Good afternoon. If you have followed diplomatic news in the past weeks, you may have heard of a kind of crisis between China and the U.S. regarding cyberattacks against the American company Google. Many things have been said about this. Some people have called a cyberwar what may actually be just a spy operation -- and obviously, a quite mishandled one. However, this episode reveals the growing anxiety in the Western world regarding these emerging cyber weapons.
大家午安 如果各位有在關注 過去幾週的國際外交新聞的話, 可能會注意到關於 中美之間 網路攻擊事件的新聞 遭受攻擊的對象是美國科技公司谷歌 外界對於這次的攻擊事件眾說紛紜 有人把它視為中美兩國間網路開戰 其實這事件比較有可能是 一個間諜行動 -- 而且很顯然是個相當失敗的行動。 這則小插曲也顯露出 西方國家對 數位武器問題的關切日益升高。
It so happens that these weapons are dangerous. They're of a new nature: they could lead the world into a digital conflict that could turn into an armed struggle. These virtual weapons can also destroy the physical world. In 1982, in the middle of the Cold War in Soviet Siberia, a pipeline exploded with a burst of 3 kilotons, the equivalent of a fourth of the Hiroshima bomb. Now we know today -- this was revealed by Thomas Reed, Ronald Reagan's former U.S. Air Force Secretary -- this explosion was actually the result of a CIA sabotage operation, in which they had managed to infiltrate the IT management systems of that pipeline.
這個問題則肇因於數位武器所具有的危險性。 數位武器 足以導致全球 陷入數位化的戰爭 最終甚至演變爲真實世界的軍事衝突 這些虛擬武器亦具備足以摧毀我們實體世界的力量。 在1982年,冷戰期間 西伯利亞承載量高達三千噸 的輸油管線發生爆炸 釋放的能量相當於四分之一廣島核彈的威力 這個事件, 乃是由雷根總統任內的前美國空軍部長 湯馬士.里得所披露出來的 -- 這次爆炸實際上是 由於美國中央情報局的突襲行動所導致, 美軍在該行動中入侵蘇聯的 輸油管線的資訊管理系統 進行破壞。
More recently, the U.S. government revealed that in September 2008, more than 3 million people in the state of Espirito Santo in Brazil were plunged into darkness, victims of a blackmail operation from cyber pirates. Even more worrying for the Americans, in December 2008 the holiest of holies, the IT systems of CENTCOM, the central command managing the wars in Iraq and Afghanistan, may have been infiltrated by hackers who used these: plain but infected USB keys. And with these keys, they may have been able to get inside CENTCOM's systems, to see and hear everything, and maybe even infect some of them. As a result, the Americans take the threat very seriously. I'll quote General James Cartwright, Vice Chairman of the Joint Chiefs of Staff, who says in a report to Congress that cyberattacks could be as powerful as weapons of mass destruction. Moreover, the Americans have decided to spend over 30 billion dollars in the next five years to build up their cyberwar capabilities.
此外,最近美國政府才揭露 2008年九月,在巴西的聖埃斯皮里圖州 超過三百萬人口所經歷的 大規模停電事件 也是網路駭客的傑作。 更令美國擔憂的是 在2008年十二月 中央司令部IT管理系統 負責阿富汗和伊拉克地區 的控制中心 很有可能已經被駭客滲透 他們透過 已經內置病毒的USB設備 以這些特殊USB駭客設備 入侵中央司令部的內部系統 駭客可以一窺內部一切機密信息 甚至動手改變它們 正因如此,美國很嚴肅的看待這件事 我在這裡引述參謀長聯席會議副主席 詹姆士 · 卡特萊上校的一段話 副主席在上呈議會的報告書中提到 網路攻擊的威力之強大就如 大規模毀滅性武器一樣 美國已經決定 在未來的五年 投入超過三百億美元 來儲備網絡武器實力
And across the world today, we see a sort of cyber arms race, with cyberwar units built up by countries like North Korea or even Iran. Yet, what you'll never hear from spokespeople from the Pentagon or the French Department of Defence is that the question isn't really who's the enemy, but actually the very nature of cyber weapons. And to understand why, we must look at how, through the ages, military technologies have maintained or destroyed world peace. For example, if we'd had TEDxParis 350 years ago, we would have talked about the military innovation of the day -- the massive Vauban-style fortifications -- and we could have predicted a period of stability in the world or in Europe. which was indeed the case in Europe between 1650 and 1750.
甚至將其觸角佈局全球 我們看到像這樣的網路軍備競賽 建構如北韓或伊朗 一樣的網絡民兵 及作戰中心 雖然你不曾聽到 美國五角大廈或法國國防部 的發言人發表過相關聲明 問題其實不在 我們將網路武器的矛頭指向誰 而是電子武器的本質 我們必須瞭解開發網路軍備是如何 種下了歐戰可能的種子 軍事科技 絕對有能力影響這個世界的秩序 維護或是破壞世界的和平 如果在350年前 我們就有TEDx巴黎 當我們討論軍備科技時 很有可能講得是傳統沃邦式防禦堡壘 聽到這裡我們已可得知 歐洲的政局穩固了一陣子沒有征戰 沒錯 歐洲在1650年到1750年 這一百年顯得相當寧靜
Similarly, if we'd had this talk 30 or 40 years ago, we would have seen how the rise of nuclear weapons, and the threat of mutually assured destruction they imply, prevents a direct fight between the two superpowers. However, if we'd had this talk 60 years ago, we would have seen how the emergence of new aircraft and tank technologies, which give the advantage to the attacker, make the Blitzkrieg doctrine very credible and thus create the possibility of war in Europe. So military technologies can influence the course of the world, can make or break world peace -- and there lies the issue with cyber weapons.
再者,我們將TEDx巴黎時空 轉換到三四十年前 我們便會發現新興核武正在世界展露頭角 而蘇美兩大勢力正彼此 以核武作為威脅 我們再將時空拉到六十年前 已經可見新型戰鬥機 和坦克車的出現 這對陸軍在歐洲大陸 採取閃電戰的攻擊方式 提供很大的優勢 軍備科技的發展與 世界秩序息息相關 它有能力搗毀或建立起世界的秩序 但網路武器的發展也引起幾個議題
The first issue: Imagine a potential enemy announcing they're building a cyberwar unit, but only for their country's defense. Okay, but what distinguishes it from an offensive unit? It gets even more complicated when the doctrines of use become ambiguous. Just 3 years ago, both the U.S. and France were saying they were investing militarily in cyberspace, strictly to defend their IT systems. But today both countries say the best defense is to attack. And so, they're joining China, whose doctrine of use for 15 years has been both defensive and offensive.
第一個隱憂 假設敵國向你宣稱 他們正在建構電子戰組織 但目的僅是為了抵禦他國的攻擊 好 我們該怎麼劃分 防衛性及攻擊性的電子軍備? 更棘手的是 沒有明文規範這些模糊地帶 就在三年前,美法兩國都 聲稱他們正在開發電子軍備 僅用於保護他們的IT訊息系統 但如今美法兩國改變說法 聲稱主動出擊就是抵禦駭客的最佳辦法 於是他們沿用中國的說法 中國遵循十五年 攻防兼備的原則
The second issue: Your country could be under cyberattack with entire regions plunged into total darkness, and you may not even know who's attacking you. Cyber weapons have this peculiar feature: they can be used without leaving traces. This gives a tremendous advantage to the attacker, because the defender doesn't know who to fight back against. And if the defender retaliates against the wrong adversary, they risk making one more enemy and ending up diplomatically isolated. This issue isn't just theoretical.
第二個問題 每個國家都有可能因為遭受電子攻擊 而區域性斷電陷入黑暗 但你不會知道 攻擊者是誰 網路武器有幾項危險的特徵 他們不留痕跡的 進行破壞 這無疑對攻擊者而言是很大的優勢 因為受害者 甚至不知道該對誰回擊 受害者若胡亂回敬敵人的虛擬砲火 只會增加樹立更多敵人的風險 下場便是外交孤立 這並不是假想的情況
In May 2007, Estonia was the victim of cyberattacks, that damaged its communication and banking systems. Estonia accused Russia. But NATO, though it defends Estonia, reacted very prudently. Why? Because NATO couldn't be 100% sure that the Kremlin was indeed behind these attacks. So to sum up, on the one hand, when a possible enemy announces they're building a cyberwar unit, you don't know whether it's for attack or defense. On the other hand, we know that these weapons give an advantage to attacking.
2007年五月 愛沙尼亞遭受駭客攻擊 癱瘓通訊系統 和金融系統 愛沙尼亞指控俄羅斯 北大西洋公約組織雖然為愛沙尼亞辯護 反應卻甚為保守 為什麼呢? 北大西洋公約組織沒有證據也無法百分之百確定 俄羅斯涉入這次的攻擊事件 簡言之 當你在懷疑敵國 建構一支電子攻擊部隊 你無從得知他是為了防禦 抑或是攻擊 另一方面 我們知道這些武器可具備攻擊的優勢
In a major article published in 1978, Professor Robert Jervis of Columbia University in New York described a model to understand how conflicts could arise. In this context, when you don't know if the potential enemy is preparing for defense or attack, and if the weapons give an advantage to attacking, then this environment is most likely to spark a conflict. This is the environment that's being created by cyber weapons today, and historically it was the environment in Europe at the onset of World War I. So cyber weapons are dangerous by nature, but in addition, they're emerging in a much more unstable environment.
紐約哥倫比亞大學的羅伯.杰維斯教授 在1978年發表的一篇重要文章中 曾提出一個模式 來說明衝突是如何產生的。 在這篇文章中 杰維斯寫道 當你懷疑卻又無從得知你的敵人 是在防禦或是準備進攻 而以電子武器攻擊又是如此不著痕跡 這樣的情形 反而更容易產生衝突 我們現存的世界像個戰場無處不充斥著電子武器 戰場已從一次世界大戰的歐洲大陸 變成今日的虛擬戰場 電子武器的本質 就是非常不穩定且危險的 相較從前,電子武器 正在一個快速劇變的環境中進化 過去在冷戰時期的戰爭
If you remember the Cold War, it was a very hard game, but a stable one played only by two players, which allowed for some coordination between the two superpowers. Today we're moving to a multipolar world in which coordination is much more complicated, as we have seen at Copenhagen. And this coordination may become even trickier with the introduction of cyber weapons. Why? Because no nation knows for sure whether its neighbor is about to attack. So nations may live under the threat of what Nobel Prize winner Thomas Schelling called the "reciprocal fear of surprise attack," as I don't know if my neighbor is about to attack me or not -- I may never know -- so I might take the upper hand and attack first.
是非常艱苦殘酷的 但至少情勢和角色是明確穩定的 美國和蘇聯兩股強大的力量在政治和外交上較勁 我們的世界正朝著多極化發展 其中錯綜複雜的平衡關係 如我們在哥本哈根所見 這樣相互牽制的微妙關係 在電子戰揭開序曲後更難平衡 為什麼?因為沒有一個國家 可以確定它的鄰國 不會突然發動電子攻擊 所以每個國家都活在這片陰影下 諾貝爾獎得主湯馬士 · 斯契林 稱之為 “面對突襲的交互恐懼” 雙方都因恐懼鄰國下ㄧ秒的突襲 不論對方是否真的會發動攻擊 雖無法預測 但以不成為受害者為前提 我應該主動出擊 就在上個星期
Just last week, in a New York Times article dated January 26, 2010, it was revealed for the first time that officials at the National Security Agency were considering the possibility of preemptive attacks in cases where the U.S. was about to be cyberattacked. And these preemptive attacks might not just remain in cyberspace. In May 2009, General Kevin Chilton, commander of the U.S. nuclear forces, stated that in the event of cyberattacks against the U.S., all options would be on the table.
2010年一月26日一篇刊登在紐約的文章寫到 美國國家安全局高層 首度對外承認 曾經考慮過先發制人發佈電子攻擊 因為憂慮美國會遭受 駭客攻擊 這些先發制人的攻擊 可能不僅僅限於 網絡的虛擬世界 在2009年五月 美國核武部隊指揮官 凱文.齊爾頓上將 表示所有針對美國的網絡攻擊事件 籌碼都清楚呈現
Cyber weapons do not replace conventional or nuclear weapons -- they just add a new layer to the existing system of terror. But in doing so, they also add their own risk of triggering a conflict -- as we've just seen, a very important risk -- and a risk we may have to confront with a collective security solution which includes all of us: European allies, NATO members, our American friends and allies, our other Western allies, and maybe, by forcing their hand a little, our Russian and Chinese partners.
數位武器無法取代 常規武器或是核武 電子戰只是增加了戰爭一個面向 但無論誰這麼做 都等同增加自己 與他國產生摩擦的風險 我們已預見危機在前 但我們必須共同承擔面對 集合智囊團並提出權宜之計 所有的人包括 我們的歐洲盟友 北大西洋公約組織的成員們 美國及其盟國 其它西方國家盟友 或許我們應該團結起來 與俄羅斯和中國的夥伴
The information technologies Joël de Rosnay was talking about, which were historically born from military research, are today on the verge of developing an offensive capability of destruction, which could tomorrow, if we're not careful, completely destroy world peace.
法國學者喬.德.侯斯奈 所談到的那些資訊科技 追本溯源乃是由軍事研究產生而來, 到今日已發展成 具有毀滅性的攻擊力量, 如果我們不正視這個問題, 明日它或許就會將和平世界摧毀殆盡。
Thank you.
謝謝各位。
(Applause)
(掌聲)