地球人阻止不了黑客了 金融業須構築網絡防線
Western investors have largely shrugged off the military conflict in Ukraine, pushing global markets higher. But, deep inside some financial institutions and intelligence services, a debate is bubbling that investors should watch. This revolves not around boots and tanks but the cyber world.
西方投資者迄今基本上對烏克蘭軍事衝突滿不在乎,把全球市場價格推得更高。但在一些金融機構和情報部門內部正在進行的一場不斷升溫的辯論,值得投資者關注。辯論主題不是軍靴和坦克,而是網絡世界。
A couple of weeks ago JPMorgan Chase disclosed that it had been the victim of a big cyber attack, and was now co-operating with US government agencies over this (presumed to include the Federal Bureau of Investigation, the Central Intelligence Agency and the National Security Agency).
幾周前,摩根大通(JPMorgan Chase)披露其遭受了一次大規模網絡攻擊,眼下正配合美國政府部門(想必包括聯邦調查局(FBI)、中央情報局(CIA)和美國國家安全局(NSA))調查此事。The details of the incident are mysterious and JPMorgan has refused to elaborate in public. But it appears the attacks emanated from Russia, that they were exceptionally sophisticated and that they affected other institutions, too. And they have consequently left executives in London and New York asking: could the next phase in the Ukrainian conflict be a wave of cyber attacks on western finance – either to retaliate against sanctions or to spark fear?
此事的細節是個謎,摩根大通拒絕詳細公開。但攻擊似乎源自俄羅斯,而且手段出奇地高明,還影響到其他機構。這些攻擊讓倫敦和紐約的高管發問:烏克蘭衝突的下一階段可能是對西方金融業的一波網絡攻擊嗎(旨在報復對俄製裁或引發恐慌)?
In some senses, such concerns are not new. Western corporations have faced escalating cyber assaults in recent years: last year, for example, Jamie Dimon, JPMorgan chief executive, revealed the bank was experiencing “tens of thousands” attacks each day. Though many seem to come from China, others come from criminal networks in Russia, the only country considered to have cyber capabilities equal to those of America.
在某種意義上,這種擔憂並非新鮮事兒。近年來,西方公司遭受的網絡攻擊在不斷升級:去年,摩根大通首席執行官傑米•戴蒙(Jamie Dimon)披露,該行每天遭到攻擊的攻擊多達“數萬次”。儘管許多攻擊似乎來自中國,但其他攻擊來自俄羅斯的犯罪網絡。俄羅斯被認爲是唯一在網絡能力上能與美國媲美的國家。Cyber experts now fear the combination of incentives and skill behind such attacks could shift. To date they have taken (modest) comfort from the fact that the truly malicious attacks against western financial groups – or those aimed at causing lasting damage or panic by sparking a market crash – seem to have come from groups without highly sophisticated capabilities. Islamic terrorist groups, for example, grab headlines but they have not yet brought down an exchange.
如今,網絡專家擔心,這些攻擊背後的激勵和技能組合可能發生改變。迄今令他們感到(一定)安慰的是,針對西方金融集團的真正惡意攻擊——即那些意在引發市場崩潰,以製造持續損害或恐慌的攻擊——似乎源自不具備很高技術含量的團伙。例如,伊斯蘭主義恐怖集團佔據過媒體頭條,但他們還沒有搞垮過一家交易所。Meanwhile, the really sophisticated cyber attacks on western financial groups have hitherto emanated from groups or states that “only” want to steal intelligence or money, not destroy entire systems or even reveal themselves. After all, Russian oligarchs and Chinese officials have money in western banks and markets so it is presumed they want to keep them intact.
另一方面,迄今對西方金融集團發起的真正手段高超的網絡攻擊,來自那些“僅僅”想要盜取情報或金錢、而不想摧毀整個體系或甚至暴露自己的團體或政府。畢竟,俄羅斯寡頭和中國官員有錢存在西方銀行和市場,想必他們不想搞垮這些西方機構。But in some financial groups and intelligence forums, the big question is what might happen if Russian hackers (or any that are similarly sophisticated) ever stop feeling they have a stake in global finance or a shared interest in maintaining market stability. “It’s a huge concern,” one New York-based chief executive says.
但在一些金融機構和情報論壇,目前的大問題是:如果俄羅斯黑客(或任何具有技術含量的人)認爲,全球金融體系對他們已無關緊要,或者他們對維持市場穩定不再有共同利益,那可能會發生什麼情況?“這是一個非常令人擔心的問題,”一位常駐紐約的首席執行官表示。Right now, there is little evidence that any such shift has occurred. And the Financial Services Information Sharing and Analysis Center, an industry body recently created by the banks to discuss cyber attacks, last week pointedly told its members there was no need to panic. It sent an email insisting that, notwithstanding the JPMorgan incident, nothing significant had changed in the cyber landscape.
眼下沒有什麼證據表明這樣的轉變已經發生。金融部門信息共享與分析中心(FS-ISAC)是最近一家由銀行創立的討論網絡攻擊的行業機構。上週,該中心意有所指地告訴其會員,沒有恐慌的必要。它發出了一封電郵,堅稱雖然發生摩根大通被攻擊事件,但網絡環境沒有發生重大變化。But some western public and private sector groups are quietly stepping up their defences. Nato announced last week that it had decided for the first time to classify a cyber attack as the type of event that could trigger a joint alliance response.
但西方公共和私人部門的一些團體正在悄悄地加大防範力度。北約(Nato)上週宣佈,其首次決定把網絡攻擊歸爲可能引發集體迴應的事件類型。The US Securities and Exchange Commission is implementing a system to examine financial firms’ cyber defences. And the big banks and exchanges are increasingly trying to share information with each other and the government via the FS-ISAC.
美國證交會(SEC)正在執行一項檢查金融公司網絡防範措施的制度。大型銀行和交易所越來越多地努力通過FS-ISAC在彼此間、以及跟政府分享信息。In many respects, this is good news: until recently, the level of collaboration between the public and private sector in America was woefully low, compared with places such as Australia.
從許多方面來看,這都是一則好消息:直到不久以前,美國公共與私人部門之間的協作水平與澳大利亞等國相比極其低下。But these steps are still far from comprehensive, let alone foolproof. In particular, the asset management world lags behind well behind the banks and exchanges. This sector is “just not as involved because it is so fragmented – you have billion-dollar hedge funds that don’t even know what the FS-ISAC is”, observes Eldon Sprickerhoff, co-founder of eSentire, an advisory group.
但這些措施仍遠遠算不上完善,更談不上保證萬無一失。尤其是,資產管理行業遠遠落在銀行和交易所的後面。諮詢集團eSentire的聯合創始人埃爾登•施普里克爾霍夫(Eldon Sprickerhoff)評論道,這個行業“對網絡安全的參與度不高,因爲該行業太過分散——有些十億美元級的對衝基金竟然不知道FS-ISAC是什麼。”Until recently, many experts presumed that the main focus of a malicious cyber attack would be an exchange or a bank. But if there is one thing that a decade of geopolitical turbulence has shown, it is that shocks have a nasty habit of coming from unwatched places. And if there was an attack on, say, money market funds, this could have wide repercussions.
直到不久以前,許多專家認爲,惡性網絡攻擊的主要目標將是交易所或銀行。但如果說十年的地緣政治動盪說明了什麼,那就是衝擊經常來自未注意到的領域。如果出現一次針對貨幣市場基金的攻擊,那可能引發波及面很大的衝擊波。The real message from the JPMorgan rumours, then, is that western governments need to keep up the pressure on financial companies to improve their cyber defence plans across the industry and to provide tangible assistance.
因此,有關摩根大通的傳聞傳遞出來的真正信息是,西方國家政府需要持續對金融企業施加壓力,確保它們完善全行業的網絡防禦方案,並向行業提供實實在在的協助。And, of course, keep hoping that geopolitical tensions do not escalate or move from the old-fashioned real world into cyber space.
當然,讓我們繼續祈禱,但願地緣政治緊張局勢不會升級,或者從老式的實體世界挪進網絡空間。
