网络攻击进入危险的新阶段

Hillary Clinton’s presidential campaign was thrown into turmoil by the leak of emails documenting dirty tactics by the Democratic party leadership. Suggestion of attempts to rig the primary contest in her favour is not merely embarrassing; it is bound to anger supporters of her defeated rival, Bernie Sanders, and deepen the party’s divisions. But this should not be a source of satisfaction for Republicans. They should be equally alarmed by the possibility that the leak came from Moscow — marking a serious escalation in the long term trend of Russian aggression in cyber space.

记录美国民主党领导层“肮脏勾当”的电子邮件的泄露，让希拉里•克林顿(Hillary Clinton)的竞选陷入了混乱。试图操纵初选、使之有利于希拉里的迹象不仅令人难堪，还一定会惹怒已被希拉里击败的对手伯尼•桑德斯(Bernie Sanders)的支持者，进一步加剧民主党的分裂。但美国共和党不应因此而窃喜。后者同样应该对下面这种可能性感到警惕，即此次泄密有可能是莫斯科方面所为——标志着俄罗斯网络空间攻击行为的长期趋势出现重大升级。

It is extremely difficult to pin down the source of a hacking attack — especially given the Kremlin’s tendency to outsource such work to criminal groups or pro-government organisations. However, cyber security firms have set out credible evidence to identify the groups responsible for hacking the Democratic National Committee’s network — best known as APT 28 and APT 29. They say that the techniques these groups use, the timezone in which they operate and their previous targets — including the White House and US State Department, eastern European governments and Nato — suggest close links to the Kremlin or Russian security services.

确定黑客攻击的来源极为困难——尤其是考虑到克里姆林宫倾向将此类工作外包给犯罪团伙或亲政府的组织。然而，网络安全公司已展示了可靠证据，确认了侵入美国民主党全国委员会(DNC)计算机网络的组织——人们最熟悉的名字是APT 28和APT 29。网安公司表示，这些组织使用的技术、活动的时区以及先前的目标（包括白宫、美国国务院、东欧各国政府及北约(NATO)）表明，它们与克里姆林宫或俄罗斯安全机构之间存在密切联系。

It would hardly be a new development for Moscow to adopt such tactics. As far back as 2007, Estonia suffered crippling attacks on the websites of its banks, government and telecoms networks. Georgian state websites were targeted shortly before the outbreak of war in 2008. Of course, many other governments, the US foremost among them, employ similar methods to gather intelligence and counter security threats.

莫斯科采用此类手段并不新鲜。早在2007年，爱沙尼亚国内的银行、政府及电信网络就遭受过致命攻击。2008年，俄格战争爆发前不久，格鲁吉亚政府网站也曾是攻击目标。当然，许多其他国家的政府（尤其是美国）也采用类似方法收集情报、应对安全威胁。

What is worrying is that Russia is increasingly apt to use its intelligence findings to influence events on the ground. Cold war techniques of bugging and blackmail have new and dangerous possibilities in the era of social media and WikiLeaks. Moscow is combining old-fashioned tradecraft with a willingness to wage wars of disinformation, seeking to muddy the waters and undermine people’s faith in their own country’s institutions and authorities.

令人担忧的是，俄罗斯越来越善于利用搜集到的情报对现实中的事件施加影响。在社交媒体和维基解密(WikiLeaks)的时代，冷战时期的窃听及敲诈技术有了新的、危险的可能性。莫斯科正在将老式的谍报技术与发动虚假情报战的意愿结合起来，试图把水搅浑，破坏人们对自己国家机构和当局的信任。

This was true in Ukraine, where hackers attempted to corrupt the results of the 2014 elections. It was apparent in Syria, where Russia waged a systematic cyber campaign against opposition groups and NGOs, seeking to influence the flow of information and hide the extent of its military operations. If it is true that Moscow is behind the leak of the DNC’s emails, this represents a far more brazen and audacious attempt to strike at the heart of the US democratic process.

乌克兰就领教过这种策略，当时黑客试图搞乱2014年大选的结果。这种策略在叙利亚也很明显，俄罗斯在该国针对反对派组织和非政府组织进行了系统性的网络攻击，试图左右信息传播、掩盖其军事行动的规模。如果莫斯科真是此次DNC电邮泄露事件的幕后主使，这代表了俄罗斯在打击美国民主进程核心方面更加厚颜无耻和大胆的尝试。

This is an especially dangerous development at a time when there are so many cleavages in western society that can be exploited. Yet it is very hard to identify an effective response.

在西方社会存在如此多可被利用的裂隙之际，此事件是一个尤其危险的苗头。然而，要找到有效的应对之策非常困难。

The US government can hardly protest about a leak that demonstrates Democratic failings. More generally, it is very difficult to put up effective technical defences against such attacks. As for diplomacy, the US has had some success — it struck a deal with China to refrain from cyber espionage that has at least helped. However, this was possible because Beijing was unwilling to be shown up and anxious to preserve its commercial interests. The US has no such leverage over Vladimir Putin. Sanctions against Russia are already in place. As for deterrence, there is only so far rhetoric can go.

美国政府几乎不可能去抗议一起揭露民主党阴私的爆料。总体而言，很难针对此类攻击行为建立有效的技术防御。至于外交方面，美国取得了一些成功——与中国达成的不进行网络间谍活动的协议至少有所帮助。然而，中美之所以能达成协议，是因为北京方面不愿意被揭穿，而且急于要保护自己的商业利益。但美国对弗拉基米尔•普京(Vladimir Putin)没有这样的筹码。对俄罗斯的制裁早已就位。至于威慑，打打嘴仗的效果始终有限。

The immediate effect of the leak may be to damage Mrs Clinton’s campaign. But this is no cause for Donald Trump to celebrate. It is rather a reminder that this is no time for the US to weaken its commitment to transatlantic security.

此次电邮泄露的直接影响可能是破坏希拉里的竞选。但这不应成为唐纳德•特朗普(Donald Trump)庆祝的理由。这一件事反倒提醒我们，眼下美国绝不能削弱对跨大西洋安全的承诺。