|
查看原文
China has been the target of serious cyberattacks from the United States, but Beijing has neverblamed Washington or the Pentagon because such accusations would be "technicallyirresponsible", Chinese Internet insiders said.
The cyberattacks from the US have been as grave as the ones the US claims China hasconducted, they said on Tuesday.
China's Internet emergency response agencyhas tried its best to handle all the UScomplaints made this year, they said.
However, the US never mentioned thealleged Chinese hacking theft of the designsof more than 20 kinds of top US weapons, butinstead gave the unverified informationdirectly to the media.
"We have mountains of data, if we wanted toaccuse the US, but it's not helpful in solvingthe problem," said Huang Chengqing,director of the National Computer NetworkEmergency Response TechnicalTeam/Coordination Center of China, alsoknown as CNCERT.
"The importance of handling Internet securitycases keeps rising, but the issue can only besettled through communication, notconfrontation."
Huang's remarks came after a slew of reportsaccusing China of hacking were released inthe US this year. High-ranking officials inWashington also pressed Beijing on the issuein recent weeks.
According to CNCERT, in the first five monthsof this year, 13,408 overseas trojan horsesor bot control servers — two popular hackingtools — hijacked around 5.63 millionmainframes in China. Of those, 4,062 US-based control servers hijacked 2.91 millionmainframes in China.
The US ranked first in both the number ofcontrol servers and the number of mainframes controlled in China.
In the same period, websites of 249 important Chinese organizations including governmentdepartments, key information systems and research institutions were implanted with backdoorprograms. Among them, 54 websites were hijacked by US-based IP addresses for stealinginformation.
"However, it's hard to judge whether the US government supported or got involved in thehacking. Besides, hackers can easily hide their real location and identities," Huang said.
"So technically it is irresponsible and unfounded for some people to talk about alleged hackingsupported by the Chinese authorities."
As for the Washington Post report in late May about Chinese hacking on US weapons, Huangsaid design information of top-class weapons are usually listed as top national secrets. "Evenfollowing the general principle of secret-keeping, it should not have been linked to the Internet."
Huang said his agency has been fighting with hackers. Except for daily work of Internet securitymonitoring, prewarning and emergency response, CNCERT cut hackers’ remote control on39.37 million infected mainframes in 2012.
The agency has set up Internet security cooperative relations with 91 organizations in 51countries and regions.
Huang said a case in March explains the importance of such cooperation. At that time, SouthKorea suspected that Chinese hackers paralyzed the network of some local media and banksand required assistance from CNCERT. Through joint efforts, it was discovered that the IPaddress connected to the hacking was in the range of Chinese IP addresses but was actuallyused by a South Korean bank.
As for cooperation with the US, Huang said in the first four months of this year CNCERTreceived 32 Internet security cases from the US, among the 227 complaints from abroad.
They handled the US cases in time, except for attempted IP address attacks, which lackedsufficient proof. And they sent feedback to the US on all the cases.
"But they did not mention these efforts, instead they advocated cases that they never let usknow about. Some cases can be addressed if they had talked to us, why not let us know? It isnot a constructive train of thought to solve problems," Huang said.
"Besides, we have smooth communication at the civil level. I don't understand why all levels ofthe US government are accusing China of cybersecurity recently. I felt it is driven by somepolitical intentions, though I don't know what the intentions are."
Huang said he noticed the US has kept beefing up its cyberwar forces as it hyped hackingthreats from China.
After Mandiant, a Washington-based cybersecurity group, said in a report in February that thePeople's Liberation Army sponsors hacking, US Cyber Command and National Security Agencychief General Keith Alexander told Congress in March that of the 40 new Cyber Commandteams being assembled, 13 would be focused on offensive operations.
Gao Xinmin, vice-chairman of Internet Society of China, said: "The US is much more dependenton the Internet than developing nations, so it is fully understandable that they attach greatimportance to the issue."
"However, because of the lack of mutual trust, it is easy for some countries to blame hacking onother governments. And driven by some political needs, the dirty water is often poured ontoChina," Gao said.
The White House has announced that cybersecurity will be high on the agenda of President XiJinping's meeting with US President Barack Obama this week in California.
CNCERT's Huang said it is necessary to have multi-level talks, but the most effective way is to"start from the basic level" and beef up communication between frontline agencies, such asemergency response organizations, from relevant countries.
|
查看譯文
中國(guó)國(guó)家級(jí)網(wǎng)絡(luò)安全應(yīng)急機(jī)構(gòu)和互聯(lián)網(wǎng)協(xié)會(huì)的高層人士周二表示���,中國(guó)遭受來(lái)自美國(guó)的網(wǎng)絡(luò)攻擊的嚴(yán)重程度并不亞于美國(guó)所聲稱的來(lái)自中國(guó)的威脅���,但中國(guó)采取了“對(duì)事不對(duì)國(guó)”的態(tài)度�,從未為此怪罪美國(guó)政府或軍隊(duì),因?yàn)椤凹夹g(shù)層面上這樣的做法不負(fù)責(zé)任”�。
他們還表示,中方今年已盡其所能地處理并反饋了美國(guó)計(jì)算機(jī)緊急響應(yīng)小組(US-CERT)向中方投訴的個(gè)案���。這些專業(yè)人士稱美方從未向中國(guó)國(guó)家計(jì)算機(jī)網(wǎng)絡(luò)應(yīng)急技術(shù)處理協(xié)調(diào)中心(CNCERT)提及美國(guó)媒體近期報(bào)道的中國(guó)黑客盜取美國(guó)重大武器系統(tǒng)設(shè)計(jì)一事���,而是直接把未經(jīng)證實(shí)的資料泄露給媒體�����。
這些官員是在《中國(guó)日?qǐng)?bào)》的專訪中就美方最近密集發(fā)表所謂中國(guó)在網(wǎng)絡(luò)安全方面對(duì)美構(gòu)成極大威脅的言論��,以及美方高官不斷就此對(duì)北京施壓的情況做此表態(tài)的�����。
“如果我們想指責(zé)美國(guó)的話有大量數(shù)據(jù)�����,但這無(wú)助于問(wèn)題的解決���,隨著信息化的發(fā)展,網(wǎng)絡(luò)安全事件的處理越來(lái)越重要��。但這些問(wèn)題的解決應(yīng)該通過(guò)對(duì)話而不是對(duì)抗�����?����!盋NCERT主任黃澄清說(shuō)�。
據(jù)CNCERT向《中國(guó)日?qǐng)?bào)》獨(dú)家披露的最新數(shù)據(jù),2013年1至5月��,境外約有13408臺(tái)木馬或僵尸網(wǎng)絡(luò)控制服務(wù)器控制了中國(guó)境內(nèi)近563萬(wàn)臺(tái)主機(jī)����,其中位于美國(guó)的4062臺(tái)控制服務(wù)器控制了中國(guó)境內(nèi)近291萬(wàn)臺(tái)主機(jī),無(wú)論是按照控制服務(wù)器數(shù)量還是按照控制我國(guó)主機(jī)數(shù)量規(guī)模進(jìn)行排名�,美國(guó)都名列第一。
此外��,同期中國(guó)有249個(gè)重要政府部門(mén)����、重要信息系統(tǒng)和科研機(jī)構(gòu)等單位的網(wǎng)站被境外入侵并植入網(wǎng)站后門(mén),其中54個(gè)單位被美國(guó)地址入侵和竊取信息����。
“但是很難判定美國(guó)政府支持和參與了這些事件。另外�,擁有專業(yè)技術(shù)的黑客可以輕而易舉的隱藏自己的真實(shí)位置和身份�����。所以單從技術(shù)層面上講���,一些國(guó)家和人士有關(guān)中國(guó)網(wǎng)絡(luò)安全威脅論的言論是不負(fù)責(zé)任和缺乏依據(jù)的?���!秉S澄清說(shuō)。
至于《華盛頓郵報(bào)》5月底報(bào)道的中國(guó)竊取美國(guó)二十多項(xiàng)武器設(shè)計(jì)機(jī)密的指責(zé)���,黃表示尖端武器的研制資料一般被列為國(guó)家最高等級(jí)機(jī)密�,“即使遵循一般的保密原則�����,也絕不可能放在互聯(lián)網(wǎng)上”����。
黃說(shuō)事實(shí)上他負(fù)責(zé)的機(jī)構(gòu)一直在與黑客做著艱苦的斗爭(zhēng)。除了日常的網(wǎng)絡(luò)安全事件的監(jiān)測(cè)����、預(yù)警和應(yīng)急處置工作外�����,2012年CNCERT切斷了黑客對(duì)3937萬(wàn)余臺(tái)感染主機(jī)的遠(yuǎn)程操控。
這個(gè)機(jī)構(gòu)目前已經(jīng)與51個(gè)國(guó)家和地區(qū)的91個(gè)組織建立了網(wǎng)絡(luò)安全合作關(guān)系���。
黃說(shuō),今年3月有一個(gè)案例,當(dāng)時(shí)韓國(guó)懷疑中國(guó)的黑客行為導(dǎo)致了當(dāng)?shù)匾恍┟襟w和銀行計(jì)算機(jī)網(wǎng)絡(luò)同時(shí)癱瘓�����,韓國(guó)通過(guò)CNCERT請(qǐng)求幫助協(xié)調(diào)�����,經(jīng)雙方共同努力����,證實(shí)疑似IP地址實(shí)為韓國(guó)銀行內(nèi)部自用�,而其恰好使用了中國(guó)IP地址范圍,從而導(dǎo)致韓方誤認(rèn)為攻擊來(lái)自中國(guó)����。
黃澄清說(shuō),今年1月至4月CNCERT接到的227起來(lái)自境外的網(wǎng)絡(luò)安全投訴中,有32起來(lái)自US-CERT���。除了部分惡意IP地址嘗試攻擊事件因?qū)Ψ教峁┳C據(jù)不足無(wú)法處理外����,其余的事件中方均及時(shí)處理并向美方反饋�。
“但他們并沒(méi)有提到這些,而是把沒(méi)有告訴我們的問(wèn)題大肆渲染��,如果跟我們說(shuō)的話有些問(wèn)題是能解決的�����,為什么不讓我們知道呢���?這不是解決問(wèn)題的建設(shè)性思路��,”他說(shuō)�。
“另外�,現(xiàn)在民間層面的溝通是暢通的,但我們不知道為什么近一段時(shí)間來(lái)美國(guó)政府各個(gè)層面都在就網(wǎng)絡(luò)安全問(wèn)題攻擊中國(guó)�����。我認(rèn)為這種做法是出于政治上的考量,盡管我不清楚他們的目的����。”
黃說(shuō)他注意到美國(guó)在發(fā)布“中國(guó)黑客威脅論”的同時(shí)一直在加強(qiáng)自己網(wǎng)絡(luò)戰(zhàn)的力量�。美國(guó)網(wǎng)絡(luò)安全公司曼迪昂特2月18日發(fā)布報(bào)告指責(zé)中國(guó)軍方黑客威脅,3月12日美國(guó)網(wǎng)絡(luò)戰(zhàn)司令部司令亞歷山大隨即宣布新增40支網(wǎng)絡(luò)部隊(duì)�,其中13支確定用來(lái)進(jìn)攻。
“美國(guó)社會(huì)對(duì)網(wǎng)絡(luò)的依存度比我們發(fā)展中國(guó)家高的多���,所以他們對(duì)網(wǎng)絡(luò)安全更加重視是可以理解的,”中國(guó)互聯(lián)網(wǎng)協(xié)會(huì)副理事長(zhǎng)高新民說(shuō)���。
“但有些國(guó)家之間由于缺乏戰(zhàn)略互信�,容易認(rèn)為攻擊源受到對(duì)方政府的支持���,再加上某些政治需要�,經(jīng)常把臟水潑向中國(guó)�����。這樣只會(huì)加深猜忌���,”他說(shuō)�����。
關(guān)于白宮宣布網(wǎng)絡(luò)安全將會(huì)是國(guó)家主席習(xí)近平和美國(guó)總統(tǒng)奧巴馬本周在加州會(huì)晤的首要議題之一����,黃澄清表示多層次溝通是必要的,但最有效的辦法是從基層做起����,讓網(wǎng)絡(luò)安全應(yīng)急處置的專業(yè)部門(mén)和各國(guó)政府執(zhí)法部門(mén)開(kāi)始加強(qiáng)溝通。
CNCERT已經(jīng)參與了美國(guó)東西方研究所牽頭舉行的定期國(guó)際民間網(wǎng)絡(luò)安全問(wèn)題溝通和協(xié)調(diào)��。黃說(shuō)他欣賞該機(jī)構(gòu)“積極和建設(shè)性的”的態(tài)度和具體的解決方法�����。據(jù)《紐約時(shí)報(bào)》5月26日?qǐng)?bào)道�,東西方研究所正同包括中美在內(nèi)的多個(gè)國(guó)家政府代表合作討論信息技術(shù)基礎(chǔ)設(shè)施保護(hù)方面的基本規(guī)則。
“互聯(lián)網(wǎng)是自下而上發(fā)展起來(lái)的����,現(xiàn)在單純靠政府解決全部問(wèn)題是不現(xiàn)實(shí)的。而東西方研究所跟各個(gè)層面建立了廣泛的溝通渠道��,”黃說(shuō)。
2011年����,CNCERT完成了與該機(jī)構(gòu)開(kāi)展的為期兩年的中美網(wǎng)絡(luò)安全對(duì)話機(jī)制反垃圾郵件專題研究。從2012年至今�,雙方正在就”反黑客攻擊”專題開(kāi)展對(duì)話。
相關(guān)閱讀
中國(guó)傳統(tǒng)文化走進(jìn)特多
新加坡大學(xué)看好中國(guó) 旨求加強(qiáng)合作
新西蘭女孩的中國(guó)雜技?jí)?--艾瑪學(xué)藝記
后劉翔時(shí)代 中國(guó)田徑并不沒(méi)落
女用安全套:中國(guó)女性新的選擇
(中國(guó)日?qǐng)?bào)記者李瀟堃編譯)
|
