Another week, another wave of cyber alarm in America. On Wednesday both the New York Stock Exchange and United Airlines suspended activity for several hours due to mysterious computing problems, while the Wall Street Journal’s website briefly went down. All three insisted that the outages reflected technical hitches, not malicious attack. But many are anxious after past assaults on mighty American companies and agencies.
上周,美國拉響了又一波收集警報。上周三,紐約證交所(NYSE)和美國結合航空(United Airlines)都由於秘密的盤算機妨礙停息運轉數小時,《華爾街日報》(WSJ)網站也短暫湧現沒法打開的題目。以上三家機構都堅稱,辦事中止是由於技巧妨礙,而非歹意進擊。但此前一些壯大的美國企業和機構遭遇的進擊讓很多人對此覺得焦炙。
In February Anthem, an insurance company, revealed that cyber hackers had stolen information on 80m customers. The Washington-based Office of Personnel Management said cyber hackers had taken data on millions of federal employees. Companies ranging from retailers to banks have been attacked, too.
本年2月,保險公司Anthem表露,收集黑客盜取了其8000萬名客戶的信息。處於華盛頓的美國人事治理局(Office of Personnel Management)表現,收集黑客盜取了數百萬聯邦雇員的材料。從零售商到銀行等各種企業也受到了收集進擊。
On Wednesday — just as the NYSE was frozen — Cambridge university and Lloyds insurance group released a report suggesting that if a cyber assault breached America’s electrical grid, this could create $1tn dollars of damage. A few minutes later, James Comey, the FBI director, told Congress that it is struggling to crack encryption tools used by jihadis. In May, Mr Comey said Islamic terrorists were “waking up” to the idea of using malware to attack critical infrastructure. It is scary stuff.
上周三,就在紐交所因妨礙停息生意業務的時刻,劍橋大學(University of Cambridge)和保險團體勞合社(Lloyd's)宣布了一篇申報,稱假如有一次收集進擊沖破了美國的電網,將給美國帶來1萬億美元的喪失。幾分鐘後,美國聯邦查詢拜訪局(FBI)局長詹姆斯•科米(James Comey)告知國會,FBI很難破解聖戰份子應用的加密對象。科米在5月份表現,伊斯蘭恐懼份子應用歹意軟件進擊癥結基本舉措措施的意識“正在覺悟”。真是恐怖的工作。
The key issue that investors, politicians and voters need to ponder is not simply who might be the next target, but whether Washington has the right system in place to handle these attacks. The answer is almost certainly No.
癥結題目是,投資者、官場人士和選民不但須要斟酌誰大概會是下一個目的,還須要斟酌華盛頓是不是已安排好可以或許應答這些進擊的適合機制。謎底險些毫無疑難是否認的。
On paper, there is no shortage of resources; earlier this year, for example, President Barack Obama earmarked $14bn for the cyber fight. But the key problem now is not so much a lack of cash — but co-ordination: as fear spreads, a bewildering alphabet soup of different agencies and task forces is leaping into cyber battle, often with little collaboration. The institution that is supposed to be in charge of security threats is the Department of Homeland Security. But its skills are viewed with scepticism by military officials. The Pentagon has its own cyber warriors, as do America’s intelligence agencies.
名義上,資本其實不缺乏;好比,本年早些時刻,美國總統巴拉克•奧巴馬(Barack Obama)指定了140億美元作為為收集戰專項資金。但如今的癥結題目,與其說是缺少資金,不如說是缺少協作;跟著恐怖分散開來,讓人目眩紛亂的浩瀚分歧機談判特殊行為組紛紜投身收集戰,而它們每每很少互相協作。理論上賣力應答平安威逼的應是美國領土安全體(Department of Homeland Security)。但軍方官員對領土安全體的技巧持疑惑意見。五角大樓(Pentagon)有本身的收集兵士,美國的諜報機構也是如斯。
The White House has tried to force these bodies to work together. Separately, civilian agencies such as Nuclear Regulatory Commission started holding discreet meetings with each other last autumn on cyber issues too. But collaboration across sectors is patchy. “The level of readiness in different agencies varies enormously,” admits a senior Washington figure at the centre of these efforts. Add in private sector bodies and the picture is even worse: not only is the Pentagon wary of sharing data with, say, the Chamber of Commerce, but companies are often terrified of revealing attacks to each other.
白宮試圖迫使這些機構互助。客歲秋日,美國核治理委員會(NRC)等非軍事機構之間已開端低調地就收集進擊題目舉辦集會。但跨部分之間的協作情形良莠不齊。“分歧機構的意願相差極大,”一位主持增強協作盡力的華盛頓高等官員認可。假如再算上私營部分實體,情形就顯得更糟了:不但五角大樓對付與美國商會(U.S. Chamber of Commerce)分享數據堅持小心,企業之間平日也畏懼相互泄漏遭到收集進擊的情形。
Is there a solution? One sensible response might be to create a new agency to provide a central focus for the cyber fight. There is precedent for that; most Washington regulators emerged in response to a new threat. The Securities and Exchange Commission, for example, was created after the 1929 stock market crash; the Food and Drug Administration appeared after scandals over dangerous medicines. A second option might be to relaunch the DHS to focus on the cyber fight. It could, for example, be named the Department of Cyber and Homeland Security.
有辦理辦法嗎?一種公道回應多是建立一個重點應答收集戰的新機構。這是有先例的:大多半華盛頓羈系機構最初都是為了應答一種新威逼而建立的。 好比,美國證交會(SEC)是在1929年股市崩盤後建立的;美國食物藥品監視治理局(FDA)是在曝出傷害藥品醜聞後建立的。第二個選項多是將領土安全體洗面革心,專註於收集戰。好比,領土安全體可以被從新定名為收集和領土安全體。
Either way, Washington needs to answer the question that Henry Kissinger once posed in relation to Europe: in a crisis: “Who do I call?” Some countries have found ways: Australia has impressive levels of co-ordination between the public and private sector over cyber defences. But as the sense of tribalism builds in Washington, the sad truth is that it may take something — like a really big crisis — before anyone can bang bureaucratic heads together in an effective way. Better just hope that this “something” will not be too devastating; such as a real attack on the transport sector and markets.
不管采用哪一種方法,華盛頓都須要答復亨利•基辛格(Henry Kissinger)曾對歐洲提出的誰人題目:危機時候,“我該打給誰”?一些國度已找到了辦法:澳大利亞的大眾和私營部分在收集防備方面的協作水平使人印象深入。但因為華盛頓內部的部落主義思惟,使人悲痛的本相是,美國大概須要閱歷一些工作——好比一場真正緊張的危急——才會有人將權要系統的頭腦筋腦有用地結合起來。咱們最佳照樣願望這件“工作”不會太具撲滅性;好比一次針對交通部分和市場的真正進擊。