2014年5月19日星期一

纽约时报:中美面临网络冷战

上海郊外的一座建筑里驻扎着一支中国部队,据信这里是许多黑客攻击的源头。(Carlos Barria  / Reuters)

 报道 2013年02月25日


华盛顿——奥巴马政府上周将一份机密名单发给美国的互联网服务供应商,名单中罗列了一长串与一个黑客组织相关的计算机地址,这一组织已经从美国公司窃取了大量数据。但是报告漏掉了一个重要的事实:几乎每一个数字地址都可以追踪到上海的一个街区,那里是中国军队网络司令部的大本营。
如何就黑客问题直接与中国未经考验的新领导集体对质,这种有意为之的遗漏,凸显出了奥巴马政府对这一问题的高度敏感,与此同时,奥巴马政府进一步要求中国停止国家支持的攻击行为,但中国政府一直坚持称这并非它所为。
这一问题显示了在世界上两个最大的经济体之间,日趋恶化的网络冷战,与过往几十年发生的我们更为熟悉的超级大国冲突有多么不同。从某些方面来说,网络冷战不那么危险,但从另一些方面来说,它却更加复杂、破坏性更强。
美国政府官员称,他们如今比以前更愿意直接向中方挑战,正如司法部长小埃里克・H・霍尔德(Eric H. Holder Jr.)上周所做的,他宣布了一项打击知识产权盗窃的新战略。奥巴马总统在国情咨文演讲中说“我们知道外国政府和企业会染指美国企业的机密”,但他并未直接提及中国,也未提及奥巴马最为担心的另两个国家,俄罗斯、伊朗。奥巴马在演讲中还说:“现在我们的敌人也在追求破坏我们的电网、金融机构、空中交通管制系统的能力。”
在此种情况下定义“敌人”一词并不总是那么容易。中国和前苏联不同,与其说它是美国一个彻底的敌人,不如说中国既是美国经济上的竞争对手,又是重要的供应商和客户。去年,两国的贸易额达4250亿美元(约合2.65万亿元人民币)。尽管在外交方面有诸多摩擦,但中国依然是美国债务的重要投资人。正如希拉里・罗德姆・克林顿(Hillary Rodham Clinton)在作为国务卿首次访华的途中对澳大利亚总理所说的,“面对你的债权人,你如何强硬得起来?”
在美国情报机构跟踪的约20个黑客组织中,“注释组”(Comment Crew)是最大的一个,而有证据显示人民解放军可能是“注释组”背后的支持者,面对这些证据,美国表现出了高度的谨慎。政府官员非常高兴私营安全公司Mandiant发布报告,将网络攻击追踪到逼近中国网络司令部的地点;美国官员私下里说,他们对Mandiant的结论没有异议,但是他们不愿意具名这么说。
这就解释了为什么在向网络服务供应商提出的警示中,没有在列出可疑服务器地址时,提及中国的名字。一位情报官员说,“我们被告知,直接羞辱中国会带来严重后果。那样做只会让他们更迫切地维护自己,采取更民族主义的态度。”
不过这种观点正在发生改变。ABC新闻频道(ABC News)周日的《本周》节目(This Week)中,密歇根州众议员、众议院情报委员会(House Intelligence Committee)主席麦克・罗杰斯(Mike Rogers)被问道,他是否认为中国政府和军队是网络经济间谍活动的幕后黑手,他回答道,“这是毫无疑问的。”
美国官员说,接下来几个月,华盛顿将对包括习近平在内的中国领导人私下提出警告。习近平即将就任中国国家主席一职。国家安全顾问汤姆・多尼隆(Tom Donilon)和克林顿的继任者约翰・克里(John Kerry)都计划在近期访华。人们期待,这些私下的交流能够阐明,过去数年攻击的规模之大和专业性之高,可能会威胁到中国在华盛顿最大的同盟对它的支持——美国的商业界。
库尔特・M・坎贝尔(Kurt M. Campbell)最近辞去了负责东亚事务的助理国务卿职务,成立了一家名为亚洲集团(Asia Group)的咨询公司,来协调令人头痛的美中商务关系。他说,“美国最大的全球性企业一直在美中关系中起着稳定作用。如今,恰恰是他们在告诉中国人,这些具有破坏性的攻击可能会损害几十年来建立起来的合作关系。”
这样以中国自身利益出发进行沟通,是否能被中方所接受,现在判断还为时过早。美方之前也曾尝试过类似的论述,然而2011年4月,一名中国最高级别军方领导人来到五角大楼,拜访参谋长联席会议(Joint Chiefs of Staff)时,称自己不太了解网络武器,并称解放军并不使用网络武器。在这一方面,他听上去和奥巴马政府的口吻差不多,后者也从不谈论美国自身的网络武器库。
然而解放军的攻击以商业目标为主。它对于诸如航空航天设计,以及风能产品简图这类商业秘密很感兴趣。因为解放军在中国工业领域有很多投资,并且一直在寻求取得竞争优势。而且到目前为止,这些攻击也没有造成损失。
美国官员称这一局面必须改变。但应当采取何种应对方法,意见有很大分歧,从冷静谈判到经济制裁,还有人提出要由美国军方的网络战司令部(Cyber Command)发起反击。该司令部曾深入参与了美国和以色列对伊朗核燃料浓缩计划发动的网络攻击。
克里斯・约翰逊(Chris Johnson)曾在中央情报局(CIA)负责分析中国领导层的团队工作过20年。他说,“到目前为止的问题在于,我们能做出的反应,一方面是作出表态,另一方面是靠网络战司令部反击。但在两者之间,却没有多少其他手段。这就让应对变得如此困难。中国想要否认攻击行为、想要归咎于别人都非常容易,而且没人希望美国政府实施反击。”
这体现出了与美苏核对抗态势的另一个主要区别。在冷战时期,威慑是直截了当的。采取任何攻击,都将导致一次毁灭性的反击,因为付出的人命代价如此巨大,以至于任何一边都不愿发起攻击,即便是在古巴导弹危机这样的艰难抉择上也是一样。
但网络攻击却是另一回事。其中绝大多数采取的是刑事盗窃的方式,而不是毁坏。通常需要花费数周或数月的时间来确定一次攻击源自何方,因为攻击常常会借助其他位置的电脑服务器,使人无法辨认其来源。例如,对于《纽约时报》的一系列攻击源自中国,却借道不知情的美国大学的电脑系统。这就是为什么戴维・罗特科普夫(David Rothkopf)上周写道,这是一场“冷战”,不仅是因为其攻击通过远距离进行,还因为“它可以无限期,乃至永久地进行,也不会引发一场真枪实弹的战争。至少在理论上是如此。”罗特科普夫曾著有关于国家安全委员会(National Security Council)的书籍。
负责商业和经济事务的副国务卿罗伯特・霍马茨(Robert Hormats)等政府官员称,对抗网络攻击,获胜的关键在于向中国官方强调,这些攻击将损害他们经济增长的希望。“我们必须说清楚,”霍马茨说,“中国人将无法得到他们想要的东西”,他说这是指“我们最优秀的科技公司的投资,除非他们能让这一问题迅速得到控制”。
但情报委员会的罗杰斯主张采取一种对抗性更强的方式,包括“起诉行为不端的人”,并且拒绝向任何被认为与网络攻击有关的人及其家属,发放美国签证。
接下来的争论将涉及政府是否应当采取报复行动。华盛顿已经充斥着各种会议,讨论“对冲突升级的掌控”和“延伸的威慑”,这些术语全都来自冷战。
由于网络安全行业的增长,以及攻击性网络武器的开发,其中一些讨论十分热烈,尽管美国政府从来没有承认使用过网络武器,甚至在伊朗遭受的“震网”(Stuxnet)攻击也不愿承认。人们正在幕后严肃地讨论,美国基础设施受到何种程度的攻击,总统才会下令反击?尽管中国的黑客组织尚未认真尝试进行这样的攻击。
翻译:曹莉、林蒙克

——纽约时报

NEWS ANALYSIS

U.S. Confronts Cyber-Cold War With China

WASHINGTON — When the Obama administration circulated to the nation’s Internet providers last week a lengthy confidential list of computer addresses linked to a hacking group that has stolen terabytes of data from American corporations, it left out one crucial fact: that nearly every one of the digital addresses could be traced to the neighborhood in Shanghai that is headquarters to the Chinese military’s cybercommand.
That deliberate omission underscored the heightened sensitivities inside the Obama administration over just how directly to confront China’s untested new leadership over the hacking issue, as the administration escalates demands that China halt the state-sponsored attacks that Beijing insists it is not mounting.
The issue illustrates how different the worsening cyber-cold war between the world’s two largest economies is from the more familiar superpower conflicts of past decades — in some ways less dangerous, in others more complex and pernicious.
Administration officials say they are now more willing than before to call out the Chinese directly — as Attorney General Eric H. Holder Jr. did last week in announcing a new strategy to combat theft of intellectual property. ButPresident Obama avoided mentioning China by name — or Russia or Iran, the other two countries the president worries most about — when he declared in his State of the Union address that “we know foreign countries and companies swipe our corporate secrets.” He added: “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions and our air traffic control systems.”
Defining “enemies” in this case is not always an easy task. China is not an outright foe of the United States, the way the Soviet Union once was; rather, China is both an economic competitor and a crucial supplier and customer. The two countries traded $425 billion in goods last year, and China remains, despite many diplomatic tensions, a critical financier of American debt. As Hillary Rodham Clinton put it to Australia’s prime minister in 2009 on her way to visit China for the first time as secretary of state, “How do you deal toughly with your banker?”
In the case of the evidence that the People’s Liberation Army is probably the force behind “Comment Crew,” the biggest of roughly 20 hacking groups that American intelligence agencies follow, the answer is that the United States is being highly circumspect. Administration officials were perfectly happy to have Mandiant, a private security firm, issue the report tracing the cyberattacks to the door of China’s cybercommand; American officials said privately that they had no problems with Mandiant’s conclusions, but they did not want to say so on the record.
That explains why China went unmentioned as the location of the suspect servers in the warning to Internet providers. “We were told that directly embarrassing the Chinese would backfire,” one intelligence official said. “It would only make them more defensive, and more nationalistic.”
That view is beginning to change, though. On the ABC News program “This Week” on Sunday, Representative Mike Rogers, Republican of Michigan and chairman of the House Intelligence Committee, was asked whether he believed that the Chinese military and civilian government were behind the economic espionage. “Beyond a shadow of a doubt,” he replied.
In the next few months, American officials say, there will be many private warnings delivered by Washington to Chinese leaders, including Xi Jinping, who will soon assume China’s presidency. Both Tom Donilon, the national security adviser, and Mrs. Clinton’s successor, John Kerry, have trips to China in the offing. Those private conversations are expected to make a case that the sheer size and sophistication of the attacks over the past few years threatens to erode support for China among the country’s biggest allies in Washington, the American business community.
“America’s biggest global firms have been ballast in the relationship” with China, said Kurt M. Campbell, who recently resigned as assistant secretary of state for East Asia to start a consulting firm, the Asia Group, to manage the prickly commercial relationships. “And now they are the ones telling the Chinese that these pernicious attacks are undermining what has been built up over decades.”
It is too early to tell whether that appeal to China’s self-interest is getting through. Similar arguments have been tried before, yet when one of China’s most senior military leaders visited the Joint Chiefs of Staff at the Pentagon in April 2011, he said he didn’t know much about cyberweapons — and said the P.L.A. does not use them. In that regard, he sounded a bit like the Obama administration, which has never discussed America’s own cyberarsenal.
Yet the P.LA.’s attacks are largely at commercial targets. It has an interest in trade secrets like aerospace designs and wind-energy product schematics: the army is deeply invested in Chinese industry and is always seeking a competitive advantage. And so far the attacks have been cost-free.
American officials say that must change. But the prescriptions for what to do vary greatly — from calm negotiation to economic sanctions and talk of counterattacks led by the American military’s Cyber Command, the unit that was deeply involved in the American and Israeli cyberattacks on Iran’s nuclear enrichment plants.
“The problem so far is that we have rhetoric and we have Cyber Command, and not much in between,” said Chris Johnson, a 20-year veteran of the C.I.A. team that analyzes the Chinese leadership. “That’s what makes this so difficult. It’s easy for the Chinese to deny it’s happening, to say it’s someone else, and no one wants the U.S. government launching counterattacks.”
That marks another major difference from the dynamic of the American-Soviet nuclear rivalry. In cold war days, deterrence was straightforward: any attack would result in a devastating counterattack, at a human cost so horrific that neither side pulled the trigger, even during close calls like the Cuban missile crisis.
But cyberattacks are another matter. The vast majority have taken the form of criminal theft, not destruction. It often takes weeks or months to pin down where an attack originated, because attacks are generally routed through computer servers elsewhere to obscure their source. A series of attacks on The New York Times that originated in China, for example, were mounted through the computer systems of unwitting American universities. That is why David Rothkopf, the author of books about the National Security Council, wrote last week that this was a “cool war,” not only because of the remote nature of the attacks but because “it can be conducted indefinitely — permanently, even — without triggering a shooting war. At least, that is the theory.”
Administration officials like Robert Hormats, the under secretary of state for business and economic affairs, say the key to success in combating cyberattacks is to emphasize to the Chinese authorities that the attacks will harm their hopes for economic growth. “We have to make it clear,” Mr. Hormats said, “that the Chinese are not going to get what they desire,” which he said was “investment from the cream of our technology companies, unless they quickly get this problem under control.”
But Mr. Rogers of the intelligence committee argues for a more confrontational approach, including “indicting bad actors” and denying visas to anyone believed to be involved in cyberattacks, as well as their families.
The coming debate is over whether the government should get into the business of retaliation. Already, Washington is awash in conferences that talk about “escalation dominance” and “extended deterrence,” all terminology drawn from the cold war.
Some of the talk is overheated, fueled by a growing cybersecurity industry and the development of offensive cyberweapons, even though the American government has never acknowledged using them, even in the Stuxnet attacks on Iran. But there is a serious, behind-the-scenes discussion about what kind of attack on American infrastructure — something the Chinese hacking groups have not seriously attempted — could provoke a president to order a counterattack.

没有评论:

发表评论

页面