Google Asks Spy Agency for Help With Inquiry Into Cyberattacks

原文地址：http://www.nytimes.com/2010/02/05/science/05google.html

Google Asks Spy Agency for Help With Inquiry Into Cyberattacks

Google 向情报部门请求帮助以抵挡黑客袭击

By JOHN MARKOFF

Published: February 4, 2010

SAN FRANCISCO — Google has turned to the National Security Agency for technical assistance to learn more about the computer network attackers who breached the company’s cybersecurity defenses last year, a person with direct knowledge of the agreement said Thursday.

Google正在去年发生的危及到他们公司网络安全的网络攻击向NSA（美国国家安全局）寻求更多的帮助，一位内部知晓合作消息人士在周四透露。

The collaboration between Google, the world’s largest search engine company, and the federal agency in charge of global electronic surveillance raises both civil liberties issues and new questions about how much Google knew about the electronic thefts it experienced when it stated last month that it might end its business operations in China, where it said the attacks originated. The agreement was first reported on Wednesday evening by The Washington Post.

此次的合作在全球最大的搜索引擎公司Google与负责监控全球电子信息的联邦机构，而这引发了关于公民自由权的担忧和一个新的问题——Google当它上个月在宣布可能因为源自中国的网络袭击而结束在中国的业务的时候关于电子信息被窃具体知道多少。这份协议在周三晚上被华盛顿邮报所第一次披露。

By turning to the N.S.A., which has no statutory authority to investigate domestic criminal acts, instead of the Department of Homeland Security, which does have such authority, Google is clearly seeking to avoid having its search engine, e-mail and other Web services regulated as part of the nation’s “critical infrastructure.”

通过寻求与国家安全局这个没有国内犯罪调查权利的机构合作，而不是与有这种权利的机构国土安全部寻求合作，Google很明确的是要避免使它的搜索引擎、Email和其他网络服务被当作国家的“重要基础结构”而被控制。

The United States government has become increasingly concerned about the computer risks confronting energy and water distribution systems and financial and communications networks. Systems designated as critical infrastructure are increasingly being held to tighter regulatory standards.

美国政府越来越关注计算机在能源与水配给网络和金融与通信网络上面临的危险。作为基础架构的系统在被选定时正在以更加高的标准加以选择。

On Jan. 12, Google announced a “new approach to China,” stating that the attacks were “highly sophisticated” and came from China. At the time, it gave few details about the attacks other than to say that a theft of its intellectual property had occurred and that a primary goal of the attackers had been to gain access to the Gmail accounts of Chinese human rights activists.

在1月12日，Google宣布了：“针对中国的新策略”，指出了黑客攻击是“非常熟练的”而且来自中国。在那时，Google关于网络攻击只给了很少的细节，不同于此，Google直接表明了窃取信息的人主要的目标是获取中国维权人士的Gmail账户。

In reaching out to the N.S.A., which has extensive abilities to monitor global Internet traffic, the company may have been hoping to gain more certainty about the identity of the attackers. A number of computer security consultants who worked with other companies that experienced attacks similar to those of Google have stated that the surveillance system was controlled from a series of compromised server computers based in Taiwan. It is not clear how Google determined that the attacks originated in China.

通过向拥有监管全球网络流量能力的机构NSA抛出橄榄枝，Google公司也许是想要获得更多关于袭击者的信息。一些与其他公司一同工作的电脑安全顾问感觉到这些袭击像同对Google描述的一样，那就是这些袭击的控制电脑全部来自台湾。目前尚不清楚Google如何确定这些攻击源自中国。

A Google spokeswoman said the company was declining to comment on the case beyond what it published last month. An N.S.A. spokeswoman said, “N.S.A. is not able to comment on specific relationships we may or may not have with U.S. companies,” but added, the agency worked with “a broad range of commercial partners” to ensure security of information systems.

一位Google的发言人说他们公司拒绝就上个月公布内容之外的东西进行评论。而NSA的发言人说：“NSA不能对未知的与美国公司的特定合作进行评论。”但又进一步说他们机构会为了保障信息系统安全而和“很多公司”进行合作。

The agency’s responsibility to secure the government’s computer networks almost certainly was another reason Google turned to it, said a former federal computer security specialist.

NSA为了政府电脑网络安全的回应几乎确定了另一个Google与它合作的原因，一位前联邦电脑安全专家说。

“This is the other side of N.S.A. — this is the security service that does defensive measures,” said the specialist, James A. Lewis, a director at the Center for Strategic and International Studies. “It’s not unusual for people to go to N.S.A. and say ‘please take a look at my code.’ ”

“这就是NSA的另一面——提供安全服务的保障手段。” 国际战略研究中心的专家James A.Lewis说到：“这种人们去跟NSA说‘请看一眼我的代码吧’的行为并不常见。”

The agreement will not permit the agency to have access to information belonging to Google users, but it still reopens long-standing questions about the role of the agency.

这份协议并不会允许NSA获取Google用户们的信息，但是仍会重开长久以来对于这个机构定位的疑问。

“Google and N.S.A. are entering into a secret agreement that could impact the privacy of millions of users of Google’s products and services around the world,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center, a Washington-based policy group. On Thursday, the organization filed a lawsuit against the N.S.A., calling for the release of information about the agency’s role as it was set out in National Security Presidential Directive 54/Homeland Security Presidential Directive 23 , a classified 2008 order issued by President George W. Bush dealing with cybersecurity and surveillance.

“Google与NSA的合作会对世界上数以百万计使用Google产品用户的隐私产生重要的影响。”来自华盛顿政治团体电子隐私信息中心的主管Marc Rotenberg说。在周四的时候买这个组织起诉了NSA，说它超出了小布什总统关于2008年关于网络安全与监管而制定的《国家安全保障第54号总统令》和《国土安全保障第23号总统令》所划定的范围。

Concerns about the nation’s cybersecurity have greatly increased in the past two years. On Tuesday, Dennis C. Blair, the director of national intelligence, began his annual threat testimony before Congress by saying that the threat of a crippling attack on telecommunications and other computer networks was growing, as an increasingly sophisticated group of enemies had “severely threatened” the sometimes fragile systems behind the country’s information infrastructure.

在过去的两年关于国家网络安全的关注已经激增。在周二的时候，国家情报局局长Dennis C. Blair在国会发表针对电信的袭击减少而针对电脑的袭击增加的言论之前开始他年度的风险报告，而增长迅猛的敌人已经“严重威胁”了有时落在国家信息架构身后的易碎的电脑系统。

“Malicious cyberactivity is occurring on an unprecedented scale with extraordinary sophistication,” he told the committee.

他告诉委员会说：“恶意的网络行为正在不可预知的范围内伴随着异乎老练的手法出现。”

The relationship that the N.S.A. has struck with Google is known as a cooperative research and development agreement, according to a person briefed on the relationship. These were created as part of the Federal Technology Transfer Act of 1986 and are essentially a written agreement between a private company and a government agency to work together on a specific project. They are intended to help accelerate the commercialization of government-developed technology.

根据一人简述的内容，NSA与Google的关系是合作研究开发协议。这是作为《联邦政府技术转让法》的一部分而做出的，而且本质上是的针对特定项目公司与政府部门之间的一个秘密协定。他们倾向于加速政府开发科技的商业化进程。

In addition to the N.S.A., Google has been working with the F.B.I. on the attack inquiry, but the bureau has so far declined to comment publicly or to share information about the intrusions with Congress.

除了与NSA的合作之外，Google还被FBI（联邦调查局）在网络网络袭击问题上进行了询问么不过FBI到目前为止仍然拒绝向大众评论此事或是向国会分享关于网络入侵的信息