Placeholder Image

字幕列表 影片播放

已審核 字幕已審核
  • Estonia suffered a massive cyberattack more than 10 years ago.

    逾十年前,愛沙尼亞經歷了一場嚴重的網路攻擊

  • The event was a defining moment for the country and the world's approach toward cybersecurity.

    這件事決定了該國與全世界對於網路安全的態度

  • And it all started with this statue.

    一切從這尊雕像開始說起

  • From the WannaCry ransomware attack to election meddling,

    從 WannaCry 勒索軟體到選舉干涉

  • cyberattacks are becoming increasingly common, and costly, around the world.

    全世界的網路攻擊越來越普遍、破壞力越來越強

  • Global spending on information security products and services is expected to reach $124 billion in 2019.

    全球花在資安相關產品的支出,預期在 2019 年前達到 1240 億

  • But that hasn't been enough to stop cyberattacks from becoming one of the global economy's biggest threats.

    然而,這仍無法阻止網路攻擊成為全球經濟最大的威脅之一

  • So how can governments keep hackers out?

    所以,政府到底要怎麼防止駭客?

  • The short answer is they can't. But that doesn't mean they're not trying.

    簡單來說:駭客無法擋,但這不代表政府沒在努力

  • One of the leaders in this space has been the tiny Baltic country of Estonia,

    位於波羅的海的一個小國家:愛沙尼亞,是這個領域的領導者之一

  • which gained independence from the Soviet Union in 1991.

    愛沙尼亞於 1991 年從蘇聯中獨立

  • For years, this Bronze Statue stood in the center of Tallinn as a Soviet War memorial.

    這尊紀念蘇聯戰爭的銅像在塔林的市中心佇立多年

  • Then in 2007, the Estonian government decided to move it here to a less prominent location.

    2007 年時,愛沙尼亞政府決定將銅像移到較不顯眼之處

  • The move sparked protests and riots from Estonia's ethnic Russian population that wanted the statue to stay in place.

    此舉引起俄裔愛沙尼亞人的抗議與暴動,他們不希望遷移銅像

  • Then, within days, Estonian institutions were crippled by a series of cyberattacks.

    幾天內,一連串的網路攻擊癱瘓了愛沙尼亞的政府機關:

  • Parliament, government ministries, banks and newspapers went offline.

    國會、政府部門、銀行,新聞網站都下線了

  • And though it hasn't ever been confirmed, it's widely believed that Russia was behind the attacks.

    即使未經證實,但普遍認為俄國是幕後兇手

  • The 2007 attack on Estonia has been called the first cyberwar, which is defined as: "the use of computer technology to disrupt the activities of a state or organization".

    2007 年這場針對愛沙尼亞的攻擊,被稱做第一場網路戰爭,定義為「使用電腦科技以干擾政府或機構的活動」

  • The cyberattack was a wake-up call for Estonia,

    這場網路攻擊喚醒了愛沙尼亞

  • which at the time was already one of the world's most advanced digital societies.

    在當時成為了世上最先進的數位社群之一

  • The country decided it needed to take steps to protect data online and prevent future cyberattacks.

    該國認為採取行動保護網路資料,與預防未來的網路攻擊,是必要的

  • But how?

    但確切該如何執行?

  • The first step was building a strategy that would allow the government to keep systems up and running during a cyberattack.

    第一步,建立一套策略:讓政府系統在遭受網路攻擊的同時,可以繼續運作

  • IT experts in the public and private sectors worked together

    檯面上與私下的資訊科技專家協力合作

  • to make systems more resilient against hackers.

    讓系統對抗駭客的能力提升

  • One part of Estonia's strategy is a voluntary Cyber Defence League made up of hundreds of civilians,

    愛沙尼亞策略的一部份,就是成立一個志願性的網路防禦聯盟,成員是上百個平民百姓

  • including IT professionals and young people who would mobilize during an attack.

    包含資訊科技專家,以及不受攻擊牽制的年輕人

  • Estonia also decided to store copies of its information in a data embassy in Luxembourg,

    同時,愛沙尼亞決定將備份的資訊存在位於盧森堡的資料大使館

  • as a backup in case there was a cyberattack on home soil.

    以防國土遭受網路攻擊

  • Which brings us to another key deterrent for cyber threats, international cooperation.

    這也提醒了我們下一個防止網路威脅的關鍵:國際合作

  • NATO, the military alliance between North American and European countries, was a good place to start.

    北美與歐洲之間的軍事同盟:北大西洋公約組織 (NATO),是很好的下手點

  • In 2008, the 'NATO Cooperative Cyber Defence Centre of Excellence' opened here in Tallinn.

    2008 年時,北大西洋公約組織之網路共同防禦卓越中心,成立於塔林

  • Its goal?

    其目標?

  • To enhance NATO's cyber defense capabilities.

    為了增強北大西洋公約組織的網路防禦能力

  • The center conducts large-scale cyber defense drills, sort of like digital military training,

    此中心提供大規模網路防禦之訓練指導,有點類似數位軍事訓練

  • though it's not technically a NATO operational unit.

    即便這不算是北大西洋公約組織的營運組織

  • It also put together a guide called the Tallinn Manual, which analyzes how to apply existing international law to cyber operations.

    它也整理了一份叫做塔林手冊的入門簡介,分析如何讓現存的國際法適用於網路活動

  • In 2016, NATO allies agreed that a cyberattack on a member country

    2016 年時,北大西洋公約組織的同盟國認為針對成員國的網路攻擊

  • could trigger the same military response as an attack in the air, on land or at sea.

    有可能會觸發與空襲、陸地攻擊,或是海上的突擊一樣的軍事反應

  • EU-wide regulation has also upped the penalties against data breaches.

    歐盟國家規範加重侵害資料的刑罰

  • The General Data Protection Regulation, or GDPR, that went into effect in 2018,

    一般資料保護規範 (GDPR) 於 2018 年生效

  • (It) gave EU regulators the power to fine companies that don't protect user data.

    賦予歐盟監管機構權力,得以對不保護用戶資料的公司處以罰鍰

  • And, unlike in the past, the fines can be massive.

    與過去不同的是,現在的罰鍰金額可能非常驚人

  • up to 4% of global annual turnover or €20 million, whichever is bigger.

    不是全球年營收的 4%,就是 2000 萬歐元,取決於大的金額

  • Still, many countries have not taken steps to prepare for cyber threats.

    許多國家仍尚未採許抵擋網路攻擊的準備

  • The United Nations found half of its member states don't have a cybersecurity strategy in place.

    聯合國發現一半成員國的網路安全策略還未就定位

  • The UN ranks Estonia as the European country most committed to cybersecurity.

    聯合國將愛沙尼亞列為最投入網路安全的歐洲國家

  • And fifth worldwide after Singapore, the United States, Malaysia and Oman.

    也是全球的第五名,僅次於新加坡、美國、馬來西亞與阿曼

  • But even Estonia isn't hacker-proof.

    但即使愛沙尼亞並非完全不受駭客影響

  • Authorities still responded to more than 10,000 cybersecurity incidents in 2017,

    官方仍在 2017 年處理了超過一萬件網路安全事件

  • one third more than the year before.

    比前年多了三分之一

  • Which brings us to one final big step in preventing a cyberattack, getting the public on board.

    這帶領我們向網路攻擊的預防更進最後的一大步,也就是將大眾劃為防禦陣線的一員

  • This can be as simple as using two-factor authentication or changing your password from, well, “password.”

    方法可以很簡單,像是使用多重要素驗證,或把易於破解的密碼改掉

  • Research found only one out of every four internet users in Europe

    研究發現,在歐洲只有四分之一的網路使用者

  • changes his or her password regularly because of security and privacy issues.

    會考量安全與隱私問題,而定期更改密碼

  • In Estonia, it took an unprecedented cyberattack for the country to become a leader in online security.

    在愛沙尼亞發生前所未有的網路攻擊後,該國才躍身為網路安全的龍頭

  • Other countries might want to take a note as the threats of cyberattacks only become bigger and more complex.

    其他國家可能要記下這點了:網路攻擊的威脅性只會越來越嚴重、複雜

  • Hey everyone, Elizabeth here. Thanks so much for watching our video.

    嗨大家好!我是伊莉莎白。謝謝收看我們的影片!

  • Be sure to check out all of our other CNBC Explains over here.

    記得點選這裡,看看其他 CNBC Explains 系列影片

  • And leave us any other ideas in the comments section.

    並在留言區留下任何想法

  • See you later!

    再會啦!

Estonia suffered a massive cyberattack more than 10 years ago.

逾十年前,愛沙尼亞經歷了一場嚴重的網路攻擊

字幕與單字
已審核 字幕已審核

單字即點即查 點擊單字可以查詢單字解釋