predicted a similar build-up of Russian hackers along the ideological boundaries of cyberspace;

預測俄羅斯黑客會沿著網絡空間的意識形態邊界進行類似的集結。

ready to match any physical assault with an equally damaging virtual attack.

準備用同樣具有破壞性的虛擬攻擊來配合任何物理攻擊。

The country has proven itself a leading offensive cyber power — whether that be by interfering in

該國已證明自己是一個領先的進攻性網絡大國--無論是通過干擾

and influencing foreign elections or by mounting cyberattacks on critical infrastructure

和影響外國選舉，或對關鍵基礎設施進行網絡攻擊。

such as air traffic control systems and water treatment facilities.

如空中交通管制系統和水處理設施。

Yet, months into Moscow's brutal military invasion,

然而，在莫斯科野蠻的軍事入侵的幾個月裡。

a cyberwar of similar consequence has yet to materialize.

一場具有類似後果的網絡戰爭尚未出現。

Essentially, Ukraine's digital defense has proved as determined as its physical one.

基本上，烏克蘭的數字防禦已被證明與它的物理防禦一樣堅定。

Before the full-scale invasion of Ukraine,

在全面入侵烏克蘭之前。

Russia was harassing Ukraine relentlessly in cyberspace.

俄羅斯在網絡空間對烏克蘭進行了無情的騷擾。

Still, the risks of cyberwar have not gone away.

然而，網絡戰爭的風險並沒有消失。

As the world becomes increasingly reliant on technology across all walks of life,

隨著世界上各行各業對技術的依賴性越來越強。

the potential for cyberwarfare to wreak havoc on society remains —

網絡戰對社會造成破壞的潛力仍然存在

whether in this conflict or the next.

無論是在這次衝突中還是在下次衝突中。

So, what exactly could a cyberwar entail and how prepared are we?

那麼，網絡戰爭究竟會帶來什麼，我們的準備情況如何？

For the first time in human history, it's possible to inflict large-scale harm

人類歷史上第一次有可能造成大規模傷害

on another country, from a different country

在另一個國家，來自不同國家的

without anybody ever setting foot on the territory of that country.

在沒有任何人踏上該國領土的情況下。

Cyberwarfare can be broadly defined as an act of aggression

網絡戰可被廣泛定義為一種侵略行為

conducted through a digital network by state-sponsored actors.

由國家支持的行為者通過數字網絡進行。

The targets can be military or civilian, but the end goal is to coerce

目標可以是軍人或平民，但最終目標是脅迫

a sovereign state to bend to the actor's will.

一個主權國家要屈服於行為人的意願。

This is different from cyberterrorism, which is typically conducted by independent actors.

這與網絡恐怖主義不同，後者通常由獨立的行為者進行。

It's now, more than ever, critical that we are preparing for such events.

現在，我們比以往任何時候都更需要為這類事件做準備。

Security experts have been raising the alarm on such cyber risks for decades.

幾十年來，安全專家一直在對這種網絡風險發出警報。

Back in 2012, then-U.S. Defense Secretary Leon Panetta warned the country was facing

早在2012年，當時的美國國防部長萊昂-帕內塔警告說，該國正面臨著

a potential “cyber-Pearl Harbour,” with the national power grid, transportation,

一個潛在的 "網絡珍珠港"，與國家電網、交通。

financial network and government having grown increasingly vulnerable to foreign hackers.

金融網絡和政府已經越來越容易受到外國黑客的攻擊。

Britain considered the risks so significant that in 2016,

英國認為風險如此之大，以至於在2016年。

GCHQ, the country's electronic intelligence and security agency,

GCHQ，該國的電子情報和安全機構。

launched a unit specifically designed to deal with cyber threats.

推出了一個專門應對網絡威脅的部門。

Ciaran Martin was the founding CEO of GCHQ's National Cyber Security Centre and is now

Ciaran Martin是GCHQ國家網絡安全中心的創始首席執行官，現在是GCHQ國家網絡安全中心的創始人。

a professor at the University of Oxford's Blavatnik School of Government.

牛津大學布拉瓦特尼克政府學院的教授。

He explained more.

他解釋了更多。

There's this sort of Hollywood version of cyber that everything's connected to everything else.

有這樣一種好萊塢版本的網絡，一切都與其他事物相關聯。

That's not really the way cyber operations work.

這並不是網絡行動的真正運作方式。

But they are really serious, quite pernicious and nasty social and economic threats

但它們確實是嚴重的、相當有害的、討厭的社會和經濟威脅

from cyberspace, and we need to be realistic about telling people what they are.

來自網絡空間，我們需要現實地告訴人們它們是什麼。

Such events are not unheard of.

這種事件並非聞所未聞。

Already, there have been several serious cyberattacks with wide-reaching consequences —

目前，已經發生了幾起嚴重的網絡攻擊事件，造成了廣泛的影響。

both intended and otherwise.

無論是有意還是無意。

In 2010, Iran's nuclear facilities were severely disrupted

2010年，伊朗的核設施受到嚴重破壞

by a malicious computer worm known as Stuxnet,

被稱為 "Stuxnet "的惡意計算機蠕蟲攻擊。

in the first known example of a digital weapon causing physical damage.

這是第一個已知的數字武器造成物理傷害的例子。

Then, in 2017, a mock ransomware attack known as NotPetya brought Ukrainian businesses

然後，在2017年，一場被稱為NotPetya的模擬勒索軟件攻擊給烏克蘭企業帶來了

to their knees, damaging systems and deleting data, with major knock-on effects internationally.

他們跪在地上，破壞系統和刪除數據，在國際上產生了重大的連鎖反應。

An accounting organization in Ukraine was attacked and Maersk had to suffer

烏克蘭的一個會計組織受到攻擊，馬士基不得不遭受損失

a massive fallout as a consequence, even though they were not the target.

儘管他們不是目標，但卻是以而產生了巨大的影響。

So the challenge with the cyber realm is that you don't necessarily need to be the target,

是以，網絡領域的挑戰是，你不一定需要成為目標。

you can be collateral damage.

你可以成為附帶損害。

And roughly one hour before Russia invaded Ukraine, internet access in Ukraine and

而在俄羅斯入侵烏克蘭的大約一小時前，烏克蘭的互聯網接入和

swathes of Europe were crippled after a cyberattack

歐洲的大片地區在一次網絡攻擊後陷入癱瘓

against U.S. satellite communications provider Viasat.

對抗美國衛星通信供應商Viasat。

The outage affected the Ukrainian military's ability to communicate with

斷電影響了烏克蘭軍方與美國的通信能力。

its frontline troops — a move the West has blamed on Russia.

其前線部隊--此舉被西方歸咎於俄羅斯。

In the first four months of 2022, Russian hackers launched more than 200 cyberattacks

在2022年的前四個月，俄羅斯黑客發動了200多次網絡攻擊

against Ukraine, targeting government agencies and private companies,

針對烏克蘭，以政府機構和私營公司為目標。

according to analysis from Microsoft.

根據微軟的分析。

The report noted that the cyberattacks “have also sought to disrupt people's access

報告指出，網絡攻擊 "還試圖擾亂人們的訪問。

to reliable information and critical life services on which civilians depend.”

以獲得可靠的資訊和平民所依賴的關鍵生活服務"。

However, the intensity of these attacks by Russia in the cyber realm

然而，俄羅斯在網絡領域的這些攻擊的強度

have surprised experts, who were anticipating more.

這讓專家們感到驚訝，他們預計會有更多。

Is it a lack of kind of ability from the Russian side?

是俄羅斯方面缺乏那種能力嗎？

Or do you think it's just so fundamental to the fact that cyberwar doesn't actually

還是你認為這只是網絡戰爭的基本事實，實際上並沒有

have the kind of overall impact that maybe traditional military warfare has?

具有傳統軍事戰爭所具有的那種整體影響？

So there are various theories.

所以有各種理論。

Firstly, there was the quick victory theory.

首先，是快速勝利論。

If, as it is believed they thought, they were going to take the whole of Ukraine

如果像人們認為的那樣，他們要佔領整個烏克蘭

in three or four days, why would you devastate it digitally when you're going to be ruling it?

在三或四天內，當你要統治它的時候，你為什麼要以數字方式破壞它？

Perhaps at the almost other end of the spectrum of theory, some of the Russian military equipment

也許在理論的幾乎另一端，一些俄羅斯的軍事裝備

seems to have been so poor that Russian infantry themselves are using GPS,

似乎已經非常糟糕，以至於俄羅斯步兵自己都在使用GPS。

they're using WhatsApp to communicate, so if you take out the Ukrainian internet infrastructure,

他們使用WhatsApp進行交流，所以如果你拿掉烏克蘭的互聯網基礎設施。

then the Russian soldiers can't use it.

那麼俄羅斯阿兵哥就不能使用它。

There is of course then — and I think there definitely is something in this —

當然，還有--我認為這裡面肯定有什麼------。

that when you're in a period of high tension short of war, cyber is a very, very useful tool.

當你處於戰爭之外的高度緊張時期時，網絡是一個非常、非常有用的工具。

When you're actually at war, and you can send bomber planes in and so forth,

當你真正處於戰爭狀態時，你可以派轟炸機進入等等。

the complexity and time and resources of a cyber operation becomes less useful.

網絡行動的複雜性和時間及資源變得不那麼有用。

That doesn't mean the risks of cyber conflict have faded, however.

然而，這並不意味著網絡衝突的風險已經消退。

No special rules apply in cyber, so if Russia's going to do aggressive behavior,

在網絡方面沒有特殊的規則，所以如果俄羅斯要做侵略性行為。

it could do it in cyberspace.

它可以在網絡空間進行。

What is potentially even more concerning is there is a lot of noisy activity in cyberspace

有可能更令人擔憂的是，在網絡空間有很多嘈雜的活動

at the moment between Russia and Ukraine, but the way the network world works means

目前在俄羅斯和烏克蘭之間，但網絡世界的運作方式意味著

you cannot cauterize that activity necessarily between Russia and Ukraine.

你不能燒燬俄羅斯和烏克蘭之間的這種活動。

Physical attacks, just by nature, can be contained a bit.

物理攻擊，就其性質而言，可以被遏制一下。

You know where you're attacking, you can control it to a certain degree.

你知道你在哪裡進攻，你可以在一定程度上控制它。

Unfortunately, that's not the case when it comes to cyberattacks.

不幸的是，當涉及到網絡攻擊時，情況並非如此。

As a result, authorities are now calling for greater efforts to help prevent —

or at least prepare for — potential cyberattacks.

或至少準備好--潛在的網絡攻擊。

That includes encouraging governments and businesses to work more closely together

這包括鼓勵政府和企業更緊密地合作

to understand their cybersecurity vulnerabilities.

以瞭解他們的網絡安全漏洞。

One part of it is ensuring the resilience of government establishments.

其中一個部分是確保政府機構的復原力。

I think the other and more important priority also is to ensure

我認為另一個更重要的優先事項也是為了確保

how are they supporting the private sector in this endeavor.

他們是如何支持私營部門的這一努力的。

Public-private cooperation is the key to all this.

公私合作是這一切的關鍵。

In response to rising Russian cyber risks, the U.S. passed a new law in March 2022

為了應對不斷上升的俄羅斯網絡風險，美國在2022年3月通過了一項新法律

requiring owners and operators of critical infrastructure

要求關鍵基礎設施的所有者和經營者

to report cyber incidents within 72 hours and ransomware payments within 24 hours.

在72小時內報告網絡事件，在24小時內報告勒索軟件的支付。

A year earlier, Russia-based cybercriminals targeted the U.S.'s largest fuel pipeline.

一年前，以俄羅斯為基地的網絡犯罪分子瞄準了美國最大的燃料管道。

The Colonial Pipeline ransomware attack resulted in widespread energy shortages

殖民地管道勒索軟件攻擊導致廣泛的能源短缺

and a regional state of emergency.

和地區緊急狀態。

President Joe Biden said in a statement, “Russia could conduct malicious cyber activity

美國總統喬-拜登在一份聲明中說，"俄羅斯可能進行惡意的網絡活動

against the United States, including as a response

針對美國，包括作為迴應

to the unprecedented economic costs we've imposed...”

到我們所施加的前所未有的經濟成本......"

At the same time, authorities are trying to determine the legal boundaries of cyberspace.

同時，當局正在努力確定網絡空間的法律邊界。

In 2021, President Biden gave President Putin a list of 16 critical sectors

2021年，拜登總統給了普京總統一份16個關鍵部門的清單

he said should be “off limits” to cyberattacks.

他說，應該是網絡攻擊的 "禁區"。

Those included telecommunications, food, energy and healthcare.

其中包括電信、食品、能源和醫療保健。

It follows continued calls from Western policymakers to establish

此前，西方政策制定者不斷呼籲建立

some form of global cyber treaty outlining the red lines for cyberwarfare.

某種形式的全球網絡條約概述了網絡戰的紅線。

Similar to the Geneva Convention, it could, for example, draw virtual no-fly zones around hospitals,

與《日內瓦公約》類似，它可以，例如，在醫院周圍劃出虛擬禁飛區。

making any life-threatening attack on medical facilities a war crime.

使任何威脅到生命的對醫療設施的攻擊都成為戰爭罪。

The jury is out on how much buy-in such an agreement would get

這樣的協議能得到多少人的支持，目前還沒有定論。

in a world currently so at odds.

在一個目前如此不和諧的世界中。

I'd be cautious about thinking there's some grand treaty coming

如果認為有什麼宏偉的條約即將到來，我會很謹慎。

that's going to take care of this problem.

這將會解決這個問題。

In actual fact, what I think is more likely at the moment is that thanks to the rise

事實上，我認為目前更有可能的是，由於在中國的崛起

of China and its technological base, the technological world is splitting into two techno spheres,

在中國及其技術基礎上，技術世界正在分裂成兩個技術領域。

one led by the United States and its allies, and one led by China.

一個由美國及其盟友上司，一個由中國上司。

And if that trend continues, as it looks likely to, I think what you might find is a set of

如果這種趨勢繼續下去，因為它看起來很可能，我認為你可能會發現一組

sort of rules and standards in the U.S.-led model and a different set of standards

美國主導的模式中的規則和標準，以及一套不同的標準。

in the China model, and then a bunch of competition for influence afterward.

在中國模式下，之後又有一堆的影響力競爭。

Still, there are some limitations to cyberspace which experts say offer hope that a cyber conflict,

不過，網絡空間還是有一些限制，專家們說，這為網絡衝突提供了希望。

if it were to occur, might not be as catastrophic as once feared.

如果發生的話，可能不會像曾經擔心的那樣是災難性的。

We do have to understand that this problem, it is about computer code.

我們確實必須明白，這個問題，是關於計算機代碼的。

There's serious harm you can do with it, but it's pretty hard, actually,

有嚴重的危害，你可以用它來做，但其實是很難的。

to blow up the world via computer code.

以通過計算機代碼炸燬世界。

There are technical limitations, there are scientific limitations on what can be done.

有技術上的限制，有科學上的限制，可以做什麼。

We have a chance to improve the security of technology.

我們有機會提高技術的安全性。

We can see what's coming, we have that discussion, we can get ahead of it

我們可以看到即將發生的事情，我們有這樣的討論，我們可以走在它的前面。

so we can have a safer digital environment in 10 years' time than we have now.

所以我們可以在10年後擁有一個比現在更安全的數字環境。