精品久久久无码中文字幕一,青青青青青在线视频播放

防止黑客襲擊，要讓數(shù)據(jù)“流動”起來

John Arquilla

2021-09-14

云存儲是避免數(shù)據(jù)受到戰(zhàn)略性網(wǎng)絡(luò)犯罪侵害的最佳方式。

文本設(shè)置

小號

默認(rèn)

大號

Plus(0條)

圖片來源：DAVID KAWAI—BLOOMBERG/GETTY IMAGES

遇到黑客凍結(jié)用戶信息系統(tǒng)并索取贖金，誰都會苦不堪言。美國科洛尼爾管道運輸公司（Colonial Pipeline）曾經(jīng)遭遇著名的黑客攻擊事件，贖金動輒就是數(shù)百萬美元，但比起今年黑客攻擊在全球造成的預(yù)計高達(dá)200億美元損失，這只是很小的一部分，而且損失呈急速上升趨勢。與去年同期相比，2021年上半年歐洲的黑客襲擊事件增加了兩倍。過去一年，美國為黑客攻擊支付的贖金翻了一番。亞洲的情況稍好一些，同一時期的攻擊勒索事件僅增長了50%。

勒索軟件攻擊和其他以經(jīng)濟(jì)收益為目標(biāo)的黑客攻擊同屬新“戰(zhàn)略犯罪”模式，都是可能影響國家繁榮和實力的網(wǎng)絡(luò)戰(zhàn)。盡管犯罪分子的目的是經(jīng)濟(jì)利益，但必須指出，以敲詐勒索為目的的數(shù)據(jù)凍結(jié)手段在戰(zhàn)時同樣可以用于戰(zhàn)略攻擊，能夠破壞關(guān)鍵基礎(chǔ)設(shè)施，拖延軍事行動——有時甚至可以阻止敵對勢力行動。

顯然，坐以待斃不是辦法。但迄今為止，幾乎所有的應(yīng)對方式都很被動。應(yīng)對方式可分為兩種類型：一種是技術(shù)性手段，側(cè)重于幫助數(shù)據(jù)解密和系統(tǒng)恢復(fù)；另一種是敦促各國政府采取報復(fù)行動，采取經(jīng)濟(jì)制裁的形式，或?qū)Ρ徽J(rèn)為窩藏網(wǎng)絡(luò)罪犯分子的國家施以同等網(wǎng)絡(luò)攻擊。

然而，兩種補(bǔ)救措施都無法阻止勒索軟件攻擊的迅速蔓延。事后補(bǔ)救并不能防止事件發(fā)生，而報復(fù)可能會引發(fā)網(wǎng)絡(luò)戰(zhàn)爭升級，最終開放市場社會受到的傷害比封閉的專制政權(quán)嚴(yán)重得多，人們通常認(rèn)為封閉專制政權(quán)往往縱容甚至積極支持此類犯罪。

現(xiàn)在的核心挑戰(zhàn)不是制定反應(yīng)方案，而是思考如何防御各種形式的網(wǎng)絡(luò)攻擊。要想減少此類犯罪，唯一方法是加強(qiáng)能力，抵抗入侵或鎖定關(guān)鍵信息系統(tǒng)。要做到這點，可能需要商業(yè)企業(yè)、社會和政府機(jī)構(gòu)，甚至軍隊采取驚人之舉，即如果認(rèn)為數(shù)據(jù)凍結(jié)攻擊可能削弱其運營能力，就將敏感信息從堅固的防火墻系統(tǒng)中轉(zhuǎn)移出去。

然而，信息存放在哪里才安全呢？我認(rèn)為最好的地方是在“云端”和“霧中”。云計算就是把數(shù)據(jù)放到別人的系統(tǒng)上，現(xiàn)在這種做法逐漸流行。云計算的普及鼓勵人們將最敏感信息存儲在云端。霧計算是“邊緣計算”的一種形式，由產(chǎn)生數(shù)據(jù)的系統(tǒng)和云之間的結(jié)構(gòu)組成。因為“霧”并不在自身數(shù)據(jù)中心的服務(wù)器上，所以能夠成為黑客很難進(jìn)入的隱藏和存儲空間。這兩種方法都可以簡單有效地保存關(guān)鍵信息。

雖然說“云”更安全，但它偶爾也會被黑客攻擊，其中最臭名昭著的案例就是從名人的iCloud賬戶中竊取私人照片。不過有一種方法能夠進(jìn)一步提高基于云和霧的安全性，我將其稱之為“流動數(shù)據(jù)法”。具體操作流程是：首先創(chuàng)建嚴(yán)格的強(qiáng)加密數(shù)據(jù)方案，再將數(shù)據(jù)分解為幾個部分并分別存儲在云的不同位置；最后，保持?jǐn)?shù)據(jù)的流動。我們經(jīng)常說：“靜止數(shù)據(jù)更容易被攻擊。”

與常規(guī)存儲和安全實踐相比，該解決方案雖然要付出更多努力，但安全效果更好，也可以迅速降低勒索軟件攻擊的頻率和成功率。

此外，數(shù)字時代面臨的其他棘手問題也能夠采用類似的網(wǎng)絡(luò)安全方法，比如知識產(chǎn)權(quán)保護(hù)，目前全球各地公司每年因為假冒或盜版而蒙受的損失高達(dá)數(shù)萬億美元。

相比事后補(bǔ)救，學(xué)會阻止勒索軟件攻擊可以說一舉兩得：既能夠在網(wǎng)絡(luò)時代維護(hù)世界經(jīng)濟(jì)健康發(fā)展，也可以顯著改善國家防御。（財富中文網(wǎng)）

作者約翰·阿爾奎拉是美國海軍研究生院（U.S. Naval Postgraduate School）特聘教授，最近出版了《比特戰(zhàn)爭：網(wǎng)絡(luò)戰(zhàn)的新挑戰(zhàn)》（Bitskrieg: The New Challenge of Cyberwarfare）。本文僅代表作者個人觀點。

譯者：馮豐

審校：夏林

與常規(guī)存儲和安全實踐相比，該解決方案雖然要付出更多努力，但安全效果更好，也可以迅速降低勒索軟件攻擊的頻率和成功率。

譯者：馮豐

審校：夏林

Most of us have become distressingly aware of the phenomenon of ransomware: when hackers freeze an information system and extort a ransom payment in return for its release. The few millions paid out in well-known incidents, like the Colonial Pipeline hack in the United States, are but a fraction of the estimated $20 billion USD that global ransomware attacks will cost this year, reflecting a sharp upward trend. There are three times as many attacks in Europe in the first half of 2021 compared to the same period in 2020. Ransoms paid out in the United States have doubled in the past year. Asia is slightly less alarming: Attacks increased by only 50% over the same span.

Ransomware attacks and other hacks that aim at having economic effects all form part of an emerging mode of “strategic crime,” an aspect of cyberwarfare that can have pernicious effects on the prosperity and power of nations, large and small. While the malefactors aim for financial gain, it must be noted that the same types of exploits used to freeze data for extortionate purposes can also be used as a form of strategic attack in wartime, crippling critical infrastructures and slowing military operations—sometimes even stopping them in their tracks.

Clearly, something has to be done. But to date virtually all responses have been reactive. They are of two types: One is technically focused on assisting with data decryption and system restoration; the other is about urging governments to take retaliatory action, either in the form of economic sanctions or cyberattacks on those nations thought to be harboring cybercriminals.

Neither of these remedies will halt the rapid spread of ransomware attacks. Cleaning up after these incidents does nothing to prevent them, while retaliation risks sparking an escalatory spiral of cyberwar that will hurt open-market societies more than the closed-up authoritarian regimes commonly thought to be allowing, if not actively supporting, these crimes.

The central challenge now is to go beyond developing reaction protocols and instead think through how to defend against these forms of cyberattack. Crafting an ability to thwart determined efforts to intrude into and/or lock up critical information systems is the only way to reduce this form of crime. And doing so may require commercial enterprises, social and governmental institutions—even militaries, who should see these data-freezing attacks as potentially crippling to their operational capabilities—to take a very surprising action: move sensitive information out from their own hardened, firewalled systems.

Where should information go to be safe? The best places are in the cloud and “the fog.” Cloud computing is about putting data on someone else’s system, and it is a practice on the rise. Growing comfort with the cloud should encourage a willingness to put even the most sensitive information out on it. The fog is a form of “edge computing” and consists of those structures between systems that produce data and the cloud. Because it is outside the servers in one’s own data center, the fog offers yet another hiding and storage space that hackers will find hard to access. Both are far better than simply keeping key information close.

While secure, the cloud has also been hacked on occasion, the most infamous case of which was the leaking of private photos from celebrities, grabbed from their iCloud accounts. But there’s a way to further improve cloud- and fog-based security via a process I call “data mobility.” It looks like this: Begin with a strict regimen of strongly encrypting data; break items into parts; place them in different parts of the cloud; and, finally, keep moving the data. I have a very simple mantra worth remembering: “Data at rest are data at risk.”

This solution takes a bit more effort than regular storage and security practices. But it is infinitely superior to existing approaches and will quickly reduce the frequency and effectiveness of ransomware attacks.

In addition, this approach to cybersecurity can and should be applied to other thorny issues of the digital age, such as the protection of intellectual property, which currently hemorrhages out of companies, worldwide, trillions of dollars each year in the form of counterfeit or pirated products.

By learning to thwart ransomware attacks in the first place, rather than just cleaning up after them, the health of the world economy can be better protected in this cyber age, and nations’ defenses will also be significantly improved. A classic “twofer.”

John Arquilla is distinguished professor emeritus at the U.S. Naval Postgraduate School and author, most recently, of Bitskrieg: The New Challenge of Cyberwarfare. The views expressed are his alone.

財富中文網(wǎng)所刊載內(nèi)容之知識產(chǎn)權(quán)為財富媒體知識產(chǎn)權(quán)有限公司及/或相關(guān)權(quán)利人專屬所有或持有。未經(jīng)許可，禁止進(jìn)行轉(zhuǎn)載、摘編、復(fù)制及建立鏡像等任何使用。

0條Plus

精彩評論

評論

撰寫或查看更多評論

請打開財富Plus APP

前往打開

熱讀文章

關(guān)注我們

防止黑客襲擊，要讓數(shù)據(jù)“流動”起來

撰寫或查看更多評論

防止黑客襲擊，要讓數(shù)據(jù)“流動”起來