加文·怀尔德通过电子邮件告诉我:“我认为北京最近似乎养成了重新包装旧新闻的习惯——这表明它的作用主要是宣传。”
“China’s counternarrative to its pervasive cyber activity is not only useful on the domestic front, but coincides with increasing cohesion among Western governments and tech companies in cyberdefense and attribution amid Moscow’s war on Ukraine,” he said. “Even so, having to go to such lengths to explain the logic behind Chinese propaganda is indicative of how slipshod it often is.” “中国对其普遍的网络活动的反击不仅在国内方面有用,而且在莫斯科对乌克兰的战争中,西方政府和科技公司在网络防御和归因方面的凝聚力越来越强,”他说。 “即便如此,不得不费尽心思解释中国宣传背后的逻辑,这表明它经常是多么草率。”标红字体均为楼主更改,与原文作者无关。
赞(43)
|