|
查看原文
China has been the target of serious cyberattacks from the United States, but Beijing has neverblamed Washington or the Pentagon because such accusations would be "technicallyirresponsible", Chinese Internet insiders said.
The cyberattacks from the US have been as grave as the ones the US claims China hasconducted, they said on Tuesday.
China's Internet emergency response agencyhas tried its best to handle all the UScomplaints made this year, they said.
However, the US never mentioned thealleged Chinese hacking theft of the designsof more than 20 kinds of top US weapons, butinstead gave the unverified informationdirectly to the media.
"We have mountains of data, if we wanted toaccuse the US, but it's not helpful in solvingthe problem," said Huang Chengqing,director of the National Computer NetworkEmergency Response TechnicalTeam/Coordination Center of China, alsoknown as CNCERT.
"The importance of handling Internet securitycases keeps rising, but the issue can only besettled through communication, notconfrontation."
Huang's remarks came after a slew of reportsaccusing China of hacking were released inthe US this year. High-ranking officials inWashington also pressed Beijing on the issuein recent weeks.
According to CNCERT, in the first five monthsof this year, 13,408 overseas trojan horsesor bot control servers — two popular hackingtools — hijacked around 5.63 millionmainframes in China. Of those, 4,062 US-based control servers hijacked 2.91 millionmainframes in China.
The US ranked first in both the number ofcontrol servers and the number of mainframes controlled in China.
In the same period, websites of 249 important Chinese organizations including governmentdepartments, key information systems and research institutions were implanted with backdoorprograms. Among them, 54 websites were hijacked by US-based IP addresses for stealinginformation.
"However, it's hard to judge whether the US government supported or got involved in thehacking. Besides, hackers can easily hide their real location and identities," Huang said.
"So technically it is irresponsible and unfounded for some people to talk about alleged hackingsupported by the Chinese authorities."
As for the Washington Post report in late May about Chinese hacking on US weapons, Huangsaid design information of top-class weapons are usually listed as top national secrets. "Evenfollowing the general principle of secret-keeping, it should not have been linked to the Internet."
Huang said his agency has been fighting with hackers. Except for daily work of Internet securitymonitoring, prewarning and emergency response, CNCERT cut hackers’ remote control on39.37 million infected mainframes in 2012.
The agency has set up Internet security cooperative relations with 91 organizations in 51countries and regions.
Huang said a case in March explains the importance of such cooperation. At that time, SouthKorea suspected that Chinese hackers paralyzed the network of some local media and banksand required assistance from CNCERT. Through joint efforts, it was discovered that the IPaddress connected to the hacking was in the range of Chinese IP addresses but was actuallyused by a South Korean bank.
As for cooperation with the US, Huang said in the first four months of this year CNCERTreceived 32 Internet security cases from the US, among the 227 complaints from abroad.
They handled the US cases in time, except for attempted IP address attacks, which lackedsufficient proof. And they sent feedback to the US on all the cases.
"But they did not mention these efforts, instead they advocated cases that they never let usknow about. Some cases can be addressed if they had talked to us, why not let us know? It isnot a constructive train of thought to solve problems," Huang said.
"Besides, we have smooth communication at the civil level. I don't understand why all levels ofthe US government are accusing China of cybersecurity recently. I felt it is driven by somepolitical intentions, though I don't know what the intentions are."
Huang said he noticed the US has kept beefing up its cyberwar forces as it hyped hackingthreats from China.
After Mandiant, a Washington-based cybersecurity group, said in a report in February that thePeople's Liberation Army sponsors hacking, US Cyber Command and National Security Agencychief General Keith Alexander told Congress in March that of the 40 new Cyber Commandteams being assembled, 13 would be focused on offensive operations.
Gao Xinmin, vice-chairman of Internet Society of China, said: "The US is much more dependenton the Internet than developing nations, so it is fully understandable that they attach greatimportance to the issue."
"However, because of the lack of mutual trust, it is easy for some countries to blame hacking onother governments. And driven by some political needs, the dirty water is often poured ontoChina," Gao said.
The White House has announced that cybersecurity will be high on the agenda of President XiJinping's meeting with US President Barack Obama this week in California.
CNCERT's Huang said it is necessary to have multi-level talks, but the most effective way is to"start from the basic level" and beef up communication between frontline agencies, such asemergency response organizations, from relevant countries.
|
查看譯文
中國國家級網(wǎng)絡(luò)安全應(yīng)急機(jī)構(gòu)和互聯(lián)網(wǎng)協(xié)會的高層人士周二表示,中國遭受來自美國的網(wǎng)絡(luò)攻擊的嚴(yán)重程度并不亞于美國所聲稱的來自中國的威脅���,但中國采取了“對事不對國”的態(tài)度���,從未為此怪罪美國政府或軍隊(duì)��,因?yàn)椤凹夹g(shù)層面上這樣的做法不負(fù)責(zé)任”����。
他們還表示,中方今年已盡其所能地處理并反饋了美國計(jì)算機(jī)緊急響應(yīng)小組(US-CERT)向中方投訴的個(gè)案��。這些專業(yè)人士稱美方從未向中國國家計(jì)算機(jī)網(wǎng)絡(luò)應(yīng)急技術(shù)處理協(xié)調(diào)中心(CNCERT)提及美國媒體近期報(bào)道的中國黑客盜取美國重大武器系統(tǒng)設(shè)計(jì)一事��,而是直接把未經(jīng)證實(shí)的資料泄露給媒體�����。
這些官員是在《中國日報(bào)》的專訪中就美方最近密集發(fā)表所謂中國在網(wǎng)絡(luò)安全方面對美構(gòu)成極大威脅的言論����,以及美方高官不斷就此對北京施壓的情況做此表態(tài)的。
“如果我們想指責(zé)美國的話有大量數(shù)據(jù)�����,但這無助于問題的解決����,隨著信息化的發(fā)展,網(wǎng)絡(luò)安全事件的處理越來越重要���。但這些問題的解決應(yīng)該通過對話而不是對抗�����?��!盋NCERT主任黃澄清說�。
據(jù)CNCERT向《中國日報(bào)》獨(dú)家披露的最新數(shù)據(jù)���,2013年1至5月�,境外約有13408臺木馬或僵尸網(wǎng)絡(luò)控制服務(wù)器控制了中國境內(nèi)近563萬臺主機(jī)��,其中位于美國的4062臺控制服務(wù)器控制了中國境內(nèi)近291萬臺主機(jī)�����,無論是按照控制服務(wù)器數(shù)量還是按照控制我國主機(jī)數(shù)量規(guī)模進(jìn)行排名�,美國都名列第一。
此外����,同期中國有249個(gè)重要政府部門、重要信息系統(tǒng)和科研機(jī)構(gòu)等單位的網(wǎng)站被境外入侵并植入網(wǎng)站后門��,其中54個(gè)單位被美國地址入侵和竊取信息。
“但是很難判定美國政府支持和參與了這些事件����。另外�����,擁有專業(yè)技術(shù)的黑客可以輕而易舉的隱藏自己的真實(shí)位置和身份��。所以單從技術(shù)層面上講�,一些國家和人士有關(guān)中國網(wǎng)絡(luò)安全威脅論的言論是不負(fù)責(zé)任和缺乏依據(jù)的?!秉S澄清說。
至于《華盛頓郵報(bào)》5月底報(bào)道的中國竊取美國二十多項(xiàng)武器設(shè)計(jì)機(jī)密的指責(zé)��,黃表示尖端武器的研制資料一般被列為國家最高等級機(jī)密��,“即使遵循一般的保密原則�,也絕不可能放在互聯(lián)網(wǎng)上”。
黃說事實(shí)上他負(fù)責(zé)的機(jī)構(gòu)一直在與黑客做著艱苦的斗爭�����。除了日常的網(wǎng)絡(luò)安全事件的監(jiān)測�、預(yù)警和應(yīng)急處置工作外��,2012年CNCERT切斷了黑客對3937萬余臺感染主機(jī)的遠(yuǎn)程操控��。
這個(gè)機(jī)構(gòu)目前已經(jīng)與51個(gè)國家和地區(qū)的91個(gè)組織建立了網(wǎng)絡(luò)安全合作關(guān)系���。
黃說,今年3月有一個(gè)案例,當(dāng)時(shí)韓國懷疑中國的黑客行為導(dǎo)致了當(dāng)?shù)匾恍┟襟w和銀行計(jì)算機(jī)網(wǎng)絡(luò)同時(shí)癱瘓,韓國通過CNCERT請求幫助協(xié)調(diào)�,經(jīng)雙方共同努力,證實(shí)疑似IP地址實(shí)為韓國銀行內(nèi)部自用��,而其恰好使用了中國IP地址范圍����,從而導(dǎo)致韓方誤認(rèn)為攻擊來自中國。
黃澄清說�,今年1月至4月CNCERT接到的227起來自境外的網(wǎng)絡(luò)安全投訴中,有32起來自US-CERT���。除了部分惡意IP地址嘗試攻擊事件因?qū)Ψ教峁┳C據(jù)不足無法處理外����,其余的事件中方均及時(shí)處理并向美方反饋�����。
“但他們并沒有提到這些,而是把沒有告訴我們的問題大肆渲染��,如果跟我們說的話有些問題是能解決的��,為什么不讓我們知道呢����?這不是解決問題的建設(shè)性思路�,”他說。
“另外�,現(xiàn)在民間層面的溝通是暢通的,但我們不知道為什么近一段時(shí)間來美國政府各個(gè)層面都在就網(wǎng)絡(luò)安全問題攻擊中國�。我認(rèn)為這種做法是出于政治上的考量,盡管我不清楚他們的目的�����?���!?/p>
黃說他注意到美國在發(fā)布“中國黑客威脅論”的同時(shí)一直在加強(qiáng)自己網(wǎng)絡(luò)戰(zhàn)的力量。美國網(wǎng)絡(luò)安全公司曼迪昂特2月18日發(fā)布報(bào)告指責(zé)中國軍方黑客威脅���,3月12日美國網(wǎng)絡(luò)戰(zhàn)司令部司令亞歷山大隨即宣布新增40支網(wǎng)絡(luò)部隊(duì)�,其中13支確定用來進(jìn)攻。
“美國社會對網(wǎng)絡(luò)的依存度比我們發(fā)展中國家高的多�����,所以他們對網(wǎng)絡(luò)安全更加重視是可以理解的����,”中國互聯(lián)網(wǎng)協(xié)會副理事長高新民說。
“但有些國家之間由于缺乏戰(zhàn)略互信����,容易認(rèn)為攻擊源受到對方政府的支持,再加上某些政治需要��,經(jīng)常把臟水潑向中國��。這樣只會加深猜忌��,”他說��。
關(guān)于白宮宣布網(wǎng)絡(luò)安全將會是國家主席習(xí)近平和美國總統(tǒng)奧巴馬本周在加州會晤的首要議題之一�����,黃澄清表示多層次溝通是必要的,但最有效的辦法是從基層做起�����,讓網(wǎng)絡(luò)安全應(yīng)急處置的專業(yè)部門和各國政府執(zhí)法部門開始加強(qiáng)溝通���。
CNCERT已經(jīng)參與了美國東西方研究所牽頭舉行的定期國際民間網(wǎng)絡(luò)安全問題溝通和協(xié)調(diào)�。黃說他欣賞該機(jī)構(gòu)“積極和建設(shè)性的”的態(tài)度和具體的解決方法�����。據(jù)《紐約時(shí)報(bào)》5月26日報(bào)道����,東西方研究所正同包括中美在內(nèi)的多個(gè)國家政府代表合作討論信息技術(shù)基礎(chǔ)設(shè)施保護(hù)方面的基本規(guī)則��。
“互聯(lián)網(wǎng)是自下而上發(fā)展起來的����,現(xiàn)在單純靠政府解決全部問題是不現(xiàn)實(shí)的。而東西方研究所跟各個(gè)層面建立了廣泛的溝通渠道���,”黃說�����。
2011年��,CNCERT完成了與該機(jī)構(gòu)開展的為期兩年的中美網(wǎng)絡(luò)安全對話機(jī)制反垃圾郵件專題研究���。從2012年至今����,雙方正在就”反黑客攻擊”專題開展對話��。
相關(guān)閱讀
中國傳統(tǒng)文化走進(jìn)特多
新加坡大學(xué)看好中國 旨求加強(qiáng)合作
新西蘭女孩的中國雜技夢 --艾瑪學(xué)藝記
后劉翔時(shí)代 中國田徑并不沒落
女用安全套:中國女性新的選擇
(中國日報(bào)記者李瀟堃編譯)
|
