经济学人下载:网络安全,幽灵般的敌人

While hacktivists are gathering speed, another source of hacking—organised-crime groups—are going about their business as usual. But that means they are using increasingly sophisticated techniques to extract passwords and other personal information from their victims. This then gives them access to data they can profit from in various ways. These gangs are behind some of the biggest data breaches that companies have owned up to (see chart). They also often launch cyber-attacks using “botnets”, or networks of computers that have been taken over without their owners’ knowledge.

正当个体黑客组织壮大得如火如荼的时候，另一种入侵形式源的黑客-有组织犯罪的黑客群体-也在像往常一样经营着他们的勾当。不过这意味着他们使用更成熟的技术从受害者那边窃取密码和其他的个人信息数据，然后以各种形式从中牟利。一些名企的大规模数据泄露就是拜这些黑客群所赐（如图表所示）。他们经常用“僵尸程序”发起网络攻击，或者不为用户所知地感染其主机，形成僵尸网络发起攻击。

Code red 红色代码

Such ploys can make it hard to identify exactly who is behind a particular online assault, says Adam Vincent of Cyber Squared, another security firm. In China things are particularly unclear. Jayson Street, a security researcher who has written a book on dissecting hacks, reckons the Chinese government itself is struggling to contain hacking within the country. He recounts how the website of one regional government he studied turned out to have been compromised by hackers who had made it part of a botnet. Chinese cyber-crooks are only too happy to rent out their networks to other gangs and governments who want to launch attacks using them. North Korea and Russia are said to be among the countries that have taken advantage of such offers.

来自另一家网络安全公司Cyber Squared的Adam Vincent说，这样（僵尸网络的）形式的攻击真的很难定位到某次入侵的幕后真凶是谁。在中国事情就更扑朔迷离了。研究网络安全的Jayson Street曾写过一本剖析黑客行为的书，他认为中国政府自身也在挣扎着控制黑客行为于境内。他详述了他所研究的一个地方政府网站是怎么在黑客们的控制下“蜕变”到僵尸网络的一部分的。中国的网络犯罪分子倒是希望能够把他们的网络租给其他黑客帮派或者政府，供其发起攻击。朝鲜和俄罗斯据说也是利用这种机会来获取好处的。

This does not mean that the Chinese government is innocent of all of the hacking charges levelled against it. A recent study by McAfee of “SQL injections”, a technique used to penetrate databases, showed that around half of the reported attacks in the first quarter of 2011 originated from China. Given the scale of such activity, it is likely that at least some of these were launched by Chinese cyberspies. Google has also dropped heavy hints that the Chinese government was behind a recent hack of Gmail, its web-based mail service, which let online snoopers read the e-mails of high-ranking American officials and those from some other countries.

这并不意味着中国政府在所有罪状等身的黑客行为指控面前是无辜的。迈克菲最近的一份针对”SQL注入”（一种入侵数据库的技术）的研究中指出，2011年第一季度，大约半数的所被报告的攻击源自中国。如果考虑这种攻击的规模，那么至少有一些入侵很可能是由中国的网络间谍所发起的。谷歌也掷出重言，中国政府是最近针对其基于网络的邮件服务Gmail进行攻击的幕后使者，这样做可以让网上的间谍获取美国高官和其他国家重要人物的电子邮件。

But China is far from the only country engaged in cyber-espionage. It is surely no coincidence that according to McAfee’s statistics the second-largest source of SQL injections in the first quarter was none other than America. Such probing of a rival’s systems is hardly new, though it has assumed an exaggerated importance because of all the feverish talk of “cyber-warfare”.

但中国绝不是参与网络间谍活动的唯一国家。根据迈克菲的数据，第二大SQL注入攻击源的国家正是美国，这当然不是巧合。由于“网络战”是公众乐此不疲的话题，这种入侵行为的严重性有些被夸大了，毕竟入侵对手系统的行为可谈不上是新事物。

According to a report on cyber-security issued earlier this year by the Organisation for Economic Co-operation and Development, the chances of a conflict fought solely in the electronic world are extremely slim. The same report also warns that many high-tech attacks described as acts of cyberwar, including the antics of hacktivists, do not merit the label. That is surely right. Even so they are no laughing—or lulzing—matter.

根据今年早些时候由经济合作与发展组织发布的网络安全报告，仅在电子世界中发生冲突的可能性微乎其微。报告还提到，许多有着高技术手段的被称作网络战的入侵事件，和那些哗众取宠的黑客分子，都有些言过其实。这当然是对的。不过就算是这样，这些（黑客和黑客行为）也不是拿来搞笑的事，或者说可以被“鲁兹”的事。