【TED】Mikko Hypponen:打擊病毒，保衛網絡（Mikko Hypponen：打擊病毒，保衛網絡）。 (【TED】Mikko Hypponen: Fighting viruses, defending the net (Mikko Hypponen: Fighting viruses, defending the net))

字幕列表影片播放

I love the Internet.

我愛網路。
It's true.

這是實在話。
Think about everything it has brought us.

想想看它所帶給我們的一切。
Think about all the services we use,

想想我們所使用的所有服務，
all the connectivity,

所有的網絡連結與通訊，
all the entertainment,

一切的娛樂，
all the business, all the commerce.

全部的商業與經濟活動，
And it's happening during our lifetimes.

而它就在我們這一代發生了。
I'm pretty sure that one day

我非常肯定將來有一天
we'll be writing history books

我們在撰寫歷史典籍時，
hundreds of years from now. This time

也許等到距今數百年之後，
our generation will be remembered

這一次，我們這一個世代的人類將會永傳千古，
as the generation that got online,

因為這是一個開始使用網際網路的年代，
the generation

我們這一代，
that built something really and truly global.

建構出貨真價實，具體可見的全球化。
But yes, it's also true

然而，我承認，
that the Internet has problems, very serious problems,

網際網路本身是有問題的，而且是非常嚴重的難題。
problems with security

就是網路的安全性令人堪憂，
and problems with privacy.

還有網路上的隱私疑慮。
I've spent my career

我竭盡個人之所能
fighting these problems.

尋找出這些困境。
So let me show you something.

所以且容我向各位展示一些成果。
This here

在這裡，
is Brain.

就是電腦病毒始祖「大腦」（Brain）
This is a floppy disk

這是一片電腦磁碟片。
-- five and a quarter-inch floppy disk

5¼ 英吋的古早磁碟片
infected by Brain.A.

受到「大腦A」病毒的感染。
It's the first virus we ever found

對於個人電腦而言
for PC computers.

這是有史以來第一個病毒。
And we actually know

而我們的確也知道
where Brain came from.

「大腦」源自於何處。
We know because it says so

我們之所以知道，是因為
inside the code.

在病毒碼裡頭有註明出處。
Let's take a look.

現在讓我們瞧瞧。
All right.

出來了。
That's the boot sector of an infected floppy,

那裡是遭到病毒感染的啟動磁區。
and if we take a closer look inside,

倘若我們深入內部去看，
we'll see that right there,

就在那裡，我們會發現，
it says, "Welcome to the dungeon."

它說：「歡迎光臨18層地獄。」
And then it continues,

接著它說：
saying, 1986, Basit and Amjad.

「於1986年製造，製造者：Basit 和 Amjad。」
And Basit and Amjad are first names,

Basit 和 Amjad 是名字，
Pakistani first names.

巴基斯坦人的名字。
In fact, there's a phone number and an address in Pakistan.

其實，這裡有附一支巴基斯坦的電話號碼和住址。
(Laughter)

（笑聲）
Now, 1986.

曾經，1986年。
Now it's 2011.

如今，已2011年了。
That's 25 years ago.

整整25年之久。
The PC virus problem is 25 years old now.

個人電腦遭受病毒感染的問題已經存在了25年之久。
So half a year ago,

所以半年前，我決定
I decided to go to Pakistan myself.

自己親身實地到巴基斯坦走一趟。
So let's see, here's a couple of photos I took while I was in Pakistan.

來欣賞一下幾張在當地所拍攝的照片。
This is from the city of Lahore,

這是拉合爾城（Lahore，巴國第二大城）
which is around 300 kilometers south

距離阿伯塔巴德南方300公里，
from Abbottabad, where Bin Laden was caught.

阿伯塔巴德就是賓拉登被狙殺的地點。
Here's a typical street view.

這張是典型當地的街道。
And here's the street or road leading to this building,

沿著這裡的這條路，可以直達那座建築物。
which is 730 Nizam block at Allama Iqbal Town.

地址是阿拉馬伊克巴爾鎮，尼扎姆區，730號。
And I knocked on the door.

我跑去敲敲門。
(Laughter)

（笑聲）
You want to guess who opened the door?

猜猜應門的人是誰？
Basit and Amjad; they are still there.

居然是Basit 和 Amjad，他們還住在25年前的地方！
(Laughter)

（笑聲）
(Applause)

（掌聲）
So here standing up is Basit.

站著的這位就是Basit。
Sitting down is his brother Amjad.

而坐著的是他的兄弟Amjad。
These are the guys who wrote the first PC virus.

這兩位就是寫出個人電腦病毒始祖的老兄。
Now of course, we had a very interesting discussion.

想當然爾，我們聊得很愉快。
I asked them why.

我問他們原因。
I asked them how they feel about what they started.

還有他們對於無意間所造成日後病毒肆虐的感想。
And I got some sort of satisfaction

結果我得到了某種莫名的滿足感，
from learning that both Basit and Amjad

因為得知這兩位仁兄
had had their computers infected dozens of times

這麼多年來，他們自己的電腦
by completely unrelated other viruses

也一直頻頻中毒，而且是其它人
over these years.

所寫的新病毒。
So there is some sort of justice

正義終於以某種不知名的形式
in the world after all.

在這個世界得以伸張。
Now, the viruses that we used to see

對於現在的我們來說，
in the 1980s and 1990s

在1980年代至1990年代間習以為常的病毒
obviously are not a problem any more.

顯然是小巫見大巫，無關痛癢了。
So let me just show you a couple of examples

且容我向各位舉幾個例子說明
of what they used to look like.

它們以前長這付模樣。
What I'm running here

就是我現在正在寫下的這串文字。
is a system that enables me

這是一種使我能夠
to run age-old programs on a modern computer.

在新電腦上跑古董程式的作業系統。
So let me just mount some drives. Go over there.

讓我開啟一些硬碟。
What we have here is a list of old viruses.

在此所列的是舊款病毒的清單。
So let me just run some viruses on my computer.

在我的電腦上跑跑看一些病毒。
For example,

例如這個，
let's go with the Centipede virus first.

先從「蜈蚣病毒」著手吧。
And you can see at the top of the screen,

如果你中了這種病毒的話，
there's a centipede scrolling across your computer

你會在螢幕上方看到，
when you get infected by this one.

有一條蜈蚣爬過你的電腦。
You know that you're infected

你知道你的電腦中毒了，
because it actually shows up.

因為它清楚顯示在你眼前。
Here's another one. This is the virus called Crash,

這裡有另一種病毒，它叫作「墜毀」，
invented in Russia in 1992.

1992年由俄國人寫的。
Let me show you one which actually makes some sound.

讓我秀給各位看一個會製造聲音的病毒。
(Siren noise)

（救護車警鈴聲）
And the last example,

還有最後一個病毒，
guess what the Walker virus does?

猜猜看「路人病毒」會耍甚麼把戲？
Yes, there's a guy walking across your screen

一旦中了毒的話，沒錯，有個人就會在
once you get infected.

你電腦螢幕上逛大街呢。
So it used to be fairly easy to know

所以，以往，
that you're infected by a virus,

中毒與否顯而易見。
when the viruses were written by hobbyists

寫這些病毒的怪咖、青少年
and teenagers.

只是為了好玩。
Today, they are no longer being written

今非昔比，現在寫病毒的人
by hobbyists and teenagers.

不再是單純的怪咖和青少年了。
Today, viruses are a global problem.

今天，病毒儼然已成為全球的問題。
What we have here in the background

在我們背後的螢幕上，
is an example of our systems that we run in our labs,

是在我們的實驗室裡所研發的系統之一
where we track virus infections worldwide.

藉此我們追蹤全球各地病毒感染的狀況。
So we can actually see in real time

我們可以在第一時間看到
that we've just blocked viruses in Sweden and Taiwan

我們不久前才阻絕了在瑞典，台灣，
and Russia and elsewhere.

和俄國以及遍佈全球的病毒。
In fact, if I just connect back to our lab systems

事實上，假如我經由網路連線到
through the Web,

我們實驗室的系統，
we can see in real time

我們便可以立即看到
just some kind of idea of how many viruses,

每天有多少種的病毒，
how many new examples of malware we find every single day.

有多少新的惡意程式被我們發現到。
Here's the latest virus we've found,

這是我們目前所發現最新的病毒，
in a file called Server.exe.

藏在一個稱為「服務」的執行檔裡。
And we found it right over here three seconds ago --

三秒鐘前我們逮到了它--
the previous one, six seconds ago.

再之前的病毒，是六秒鐘前找到的。
And if we just scroll around,

如果我們往下看，
it's just massive.

數量大得嚇人。
We find tens of thousands, even hundreds of thousands.

我們發現了成千上萬的病毒。
And that's the last 20 minutes of malware

這些只是每一天，在20分鐘裡
every single day.

所發現的惡意程式。
So where are all these coming from then?

那麼這些病毒從何而來？
Well today, it's the organized criminal gangs

嗯，目前都是犯罪幫派集團在
writing these viruses

設計撰寫這些病毒，
because they make money with their viruses.

因為他們可以由此獲利。
It's gangs like --

這些幫派組織就像是--
let's go to GangstaBucks.com.

讓我們造訪一下GangstaBucks.com這個網站，
This is a website operating in Moscow

這個網站在莫斯科管理運作，
where these guys are buying infected computers.

這些人買賣中毒的電腦。
So if you are a virus writer

假設你會寫病毒程式，
and you're capable of infecting Windows computers,

而且能讓微軟作業系統的電腦中毒，
but you don't know what to do with them,

但不知道該拿那些中毒的電腦怎麼辦，
you can sell those infected computers --

你可以賣掉它們--
somebody else's computers -- to these guys.

把別人的電腦賣給架設這個網站的人。
And they'll actually pay you money for those computers.

他們也真的會付錢給你。
So how do these guys then monetize

那麼這些人又如何以
those infected computers?

中毒的電腦獲利？
Well there's multiple different ways,

嗯，賺錢的方式多的是，
such as banking trojans, which will steal money from your online banking accounts

像是銀行木馬，當你使用網路銀行時，就可以
when you do online banking,

從你的網路銀行帳戶偷錢，
or keyloggers.

或植入按鍵記錄程式。
Keyloggers silently sit on your computer, hidden from view,

按鍵記錄程式靜悄悄地躲在電腦裡，你根本無從得知，
and they record everything you type.

它紀錄你所按下的每個鍵。
So you're sitting on your computer and you're doing Google searches.

所以當你坐在電腦前用Google搜尋時，
Every single Google search you type

你在鍵盤上輸入的每一筆搜尋
is saved and sent to the criminals.

都會被儲存並寄給駭客。
Every single email you write is saved and sent to the criminals.

你寫的每封電子郵件也會被儲存並寄給駭客。
Same thing with every single password and so on.

每當你輸入密碼時，同樣的事情一而再，再而三的發生。
But the thing that they're actually looking for most

但是他們最想知道的事情是
are sessions where you go online

你上網的時段，
and do online purchases in any online store.

在哪間線上商店購物。
Because when you do purchases in online stores,

因為當你在網路購物時，
you will be typing in your name, the delivery address,

你會輸入姓名、配送地址、
your credit card number and the credit card security codes.

信用卡號和信用卡的安全碼。
And here's an example of a file

這是一個例子，
we found from a server a couple of weeks ago.

幾週前從一個伺服器上發現的。
That's the credit card number,

這是信用卡卡號，
that's the expiration date, that's the security code,

卡片有效期限，和安全碼，
and that's the name of the owner of the card.

還有持卡人姓名。
Once you gain access to other people's credit card information,

一旦取得他人的信用卡資訊，
you can just go online and buy whatever you want

掌握了這些資訊，你就可以上網買東西，
with this information.

愛買什麼就買什麼。
And that, obviously, is a problem.

這，顯然是個大問題。
We now have a whole underground marketplace

現在，非法地下經濟活動，
and business ecosystem

和網路商務系統，
built around online crime.

全被網路犯罪所宰制。
One example of how these guys

來看一個利用種種網路犯罪手法
actually are capable of monetizing their operations:

成功偷到錢的例子。
we go and have a look at the pages of INTERPOL

我們來看看INTERPOL的網頁，
and search for wanted persons.

搜尋一些通緝要犯。
We find guys like Bjorn Sundin, originally from Sweden,

可以發現像是從瑞典來的Bjorn Sundin，
and his partner in crime,

和他的犯案同夥，
also listed on the INTERPOL wanted pages,

都在INTERPOL網頁中榜上有名，
Mr. Shaileshkumar Jain,

Shaileshkumar Jain先生
a U.S. citizen.

是美國公民。
These guys were running an operation called I.M.U.,

這批人以前的手法是操作 I.M.U.，
a cybercrime operation through which they netted millions.

一種網路犯罪手法，他們從網路上非法取得好幾百萬元。
They are both right now on the run.

他們現在都在跑路。
Nobody knows where they are.

跑的無影無蹤。
U.S. officials, just a couple of weeks ago,

就在幾週前，美國警方
froze a Swiss bank account

凍結在瑞士，Jain先生名下的
belonging to Mr. Jain,

一個銀行帳戶，
and that bank account had 14.9 million U.S. dollars on it.

戶頭裡有高達1,490萬美元的存款。
So the amount of money online crime generates

由此可知網路犯罪所竊取的金錢
is significant.

數量之龐大，非常驚人。
And that means that the online criminals

這也意謂著，網路犯罪駭客
can actually afford to invest into their attacks.

其實負擔得起研發這些病毒的開銷。
We know that online criminals

據我們所知，網路犯罪駭客
are hiring programmers, hiring testing people,

聘請程式設計師，和測試人員，
testing their code,

去測試他們程式碼，
having back-end systems with SQL databases.

並建立支援SQL資料庫查詢語法的後端管理系統。
And they can afford to watch how we work --

而且他們負擔得起監視我們--
like how security people work --

好比警衛、保全如何運作--
and try to work their way around

然後試圖繞過任何
any security precautions we can build.

我們所建立的防毒保護系統。
They also use the global nature of Internet

同樣地，他們也運用網路的全球性
to their advantage.

建立優勢。
I mean, the Internet is international.

我的意思是網路是無國界的。
That's why we call it the Internet.

這也正是我們以此命名的原因。
And if you just go and take a look

如果各位去看一看
at what's happening in the online world,

網路世界正在發生什麼事，
here's a video built by Clarified Networks,

這是Clarified Networks製作的影片，
which illustrates how one single malware family is able to move around the world.

描述一個惡意網站如何隨時在世界各地轉換落腳處。
This operation, believed to be originally from Estonia,

據信該網站源自於愛沙尼亞，
moves around from one country to another

就在有人試圖關閉這個網站時，
as soon as the website is tried to shut down.

它立刻從一個國家轉到另一個國家，
So you just can't shut these guys down.

根本關不掉這個網站。
They will switch from one country to another,

他們會從一個國家鑽到另一個國家，
from one jurisdiction to another --

由這個管轄區鑽到另一個管轄區，
moving around the world,

在全世界流竄，
using the fact that we don't have the capability

利用我們的弱點--
to globally police operations like this.

無法組織世界警察機構的憾事。
So the Internet is as if

所以網路就好比
someone would have given free plane tickets

贈送免費機票，
to all the online criminals of the world.

給全世界的網路罪犯。
Now, criminals who weren't capable of reaching us before

這些罪犯以往無法追蹤到我們，
can reach us.

現在卻可以了。
So how do you actually go around finding online criminals?

所以該如逮到這些網路罪犯呢？
How do you actually track them down?

該如何追蹤他們？
Let me give you an example.

舉個例子。
What we have here is one exploit file.

這是一個木馬程式。
Here, I'm looking at the Hex dump of an image file,

我眼前的是十六進位的圖檔，
which contains an exploit.

裡頭藏了一個木馬。
And that basically means, if you're trying to view this image file on your Windows computer,

基本上，這意謂著，如果你在微軟系統電腦上瀏覽該圖檔，
it actually takes over your computer and runs code.

那麼木馬會掌控電腦，執行病毒。
Now, if you'll take a look at this image file --

現在，如果請各位看看這個圖檔--
well there's the image header,

這裡有個影像的標頭，
and there the actual code of the attack starts.

這就是攻擊電腦的病毒碼源頭。
And that code has been encrypted,

病毒碼已事先加密保護。
so let's decrypt it.

好，我們來解密。
It has been encrypted with XOR function 97.

這是由XOR執行97加密保護的。
You just have to believe me,

你必須相信我，
it is, it is.

它真的是，真的。
And we can go here

我們到這裡，
and actually start decrypting it.

開始解密。
Well the yellow part of the code is now decrypted.

嗯，黃色部份的碼目前已解完了。
And I know, it doesn't really look much different from the original.

我知道，已解碼處的確和原來看似相去不遠。
But just keep staring at it.

不過，只要持續盯著看。
You'll actually see that down here

各位就可以看到在下方，
you can see a Web address:

有一個網址：
unionseek.com/d/ioo.exe

unionc.com/d/ioo.exe。
And when you view this image on your computer

當你在電腦上瀏覽該圖片時，
it actually is going to download and run that program.

執行檔就會開始下載並且操作。
And that's a backdoor which will take over your computer.

那就是控制你的電腦的後門。
But even more interestingly,

但是更引人入勝的是，
if we continue decrypting,

假如我們繼續解密，
we'll find this mysterious string,

會找到這條隱密的線索，
which says O600KO78RUS.

O600KO78RUS。
That code is there underneath the encryption

那組碼就藏匿於加密下，
as some sort of a signature.

類似某種簽名檔。
It's not used for anything.

沒有任何功能。
And I was looking at that, trying to figure out what it means.

我看著簽名檔，試著解開謎底。
So obviously I Googled for it.

當然我上Google搜尋。
I got zero hits; wasn't there.

零; 毫無任何結果。
So I spoke with the guys at the lab.

所以我和實驗室的人討論。
And we have a couple of Russian guys in our labs,

有幾個人是從俄國來的，
and one of them mentioned,

其中一個提到，
well, it ends in RUS like Russia.

嗯，它結尾的rus和俄國前三個字母相同。
And 78 is the city code

78是聖彼得堡的
for the city of St. Petersburg.

城市代碼。
For example, you can find it from some phone numbers

可以從電話號碼或汽車牌照
and car license plates and stuff like that.

之類的東西找到。
So I went looking for contacts in St. Petersburg,

所以我開始找和聖彼得堡的關聯性。
and through a long road,

經過漫長的搜尋，
we eventually found this one particular website.

終於有所獲展，鎖定了這個網站。
Here's this Russian guy who's been operating online for a number of years

某個俄國人經營多年
who runs his own website,

這個屬於他自己的網站，
and he runs a blog under the popular Live Journal.

他也寫一個Live期刊網站上，頗受歡迎的的部落格。
And on this blog, he blogs about his life,

在部落格裡，有他生活的紀錄，
about his life in St. Petersburg --

在聖彼得堡的點點滴滴--
he's in his early 20s --

他正值20出頭--
about his cat,

寫他的貓咪，
about his girlfriend.

寫他的女友。
And he drives a very nice car.

還有寫他開的頂級轎車。
In fact, this guy drives

事實上，他開的是
a Mercedes-Benz S600

賓士S600
V12

V12
with a six-liter engine

配備六加侖
with more than 400 horsepower.

超過400馬力的引擎。
Now that's a nice car for a 20-something year-old kid in St. Petersburg.

對於一個住在聖彼得堡，20出頭的年輕小夥子，這的確是台好車。
How do I know about this car?

我從何得知這部車的資訊呢？
Because he blogged about the car.

因為他寫在網誌裡。
He actually had a car accident.

他出過一次車禍，
In downtown St. Petersburg,

在聖彼得堡市中心，
he actually crashed his car into another car.

他的車撞上另一輛車。
And he put blogged images about the car accident --

而且他還上傳車禍的照片--
that's his Mercedes --

這就是他撞壞的賓士--
right here is the Lada Samara he crashed into.

這就是被撞的拉達車（Lada Samara，前蘇聯國營車廠）。
And you can actually see that the license plate of the Samara

你可以看到 Samara的車牌號碼，
ends in 78RUS.

結尾是78RUS。
And if you actually take a look at the scene picture,

如果睜大眼睛仔細看這張照片，
you can see that the plate of the Mercedes

可以找到賓士的車牌號碼
is O600KO78RUS.

就是O600KO78RUS。
Now I'm not a lawyer,

我不是律師，
but if I would be,

但假如我是，
this is where I would say, "I rest my case."

我就會說：「案子可以結了。」
(Laughter)

（笑聲）
So what happens when online criminals are caught?

所以要是網路罪犯被抓到了呢？
Well in most cases it never gets this far.

嗯，大部分案子從沒這種圓滿的結局。
The vast majority of the online crime cases,

絕大多數的網路犯罪案件中，
we don't even know which continent the attacks are coming from.

我們甚至不清楚攻擊來自於哪洲。
And even if we are able to find online criminals,

就算我們找到網路罪犯，
quite often there is no outcome.

通常很有可能是毫無所獲，
The local police don't act, or if they do, there's not enough evidence,

當地警方不會採取行動，即便行動了，也沒有足夠證據，
or for some reason we can't take them down.

或因為某些因素無法逮捕他們。
I wish it would be easier;

我希望事情可以簡單點;
unfortunately it isn't.

不幸的是，事與願違。
But things are also changing

但事情正在
at a very rapid pace.

快速的改變。
You've all heard about things like Stuxnet.

各位都聽過Stuxnet的事。
So if you look at what Stuxnet did

如果你看看Stuxnet所做的
is that it infected these.

就是使這些遭受病毒感染。
That's a Siemens S7-400 PLC,

那是西門子的S7 400PLC,
programmable logic [controller].

可程式化的邏輯運算電腦。
And this is what runs our infrastructure.

使基礎建設得以運轉的電腦。
This is what runs everything around us.

我們身邊所有配備都需要它。
PLC's, these small boxes which have no display,

這些PLC's只有小巧的盒子，毋需顯示器，
no keyboard,

也不用鍵盤，
which are programmed, are put in place, and they do their job.

設定好程式，就定位，各司其職。
For example, the elevators in this building

例如，這棟建築物的電梯，
most likely are controlled by one of these.

很有可能由PLC所控制。
And when Stuxnet infects one of these,

當Stunet使其中之一中毒，
that's a massive revolution

會出大亂的，
on the kinds of risks we have to worry about.

我們得擔心這一類的危險。
Because everything around us is being run by these.

因為生活裡充滿了PLC控制的東西。
I mean, we have critical infrastructure.

尤其是重要的基礎建設。
You go to any factory, any power plant,

任何一座工廠、電廠、
any chemical plant, any food processing plant,

化學工廠、食物處理廠，
you look around --

映入眼簾的--
everything is being run by computers.

一切都由電腦所控制。
Everything is being run by computers.

全部都是電腦化。
Everything is reliant on these computers working.

一切都仰賴電腦。
We have become very reliant

我們變得非常
on Internet,

依靠網路，
on basic things like electricity, obviously,

基本的事情，像是電力，
on computers working.

還有電腦運算。
And this really is something

代誌真的很大條了，
which creates completely new problems for us.

新的問題產生了。
We must have some way

萬一有一天，電腦再也不行了，
of continuing to work

我們要有因應之道
even if computers fail.

才能永續經營。
(Laughter)

(笑聲)
(Applause)

（掌聲）
So preparedness means that we can do stuff

所以我們要未雨綢繆，以因應
even when the things we take for granted

我們視為理所當然的事物
aren't there.

萬一停擺了。
It's actually very basic stuff --

這是非常基本的想法--
thinking about continuity, thinking about backups,

思考永續經營、思考退路與備案、
thinking about the things that actually matter.

思考關於真正重要的事情。
Now I told you --

現在，我跟各位說--
(Laughter)

（笑聲）
I love the Internet. I do.

我真的愛網路。真的。
Think about all the services we have online.

想想看網路上的所有服務。
Think about if they are taken away from you,

想想看萬一有天它們不存在了，
if one day you don't actually have them

因為某些因素，
for some reason or another.

哪天就再也不能使用了。
I see beauty in the future of the Internet,

我可以預見網路的未來之美，
but I'm worried

但是我也擔憂
that we might not see that.

我們可能看不到。
I'm worried that we are running into problems

我憂心的是我們將會遇到
because of online crime.

網路犯罪的問題。
Online crime is the one thing

網路犯罪是有可能
that might take these things away from us.

把這一切從我們身邊奪走。
(Laughter)

（笑聲）
I've spent my life

我窮盡一生精力
defending the Net,

去捍衛網路安全。
and I do feel that if we don't fight online crime,

我的確感到，假如我們不打擊網路犯罪，
we are running a risk of losing it all.

有極大的風險會全盤盡失。
We have to do this globally,

我們必須以全球化的方式，
and we have to do it right now.

從這一刻起，打擊網路犯罪。
What we need

我們需要確實執行
is more global, international law enforcement work

更全球化、跨國的法律
to find online criminal gangs --

以揪出網路罪犯的幫派--
these organized gangs

這些藉由病毒攻擊
that are making millions out of their attacks.

獲利數百萬美元集團化的幫派。
That's much more important

相較於防毒軟體或防火牆，
than running anti-viruses or running firewalls.

這才是治本之道。
What actually matters

重要的是如何直搗
is actually finding the people behind these attacks,

發動病毒攻擊的藏鏡人的巢穴。
and even more importantly,

還有更重要的是，
we have to find the people

我們得找出這群
who are about to become

潛在的未來
part of this online world of crime,

網路犯罪份子。
but haven't yet done it.

革命尚未成功，同志仍需努力。
We have to find the people with the skills,

我們得找出具備網路犯罪能力，
but without the opportunities

但還沒犯案的人，
and give them the opportunities

給他們機會
to use their skills for good.

造福網路社群。
Thank you very much.

非常感謝各位。
(Applause)

（掌聲）