

2022-12-31 来源:爱go旅游网
Unit 3

(Para. 1)A recent simulation of a devastating cyberattack on America was crying for a Bruce Willis lead:A series of mysterious attacks crippled much of the national infrastructure, including air traffic, financial markets and even basic email.


If this was not bad enough, an unrelated electricity outage took down whatever remained of the already unplugged East Coast.


(Para. 2)The simulation—funded by a number of major players in network security,

organized by the Bipartisan Policy Center, a Washington-based think tank,and broadcast on CNN on a Saturday night—had an unexpected twist.


The American government appeared incompetent, indecisive and confused (past government officials, including former Secretary of Homeland Security Michael Chertoff and former Deputy Secretary of State John Negroponte, were recruited to play this glamorous role on TV). “The U.S. is unprepared for cyberwar,” the simulation’s organizers grimly concluded.


(Para. 3)The past few months have been packed with cyber-jingoism from former and current national security officials. 这几个月以来,到处充斥着来自前任和现任国家安全官员的网络主战论。

Richard Clarke, a former cybersecurity adviser to two administrations, says in his new book that “cyberwar has already begun.” Testifying in Congress in February, Mike McConnell, former head of the National Security Agency, argued that “if we went to war today in a cyberwar, we would lose.” Speaking in late April, Director of Central Intelligence Leon Panetta said that “the next Pearl Harbor is likely to be a cyberattacking going after our grid.” 前两部门网络安全顾问理查德·克拉克在他最近的新书里提到:“网络战已


(Para. 4)The murky nature of recent attacks on Google—in which someone tricked a Google employee into opening a malicious link that eventually allowed intruders to access parts of Google’s password-managing software, has only added to public fears.


If the world’s most innovative technology company cannot protect its computers from such digital aggression, what can we expect from the bureaucratic chimera that is the Department of Homeland Security?


(Para. 5)Google should be applauded for going on the record about the cyber-attacks; most companies prefer to keep quiet about such incidents.


But do hundreds—or even thousands—of such incidents that target both the private and the public sector add up to the imminent threat of a “cyberwar” that is worthy of such hype? The evidence so far looks too shaky.


(Para. 6)Ironically, the more we spend on securing the Internet, the less secure we appear to feel. 可笑的是,在网络防卫上投入得越多,我们就越觉得不安全。

A 2009 report by Input, a marketing intelligence firm, projected that government spending on cybersecurity would grow at a compound rate of 8.1% in the next five years. A March report from consulting firm Market Research Media estimates that the government’s total spending on cybersecurity between now and 2015 is set to hit $55 billion, with strong growth predicted in areas such as Internet-traffic surveillance and monitoring.

一份2009年来自营销智囊团Input公司的报告预测在未来五年,政府花在网络安全上的经费将以8.1%的综合速度增长。另一份于3月出自顾问公司Market Research Media的报告估计从今年起到2015年政府用于网络安全的总费用将直逼550亿美元,其中预计诸如网络传输监控和追踪等领域增长尤为迅速。

(Para. 7) Given the previous history of excessively tight connections between our government and many of its contractors, it’s quite possible that the over-dramatized rhetoric of those cheerleading the cyberwar has helped to add at least a few billion dollars to this price tag. Mr. McConnell's current employer, Booz Allen Hamilton, has just landed $34 million in cyber security contracts with the Air Force. In addition to writing books on the subject, Richard Clarke is a partner in a security firm, Good Harbor Consulting.


分鼓吹网络战的承包商完全可能使得费用至少增加几十亿。麦克·麦可科奈尔先生的现任雇主艾伦·汉密尔顿已经与空军签订价值三千四百万关于网络安全合同。除了写与网络安全相关的文章外,理查德·克拉克还是Good Harbor Consulting安全公司的成员之一。

(Para. 8a)Both Messrs. McConnell and Clarke—as well as countless others who have made a successful transition from trying to fix the government’s cyber security problems from within to offering their services to do the same from without—are highly respected professionals and their opinions should not be taken lightly, if only because they have seen more classified reports 麦克·麦可科奈尔与克拉克,甚至那些数不胜数的实现了成功过渡的人们,由于他们先确认了政府的网络安全问题紧接着为这些问题提供帮助,因此他们被誉为备受尊敬的专业人士,除此之外,如果仅仅因为他们见识过更加专业化的报道,他们的想法也不该被轻视。

(Para. 8b)Their stature, however, does not relieve them of the responsibility to provide some hard evidence to support their claims. We do not want to sleepwalk into a cyber-Katrina, but neither do we want to hold our policy-making hostage to the rhetorical ploys of better-informed government contractors.


(Para. 9)Steven Walt, a professor of international politics at Harvard, believes that the nascent debate about cyberwar presents “a classical opportunity for threat inflation.” Mr Walt points to the resemblance between our current deliberations about online security and the debate about nuclear arms during the Cold War.


Back then, those working in weapons labs and the military tended to hold more alarmist views than many academic experts, arguably because the livelihoods of university professors did not depend on having to hype up the need for arms racing.


(Para. 10)Markus Ranum, a veteran of the network security industry and a noted critic of the cyber war hype, points to another similarity with the Cold War.


Today’s hype, he says, leads us to believe that “we need to develop an offensive capability in order to defend against an attack that isn’t coming—it’s the old ‘bomber gap’ all over again: a flimsy excuse to militarize.”


(Para. 11)How dire is the threat? Ask two experts and you will get different opinions. Just last month, Lt. Gen. Keith Alexander, director of the NSA, told the Senate’s Armed Services Committee that U.S. military networks were seeing “hundreds of thousands of probes a day.” However, speaking at a March conference in San Francisco, Howard Schmidt, Obama’s recently appointed cybersecurity czar, said that “there is no cyberwar,” adding that it is “a terrible metaphor” and a “terrible concept.”


(Para. 12) The truth is, not surprisingly, somewhere in between. There is no doubt that the Internet brims with spamming, scamming and identity fraud.


Having someone wipe out your hard drive or bank account has never been easier, and the tools for committing electronic mischief on your enemies are cheap and widely accessible.


(Para. 13)This is the inevitable cost of democratizing access to multi-purpose technologies. Just as any blogger can now act like an Ed Murrow, so can any armchair-bound cyberwarrior act like the über-hacker Kevin Mitnick, who was once America’s most-wanted computer criminal and now runs a security consulting firm.



But just as it is wrong to conclude that the amateurization of media will bring on a renaissance of high-quality journalism, so it is wrong to conclude that the amateurization of cyberattacks will usher in a brave new world of destructive cyberwarfare.


(Para. 14)From a strictly military perspective, “cyberwar”—with a small “c”—may very

well exist, playing second fiddle to ongoing military conflict, the one with tanks, shellfire and all. The Internet—much like the possibility of air combat a century ago—has opened new possibilities for military operations: block the dictator’s bank account or shut down his propaganda-infested broadcast media. Such options were already on the table—even though they appear to have been used sparingly— during a number of recent wars.


(Para. 15a)Why have such tactics—known in military parlance as “computer network attacks”—not been used more widely? As revolutionary as it is, the Internet does not make centuries-old laws of war obsolete or irrelevant. Military conventions, for example, require that attacks distinguish between civilian and military targets. In decentralized and interconnected cyberspace, this requirement is not so easy to satisfy: A cyberattack on a cellphone tower used by the adversary may affect civilian targets along with military ones.


(Para. 15b)When in 2008 the U.S. military decided to dismantle a Saudi Internet forum—initially set up by the CIA to glean intelligence but increasingly used by the jihadists to plan on attacks in Iraq — it inadvertently caused disruption to more than 300 servers in Saudi Arabia, Germany and Texas. A weapon of surgical precision the Internet certainly isn’t, and damage to civilians is hard to avoid. Military commanders do not want to be tried for war crimes, even if those crimes are committed online.


(Para. 16)All of these distinct threats require quite distinct policy responses that can balance the risks with the levels of devastation. We probably want very strong protection against cyberterror, moderate protection against cybercrime, and little to no protection against juvenile cyber-hooliganism。



(Para. 17)Perfect security—in cyberspace or in the real world—has huge political and social costs, and most democratic societies would find it undesirable. Just like we don’t put up armed guards to protect every city wall from graffiti, we should not overreact in cyberspace.


(Para. 18)Recasting basic government problems in terms of a global cyber struggle won’t make us any more secure. The real question is, “Why are government computers so vulnerable to very basic and unsophisticated threats?” This is not a question of national security; it is a question of basic government incompetence.


(Para. 19a)Thus, when a series of fairly unsophisticated attacks crashed the websites of 27 government agencies—including those of the Treasury Department, Secret Service and Transportation Department—during last year’s July Fourth weekend, it was panic time.


(Para. 19b) But whoever was behind the attacks, it was not their sophistication or strength that crashed the government’s websites. Network security firm Arbor Networks described the attacks as “pretty modest-sized.” What crashed the websites was the incompetence of the people who ran them. If “pretty modest-sized” attacks can cripple them, someone is not doing their job.

但无论发起攻击的背后的黑客是谁,都不是它的高超技术和力量击溃了政府网站。网络安全公司Arbor Networks描述道“攻击规模是中等的”。真正使网站崩溃的原因是运行它的人员的无能。如果连中等规模的攻击都能使它瘫痪,那么一定是有什么人没有履行好他们的职责。

(Para. 20)What is worse, any major re-engineering of the Internet could derail other ambitious initiatives of the U.S. government, especially its efforts, to promote Internet freedom. Urging China and Iran to keep their hands off the Internet would work only if Washington sticks to its own advice; otherwise, we are trading in hype.



(Para. 21)In reality, we don’t need to develop a new set of fancy all-powerful weaponry to secure cyberspace. In most cases the threats are the same as they were 20 years

ago; we still need to patch security flaws, update anti-virus databases and ban suspicious users from our sites. It’s human nature, not the Internet, that we need to conquer and re-engineer to feel more secure.


But it’s through rational deliberation, not fear-mongering, that we can devise policies that will accomplish this.

