黑客面面觀
????最近美國接連曝出大公司和政府機構(gòu)網(wǎng)站被“黑”的消息,讓人感覺我們似乎已經(jīng)被卷入了一場網(wǎng)絡戰(zhàn)爭。最近幾周,花旗集團(Citigroup)、索尼(Sony)和國際貨幣基金組織(IMF)的網(wǎng)站相繼被黑。而就在上周三,美國中情局(CIA)網(wǎng)站也遭到了黑客的攻擊。 ????正如IT服務提供商BT公司的首席安全技術(shù)官、網(wǎng)絡安全專家布魯斯·施奈德指出的那樣,黑客的確無處不在。雖然近期網(wǎng)絡攻擊事件頻發(fā),但對于黑客界來說,這些攻擊只不過是家常便飯。施奈德表示:“這就是黑客行為,幾十年來一貫如此。” ????施奈德說,老百姓們可能以為,黑客就是像莉絲貝·莎蘭德(瑞典作家斯蒂格·拉赫松的驚悚小說《千禧年》三部曲中的女主角——譯注)那樣的電腦天才,整天到全球各大主要網(wǎng)絡里黑來黑去,如入無人之境。但事實上,黑客生活遠遠沒有那么刺激。不過黑客圈子生態(tài)環(huán)境很微妙,也很難梳理。黑客的隊伍十分龐大,既有在自家地下室里搞搞小破壞的電腦怪才,也包括有組織的國家政府部門。黑客究竟在做些什么?他們的行事方式如何?這兩個問題往往是人們心中的疑團。不過全球每天都有許多行為被歸入“黑客侵入”這柄大傘之下。 獨行俠 ????人們當黑客的根本原因是為了消遣。施奈德指出:“大部分黑客只是普通人。”這意味著他們本身并不屬于某個黑客網(wǎng)絡,一般只是通過聊天室和在線論壇進行聯(lián)系。“他們只是一些四處搗亂的普通人。” ????這類黑客中的某些人最終投向了企業(yè)的懷抱。例如Linux操作系統(tǒng)的核心組件程序是萊納斯·托瓦茲寫出來的,他一度曾是黑客界高山仰止的人物,甚至還與人合寫了一本書,名字就叫《黑客的道德準則》(The Hacker Ethic),該書已于2001年出版。另一位知名度頗高的黑客是蘋果(Apple)的共同創(chuàng)始人史蒂夫·沃茲尼亞克,他公開坦承自己早年在加州大學伯克利分校(UC Berkeley)學習期間,曾經(jīng)制作并銷售過能夠侵入電話網(wǎng)絡免費打電話的設備。 “黑客主義” ????還有一類黑客專門以獲得曝光率為目的。這類黑客出現(xiàn)得相對較晚。哈佛大學伯克曼互聯(lián)網(wǎng)與社會中心(Berkman Center for Internet and Society)研究員伊桑·扎克曼表示,這類黑客一般都是具有某種政治動機的團體,而他們所進行的黑客攻擊,“實際目的是要獲得媒體曝光率”。 ????其中最出名的黑客團體之一叫作“匿名”(Anonymous)。這是一個松散的黑客網(wǎng)絡,經(jīng)常組織起來對某些網(wǎng)站進行攻擊,有時是為了好玩,有時則是為了某些政治目的。通常這個團體會對目標發(fā)動一次“阻斷服務”(DdoS)攻擊,目的是要使某個特定網(wǎng)站癱瘓。“匿名”已經(jīng)進行了好幾次這樣的攻擊,其中最著名的一次當屬2008年對山達基教會(Church of Scientology)網(wǎng)站的攻擊。黑客們網(wǎng)上網(wǎng)下兩線作戰(zhàn),既發(fā)動了阻斷服務攻擊,又組織其成員戴著面具進行抗議示威。最近,“匿名”還在Youtube上發(fā)了一個警告視頻,稱要對美聯(lián)儲(the Federal Reserve)進行攻擊,要求美聯(lián)儲主席本·伯南克下臺。不過到目前為止,還沒有任何一個美聯(lián)儲的網(wǎng)站被“黑”掉。 ????另一個叫LulzSec的黑客團體最近也曝出新聞。本周三該組織攻擊了美國中央情報局的公共網(wǎng)站cia.gov,導致該網(wǎng)站暫時關(guān)閉。LulzSec還宣稱對美國公共廣播公司(PBS)、福克斯電視臺(Fox)和索尼的被“黑”負責。標槍戰(zhàn)略研究公司(Javelin Strategy & Research)的高級安全性分析師菲爾·布蘭克表示,LulzSec之所以要攻擊索尼,僅僅是為了證明索尼的網(wǎng)絡安全性低得可憐,而且他們成功了。布蘭克說:“這是一次非常基本、非常初級的攻擊,任何一家現(xiàn)代企業(yè)都不應該抵擋不住這樣一次攻擊——實在太丟人了。” ????扎克曼表示,盡管索尼被輕松拿下,但一般說來,黑客組織的實力還是比較有限的。他注意到,在黑客界內(nèi)部,阻斷服務攻擊以及類似的攻擊方式只能算是雕蟲小技,甚至還不夠格被稱作真正的“黑”。真正的“黑”是要對一個網(wǎng)絡造成真正的危害,而不是暫時關(guān)掉一個網(wǎng)站。到目前為止,LulzSec并沒有試圖對重要的大型基礎架構(gòu)造成危害,“匿名”雖然嘗試過,但剎羽而歸——如“匿名”曾在2010年12月對亞馬遜(Amazon)發(fā)起攻擊,但未能得手。扎克曼說:“從本質(zhì)上講,黑客們關(guān)掉的只不過是網(wǎng)站的營銷文案。” 黑客間諜 ????由政府支持的黑客行為就是另一回事了。他們資金更雄厚,而且?guī)缀鯚o法追蹤他們的行蹤。施奈德表示:“美國這么干,中國也這么干。各國相互秘密偵察的做法已經(jīng)有幾千年的歷史了。” ????復雜、密集的黑客攻擊行動背后可能都有政府資助的影子,但要證實這種聯(lián)系卻很困難。本月早些時候,國際貨幣基金組織(IMF)向其工作人員通報IMF遭受了一次網(wǎng)絡攻擊,不過并沒有公布細節(jié)。標槍戰(zhàn)略研究公司的高級安全性研究員菲爾·布蘭克表示,有人推測這次攻擊獲得了某個外國政府的資助,但卻幾乎沒有任何公開的證據(jù)能證實這種猜測。布蘭克說:“如此長距離的遠程攻擊需要一個龐大的基礎架構(gòu)以及一支龐大的IT工作和研究力量。一般說來,這種攻擊超出了大多數(shù)個人的能力,而且可能并不是企業(yè)的刺探行為。” ????最近Gmail的被黑也是如此:谷歌(Google)本月早些時候宣布有人侵入了數(shù)百個Gmail用戶的個人賬戶。布蘭克表示,需要非常復雜和定向的侵入才能造成這種效果。谷歌追蹤到入侵者的IP地址來自中國濟南地區(qū),這也是表明本次侵入可能是受政府支持的唯一證據(jù)。不過這次侵入之所以看似可疑,還因為被“黑”的用戶包括美國政府官員和中國的政治激進份子。不過布蘭克也表示,IP地址是可以偽造的,而且中國政府也竭力否認與此事有關(guān)。 ????這宗謎案也可能和許多其他網(wǎng)絡懸案一樣,成為人們心中永遠的問號。盡管這起網(wǎng)絡侵入的規(guī)模和其復雜程度能夠為我們提供一些線索,但就像施奈德所說的那樣:“人們永遠無法確切地知道誰是背后主使。總之,你永遠不知道這是誰干的,他們?yōu)槭裁匆@樣做,” ????譯者:樸成奎 |
? ??It's hard to get a handle on the hacker community, but here's a look at the range of people -- from lone geeks to organized governments -- who could be behind recent security breaches.
????The recent hacking headlines make it seem like we're in the middle of a cyberwar: In the past few weeks, there have been revelations of security breaches at organizations including Citigroup, Sony, the IMF, and -- as recently as yesterday -- the CIA's website. ????Indeed, hackers are everywhere, according to Bruce Schneier, security expert and chief security technology officer for IT service-provider BT. But for the hacker community, the apparent cluster of attacks is really just business as usual: "This is hacking, it hasn't changed in decades," he says. ????While the public may picture shadowy groups of Lisbeth Salander-like computer nerds taking down major networks around the globe, the truth is much less glamorous, Schneier says. Still, the hacker pecking order can be nuanced and tough to de-tangle. It runs the gamut from geeks messing around in their basements to organized national governments. What hackers do and how they do it often remains a mystery, but every day there are activities that fall under the wide umbrella of digital subversion called "hacking." The lone wolf ????Hacking has its roots in recreation. "The majority of people hacking are just people," Schneier says, meaning they aren't connected to a hacking network other than chat rooms and online forums. "It's just guys messing around." ????Some members of this breed of hacker eventually go corporate. For example, Linus Torvalds, the man who wrote the central component for the Linux operating system, has a well-respected hacking history. He even co-authored a book called The Hacker Ethic, published in 2001. Another high-profile hacker is Apple (AAPL) co-founder Steve Wozniak, who speaks openly about his early days at UC Berkeley, building and selling devices that could hack phone networks to make free calls. "Hacktavism" ????There's another, relatively new breed of hacker that seeks publicity. These are typically politically-motivated groups, says Ethan Zuckerman, a researcher at Harvard University's Berkman Center for Internet and Society. The attacks they launch, he says, are "really designed to get the press release." ????One of the most famous groups is Anonymous, an anarchic network of hackers that periodically organizes to shut down websites, either for fun or for some political purpose. Generally, the group launches a "denial of service" (DDoS) attack, which targets and cripples a specific site. Anonymous has launched several such campaigns, most famously its 2008 efforts to take down the digital presence of the Church of Scientology, which involved a DDoS attack and offline protests by masked members. Recently, the group forewarned an attack against the Federal Reserve, calling for the resignation of Chairman Ben Bernanke via a YouTube video, though none of the Fed's websites have been shut down yet. ????Another group called LulzSec has also stirred up news recently. On Wednesday, it temporarily crashed the Central Intelligence Agency's public website, Cia.gov. LulzSec has also claimed responsibility for breaches at PBS, Fox and Sony (SNE). For the Sony attack, LulzSec's goal was to showcase a pitiful lack of online security at the company, according to Phil Blank, a senior security analyst at Javelin Strategy & Research, and it succeeded. "It's a very fundamental, basic attack that no modern corporation should be subjected to -- it's embarrassing." ????While attacks like the one on Sony can be easy, the muscle power of hacktivist groups is generally limited, says Zuckerman. In fact, he notes that within the hacker community, DDoS and similar attacks don't even qualify as true hacking, which involves actually compromising a network, not taking down a site. LulzSec hasn't tried to harm large, critical infrastructures so far, and Anonymous has tried and failed, he says: The group couldn't pull through an attempt to crash Amazon (AMZN) in December 2010, for example. "Essentially, they're taking down people's marketing copy," says Zuckerman. Hacking spies ????Government-backed hacking efforts are a different story -- they have much more funding, but can still be next to impossible to trace. They're also happening all the time, Schneier says: "The U.S. is doing it, China is doing it. Governments have spied on each other for thousands of years." ????While complicated, expensive hacks are more likely to involve government investment, it can be difficult to prove the connection. Earlier this month, the IMF announced to its faculty and staff that it had suffered a cyberattack, but hasn't released details. There has been speculation that the attack received funding from a foreign government, says Phil Blank, a senior security analyst at Javelin Strategy & Research, but there's little public proof. "To be able to create the attack from that distance requires a substantial infrastructure, IT work and research," he says. "Generally speaking, that is out of the scope of most individuals, and it's probably not corporate espionage." ????The same is true for recent Gmail hacks: Earlier this month, Google (GOOG) announced that someone had broken into hundreds of Gmail users' personal accounts. That required fairly complicated, targeted hacks, Blank says. But the only evidence that a government was behind it was that Google traced the origin of the attack to computers with Internet Protocol (IP) addresses in the Jinan region in China. Also, the hack seemed suspicious because victims included U.S. government officials and Chinese political activists. But IP addresses can be fabricated, Blank says, and the Chinese government vehemently denied anything to do with the incident. ????That hacking mystery, like so many others, may go unsolved. While the size or complexity of the hack can provide clues, "You never know who's behind anything really," says Schneier. "In general, you never know who did it or why." |
?