NYT:Two Chinese Schools Said to Be Tied to Online Attacks
译文:纽约时报:两所中国学校被指参与了网络攻击
2所中国学校被指参与了网络攻击
SAN FRANCISCO — A series of online attacks on Google and dozens of other American corporations have been traced to computers at two educational institutions in China, including one with close ties to the Chinese military, say people involved in the investigation.
旧金山电——一系列针对谷歌和其他美国公司的网络袭击的源头已经被锁定在了2所中国的教育机构,其中还包括一所跟中国军方关系十分紧密,参与调查的人员这样说到。
They also said the attacks, aimed at stealing trade secrets and computer codes and capturing e-mail of Chinese human rights activists, may have begun as early as April, months earlier than previously believed. Google announced on Jan. 12 that it and other companies had been subjected to sophisticated attacks that probably came from China.
他们同时也透露这次的旨在窃取商业机密,电脑源码和获取中国维权人士电邮的袭击可能在4月份就已经开始了,这大大早于先前的猜想。谷歌在1月12日宣称说它自己和其他一些公司已经成为可能源自中国复杂的网络袭击的目标。
Computer security experts, including investigators from the National Security Agency, have been working since then to pinpoint the source of the attacks. Until recently, the trail had led only to servers in Taiwan.
包括国家安全局(NSA)在内的电脑安全专家自那以后就开始要找出这次攻击的源头。直到不久前,也只能找到几个几个来自台湾地区的源头。
If supported by further investigation, the findings raise as many questions as they answer, including the possibility that some of the attacks came from China but not necessarily from the Chinese government, or even from Chinese sources.
如果根据后期的调查来看,发现的问题与得到的答案一样多,其中包括了这次网络袭击来自中国但并不是来自官方,甚至有可能不是来自中国。
Tracing the attacks further back, to an elite Chinese university and a vocational school, is a breakthrough in a difficult task. Evidence acquired by a United States military contractor that faced the same attacks as Google has even led investigators to suspect a link to a specific computer science class, taught by a Ukrainian professor at the vocational school.
更进一步的追溯这个源头,它指向了一所中国重点大学和一所职业学校,这是此次艰难任务的一个重大突破。从面临同谷歌一样受到攻击的美国军方供应商获得的证据显示一个有攻击嫌疑的链接指向了一个特定的电脑课程班级,这是由一位乌克兰教授在这所职业学校所教授的。
The revelations were shared by the contractor at a meeting of computer security specialists.
The Chinese schools involved are Shanghai Jiaotong University and the Lanxiang Vocational School, according to several people with knowledge of the investigation who asked for anonymity because they were not authorized to discuss the inquiry.
这个进展是在一次电脑安全专家会面上所分享的。
涉及到此次攻击的是上海交通大学和蓝翔职业技术学校,这是几位参与调查的专家匿名透露的,因为他们没有授权与外界讨论这次调查。
Jiaotong has one of China’s top computer science programs. Just a few weeks ago its students won an international computer programming competition organized by I.B.M. — the “Battle of the Brains” — beating out Stanford and other top-flight universities.
上海交大有着中国顶级的计算机科学项目。就在几个星期之前,来自交大的学生刚刚赢得了一个由IBM举办的国际计算机成绩程序比赛的奖项——这场“智力的比赛”——他们打败了来自斯坦福和其他几所最顶尖的高校的学生。
Lanxiang, in east China’s Shandong Province, is a huge vocational school that was established with military support and trains some computer scientists for the military. The school’s computer network is operated by a company with close ties to Baidu, the dominant search engine in China and a competitor of Google.
蓝翔技校位于中国东部的省份山东,它是一所由军方设立用来为军队培养计算机科学家的大型技校。这所学校的网络是由百度——这个中国搜索引擎的巨头和谷歌的竞争者——的子公司来运行的。
Within the computer security industry and the Obama administration, analysts differ over how to interpret the finding that the intrusions appear to come from schools instead of Chinese military installations or government agencies. Some analysts have privately circulated a document asserting that the vocational school is being used as camouflage for government operations. But other computer industry executives and former government officials said it was possible that the schools were cover for a “false flag” intelligence operation being run by a third country. Some have also speculated that the hacking could be a giant example of criminal industrial espionage, aimed at stealing intellectual property from American technology firms.
来自电脑安全企业和奥巴马政府的分析家们在如何解释袭击源头来自学校而不是来自中国军方或是政府机构产生了分歧。一些分析家已经私下的流传着一份断言这个职业学校就是政府机构的一个幌子的文件。但是其他来自电脑的精英和前政府官员声称这也可能是这所学校是第三国智库所运行的一个“幌子”。还有人也认为这次黑客袭击可能是一个巨大的网络犯罪样本,旨在窃取美国科技公司的科技财产。
Independent researchers who monitor Chinese information warfare caution that the Chinese have adopted a highly distributed approach to online espionage, making it almost impossible to prove where an attack originated.
监控中国信息战争的独立研究者警告说中国已经采用了一个高度分散的方法来进行网络犯罪,这使得想要找到网络攻击的源头是几乎不可能的。
“We have to understand that they have a different model for computer network exploit operations,” said James C. Mulvenon, a Chinese military specialist and a director at the Center for Intelligence Research and Analysis in Washington. Rather than tightly compartmentalizing online espionage within agencies as the United States does, he said, the Chinese government often involves volunteer “patriotic hackers” to support its policies.
“我们要知道的就是他们有着一个完全不同的电脑网络开发操作模式,”一位华盛顿研究中国军事和中情局的专家说到。不同于美国有着专门的网络攻击机构,他说,中国政府经常找“爱国黑客”当志愿者以支撑当局的政策。
Spokesmen for the Chinese schools said they had not heard that American investigators had traced the Google attacks to their campuses.
这两所中国学校的发言人说他们并没有听说美国调查机构已经把攻击谷歌的源头追溯到了他们的校园内。
If it is true, “We’ll alert related departments and start our own investigation,” said Liu Yuxiang, head of the propaganda department of the party committee at Jiaotong University in Shanghai.
“如果这是真的,我们会告知相关部门然后展开自己的调查”上海交通大学党委宣传部负责人刘玉祥(音)说到。
But when asked about the possibility, a leading professor in Jiaotong’s School of Information Security Engineering said in a telephone interview: “I’m not surprised. Actually students hacking into foreign Web sites is quite normal.” The professor, who teaches Web security, asked not to be named for fear of reprisal.
但是当被问及到发动攻击的可能性的时候,交大信息安全工程的一位领头教授再一次电话采访里说:“我并不感到惊讶。事实上学生们对国外网站进行黑客攻击是家常便饭。”这位教网络安全的教授因为害怕报复而要求不要透露自己的姓名。
“I believe there’s two kinds of situations,” the professor continued. “One is it’s a completely individual act of wrongdoing, done by one or two geek students in the school who are just keen on experimenting with their hacking skills learned from the school, since the sources in the school and network are so limited. Or it could be that one of the university’s I.P. addresses was hijacked by others, which frequently happens.”
“我相信有两种情况,”教授说。“一种是完全的个人违法行为:一两个调皮捣蛋的学生喜欢实验从学校学来的骇客知识,考虑到来自学校的攻击源数量有限。或者是另一种常发生的情况:大学的IP地址为其他人所劫持。”
At Lanxiang Vocational, officials said they had not heard about any possible link to the school and declined to say if a Ukrainian professor taught computer science there.
蓝翔职业技术学校的领导说,他们与网络攻击事件并不关联,拒绝表态是否有乌克兰教授在学校教授电脑课。
A man named Mr. Shao, who said he was dean of the computer science department at Lanxiang but refused to give his first name, said, “I think it’s impossible for our students to hack Google or other U.S. companies because they are just high school graduates and not at an advanced level. Also, because our school adopts close management, outsiders cannot easily come into our school.”
一位姓Shao的男士,他是学校电脑科学系系主任但拒绝透露名字,说,“我认为学生不可能攻击谷歌或是其他美国公司,他们只是高中毕业生,没那么高水平。而且,我们学校实行封闭式管理,外来人员不可能轻易进入学校。”
Mr. Shao acknowledged that every year four or five students from his computer science department were recruited into the military.
Shao先生称,每年电脑科学系中四或五个学生会应征入伍。
Google’s decision to step forward and challenge China over the intrusions has created a highly sensitive issue for the United States government. Shortly after the company went public with its accusations, Secretary of State Hillary Rodham Clinton challenged the Chinese in a speech on Internet censors, suggesting that the country’s efforts to control open access to the Internet were in effect an information-age Berlin Wall.
谷歌走到台前挑战中国的决定,为美国政府制造了一个高度敏感的问题。在其宣布受到攻击之后不久,Hillary Rodham Clinton国务卿发表了一次关于互联网审查的演讲挑战中国,暗示到中国政府控制互联网的行为实际上是在建造一堵信息柏林墙。
A report on Chinese online warfare prepared for the U.S.-China Economic Security Review Commission in October 2009 by Northrup Grumman identified six regions in China with military efforts to engage in such attacks. Jinan, site of the vocational school, was one of the regions.
2009年10月Northrup Grumman就网络战问题向美中经济安全审查委员会做了一次报告,他指出中国军方在六个区域实施了这些攻击。济南的蓝翔职业技术学校不过是其中一个。
Executives at Google have said little about the intrusions and would not comment for this article. But the company has contacted computer security specialists to confirm what has been reported by other targeted companies: access to the companies’ servers was gained by exploiting a previously unknown flaw in Microsoft’s Internet Explorer Web browser.
学校管理者几乎未提到入侵事件,也未就该文章发表评论。但公司已联系了电脑安全专家确认其他受攻击公司所受的损失:入侵者入侵者利用之前微软公司IE浏览器的一个未知漏洞,获取了公司服务器的访问权。
Forensic analysis is yielding new details of how the intruders took advantage of the flaw to gain access to internal corporate servers. They did this by using a clever technique — called man-in-the-mailbox — to exploit the natural trust shared by people who work together in organizations.
法学检验分析正在揭开新的细节,入侵者如何利用这个漏洞进入到企业内部服务器中。他们通过一项聪明的技术,所谓的“信箱人”——利用在组织中协同工作的人们对合作者的信任做到这一点。
After taking over one computer, intruders insert into an e-mail conversation a message containing a digital attachment carrying malware that is highly likely to be opened by the second victim. The attached malware makes it possible for the intruders to take over the target computer.
侵入了一台电脑之后,入侵者在email中插入一个包含携带恶意软件的电子附件,它很可能会由第二个受害者打开。附件中的恶意软件就有可能让入侵者接管目标计算机。
John Markoff reported from San Francisco and David Barboza from Shanghai. Bao Beibei and Chen Xiaoduan in Shanghai contributed research.
John Markoff从圣弗朗西斯科报道,David Barboza从上海,Bao Beibei和Chen Xiaoduan从上海对此文有贡献。
呃,换个模版吧。
回复删除