以色列的寻呼机攻击改变了世界
电脑化设备的国际供应链让我们易受攻击
- 5 min read
Israel’s Pager Attacks Have Changed the World
BRUCE SCHNEIER
Israel’s brazen attacks on Hezbollah last week, in which hundreds of pagers and two-way radios exploded and killed at least 37 people, graphically illustrated a threat that cybersecurity experts have been warning about for years: Our international supply chains for computerized equipment leave us vulnerable. And we have no good means to defend ourselves.
上周,以色列对真主党发动了公然袭击,数百台寻呼机和对讲机相继爆炸,造成了至少37人死亡,血淋淋地展示了网络安全专家们多年来一直在警告的威胁:我们的电脑化设备的国际供应链让我们易受攻击。而且,我们没有好的手段来保护自己。
Though the deadly operations were stunning, none of the elements used to carry them out were particularly new. The tactics employed by Israel, which has neither confirmed nor denied any role, to hijack an international supply chain and embed plastic explosives in Hezbollah devices have been used for years. What’s new is that Israel put them together in such a devastating and extravagantly public fashion, bringing into stark relief what the future of great power competition will look like — in peacetime, wartime and the ever expanding gray zone in between.
虽然这次致命行动极不寻常,但实施这些行动的元素并不新颖。以色列劫持国际供应链并在真主党设备中嵌入塑料炸药的策略已被使用多年(以色列既未证实也未否认自己在其中扮演了任何角色),新颖之处在于,以色列用如此公开和具有毁灭性的方式将这些元素整合了起来,将大国竞争的未来——无论是在和平时期、战争时期,还是在两者之间不断扩大的灰色地带——赤裸裸地展现出来。
The targets won’t just be terrorists. Our computers are vulnerable, and increasingly, so are our cars, our refrigerators, our home thermostats and many other useful things in our orbits. Targets are everywhere.
这种行动的目标将不只是恐怖分子。我们的计算机易受攻击,我们的汽车、冰箱、家用温控器,以及我们生活中许多其他有用的东西也越来越易受攻击。攻击的目标无处不在。
The core component of the operation — implanting plastic explosives in pagers and radios — has been a terrorist risk since Richard Reid, the so-called shoe bomber, tried to ignite some on an airplane in 2001. That’s what all of those airport scanners are designed to detect — both the ones you see at security checkpoints and the ones that later scan your luggage. Even a small amount can do an impressive degree of damage.
这项行动的核心部分——在寻呼机和对讲机中植入塑料炸药——是自从理查德·里德2001年企图在飞机上制造所谓“鞋子炸弹袭击”以来就一直存在的恐怖袭击风险。机场的所有扫描设备是为检测它们设计的——包括你在安检处看到的和你托运行李后对行李进行扫描的设备。即使是少量的炸弹也能造成相当大的破坏。
The second component, assassination by personal device, isn’t new, either. Israel used this tactic against a Hamas bomb maker in 1996 and a Fatah activist in 2000. Both were killed by remotely detonated booby-trapped cellphones.
这项行动的第二个部分,使用个人设备进行暗杀,也不新鲜。以色列曾在1996年对一名哈马斯炸弹制造者、在2000年对一名法塔赫活动分子使用了这种手段。两人都是被远程引爆的装有炸弹的手机炸死的。
The final and more logistically complex piece of Israel’s plan — attacking an international supply chain to compromise equipment at scale — is something that the United States has done itself, though for different purposes. The National Security Agency has intercepted communications equipment in transit and modified it, not for destructive purposes but for eavesdropping. We know from a Snowden document that the agency did this to a Cisco router destined for a Syrian telecommunications company. Presumably, this wasn’t the agency’s only operation of this type.
以色列行动计划的最后一部分也是后勤方面更为复杂的部分:为大规模制造具有破坏性的设备劫持国际供应链,这是美国自己也做过的事情,尽管目的不同。美国国家安全局曾在运输过程中拦截通信设备,然后对其进行修改,目的不是破坏,而是为了窃听。我们从斯诺登泄露的文件中得知,国家安全局曾对发往叙利亚一家电信公司的思科路由器进行了这种操作。想必这不是国家安全局唯一的一次此类行动。
Creating a front company to fool victims isn’t even a new twist. Israel reportedly created a shell company to produce and sell explosive-laden devices to Hezbollah. In 2019, the F.B.I. created a company that sold supposedly secure cellphones to criminals — not to assassinate them, but to eavesdrop on and then arrest them.
成立一个幌子公司来欺骗受害者就更不是什么新东西了。以色列据称成立了一家空壳公司,生产并向真主党出售装有炸药的设备。2019年,美国联邦调查局曾成立了一家向犯罪分子出售号称保密通话手机的公司,不是为了暗杀他们,而是为了窃听他们的通话,然后将他们逮捕。
The bottom line: Our supply chains are vulnerable, which means that we are vulnerable. Anyone — any country, any group, any individual — that interacts with a high-tech supply chain can potentially subvert the equipment passing through it. It could be subverted to eavesdrop. It could be subverted to degrade or fail on command. And, although it’s harder, it can be subverted to kill.
要旨是:我们的供应链易受攻击,这意味着我们也易受攻击。任何参与高技术供应链的国家、团体和个人都有潜力破坏依赖这个供应链的设备。设备可被改造后用于窃听,可被暗中破坏以削弱性能或在收到指令后失效。而且,设备可被暗中改造为杀人武器,尽管这更难。
Personal devices connected to the internet — and countries in which they are in high use, such as the United States — are especially at risk. In 2007, the Idaho National Laboratory demonstrated that a cyberattack could cause a high-voltage generator to explode. In 2010, a computer virus believed to have been developed jointly by the United States and Israel destroyed centrifuges at an Iranian nuclear facility. A 2017 dump of C.I.A. documents included statements about the possibility of remotely hacking cars, which WikiLeaks asserted can be used to carry out “nearly undetectable assassinations.” This isn’t just theoretical: In 2015, a Wired reporter allowed hackers to remotely take over his car while he was driving it. They disabled the engine while he was on a highway.
连接到互联网的个人设备(以及美国等大量使用这些设备的国家)面临的风险尤其大。2007年,爱达荷国家实验室曾演示过网络攻击可能导致高压发电机爆炸。2010年,一种据信是美国和以色列联合开发的计算机病毒摧毁了伊朗核设施的离心机。2017年泄露的美国中央情报局文件中有关于远程入侵汽车可能性的段落,维基解密声称其可用于进行“几乎无法察觉的暗杀”。这不只是理论:2015年,一名《连线》杂志记者让黑客在他驾驶汽车时远程控制他的汽车。他们在他行驶在高速公路上时使汽车引擎停止运转。
The world has already begun to adjust to this threat. Many countries are increasingly wary of buying communications equipment from countries they don’t trust. The United States and others are banning large routers from the Chinese company Huawei because we fear that they could be used for eavesdropping and — even worse — disabled remotely in a time of escalating hostilities. In 2019 there was a minor panic over Chinese-made subway cars that could possibly have been modified to eavesdrop on their riders.
世界已经开始适应这种威胁。许多国家从不信任的国家购买通信设备时越来越警惕。美国和其他国家正在禁止中国公司华为的大型路由器,因为我们担心它们可能被用于窃听,更糟糕的是,在敌对状态不断升级的时候,它们可能被远程禁用。2019年,中国制造的地铁车厢被指可能改装用于窃听乘客,引发了一场小小的恐慌。
It’s not just finished equipment that is under the scanner. More than a decade ago, the U.S. military investigated the security risks of using Chinese parts in its equipment. In 2018, a Bloomberg report revealed U.S. investigators had accused China of modifying computer chips to steal information.
遭详细评估的不仅仅是成品设备。十多年前,美国军方就调查过在其设备中使用中国零部件的安全风险。2018年,彭博新闻社的一篇报道披露,美国调查人员指责中国修改计算机芯片以窃取信息。
It’s not obvious how to defend against these and similar attacks. Our high-tech supply chains are complex and international. It didn’t raise any red flags to Hezbollah that the group’s pagers came from a Hungary-based company that sourced them from Taiwan, because that sort of thing is perfectly normal. Most of the electronics Americans buy come from overseas, including our iPhones, whose parts come from dozens of countries before being pieced together primarily in China.
如何防御这些攻击以及类似攻击,答案并不明显。我们的高科技供应链复杂且国际化。真主党的寻呼机来自一家总部位于匈牙利的公司,而这些寻呼机是从台湾采购的,这没有引起警觉,因为这种事情再正常不过了。美国人购买的大多数电子产品都来自海外,包括我们的iPhone,它的零部件来自几十个国家,然后主要在中国组装。
That’s a hard problem to fix. We can’t imagine Washington passing a law requiring iPhones to be made entirely in the United States. Labor costs are too high, and our country doesn’t have the domestic capacity to make these things. Our supply chains are deeply, inexorably international, and changing that would require bringing global economies back to the 1980s.
这是个很难解决的问题。我们无法想象华盛顿会通过一项法律,要求iPhone完全在美国制造。劳动力成本太高,而我国国内又不具备生产这些产品的能力。我们的供应链已经深度的国际化了,这是不可阻挡的,改变这一点需要将全球经济带回20世纪80年代。
So what happens now? As for Hezbollah, its leaders and operatives will no longer be able to trust equipment connected to a network — very likely one of the primary goals of the attacks. And the world will have to wait to see if there are any long-term effects of this attack, or how the group will respond.
所以,现在该怎么办?对于真主党来说,它的领导人和特工将无法再信任与网络相连的设备——这很可能是袭击的主要目标之一。这次袭击是否有任何长期影响,该组织将会如何回应,全世界还得拭目以待。
But now that the line has been crossed, other countries will almost certainly start to consider this sort of tactic as within bounds. It could be deployed against a military during a war, or against civilians in the run-up to a war. And developed countries like the United States will be especially vulnerable, simply because of the sheer number of vulnerable devices we have.
但是,既然现在这条底线已被越过,其他国家几乎肯定会开始认为,这种战术是可以接受的。它可以在战争期间用来对付军队,也可以在战争前夕用来对付平民。像美国这样的发达国家尤其容易受到攻击,因为我们拥有大量易受攻击的设备。
Bruce Schneier是一名安全技术专家,也是哈佛大学肯尼迪学院的讲师,著有《A Hacker’s Mind: How the Powerful Bend Society’s Rules, and How to Bend Them Back》。 翻译:纽约时报中文网