自美军上周在伊拉克当“斩首”伊朗将领苏莱曼尼(QassemSoleimani)以来,美伊双方急剧升温。1月5日(周日),一个声称为伊朗政府工作的黑客组织攻陷了美国政府的网站,两国网络战争大有一触即发之势。

The U.S. and Iran have been warming sharply since U.S. forces last week became \"decapitated\" Iranian general Qassem Soleimani in Iraq. On sunday, january 5th a group of hackers claiming to work for iran's government captured the u.s. government's website, and a cyberwar between the two countries was on the verge.

据“硅谷立场”(siliconangle)报道,这次黑客攻击的目标是美国联邦存托图书馆项目(DepositoryLibraryProgram),黑客称这是对1月3日美军无人机袭击苏莱曼尼的报复。

The hack was targeted by the U.S. Federal Depository Library Program, which hackers described as retaliation for the U.S. Army drone strike against Suleimani on Jan.

“这是来自伊朗伊斯兰共和国的信息,”黑客们在网站上写道,“我们不会停止支持在这些地区的朋友,包括在巴勒斯坦、也门、巴林被压迫的人民,在叙利亚和伊拉克的人民及其政府,以及在黎巴嫩和巴勒斯坦真正的圣战抵抗组织。”

\"This is information from the Islamic Republic of Iran,\" the hackers wrote on the website.\" We will not stop supporting friends in these areas, including the oppressed people in Palestine, Yemen, Bahrain, the people in Syria and Iraq and their governments, and the true jihadist resistance in Lebanon and Palestine.\"

CNN援引国土安全部网络安全和基础设施安全局(CISA)发言人森德克(SaraSendek)的话表示:“联邦图书馆项目(FDLP)的网站被亲伊朗的反美势力所破坏。但暂时无法证实这是伊朗政府资助的黑客所为。目前该网站已下线,暂时无法访问。”

\"The website of the Federal Library Project (FDLP) was destroyed by pro-Iranian anti-American forces,\" CNN said, citing Sara Sendek, a spokesman for the Department of Homeland Security's Cyber Security and Infrastructure Security Agency (CISA). But for the time being, it is impossible to prove that this was done by a government-funded Iranian hacker. The site is now offline and temporarily inaccessible.\"

网络袭击对于美国和伊朗,甚至是其他中东国家来说都早已不是新鲜事。网络安全公司VectraAIInc.的安全分析主管莫拉莱斯(ChrisMorales)指出,自2010年伊朗核离心机受到Stuxnet病毒攻击以来,该国一直在逐步建立网络袭击能力。业内人士普遍认为,Stuxnet病毒是美国和以色列为破坏伊朗的核计划而研制。

Cyber attacks are not new to the United States, Iran, or even other Middle Eastern countries. cyber security company VectraAI Inc. Chris Morales, director of security analysis at Chris Morales, said the country had been gradually building its cyber-attack capability since the 2010 attack on the Iranian nuclear centrifuge by the Stuxnet virus. People in the industry generally believe that the Stuxnet virus was developed by the United States and Israel to undermine Iran's nuclear program.

莫拉莱斯说:“网络袭击一直在进行,并由双方共同煽动。伊朗的网络袭击能力并不复杂,因为它主要利用黑市上的的恶意软件。相比之下,美国和以色列的恶意软件都是专门定制的。我确实认为伊朗会发动网络袭击,但他们也会考量美国的持续威慑所带来的后续影响,审慎而行。”

\"Cyber attacks have been going on and have been instigated by both sides,\" Morales said. Iran's cyber-attack capabilities are not complicated because it uses mainly malware on the black market. In contrast, malware in the United States and Israel is custom-made. I do think Iran will launch a cyber attack, but they will also consider the follow-up effect of continued U.S. deterrence, cautiously.

事实上,在美军定点清除苏莱曼尼的第二天,国土安全部就已经发出警告,呼吁美国公共和私营部门提高戒备。国土安全部表示,“伊朗有能力对美国的关键基础设施进行具有临时破坏性的网络袭击”。

Indeed, the day after the U.S. military's targeted removal of Suleimani, the Department of Homeland Security has issued a warning to the U.S. public and private sector to raise its security. The Department of Homeland Security said \"Iran has the ability to carry out temporary and disruptive cyber-attacks on key U.S. infrastructure \".

至于为何会选择网络袭击来作为报复手段,FireEye情报分析主管胡尔特奎斯特(JohnHultquist)对《金融时报》表示:“这样做的目的是向美国人发出信号,表明他们可以影响到我们。虽然完全攻陷电网可能超出了(伊朗)的能力范围,但他们可能会通过攻陷IT系统造成严重破坏。”

\"The purpose of this is to send a signal to Americans that they can influence us,\"John Hultquist, FireEye's head of intelligence analysis, told the Financial Times. Although it may be beyond the reach of [Iran], they could wreak havoc on the IT system.

哥伦比亚大学计算机科学教授贝尔洛文(StevenBellovin)也对CNN表示,相较传统战争来说,网络袭击风险较小:“首先网络袭击更容易被否认。如果美军基地遭到导弹袭击,或者外交官被绑架,这就很容易追踪到。其次,它会减少人员风险。”

Steven Bellovin, a computer science professor at Columbia University, also told CNN that cyber-attacks are less risky than traditional wars:"First, cyber-attacks are more likely to be denied.” If a US military base is attacked by a missile or a diplomat is kidnapped, it is easy to track it down. Second, it will reduce personnel risk.

正是因为网络袭击较为隐蔽,代价也相对较低的特点,美国、以色列、伊朗和沙特在近十年中一直在通过黑客暗中较量。

It is precisely because of the more covert and relatively low-cost nature of cyber-attacks that the United States, Israel, Iran, and Saudi Arabia have been secretly fighting through hackers for nearly a decade.

据VICE报道,2012年伊朗黑客使用了名为“ShaMoon”的恶意数据清除软件,目标是沙特阿美的行政管理计算。当时伊朗黑客还没有入侵石油生产机械中的工业控制系统。

In 2012, Iranian hackers used malicious data clearing software called \"Sha Moon,\" targeting administrative calculations by Saudi Aramco, VICE reported. At the time, Iranian hackers had not invaded industrial control systems in oil-producing machinery.

但随着中东紧张局势加剧,伊朗黑客的活动也随之升级。TheWire在2019年11月的报道显示,据信是来自伊朗的黑客组织APT33已经不满足仅仅植入恶意计算机软件,而是将关注点转向了关键基础设施和炼油厂、电力公司的物理控制系统上。

But as tensions rise in the Middle East, Iranian hacking has escalated. The Wire's November 2019 report showed that APT33, a hacking group believed to be from Iran, was no longer satisfied with simply implanting malware, but instead turning its focus to key infrastructure and the physical control systems of refineries, power companies.

风险投资公司StrategicCyberVentures的首席执行官托马斯(HankThomas)告诉“硅谷立场”:“利用攻击性的网络能力,来对该地区以外的对手进行打击很可能是伊朗目前最有可能采取的行动。而其所采取的最危险的行动将是把网络袭击和动态打击相结合,对本地区和地区外目标进行综合袭击。”

\"Using offensive cyber capabilities to strike opponents outside the region is likely to be the most likely action for Iran at the moment,\" Hank Thomas, chief executive of venture capital firm StrategicCyber Ventures, told\" Silicon Valley stance.\" The most dangerous action will be a combination of cyber-attacks and dynamic attacks on local and extra-regional targets.

有趣的是,伊朗的网络袭击为网络安全公司带来了利好消息。彭博新闻社报道称,在地区局势紧张导致大盘普遍下跌的情况下,CrowdStrikeInc.和FireEyeInc.这两家网络安全公司的股票在当地时间4日分别上涨了%和%。

Interestingly, Iran's cyber attacks have brought good news for cybersecurity companies. CrowdStrike Inc.(Bloomberg News) reported a general dip in the market as a result of regional tensions. and FireEye Inc. Shares of the two cybersecurity companies rose by% and% on Thursday, local time.


欢迎转载,转载请注明出处:申博官方手机版app下载