茉莉花新闻网

中華青年思想與行動的聚合地

中国黑客攻击深远程度令美国官员愈发担忧

DAVID E. SANGER, JULIAN E. BARNES, DEVLIN BARRETT, ADAM GOLDMAN

2024年11月25日

据拜登的国家安全顾问沙利文称,此次黑客攻击事件如此严重,以至于拜登总统上周末在秘鲁会见中国国家主席习近平时直接与他讨论了此事。 Eric Lee/The New York Times

Leaders of the top telecommunications companies were summoned to the White House on Friday to discuss a security problem that has been roiling the government: how to expel Chinese hackers from the deepest corners of the nation’s communications networks.

上周五,美国主要电信公司的高管被召集到白宫,讨论一个一直困扰政府的安全问题:如何将中国黑客从美国通信网络的最深角落里逐出去。

The meeting in the Situation Room came after weeks in which officials grew increasingly alarmed by what they had uncovered about the hack.

数周来,官员们对他们发现的有关黑客攻击事件的信息越来越感到不安,在军情室举行的这次会议就是在这样的背景下发生的。

They now believe the hackers from a group called “Salt Typhoon,” closely linked to China’s Ministry of State Security, were lurking undetected inside the networks of the biggest American telecommunications firms for more than a year.

他们现在认为,在被发现之前,“盐台风”黑客组织已在美国最大的电信公司的网络中潜伏了一年多。这个黑客组织与中国国家安全部关系密切。

They have learned that the Chinese hackers got a nearly complete list of phone numbers the Justice Department monitors in its “lawful intercept” system, which places wiretaps on people suspected of committing crimes or spying, usually after a warrant is issued.

他们获悉,中国黑客获得了一份几乎完整的电话号码单,这些都是美国司法部通过“合法拦截”系统进行监控的号码。该系统通常在执法机构颁布逮捕令后,对涉嫌犯罪或从事间谍活动的人员进行监听。

While officials do not believe the Chinese listened to those calls, the hackers were likely able to combine the phone numbers with geolocation data to create a detailed intelligence picture of who was being surveilled.

虽然官员们不认为中国人监听了这些电话,但黑客很可能能够将电话号码与地理位置数据结合起来,从而创建出被监视者的详细情报图像。

As a result, officials said, the penetration almost certainly gave China a road map to discover which of China’s spies the United States has identified and which they have missed.

因此,官员们表示,这次渗透几乎肯定为中国提供了一份路线图,使其能够发现美国已经识别出了哪些中国间谍,以及有哪些间谍尚未被发现。

This article is based on conversations with more than a dozen U.S. and industry officials who spoke on the condition that their names not be used because of the sensitive intelligence assessments of the hack.

本文基于与十几位美国官员和业界高管的对话,由于此次黑客攻击涉及敏感的情报评估,这些官员要求匿名。

Initially, officials thought the hack was limited to the region around Washington. But they have now found evidence of China’s access all around the country, exploiting old or weak entry points in the cellphone network.

最初,官员们以为黑客攻击仅限于华盛顿周边地区。但现在他们发现了中国利用手机网络中陈旧或薄弱的入口点获取美国各地数据的证据。

Officials now believe that the hack has gone beyond phone companies, to internet service providers, potentially allowing the Chinese to read some email.

官员们现在认为,黑客攻击的目标已经不仅限于电话公司,还涉及互联网服务供应商,这可能会让他们获取到一些电子邮件内容。

While some Americans’ phone calls and emails may have been compromised by the Chinese, officials emphasized that encrypted applications, like WhatsApp and Signal, were not penetrated. In addition, messages sent within Apple’s own network were also safe.

虽然部分美国人的电话和电邮可能遭到了中国人的入侵,但官员们强调,WhatsApp和Signal等加密应用程序并未遭到入侵。此外,在苹果自己的网络内发送的信息也是安全的。

And the discovery of the specific targeting of senior national security officials, and some political leaders — including President-elect Donald J. Trump and Vice President-elect JD Vance — led the F.B.I. and other officials to conclude that the Salt Typhoon hackers were so deep in the system that they could actually listen in to some conversations and read some unencrypted text messages.

由于发现黑客专门针对了一些资深国家安全官员和一些政治领导人(包括候任总统特朗普和候任副总统万斯),联邦调查局和其他官员得出结论:“盐台风”黑客已经深入系统,他们实际上可以监听部分通话,并阅读部分未加密的短信。

“The sophistication was stunning,’’ said Senator Mark Warner, the Virginia Democrat who is chairman of the Senate Intelligence Committee. He said his biggest concern — one that dominated the Situation Room meeting at the White House — was the conclusion that “the barn door is still wide open.” A White House statement released Friday night gave no details of the breach or any hint of the tensions over how to deal with it, but said the meeting on Friday was led by Jake Sullivan, the national security adviser, and one of his deputies, Anne Neuberger, who oversees cyber- and emerging technologies.

“这种复杂程度令人震惊,”弗吉尼亚州民主党参议员、参议院情报委员会主席马克·沃纳表示。他说,他最大的担忧——也是白宫军情室会议的主要内容——是得出“大门仍然敞开”的结论。白宫周五晚间发布的一份声明没有透露入侵事件的细节,也没有提及如何处理此事的紧张态势,但表示周五的会议由国家安全顾问杰克·沙利文和他的副手之一、负责网络和新兴技术的安妮·纽伯格主持。

The U.S. communications system is built on a mishmash of aging systems, which made it far easier for the Chinese to break into upward of ten telecommunications companies.

美国的通信系统建立在一堆老化的系统之上,这使得中国人可以轻易侵入十多家电信公司。

At the White House meeting, the message delivered by top American intelligence and national security officials was that despite the aging technology, the telecommunications companies needed to help find a permanent way to keep Beijing’s agents out of the systems. Some officials and others briefed on the hack say that is no small task, and that making the necessary fixes could create painful network outages for consumers.

在白宫的会议上,美国高级情报和国家安全官员传递的信息是,尽管技术老化,但电信公司需要帮助找到一种永久性的方法,让北京的特工无法进入他们的系统。一些官员和其他了解黑客入侵情况的人表示,这不是一项容易的任务,进行必要的修复可能会给消费者带来令人痛苦的网络中断。

Critical parts of the American telecommunications system are too old to upgrade with modern cybersecurity protections. Some parts of the system date to the late 1970s or early 1980s, when landlines, not cellphones, dominated the network. One participant in the meeting said the only solution to the problem was “ripping out and replacing whole sections of the networks,” a process the companies have been slow to invest in.

美国电信系统的一些关键部分过于陈旧,无法通过现代网络安全保护措施进行升级。该系统的一些部分可以追溯到20世纪70年代末或80年代初,当时固定电话(而不是手机)占据了该系统的主导地位。一位与会者表示,解决这个问题的唯一办法是“拆除并更换整个网络部件”,而电信公司在这方面的投资速度很慢。

The executives who attended the meeting included Verizon’s top leader, Hans Vestberg, and AT&T’s top executive, John T. Stankey. But T-Mobile’s chief executive, Mike Sievert, who had initially doubted that the company had been compromised by the Chinese — then discovered it had been — sent a deputy.

参加会议的高管包括威瑞森的首席执行官汉斯·韦斯特伯格和AT&T的首席执行官约翰·T·斯坦基。但T-Mobile的首席执行官迈克·西弗特只派了一名副手参加会议。西弗特最初不相信公司遭到了中国人攻击(后来证实攻击确实发生了)。

The meeting came as arguments have begun to break out over who was to blame — the telecommunications firms, their regulators or American intelligence agencies — for a hack whose stealth and depth has shaken even veterans of America’s two decades of cyberconflict with China, Russia, Iran and North Korea.

此次会议召开之际,人们正在争论谁应该为这次黑客攻击负责——是电信公司、监管机构还是美国情报机构。这次黑客攻击的隐秘性和深度甚至让经历过美国与中国、俄罗斯、伊朗和朝鲜二十年网络冲突的资深人士们都感到震惊。

22dc hack lcjb master1050上个周末,拜登和习近平在秘鲁利马举行会晤。

In recent days government officials have become increasingly vocal in blaming the firms for being too slow to update key nodes of their networks.

最近几天,政府官员越来越多地指责这些电信公司更新网络关键节点的速度太慢。

In the days leading up to the meeting at the White House, American investigators and national security officials said parts of the telecommunications firms’ systems were not protected with basic “multifactor authentication.” That is the same technology that has become a staple of everyday life for consumers, who have grown accustomed to having a cellphone scan their face, or receiving a six-digit text message before they can access financial accounts or sensitive emails.

在白宫会议的几天前,美国调查人员和国家安全官员表示,电信公司的部分系统没有受到基本的“多重身份验证”保护。这项技术已经成为消费者日常生活中必不可少的技术,人们已经越来越习惯于用手机扫描面部,或者在访问金融账户或敏感电子邮件之前收到一条六位数字的验证短信。

The hack was considered so severe that President Biden took it up directly with President Xi Jinping of China when they met in Peru last weekend, according to Mr. Sullivan, Mr. Biden’s national security adviser. “The issue of the hack of American telecommunications providers did come up,” Mr. Sullivan told reporters, though he declined to provide details.

据拜登的国家安全顾问沙利文称,此次黑客攻击事件如此严重,以至于拜登总统上周末在秘鲁会见中国国家主席习近平时直接与他讨论了此事。沙利文告诉记者:“美国电信供应商遭到黑客攻击的问题确实被提了出来。”但他拒绝透露细节。

同类信息

查看全部

茉莉花论坛作为一个开放社区,允许您发表任何符合社区规定的文章和评论。

茉莉花新闻网

        中国茉莉花革命网始创于2011年2月20日,受阿拉伯之春的感召,大家共同组织、发起了中国茉莉花革命。后由数名义工无偿坚持至今,并发展成为广受翻墙网民欢迎的新闻聚合网站并提供论坛服务。

新闻汇总

邮件订阅

输入您的邮件地址:

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram