Mikko Hypponen: Fighting viruses, defending the net

270,034 views ・ 2011-07-20

TED


請雙擊下方英文字幕播放視頻。

譯者: Cheng-An Li 審譯者: Sunshine Wang
00:15
I love the Internet.
0
15260
3000
我愛網路。
00:18
It's true.
1
18260
2000
這是實在話。
00:20
Think about everything it has brought us.
2
20260
2000
想想看它所帶給我們的一切。
00:22
Think about all the services we use,
3
22260
3000
想想我們所使用的所有服務,
00:25
all the connectivity,
4
25260
2000
所有的網絡連結與通訊,
00:27
all the entertainment,
5
27260
2000
一切的娛樂,
00:29
all the business, all the commerce.
6
29260
3000
全部的商業與經濟活動,
00:32
And it's happening during our lifetimes.
7
32260
3000
而它就在我們這一代發生了。
00:35
I'm pretty sure that one day
8
35260
3000
我非常肯定將來有一天
00:38
we'll be writing history books
9
38260
2000
我們在撰寫歷史典籍時,
00:40
hundreds of years from now. This time
10
40260
3000
也許等到距今數百年之後,
00:43
our generation will be remembered
11
43260
3000
這一次,我們這一個世代的人類將會永傳千古,
00:46
as the generation that got online,
12
46260
3000
因為這是一個開始使用網際網路的年代,
00:49
the generation
13
49260
2000
我們這一代,
00:51
that built something really and truly global.
14
51260
3000
建構出貨真價實,具體可見的全球化。
00:54
But yes, it's also true
15
54260
3000
然而,我承認,
00:57
that the Internet has problems, very serious problems,
16
57260
3000
網際網路本身是有問題的,而且是非常嚴重的難題。
01:00
problems with security
17
60260
3000
就是網路的安全性令人堪憂,
01:03
and problems with privacy.
18
63260
3000
還有網路上的隱私疑慮。
01:06
I've spent my career
19
66260
2000
我竭盡個人之所能
01:08
fighting these problems.
20
68260
3000
尋找出這些困境。
01:11
So let me show you something.
21
71260
3000
所以且容我向各位展示一些成果。
01:15
This here
22
75260
2000
在這裡,
01:17
is Brain.
23
77260
2000
就是電腦病毒始祖「大腦」(Brain)
01:19
This is a floppy disk
24
79260
2000
這是一片電腦磁碟片。
01:21
-- five and a quarter-inch floppy disk
25
81260
2000
5¼ 英吋的古早磁碟片
01:23
infected by Brain.A.
26
83260
2000
受到「大腦A」病毒的感染。
01:25
It's the first virus we ever found
27
85260
2000
對於個人電腦而言
01:27
for PC computers.
28
87260
2000
這是有史以來第一個病毒。
01:30
And we actually know
29
90260
2000
而我們的確也知道
01:32
where Brain came from.
30
92260
2000
「大腦」源自於何處。
01:34
We know because it says so
31
94260
2000
我們之所以知道,是因為
01:36
inside the code.
32
96260
2000
在病毒碼裡頭有註明出處。
01:38
Let's take a look.
33
98260
3000
現在讓我們瞧瞧。
01:45
All right.
34
105260
3000
出來了。
01:48
That's the boot sector of an infected floppy,
35
108260
3000
那裡是遭到病毒感染的啟動磁區。
01:51
and if we take a closer look inside,
36
111260
3000
倘若我們深入內部去看,
01:54
we'll see that right there,
37
114260
2000
就在那裡,我們會發現,
01:56
it says, "Welcome to the dungeon."
38
116260
4000
它說:「歡迎光臨18層地獄。」
02:00
And then it continues,
39
120260
2000
接著它說:
02:02
saying, 1986, Basit and Amjad.
40
122260
3000
「於1986年製造,製造者:Basit 和 Amjad。」
02:05
And Basit and Amjad are first names,
41
125260
3000
Basit 和 Amjad 是名字,
02:08
Pakistani first names.
42
128260
2000
巴基斯坦人的名字。
02:10
In fact, there's a phone number and an address in Pakistan.
43
130260
3000
其實,這裡有附一支巴基斯坦的電話號碼和住址。
02:13
(Laughter)
44
133260
5000
(笑聲)
02:18
Now, 1986.
45
138260
3000
曾經,1986年。
02:21
Now it's 2011.
46
141260
2000
如今,已2011年了。
02:23
That's 25 years ago.
47
143260
2000
整整25年之久。
02:25
The PC virus problem is 25 years old now.
48
145260
4000
個人電腦遭受病毒感染的問題已經存在了25年之久。
02:29
So half a year ago,
49
149260
2000
所以半年前,我決定
02:31
I decided to go to Pakistan myself.
50
151260
3000
自己親身實地到巴基斯坦走一趟。
02:34
So let's see, here's a couple of photos I took while I was in Pakistan.
51
154260
3000
來欣賞一下幾張在當地所拍攝的照片。
02:37
This is from the city of Lahore,
52
157260
2000
這是拉合爾城(Lahore,巴國第二大城)
02:39
which is around 300 kilometers south
53
159260
2000
距離阿伯塔巴德南方300公里,
02:41
from Abbottabad, where Bin Laden was caught.
54
161260
3000
阿伯塔巴德就是賓拉登被狙殺的地點。
02:44
Here's a typical street view.
55
164260
3000
這張是典型當地的街道。
02:47
And here's the street or road leading to this building,
56
167260
3000
沿著這裡的這條路,可以直達那座建築物。
02:50
which is 730 Nizam block at Allama Iqbal Town.
57
170260
4000
地址是阿拉馬伊克巴爾鎮,尼扎姆區,730號。
02:54
And I knocked on the door.
58
174260
2000
我跑去敲敲門。
02:56
(Laughter)
59
176260
2000
(笑聲)
02:58
You want to guess who opened the door?
60
178260
2000
猜猜應門的人是誰?
03:00
Basit and Amjad; they are still there.
61
180260
2000
居然是Basit 和 Amjad,他們還住在25年前的地方!
03:02
(Laughter)
62
182260
2000
(笑聲)
03:04
(Applause)
63
184260
4000
(掌聲)
03:08
So here standing up is Basit.
64
188260
3000
站著的這位就是Basit。
03:11
Sitting down is his brother Amjad.
65
191260
3000
而坐著的是他的兄弟Amjad。
03:14
These are the guys who wrote the first PC virus.
66
194260
3000
這兩位就是寫出個人電腦病毒始祖的老兄。
03:17
Now of course, we had a very interesting discussion.
67
197260
3000
想當然爾,我們聊得很愉快。
03:20
I asked them why.
68
200260
2000
我問他們原因。
03:22
I asked them how they feel about what they started.
69
202260
3000
還有他們對於無意間所造成日後病毒肆虐的感想。
03:25
And I got some sort of satisfaction
70
205260
3000
結果我得到了某種莫名的滿足感,
03:28
from learning that both Basit and Amjad
71
208260
3000
因為得知這兩位仁兄
03:31
had had their computers infected dozens of times
72
211260
3000
這麼多年來,他們自己的電腦
03:34
by completely unrelated other viruses
73
214260
2000
也一直頻頻中毒,而且是其它人
03:36
over these years.
74
216260
2000
所寫的新病毒。
03:38
So there is some sort of justice
75
218260
2000
正義終於以某種不知名的形式
03:40
in the world after all.
76
220260
3000
在這個世界得以伸張。
03:44
Now, the viruses that we used to see
77
224260
2000
對於現在的我們來說,
03:46
in the 1980s and 1990s
78
226260
2000
在1980年代至1990年代間習以為常的病毒
03:48
obviously are not a problem any more.
79
228260
3000
顯然是小巫見大巫,無關痛癢了。
03:51
So let me just show you a couple of examples
80
231260
2000
且容我向各位舉幾個例子說明
03:53
of what they used to look like.
81
233260
2000
它們以前長這付模樣。
03:55
What I'm running here
82
235260
2000
就是我現在正在寫下的這串文字。
03:57
is a system that enables me
83
237260
2000
這是一種使我能夠
03:59
to run age-old programs on a modern computer.
84
239260
3000
在新電腦上跑古董程式的作業系統。
04:02
So let me just mount some drives. Go over there.
85
242260
3000
讓我開啟一些硬碟。
04:05
What we have here is a list of old viruses.
86
245260
3000
在此所列的是舊款病毒的清單。
04:08
So let me just run some viruses on my computer.
87
248260
3000
在我的電腦上跑跑看一些病毒。
04:11
For example,
88
251260
2000
例如這個,
04:13
let's go with the Centipede virus first.
89
253260
2000
先從「蜈蚣病毒」著手吧。
04:15
And you can see at the top of the screen,
90
255260
2000
如果你中了這種病毒的話,
04:17
there's a centipede scrolling across your computer
91
257260
2000
你會在螢幕上方看到,
04:19
when you get infected by this one.
92
259260
2000
有一條蜈蚣爬過你的電腦。
04:21
You know that you're infected
93
261260
2000
你知道你的電腦中毒了,
04:23
because it actually shows up.
94
263260
2000
因為它清楚顯示在你眼前。
04:25
Here's another one. This is the virus called Crash,
95
265260
3000
這裡有另一種病毒,它叫作「墜毀」,
04:28
invented in Russia in 1992.
96
268260
2000
1992年由俄國人寫的。
04:30
Let me show you one which actually makes some sound.
97
270260
3000
讓我秀給各位看一個會製造聲音的病毒。
04:34
(Siren noise)
98
274260
6000
(救護車警鈴聲)
04:40
And the last example,
99
280260
2000
還有最後一個病毒,
04:42
guess what the Walker virus does?
100
282260
2000
猜猜看「路人病毒」會耍甚麼把戲?
04:44
Yes, there's a guy walking across your screen
101
284260
2000
一旦中了毒的話,沒錯,有個人就會在
04:46
once you get infected.
102
286260
2000
你電腦螢幕上逛大街呢。
04:48
So it used to be fairly easy to know
103
288260
3000
所以,以往,
04:51
that you're infected by a virus,
104
291260
3000
中毒與否顯而易見。
04:54
when the viruses were written by hobbyists
105
294260
2000
寫這些病毒的怪咖、青少年
04:56
and teenagers.
106
296260
2000
只是為了好玩。
04:58
Today, they are no longer being written
107
298260
2000
今非昔比,現在寫病毒的人
05:00
by hobbyists and teenagers.
108
300260
2000
不再是單純的怪咖和青少年了。
05:02
Today, viruses are a global problem.
109
302260
3000
今天,病毒儼然已成為全球的問題。
05:05
What we have here in the background
110
305260
2000
在我們背後的螢幕上,
05:07
is an example of our systems that we run in our labs,
111
307260
3000
是在我們的實驗室裡所研發的系統之一
05:10
where we track virus infections worldwide.
112
310260
2000
藉此我們追蹤全球各地病毒感染的狀況。
05:12
So we can actually see in real time
113
312260
2000
我們可以在第一時間看到
05:14
that we've just blocked viruses in Sweden and Taiwan
114
314260
3000
我們不久前才阻絕了在瑞典,台灣,
05:17
and Russia and elsewhere.
115
317260
2000
和俄國以及遍佈全球的病毒。
05:19
In fact, if I just connect back to our lab systems
116
319260
3000
事實上,假如我經由網路連線到
05:22
through the Web,
117
322260
2000
我們實驗室的系統,
05:24
we can see in real time
118
324260
2000
我們便可以立即看到
05:26
just some kind of idea of how many viruses,
119
326260
3000
每天有多少種的病毒,
05:29
how many new examples of malware we find every single day.
120
329260
3000
有多少新的惡意程式被我們發現到。
05:32
Here's the latest virus we've found,
121
332260
2000
這是我們目前所發現最新的病毒,
05:34
in a file called Server.exe.
122
334260
2000
藏在一個稱為「服務」的執行檔裡。
05:36
And we found it right over here three seconds ago --
123
336260
3000
三秒鐘前我們逮到了它--
05:39
the previous one, six seconds ago.
124
339260
2000
再之前的病毒,是六秒鐘前找到的。
05:41
And if we just scroll around,
125
341260
3000
如果我們往下看,
05:44
it's just massive.
126
344260
2000
數量大得嚇人。
05:46
We find tens of thousands, even hundreds of thousands.
127
346260
3000
我們發現了成千上萬的病毒。
05:49
And that's the last 20 minutes of malware
128
349260
3000
這些只是每一天,在20分鐘裡
05:52
every single day.
129
352260
2000
所發現的惡意程式。
05:54
So where are all these coming from then?
130
354260
3000
那麼這些病毒從何而來?
05:57
Well today, it's the organized criminal gangs
131
357260
4000
嗯,目前都是犯罪幫派集團在
06:01
writing these viruses
132
361260
2000
設計撰寫這些病毒,
06:03
because they make money with their viruses.
133
363260
2000
因為他們可以由此獲利。
06:05
It's gangs like --
134
365260
2000
這些幫派組織就像是--
06:07
let's go to GangstaBucks.com.
135
367260
3000
讓我們造訪一下GangstaBucks.com這個網站,
06:10
This is a website operating in Moscow
136
370260
3000
這個網站在莫斯科管理運作,
06:13
where these guys are buying infected computers.
137
373260
4000
這些人買賣中毒的電腦。
06:17
So if you are a virus writer
138
377260
2000
假設你會寫病毒程式,
06:19
and you're capable of infecting Windows computers,
139
379260
2000
而且能讓微軟作業系統的電腦中毒,
06:21
but you don't know what to do with them,
140
381260
2000
但不知道該拿那些中毒的電腦怎麼辦,
06:23
you can sell those infected computers --
141
383260
2000
你可以賣掉它們--
06:25
somebody else's computers -- to these guys.
142
385260
2000
把別人的電腦賣給架設這個網站的人。
06:27
And they'll actually pay you money for those computers.
143
387260
4000
他們也真的會付錢給你。
06:31
So how do these guys then monetize
144
391260
3000
那麼這些人又如何以
06:34
those infected computers?
145
394260
2000
中毒的電腦獲利?
06:36
Well there's multiple different ways,
146
396260
2000
嗯,賺錢的方式多的是,
06:38
such as banking trojans, which will steal money from your online banking accounts
147
398260
3000
像是銀行木馬,當你使用網路銀行時,就可以
06:41
when you do online banking,
148
401260
3000
從你的網路銀行帳戶偷錢,
06:44
or keyloggers.
149
404260
3000
或植入按鍵記錄程式。
06:47
Keyloggers silently sit on your computer, hidden from view,
150
407260
4000
按鍵記錄程式靜悄悄地躲在電腦裡,你根本無從得知,
06:51
and they record everything you type.
151
411260
3000
它紀錄你所按下的每個鍵。
06:54
So you're sitting on your computer and you're doing Google searches.
152
414260
3000
所以當你坐在電腦前用Google搜尋時,
06:57
Every single Google search you type
153
417260
2000
你在鍵盤上輸入的每一筆搜尋
06:59
is saved and sent to the criminals.
154
419260
3000
都會被儲存並寄給駭客。
07:02
Every single email you write is saved and sent to the criminals.
155
422260
3000
你寫的每封電子郵件也會被儲存並寄給駭客。
07:05
Same thing with every single password and so on.
156
425260
4000
每當你輸入密碼時,同樣的事情一而再,再而三的發生。
07:09
But the thing that they're actually looking for most
157
429260
2000
但是他們最想知道的事情是
07:11
are sessions where you go online
158
431260
2000
你上網的時段,
07:13
and do online purchases in any online store.
159
433260
3000
在哪間線上商店購物。
07:16
Because when you do purchases in online stores,
160
436260
2000
因為當你在網路購物時,
07:18
you will be typing in your name, the delivery address,
161
438260
3000
你會輸入姓名、配送地址、
07:21
your credit card number and the credit card security codes.
162
441260
3000
信用卡號和信用卡的安全碼。
07:24
And here's an example of a file
163
444260
2000
這是一個例子,
07:26
we found from a server a couple of weeks ago.
164
446260
2000
幾週前從一個伺服器上發現的。
07:28
That's the credit card number,
165
448260
2000
這是信用卡卡號,
07:30
that's the expiration date, that's the security code,
166
450260
2000
卡片有效期限,和安全碼,
07:32
and that's the name of the owner of the card.
167
452260
2000
還有持卡人姓名。
07:34
Once you gain access to other people's credit card information,
168
454260
3000
一旦取得他人的信用卡資訊,
07:37
you can just go online and buy whatever you want
169
457260
2000
掌握了這些資訊,你就可以上網買東西,
07:39
with this information.
170
459260
3000
愛買什麼就買什麼。
07:42
And that, obviously, is a problem.
171
462260
2000
這,顯然是個大問題。
07:44
We now have a whole underground marketplace
172
464260
4000
現在,非法地下經濟活動,
07:48
and business ecosystem
173
468260
3000
和網路商務系統,
07:51
built around online crime.
174
471260
3000
全被網路犯罪所宰制。
07:54
One example of how these guys
175
474260
2000
來看一個利用種種網路犯罪手法
07:56
actually are capable of monetizing their operations:
176
476260
3000
成功偷到錢的例子。
07:59
we go and have a look at the pages of INTERPOL
177
479260
3000
我們來看看INTERPOL的網頁,
08:02
and search for wanted persons.
178
482260
2000
搜尋一些通緝要犯。
08:04
We find guys like Bjorn Sundin, originally from Sweden,
179
484260
3000
可以發現像是從瑞典來的Bjorn Sundin,
08:07
and his partner in crime,
180
487260
2000
和他的犯案同夥,
08:09
also listed on the INTERPOL wanted pages,
181
489260
2000
都在INTERPOL網頁中榜上有名,
08:11
Mr. Shaileshkumar Jain,
182
491260
2000
Shaileshkumar Jain先生
08:13
a U.S. citizen.
183
493260
2000
是美國公民。
08:15
These guys were running an operation called I.M.U.,
184
495260
3000
這批人以前的手法是操作 I.M.U.,
08:18
a cybercrime operation through which they netted millions.
185
498260
3000
一種網路犯罪手法,他們從網路上非法取得好幾百萬元。
08:21
They are both right now on the run.
186
501260
3000
他們現在都在跑路。
08:24
Nobody knows where they are.
187
504260
2000
跑的無影無蹤。
08:26
U.S. officials, just a couple of weeks ago,
188
506260
2000
就在幾週前,美國警方
08:28
froze a Swiss bank account
189
508260
2000
凍結在瑞士,Jain先生名下的
08:30
belonging to Mr. Jain,
190
510260
2000
一個銀行帳戶,
08:32
and that bank account had 14.9 million U.S. dollars on it.
191
512260
4000
戶頭裡有高達1,490萬美元的存款。
08:36
So the amount of money online crime generates
192
516260
3000
由此可知網路犯罪所竊取的金錢
08:39
is significant.
193
519260
2000
數量之龐大,非常驚人。
08:41
And that means that the online criminals
194
521260
2000
這也意謂著,網路犯罪駭客
08:43
can actually afford to invest into their attacks.
195
523260
3000
其實負擔得起研發這些病毒的開銷。
08:46
We know that online criminals
196
526260
2000
據我們所知,網路犯罪駭客
08:48
are hiring programmers, hiring testing people,
197
528260
3000
聘請程式設計師,和測試人員,
08:51
testing their code,
198
531260
2000
去測試他們程式碼,
08:53
having back-end systems with SQL databases.
199
533260
3000
並建立支援SQL資料庫查詢語法的後端管理系統。
08:56
And they can afford to watch how we work --
200
536260
3000
而且他們負擔得起監視我們--
08:59
like how security people work --
201
539260
2000
好比警衛、保全如何運作--
09:01
and try to work their way around
202
541260
2000
然後試圖繞過任何
09:03
any security precautions we can build.
203
543260
2000
我們所建立的防毒保護系統。
09:05
They also use the global nature of Internet
204
545260
3000
同樣地,他們也運用網路的全球性
09:08
to their advantage.
205
548260
2000
建立優勢。
09:10
I mean, the Internet is international.
206
550260
2000
我的意思是網路是無國界的。
09:12
That's why we call it the Internet.
207
552260
2000
這也正是我們以此命名的原因。
09:14
And if you just go and take a look
208
554260
2000
如果各位去看一看
09:16
at what's happening in the online world,
209
556260
3000
網路世界正在發生什麼事,
09:19
here's a video built by Clarified Networks,
210
559260
2000
這是Clarified Networks製作的影片,
09:21
which illustrates how one single malware family is able to move around the world.
211
561260
4000
描述一個惡意網站如何隨時在世界各地轉換落腳處。
09:25
This operation, believed to be originally from Estonia,
212
565260
3000
據信該網站源自於愛沙尼亞,
09:28
moves around from one country to another
213
568260
2000
就在有人試圖關閉這個網站時,
09:30
as soon as the website is tried to shut down.
214
570260
2000
它立刻從一個國家轉到另一個國家,
09:32
So you just can't shut these guys down.
215
572260
3000
根本關不掉這個網站。
09:35
They will switch from one country to another,
216
575260
2000
他們會從一個國家鑽到另一個國家,
09:37
from one jurisdiction to another --
217
577260
2000
由這個管轄區鑽到另一個管轄區,
09:39
moving around the world,
218
579260
2000
在全世界流竄,
09:41
using the fact that we don't have the capability
219
581260
2000
利用我們的弱點--
09:43
to globally police operations like this.
220
583260
3000
無法組織世界警察機構的憾事。
09:46
So the Internet is as if
221
586260
2000
所以網路就好比
09:48
someone would have given free plane tickets
222
588260
2000
贈送免費機票,
09:50
to all the online criminals of the world.
223
590260
3000
給全世界的網路罪犯。
09:53
Now, criminals who weren't capable of reaching us before
224
593260
3000
這些罪犯以往無法追蹤到我們,
09:56
can reach us.
225
596260
2000
現在卻可以了。
09:58
So how do you actually go around finding online criminals?
226
598260
3000
所以該如逮到這些網路罪犯呢?
10:01
How do you actually track them down?
227
601260
2000
該如何追蹤他們?
10:03
Let me give you an example.
228
603260
2000
舉個例子。
10:05
What we have here is one exploit file.
229
605260
3000
這是一個木馬程式。
10:08
Here, I'm looking at the Hex dump of an image file,
230
608260
4000
我眼前的是十六進位的圖檔,
10:12
which contains an exploit.
231
612260
2000
裡頭藏了一個木馬。
10:14
And that basically means, if you're trying to view this image file on your Windows computer,
232
614260
3000
基本上,這意謂著,如果你在微軟系統電腦上瀏覽該圖檔,
10:17
it actually takes over your computer and runs code.
233
617260
3000
那麼木馬會掌控電腦,執行病毒。
10:20
Now, if you'll take a look at this image file --
234
620260
3000
現在,如果請各位看看這個圖檔--
10:23
well there's the image header,
235
623260
2000
這裡有個影像的標頭,
10:25
and there the actual code of the attack starts.
236
625260
3000
這就是攻擊電腦的病毒碼源頭。
10:28
And that code has been encrypted,
237
628260
2000
病毒碼已事先加密保護。
10:30
so let's decrypt it.
238
630260
2000
好,我們來解密。
10:32
It has been encrypted with XOR function 97.
239
632260
2000
這是由XOR執行97加密保護的。
10:34
You just have to believe me,
240
634260
2000
你必須相信我,
10:36
it is, it is.
241
636260
2000
它真的是,真的。
10:38
And we can go here
242
638260
2000
我們到這裡,
10:40
and actually start decrypting it.
243
640260
2000
開始解密。
10:42
Well the yellow part of the code is now decrypted.
244
642260
2000
嗯,黃色部份的碼目前已解完了。
10:44
And I know, it doesn't really look much different from the original.
245
644260
3000
我知道,已解碼處的確和原來看似相去不遠。
10:47
But just keep staring at it.
246
647260
2000
不過,只要持續盯著看。
10:49
You'll actually see that down here
247
649260
2000
各位就可以看到在下方,
10:51
you can see a Web address:
248
651260
2000
有一個網址:
10:53
unionseek.com/d/ioo.exe
249
653260
6000
unionc.com/d/ioo.exe。
10:59
And when you view this image on your computer
250
659260
2000
當你在電腦上瀏覽該圖片時,
11:01
it actually is going to download and run that program.
251
661260
2000
執行檔就會開始下載並且操作。
11:03
And that's a backdoor which will take over your computer.
252
663260
3000
那就是控制你的電腦的後門。
11:06
But even more interestingly,
253
666260
2000
但是更引人入勝的是,
11:08
if we continue decrypting,
254
668260
2000
假如我們繼續解密,
11:10
we'll find this mysterious string,
255
670260
2000
會找到這條隱密的線索,
11:12
which says O600KO78RUS.
256
672260
5000
O600KO78RUS。
11:17
That code is there underneath the encryption
257
677260
2000
那組碼就藏匿於加密下,
11:19
as some sort of a signature.
258
679260
2000
類似某種簽名檔。
11:21
It's not used for anything.
259
681260
2000
沒有任何功能。
11:23
And I was looking at that, trying to figure out what it means.
260
683260
3000
我看著簽名檔,試著解開謎底。
11:26
So obviously I Googled for it.
261
686260
2000
當然我上Google搜尋。
11:28
I got zero hits; wasn't there.
262
688260
2000
零; 毫無任何結果。
11:30
So I spoke with the guys at the lab.
263
690260
2000
所以我和實驗室的人討論。
11:32
And we have a couple of Russian guys in our labs,
264
692260
2000
有幾個人是從俄國來的,
11:34
and one of them mentioned,
265
694260
2000
其中一個提到,
11:36
well, it ends in RUS like Russia.
266
696260
2000
嗯,它結尾的rus和俄國前三個字母相同。
11:38
And 78 is the city code
267
698260
2000
78是聖彼得堡的
11:40
for the city of St. Petersburg.
268
700260
2000
城市代碼。
11:42
For example, you can find it from some phone numbers
269
702260
2000
可以從電話號碼或汽車牌照
11:44
and car license plates and stuff like that.
270
704260
3000
之類的東西找到。
11:47
So I went looking for contacts in St. Petersburg,
271
707260
3000
所以我開始找和聖彼得堡的關聯性。
11:50
and through a long road,
272
710260
2000
經過漫長的搜尋,
11:52
we eventually found this one particular website.
273
712260
4000
終於有所獲展,鎖定了這個網站。
11:56
Here's this Russian guy who's been operating online for a number of years
274
716260
3000
某個俄國人經營多年
11:59
who runs his own website,
275
719260
2000
這個屬於他自己的網站,
12:01
and he runs a blog under the popular Live Journal.
276
721260
3000
他也寫一個Live期刊網站上,頗受歡迎的的部落格。
12:04
And on this blog, he blogs about his life,
277
724260
2000
在部落格裡,有他生活的紀錄,
12:06
about his life in St. Petersburg --
278
726260
2000
在聖彼得堡的點點滴滴--
12:08
he's in his early 20s --
279
728260
2000
他正值20出頭--
12:10
about his cat,
280
730260
2000
寫他的貓咪,
12:12
about his girlfriend.
281
732260
2000
寫他的女友。
12:14
And he drives a very nice car.
282
734260
2000
還有寫他開的頂級轎車。
12:16
In fact, this guy drives
283
736260
3000
事實上,他開的是
12:19
a Mercedes-Benz S600
284
739260
2000
賓士S600
12:21
V12
285
741260
2000
V12
12:23
with a six-liter engine
286
743260
2000
配備六加侖
12:25
with more than 400 horsepower.
287
745260
2000
超過400馬力的引擎。
12:27
Now that's a nice car for a 20-something year-old kid in St. Petersburg.
288
747260
4000
對於一個住在聖彼得堡,20出頭的年輕小夥子,這的確是台好車。
12:31
How do I know about this car?
289
751260
2000
我從何得知這部車的資訊呢?
12:33
Because he blogged about the car.
290
753260
2000
因為他寫在網誌裡。
12:35
He actually had a car accident.
291
755260
2000
他出過一次車禍,
12:37
In downtown St. Petersburg,
292
757260
2000
在聖彼得堡市中心,
12:39
he actually crashed his car into another car.
293
759260
2000
他的車撞上另一輛車。
12:41
And he put blogged images about the car accident --
294
761260
2000
而且他還上傳車禍的照片--
12:43
that's his Mercedes --
295
763260
2000
這就是他撞壞的賓士--
12:45
right here is the Lada Samara he crashed into.
296
765260
4000
這就是被撞的拉達車(Lada Samara,前蘇聯國營車廠)。
12:49
And you can actually see that the license plate of the Samara
297
769260
3000
你可以看到 Samara的車牌號碼,
12:52
ends in 78RUS.
298
772260
2000
結尾是78RUS。
12:54
And if you actually take a look at the scene picture,
299
774260
3000
如果睜大眼睛仔細看這張照片,
12:57
you can see that the plate of the Mercedes
300
777260
2000
可以找到賓士的車牌號碼
12:59
is O600KO78RUS.
301
779260
6000
就是O600KO78RUS。
13:05
Now I'm not a lawyer,
302
785260
2000
我不是律師,
13:07
but if I would be,
303
787260
2000
但假如我是,
13:09
this is where I would say, "I rest my case."
304
789260
3000
我就會說:「案子可以結了。」
13:12
(Laughter)
305
792260
2000
(笑聲)
13:14
So what happens when online criminals are caught?
306
794260
3000
所以要是網路罪犯被抓到了呢?
13:17
Well in most cases it never gets this far.
307
797260
3000
嗯,大部分案子從沒這種圓滿的結局。
13:20
The vast majority of the online crime cases,
308
800260
2000
絕大多數的網路犯罪案件中,
13:22
we don't even know which continent the attacks are coming from.
309
802260
3000
我們甚至不清楚攻擊來自於哪洲。
13:25
And even if we are able to find online criminals,
310
805260
3000
就算我們找到網路罪犯,
13:28
quite often there is no outcome.
311
808260
2000
通常很有可能是毫無所獲,
13:30
The local police don't act, or if they do, there's not enough evidence,
312
810260
3000
當地警方不會採取行動,即便行動了,也沒有足夠證據,
13:33
or for some reason we can't take them down.
313
813260
2000
或因為某些因素無法逮捕他們。
13:35
I wish it would be easier;
314
815260
2000
我希望事情可以簡單點;
13:37
unfortunately it isn't.
315
817260
2000
不幸的是,事與願違。
13:39
But things are also changing
316
819260
3000
但事情正在
13:42
at a very rapid pace.
317
822260
3000
快速的改變。
13:45
You've all heard about things like Stuxnet.
318
825260
3000
各位都聽過Stuxnet的事。
13:48
So if you look at what Stuxnet did
319
828260
3000
如果你看看Stuxnet所做的
13:51
is that it infected these.
320
831260
2000
就是使這些遭受病毒感染。
13:53
That's a Siemens S7-400 PLC,
321
833260
3000
那是西門子的S7 400PLC,
13:56
programmable logic [controller].
322
836260
2000
可程式化的邏輯運算電腦。
13:58
And this is what runs our infrastructure.
323
838260
3000
使基礎建設得以運轉的電腦。
14:01
This is what runs everything around us.
324
841260
3000
我們身邊所有配備都需要它。
14:04
PLC's, these small boxes which have no display,
325
844260
3000
這些PLC's只有小巧的盒子,毋需顯示器,
14:07
no keyboard,
326
847260
2000
也不用鍵盤,
14:09
which are programmed, are put in place, and they do their job.
327
849260
2000
設定好程式,就定位,各司其職。
14:11
For example, the elevators in this building
328
851260
2000
例如,這棟建築物的電梯,
14:13
most likely are controlled by one of these.
329
853260
4000
很有可能由PLC所控制。
14:17
And when Stuxnet infects one of these,
330
857260
3000
當Stunet使其中之一中毒,
14:20
that's a massive revolution
331
860260
2000
會出大亂的,
14:22
on the kinds of risks we have to worry about.
332
862260
3000
我們得擔心這一類的危險。
14:25
Because everything around us is being run by these.
333
865260
3000
因為生活裡充滿了PLC控制的東西。
14:28
I mean, we have critical infrastructure.
334
868260
2000
尤其是重要的基礎建設。
14:30
You go to any factory, any power plant,
335
870260
3000
任何一座工廠、電廠、
14:33
any chemical plant, any food processing plant,
336
873260
2000
化學工廠、食物處理廠,
14:35
you look around --
337
875260
2000
映入眼簾的--
14:37
everything is being run by computers.
338
877260
2000
一切都由電腦所控制。
14:39
Everything is being run by computers.
339
879260
2000
全部都是電腦化。
14:41
Everything is reliant on these computers working.
340
881260
3000
一切都仰賴電腦。
14:44
We have become very reliant
341
884260
3000
我們變得非常
14:47
on Internet,
342
887260
2000
依靠網路,
14:49
on basic things like electricity, obviously,
343
889260
3000
基本的事情,像是電力,
14:52
on computers working.
344
892260
2000
還有電腦運算。
14:54
And this really is something
345
894260
2000
代誌真的很大條了,
14:56
which creates completely new problems for us.
346
896260
2000
新的問題產生了。
14:58
We must have some way
347
898260
2000
萬一有一天,電腦再也不行了,
15:00
of continuing to work
348
900260
2000
我們要有因應之道
15:02
even if computers fail.
349
902260
3000
才能永續經營。
15:12
(Laughter)
350
912260
2000
(笑聲)
15:14
(Applause)
351
914260
10000
(掌聲)
15:24
So preparedness means that we can do stuff
352
924260
3000
所以我們要未雨綢繆,以因應
15:27
even when the things we take for granted
353
927260
2000
我們視為理所當然的事物
15:29
aren't there.
354
929260
2000
萬一停擺了。
15:31
It's actually very basic stuff --
355
931260
2000
這是非常基本的想法--
15:33
thinking about continuity, thinking about backups,
356
933260
3000
思考永續經營、思考退路與備案、
15:36
thinking about the things that actually matter.
357
936260
3000
思考關於真正重要的事情。
15:39
Now I told you --
358
939260
3000
現在,我跟各位說--
15:42
(Laughter)
359
942260
2000
(笑聲)
15:44
I love the Internet. I do.
360
944260
4000
我真的愛網路。真的。
15:48
Think about all the services we have online.
361
948260
3000
想想看網路上的所有服務。
15:51
Think about if they are taken away from you,
362
951260
3000
想想看萬一有天它們不存在了,
15:54
if one day you don't actually have them
363
954260
2000
因為某些因素,
15:56
for some reason or another.
364
956260
2000
哪天就再也不能使用了。
15:58
I see beauty in the future of the Internet,
365
958260
3000
我可以預見網路的未來之美,
16:01
but I'm worried
366
961260
2000
但是我也擔憂
16:03
that we might not see that.
367
963260
2000
我們可能看不到。
16:05
I'm worried that we are running into problems
368
965260
2000
我憂心的是我們將會遇到
16:07
because of online crime.
369
967260
2000
網路犯罪的問題。
16:09
Online crime is the one thing
370
969260
2000
網路犯罪是有可能
16:11
that might take these things away from us.
371
971260
2000
把這一切從我們身邊奪走。
16:13
(Laughter)
372
973260
3000
(笑聲)
16:16
I've spent my life
373
976260
2000
我窮盡一生精力
16:18
defending the Net,
374
978260
3000
去捍衛網路安全。
16:21
and I do feel that if we don't fight online crime,
375
981260
3000
我的確感到,假如我們不打擊網路犯罪,
16:24
we are running a risk of losing it all.
376
984260
4000
有極大的風險會全盤盡失。
16:28
We have to do this globally,
377
988260
3000
我們必須以全球化的方式,
16:31
and we have to do it right now.
378
991260
3000
從這一刻起,打擊網路犯罪。
16:34
What we need
379
994260
2000
我們需要確實執行
16:36
is more global, international law enforcement work
380
996260
3000
更全球化、跨國的法律
16:39
to find online criminal gangs --
381
999260
2000
以揪出網路罪犯的幫派--
16:41
these organized gangs
382
1001260
2000
這些藉由病毒攻擊
16:43
that are making millions out of their attacks.
383
1003260
2000
獲利數百萬美元集團化的幫派。
16:45
That's much more important
384
1005260
2000
相較於防毒軟體或防火牆,
16:47
than running anti-viruses or running firewalls.
385
1007260
2000
這才是治本之道。
16:49
What actually matters
386
1009260
2000
重要的是如何直搗
16:51
is actually finding the people behind these attacks,
387
1011260
2000
發動病毒攻擊的藏鏡人的巢穴。
16:53
and even more importantly,
388
1013260
2000
還有更重要的是,
16:55
we have to find the people
389
1015260
2000
我們得找出這群
16:57
who are about to become
390
1017260
2000
潛在的未來
16:59
part of this online world of crime,
391
1019260
2000
網路犯罪份子。
17:01
but haven't yet done it.
392
1021260
2000
革命尚未成功,同志仍需努力。
17:03
We have to find the people with the skills,
393
1023260
3000
我們得找出具備網路犯罪能力,
17:06
but without the opportunities
394
1026260
2000
但還沒犯案的人,
17:08
and give them the opportunities
395
1028260
2000
給他們機會
17:10
to use their skills for good.
396
1030260
3000
造福網路社群。
17:13
Thank you very much.
397
1033260
2000
非常感謝各位。
17:15
(Applause)
398
1035260
13000
(掌聲)
關於本網站

本網站將向您介紹對學習英語有用的 YouTube 視頻。 您將看到來自世界各地的一流教師教授的英語課程。 雙擊每個視頻頁面上顯示的英文字幕,從那裡播放視頻。 字幕與視頻播放同步滾動。 如果您有任何意見或要求,請使用此聯繫表與我們聯繫。

https://forms.gle/WvT1wiN1qDtmnspy7