搜尋此網誌

2011年10月9日星期日

安全專家:美國“領先部隊”在Stuxnet蠕蟲病毒的背後

安全專家:美國“領先部隊”在Stuxnet蠕蟲病毒的背後
Security Expert: U.S. 'Leading Force' Behind Stuxnet
Saturday, October 8, 2011
WGBH
Tom Gjelten
Translation by Autumnson Blog

One year ago, German cyber security expert Ralph Langner announced he had found a computer worm designed to sabotage a nuclear facility in Iran. The Stuxnet worm is now recognized as a cyber super weapon, and it could end up harming those who created it.
一年之前,德國的網絡安全專家拉爾夫蘭納宣布,他已發現一種旨在破壞伊朗核設施的電腦蠕蟲病毒。 Stuxnet蠕蟲病毒現在被公認為一種網絡的超級武器,及它最終可能會損害那些創造它的人。
One year ago, German cyber security expert Ralph Langner announced he had found a computer worm designed to sabotage a nuclear facility in Iran. It's called Stuxnet, and it was the most sophisticated worm Langner had ever seen.
一年之前,德國的網絡安全專家拉爾夫蘭納宣布,他已發現一種旨在破壞伊朗核設施的電腦蠕蟲病毒。這就是所謂的Stuxnet,及它是所見過中最複雜的蠕蟲蘭納。
In the year since, Stuxnet has been analyzed as a cyber super weapon, one so dangerous it might even harm those who created it.
自今年以來,Stuxnet已被分析為一種網絡超級武器,一種那麼危險的它甚至可能會傷害那些創建它的人。
In the summer of 2010, Langner and his partners went to work analyzing a malicious software program that was turning up in some equipment. Langner Communications is a small firm in Hamburg, Germany, but Langner and the two engineers with whom he works know a lot about industrial control systems. What they found in Stuxnet left them flabbergasted.
蘭納和他的夥伴們在2010年夏天,去做一項惡意軟件程序的分析工作。蘭納通信是德國漢堡的一間小公司,但蘭納和與他工作的兩位工程師都知道很多有關工業控制系統,他們在Stuxnet發現的讓他們大吃一驚。
"I'm in this business for 20 years, and what we saw in the lab when analyzing Stuxnet was far beyond everything we had ever imagined," Langner says.
“我在此業務已 20年,及當我們分析Stuxnet時在實驗室中看到的,是遠遠超出我們曾經想像過的一切,蘭納說。”
It was a worm that could burrow its way into an industrial control system, the kind of system used in power plants, refineries and nuclear stations. Amazingly, it ignored everything it found except the one piece of equipment it was seeking; when the worm reached its target, it would destroy it.
它是一種蠕蟲可以鑽入一個工業控制系統,在發電廠、煉油廠和核電站使用的那種系统。令人驚訝的是,它不理會一切它發現的東西,除了它在尋找的那一件設備;當蠕蟲到達其目標時,它會破壞它。
Langner says that the more his team analyzed the Stuxnet worm, the more they knew they were onto something big.
蘭納說,他的小組分析Stuxnet蠕蟲病毒愈多,他們更知道滋事體大。
"We were pretty much working around the clock," he says, "because after we had the first impression of the magnitude of this, we were just like on speed or something like that. It was just impossible to go back to sleep."
“我們頗常日以繼夜地工作,”他說,“因為在我們有這的規模的第一印象後,我們剛像是在高速或類似,是根本不可能回去睡覺的。”
Langner also realized after analyzing the Stuxnet code that it was designed to disable a particular nuclear facility in Iran. That's serious business, he figured. Some Iranian nuclear scientists, he remembered, had been mysteriously killed. Langner published his findings anyway.
蘭納亦認知到在分析Stuxnet的代碼後,它是被設計來癱瘓伊朗的某個核設施。那是大生意,他想到。他還記得,一些伊朗的核科學家已神秘地被殺害,無論如何蘭納出版了他的研究結果。
"I wasn't actually scared, but this was just something I was thinking about," he says. "You know, this stuff must involve intelligence services who do some dirty work every now and then, and you can't just block that away from your personal situation when you are the guy who is the first to publish [that] this is a directed attack against the Iranian nuclear program. So there have been some frightening moments."

'United States Behind Stuxnet'

Langner says as they dug deeper into the Stuxnet code, each new discovery left them more impressed and wondering what was coming next. He says he couldn't imagine who could have created the worm, and the level of expertise seemed almost alien. But that would be science fiction, and Stuxnet was a reality.

"Thinking about it for another minute, if it's not aliens, it's got to be the United States," he says.

The sophistication of the worm, plus the fact that the designer had inside intelligence on the Iranian facility, led Langner to conclude the United States had developed Stuxnet, possibly with the help of Israeli intelligence.

Langner isn't shy about naming the U.S. as the Stuxnet culprit, as he stated in a recent speech at the Brookings Institution. In that speech, he also made the bigger point that having developed Stuxnet as a computer weapon, the United States has in effect introduced it into the world's cyber arsenal.

"Cyber weapons proliferate by use, as we see in the case of Stuxnet," he said. "Several months or weeks or a year later, the code is available on the Internet for dissection by anyone who has the motivation or money to do so."

It would have to be revised, Langner says, in order to target some other industrial control system besides the one in Iran, a U.S. power plant, for example. But it could be done, and he warns that U.S. utility companies are not yet prepared to deal with the threat Stuxnet represents.

The CIA declined to comment on Langner's charge that the U.S. was "the leading force" behind Stuxnet. Homeland Security officials insist measures are being taken to defend U.S. infrastructure against cyber attack. [Copyright 2011 National Public Radio]

http://weeklyintercept.blogspot.com/2011/10/security-expert-us-leading-force-behind.html

匿名警告他們有Stuxnet核電廠電腦病毒的源代碼

德國公司涉及蠕蟲病毒:光明會遊戲卡的可能電腦蠕蟲攻擊

沒有留言: