Name: 為什麼美國的網絡安全基礎設施還不夠好？ (Why Isn’t U.S. Cybersecurity Infrastructure Good Enough?)
Uploaded: 2021-10-11T21:01:10.000Z
Duration: 6 min 36 s

程度副詞

Cyberattacks seem to be really having a moment.

看起來網絡攻擊真的在到處肆虐。

Take the U.S., for example: the FBI has reported 4,000 attacks a day since the COVID pandemic began, and there's no sign of things slowing down.

以美國為例：自新冠疫情大流行以來，聯邦調查局每天便接獲了 4000 起網路攻擊事件，而且事態到目前為止看起來還沒有要停息的跡象。

情態副詞

But how exactly did we get to this point, and how can cybersecurity help us get out of this mess?

但我們究竟是如何走到這一步的？網絡安全又能如何能幫助我們走出困境？

The infrastructure that we use every single day, in our houses, in our cars, in our workplaces, and generally in the country as a whole, is full of computing systems.

我們每天在我們的房子裡、汽車裡、工作場所，更廣泛來說整個國家中所使用的基礎設施，其實裡面都充滿了電腦系統。

Anything that prevents us from getting those things done, or in some way makes that computing infrastructure create a negative event, you know, we could consider that to be a threat.

而任何會導致我們無法完成想做的事情，或用某種方法讓這些電腦基礎設施造成負面事件的行為，我們都應將其視為是種威脅。

Basically, cybersecurity refers to the practices, technologies, and processes designed to keep all of those threats at bay.

基本上，網絡安全是指能夠把這些威脅排除的做法、技術和流程。

And these threats have evolved a LOT since the 1950s, back when Steve Jobs was hacking phones to make free long-distance calls.

而這些威脅從 1950 年代時史蒂夫‧賈伯斯等人在想辦法駭入電話來撥打免費長途電話以來，已經經歷了極大的變化。

A watershed moment for the world of cyberthreats came in 2010 with the discovery of STUXNET, the world's first digital weapon.

2010 年，隨著人們發現了世界史上第一個數位武器 STUXNET，網絡威脅的領域迎來了一個分水嶺時刻。

It was found targeting Iran's nuclear facilities, and in the process, proved that cyberattacks could have devastating consequences beyond the digital realm.

人們發現它被用來對付伊朗的核子設施，並在過程中證明了網路攻擊可以對數位領域外的現實世界產生破壞性後果。

That kind of cyber-physical environment is really quite a modern phenomena in the last few decades, and so securing that environment is really what cybersecurity is all about.

這種網路與物理世界交融的環境，在近幾十年來是個相當現代的現象，而保障這種環境的安全便是網路安全的真諦。

Computers today are more complex than ever, as are the types of threats they face.

現在的電腦比過去來得更加複雜，面對的威脅類型也更加多樣。

The more we ask our computers to do, open an email, visit a webpage, join a network, the more potential points of attack emerge.

我們要求電腦去做的事情越多，像是開啟一封電子郵件、瀏覽一個網頁、加入一個網路等等，隨之而來出現，可能被攻擊的弱點也越多。

To exploit these vulnerabilities, hackers have countless tools up their sleeves.

駭客們有著無數的工具能夠利用這些漏洞。

Create computer viruses, send out fraudulent emails, or flood a server with requests until it becomes totally unresponsive.

製造出電腦病毒、寄送詐騙電子郵件，或者向伺服器送出無數的要求訊號，直到它完全無法招架為止。

This ever-shifting threat landscape is of particular concern for governments and other organizations that use computers to deal with sensitive data and networks, like, say, the ones used to manage our power grids.

這種不斷變化的威脅狀況，有部份原因是政府與其他組織使用了電腦來組裡敏感資訊以及網路，舉例來說，被用來管裡電力網路。

But it's not always easy to tell what's going on.

但要知道發生了什麼事並不總是那麼容易。

So, if we're talking about a very low competence, crude attack, there will be sort of digital fingerprints if you like, that will show you very quickly that actually something deliberate has been done here.

在查看非常低端且粗糙的攻擊時，我們能找到一些可以稱做數位指紋的線索，並能夠很快讓我們發現系統被蓄意地做了些什麼。

However, for more sophisticated attackers, if they want to hide their tracks a little bit, then the real problem with cybersecurity is that, that's possible to do.

然而，網路安全真正面臨的問題是，當面對手段更加縝密的攻擊者時，如果他們真的想隱藏自己的蹤跡，他們實際上是有可能辦到的。

And that's the kind of thing that you see in national level cyber attacks and defense postures.

而這就是我們在國家級網路攻擊與防禦首段會設想的狀況。

And nowhere have we seen these concerns materialize so dramatically as in the U.S.

而美國便是這些問題最劇烈發生的地方。

For years, experts have warned that if the U.S. government didn't change its behaviors, the fallout from cyberattacks would only get worse. But our ability to pivot hasn't kept pace.

多年來專家不斷在警告說，如果美國政府再不改變他們的行為準則，網路攻擊的後果只會變得越加嚴重。但我們轉換的步調卻沒有跟上。

For one, many U.S. federal agencies still rely heavily on “legacy systems” aka old, which are not only costly to maintain but also super vulnerable to hackers because of their outdated code and architecture.

其中一個問題是，許多美國聯邦機關仍非常仰賴「遺留系統」，也就是老舊的系統。由於它們的程式碼與結構過時，使它們不但維護起來耗費金錢，在面對駭客的攻擊時還非常的脆弱。

That's not to say the government hasn't invested in new technology, notably, EINSTEIN, with the first version coming onto the scene in 2003.

這並不是說政府沒有投資於新技術。特別值得一提的是 2003 年首次出場的初代版本「愛因斯坦」。

This machine learning tool is used by nearly every federal agency to detect suspicious activity and identify potential attacks.

這是種用來檢測可疑活動和識別潛在攻擊的機器學習工具，幾乎每個聯邦機構都有使用。

But even EINSTEIN has its limitations, because it's only one tool in our many layers of defense.

但即使是「愛因斯坦」也有其侷限性，因為它只是我們眾多防禦層中的一個工具而已。

Because cybersecurity is such a big job, the government outsources a lot of its needs to 3rd party providers, like SolarWinds.

由於網路安全是一項龐大的工作，政府便將其大量需求外包給如 SolarWinds 這樣的第三方廠商。

But when the company got hacked in 2020, EINSTEIN failed to detect the intrusion.

但當該公司在 2020 年被駭客攻擊時，「愛因斯坦」卻未能檢測到入侵行為。

It wasn't until after that programmers introduced signatures of the SolarWinds attack to EINSTEIN's system, so that it could learn to do better next time.

程式設計師之後才將 SolarWinds 所受到的攻擊的引入「愛因斯坦」的系統中，藉此確保它下次碰到類似攻擊時能做得更好。

This so-called "penetrate-and-patch" approach to cybersecurity is sort of like patching up an old pair of jeans.

這種在網路安全界中被稱為「穿透後修補」的方法，有點像是幫一條破舊的牛仔褲縫補補丁一樣。

The more patches you sew onto them, the more embarrassing they look and the less they function like actual jeans.

你在上面縫的補丁越多，它們看起來就越令人尷尬，而且離真正的牛仔褲越來越遠。

Patching introduces risk, and also makes it so that we're constantly working to fix the mess that cyber threats leave behind.

打補丁會帶來風險，同時也使我們得不斷努力修復網路威脅所留下的混亂局面。

And these messes are expensive. Losses from cybercrime now total over $1 trillion globally.

而這樣混亂的局面有著昂貴的後果。全球因為網路犯罪而造成的損失到現在已經累積到超過一兆美元了。

很顯然的，我們得做出些改變。

One approach that's gaining traction is to implement zero-trust architecture.

一種目前正獲得青睞的方法是實施零信任架構。

Basically, this means every user in a system must be authenticated on a continual basis, no matter if they're operating from inside the organization or not.

基本上，這意味著系統中的每個用戶都必須持續地進行認證，無論他們是否在組織內部運作。

As part of a recent executive order by President Biden to modernize the government's cybersecurity, this zero-trust model will now be required.

拜登總統最近所發佈的，針對政府網路安全現代化的行政命令，其中一部分便要求現在必須使用這種零信任模式。

Another emerging solution is called secure by design.

另一個新興的解決方案被稱為安全設計。

Its basic approach is to bake security into the design of computer hardware and software.

它的基本方法是在設計電腦硬體與軟體的一開始，便把安全性納入考量。

So, every step of the way, as you're developing that product, the security is a core feature of it.

因此，在開發過程中的每一步，安全性都是核心功能之一。

So that by the time you get to the end, there's no bolting on.

所以當開發完成時，便不需要再修修補補。

One core tenant of this approach is to keep the system's architecture simple, so that the risk of design error is kept low.

這種方法的一個核心原則是保持系統的結構簡單，以便將設計錯誤的風險降低。

But this approach can't always react to new vulnerabilities, which is why developing cyber resilience is so important.

但這種方法無法對新的弱點作出反應，而這就是為何發展網路復原力重要的原因。

The idea is that by employing certain strategies, like automatically backing up your data, blocking threats before they infiltrate your network, and training a system's users to identify problems before they arise,

網路復原力的概念是藉由實行數個策略，像是自動備份資料、在威脅滲透網路前就阻擋掉它，並訓練系統的使用者能在問題出現之前看出徵兆，

we'll be prepared whenever a cyber attack does hit.

我們便能隨時在網路攻擊發生時有所準備。

Because at the end of the day, we're all playing a role in our cyber infrastructure.

畢竟到頭來，我們都身處在網路基礎建設之中的一部分。

So we should all be aware of the vulnerabilities out there and keep pressuring our government representatives to take them more seriously too.

因此我們都應該意識到這些系統中的弱點，並不斷地向我們的政府代表施壓，讓他們更認真地對待這類問題。

It's easy to think about cyber as just being about computers, but it's actually about human beings working with computational systems, right?

我們很常會以為網路只跟電腦有關，但其實它跟利用網路系統的人類息息相關，對吧？

So we're all involved in it. So we should all be conscious of it, and understand how we use that infrastructure and maybe what the vulnerabilities are that we might face.

所以我們都身處其中。我們都應該要關注這個問題，了解到我們究竟是怎麼利用這些基礎設施的，並或許對我們所面對的一些系統性弱點有所理解。

You may remember me saying that Steve Jobs used to hack phones.

你可能還記得我剛才有提到史蒂夫·賈柏斯曾駭過電話。

He was part of a group called the phreaks, spelled ph-, for phone, who reverse-engineered the tones used by telecom companies to route long-distance calls.

他所屬於一個被稱為「phreaks (怪胎)」的團體的成員，用代表電話 (phone) 的「ph」而不是本來的「f」開頭。他們反向工程了電信公司所使用的撥號訊號，藉此撥打長距離電話。

But if you want to learn more about hacking today, check out this video on the 2020 cyberattack that took out SolarWinds.

但如果你今天想了解更多關於黑客的知識，請看這段在 2020 年攻陷了 SolarWinds 的網路攻擊的影片。

Let us know if there's anything else you want us to cover.

如果你還有什麼希望我們報導的，就告訴我們吧。

Be sure to subscribe, and as always, thank you so much for watching. I'll see you next time on Seeker.

請務必訂閱頻道，一如既往地，感謝您的觀看。我們下次在 Seeker 上再見囉。