In 2008, Burhan Hassan, age 17, boarded a flight from Minneapolis to the Horn of Africa. And while Burhan was the youngest recruit, he was not alone. Al-Shabaab managed to recruit over two dozen young men in their late teens and early 20s with a heavy presence on social media platforms like Facebook. With the Internet and other technologies, they've changed our everyday lives, but they've also changed recruitment, radicalization and the front lines of conflict today.
在2008年,一位17歲的 年輕人,布爾漢.漢森, 在明尼亞波利斯登機, 飛往非洲之角意為索馬利亞半島. 雖然布爾漢是徵募兵裡面最年輕的, 但他不是獨自一個人. 索馬利亞青年黨, 計畫從大孩子到20出頭的青年中-- 他們活躍在社交媒體平台,像是臉書-- 招募二十多個年輕人. 網路或是其他科技, 它們改變了我們每天的生活. 但也改變了徵募新兵制,激進主義 以及前線戰火的衝突.
What about the links connecting Twitter, Google and protesters fighting for democracy? These numbers represent Google's public DNS servers, effectively the only digital border crossing protesters had and could use to communicate with each other, to reach the outside world and to spread viral awareness of what was happening in their own country.
你是怎麼看待 連結推特, 谷歌和為了捍衛民主自由權的 抗議群眾呢? 這些數字代表的是Google的 DNS服務器的IP地址, 實際上的唯一一個網絡邊界, 抗議者可以使用它 互相溝通,與外在的世界連結, 並且散播關於他們國家所發生的事, 來引起廣泛的公眾意識.
Today, conflict is essentially borderless. If there are bounds to conflict today, they're bound by digital, not physical geography. And under all this is a vacuum of power where non-state actors, individuals and private organizations have the advantage over slow, outdated military and intelligence agencies. And this is because, in the digital age of conflict, there exists a feedback loop where new technologies, platforms like the ones I mentioned, and more disruptive ones, can be adapted, learned, and deployed by individuals and organizations faster than governments can react.
在今日,衝突的發生是無國界的. 如果衝突是有界限的, 應該 限於數位化的科技上的, 而不是自然地理學上的. 在這種權力真空的情況下, 獨立的個人,還有私人機構 比起舊有的軍隊和情報機構更有優勢. 這是因為,在充滿衝突的數位化年代, 有反饋迴路的存在, 在這個迴路裡, 新科技, 以及像我之前提過的平台, 以及更有破壞性的東西, 可以在個人與機構中先適應, 學習並且部署. 這比政府的系統反應更為快速.
To understand the pace of our own government thinking on this, I like to turn to something aptly named the Worldwide Threat Assessment, where every year the Director of National Intelligence in the US looks at the global threat landscape, and he says, "These are the threats, these are the details, and this is how we rank them." In 2007, there was absolutely no mention of cyber security. It took until 2011, when it came at the end, where other things, like West African drug trafficking, took precedence. In 2012, it crept up, still behind things like terrorism and proliferation. In 2013, it became the top threat, in 2014 and for the foreseeable future.
為了了解我們政府 對這個的想法是怎麼樣的, 我想求助於一個命名恰當的組織, "全球化威脅評估平台", 每年,美國的國家情報總監 都會觀察遍布全球的威脅情況, 並且說"這些是威脅, 這些是所有事件的細節, 這就是我們分危險等級的方法. " 在2007年,絕對不會有人提到網路安全. 2011年這個詞才出現, 它最終誕生了. 其他優先佔領一席之地的, 像是西非販毒市場. 在2012年,這個平台還在緩慢的成長, 而快速擴散的恐怖主義卻遙遙領先. 直到2013年,恐怖主義 這個平台成了首要威脅. 在2014年以及可預見的未來中,
What things like that show us is that there is a fundamental inability today on the part of governments to adapt and learn in digital conflict, where conflict can be immaterial, borderless, often wholly untraceable. And conflict isn't just online to offline, as we see with terrorist radicalization, but it goes the other way as well.
像恐怖攻擊這個例子, 會讓政府毫無能力, 讓它去適應和學習甚麼是數位網路戰, 衝突也許是不重要的, 無國界的,大多無法追蹤. 衝突並不像恐怖激進主義只是 線上到線下的模式, 也可能是其他的方式.
We all know the horrible events that unfolded in Paris this year with the Charlie Hebdo terrorist attacks. What an individual hacker or a small group of anonymous individuals did was enter those social media conversations that so many of us took part in. #JeSuisCharlie. On Facebook, on Twitter, on Google, all sorts of places where millions of people, myself included, were talking about the events and saw images like this, the emotional, poignant image of a baby with "Je suis Charlie" on its wrist. And this turned into a weapon. What the hackers did was weaponize this image, where unsuspecting victims, like all of us in those conversations, saw this image, downloaded it but it was embedded with malware. And so when you downloaded this image, it hacked your system. It took six days to deploy a global malware campaign. The divide between physical and digital domains today ceases to exist, where we have offline attacks like those in Paris appropriated for online hacks.
我們都知道今年在巴黎查理周刊總部 發生的恐怖攻擊事件. 駭客和匿名者的一些小型團體所做的, 就是進入我們平時都在使用的 社交媒體平台. #JeSuisCharlie(我是查理, 話題名). 在臉書,推特和谷歌這些平台, 或是任何像這樣大型的網路平台, 有上百萬人,包括我自己, 都在討論那次的攻擊事件. 當看見這樣的光景, 令人情緒交加和深刻的字眼"我是查理"字條,綁在嬰兒的手腕上. 這成為了一項武器. 駭客把這樣的照片,製造成武器, 並讓我們這些毫無防備的受害者, 在所有網路對話的群組上 看到這張照片,下載它, 但這張網路照片,已被植入了病毒軟件. 所以當你在下載時, 病毒就駭進系統裡. 花了6天,在全球佈署惡意軟體活動. 在今日,現實世界和 數位化世界之間的分裂, 已經消失了, 發生離線外的攻擊 (像巴黎事件) 的地方, 已經被在線網路攻擊所利用.
And it goes the other way as well, with recruitment. We see online radicalization of teens, who can then be deployed globally for offline terrorist attacks.
這種攻擊也轉向募兵制的方式. 我們看到網路上,激進組織裡的青年, 佈署於世界各地, 造成網路以外的恐怖攻擊.
With all of this, we see that there's a new 21st century battle brewing, and governments don't necessarily take a part.
基於這些事件,我們看到有很多 在新21世紀製造出來的戰爭, 政府不見得會介入.
So in another case, Anonymous vs. Los Zetas.
所以另外一個例子是, 匿名者及洛斯哲塔斯的較量.
In early September 2011 in Mexico, Los Zetas, one of the most powerful drug cartels, hung two bloggers with a sign that said, "This is what will happen to all Internet busybodies." A week later, they beheaded a young girl. They severed her head, put it on top of her computer with a similar note. And taking the digital counteroffensive because governments couldn't even understand what was going on or act, Anonymous, a group we might not associate as the most positive force in the world, took action, not in cyber attacks, but threatening information to be free. On social media, they said, "We will release information that ties prosecutors and governors to corrupt drug deals with the cartel." And escalating that conflict, Los Zetas said, "We will kill 10 people for every bit of information you release." And so it ended there because it would become too gruesome to continue. But what was powerful about this was that anonymous individuals, not federal policia, not military, not politicians, could strike fear deep into the heart of one of the most powerful, violent organizations in the world. And so we live in an era that lacks the clarity of the past in conflict, in who we're fighting, in the motivations behind attacks, in the tools and techniques used, and how quickly they evolve. And the question still remains: what can individuals, organizations and governments do?
2001年9月在墨西哥, 洛斯哲塔斯,最有影響力的販毒集團之一, 對二名部落客執行絞刑,並展示著標語, "所有於網路上愛管閒事的人, 將會變成這樣. " 一星期後,一位女孩被斬首. 他們砍下她的頭顱, 並放在女孩的電腦上, 展示著同樣的標語. 並在網路上做出了攻擊, 而政府對事件的發生 根本無從理解及反應, 匿名者,一個我們無法參與, 卻用正面力量影響世界的組織, 開始了些行動, 不是針對網路攻擊, 而是關於信息自由的威脅警告. 在社交媒體上,他們宣告, "我們會將這些訊息釋出 給那些與卡特爾販毒交易相關聯的 檢察官和州長們. " 並會將衝突持續擴大, 洛斯哲塔斯回應"當你們每釋放出一點訊息, 我們將會殺十個人. " 所以反擊事件就這樣結束了, 如果繼續行動將會發生更可怕的事. 但卻有很大的影響力的地方在於, 匿名者團體本身, 不是聯邦警察,軍方,政客 有能力將恐懼深深導入在 全世界最有權力,暴力的販毒集團中. 今日我們活在一個 這樣的時代: 缺乏對以前的衝突, 對我們與之抗爭的人, 對攻擊行動背後的動機, 對科技上的工具和方法, 還有對他們發展得有多快 的明晰了解. 不過問題還是存在: 個人,機構及政府可以怎麼做? 要回答這些問題,先從獨立個人開始,
For answers to these questions, it starts with individuals, and I think peer-to-peer security is the answer. Those people in relationships that bought over teens online, we can do that with peer-to-peer security. Individuals have more power than ever before to affect national and international security. And we can create those positive peer-to-peer relationships on and offline, we can support and educate the next generation of hackers, like myself, instead of saying, "You can either be a criminal or join the NSA." That matters today. And it's not just individuals -- it's organizations, corporations even. They have an advantage to act across more borders, more effectively and more rapidly than governments can, and there's a set of real incentives there. It's profitable and valuable to be seen as trustworthy in the digital age, and will only be more so in future generations to come.
我認為答案就在"對等安全". 那些捲入此事的人收買那些 線上的青少年, 我們能用"對等安全"解決它. 個人在影響國家和國際安全上 比起以前更加重要. 我們能創造積極的對等的關係, 無論是在線上或是線下 我們可以支持並教育我們的下一代駭客, 像我自己, 而不是說, "你要么成為罪犯, 要么加入美國國家安全局. " 這在今天很重要. 而且不只是個人--甚至是組織, 公司. 他們有穿越更多邊界去行動的優勢. 比政府更有效率, 更加迅速. 並且有很多動機去做這件事. 能在這個數位時代被認為是可信的 是可獲利的, 有價值的. 在即將來到的未來幾代中尤其如此. 但是我們仍然不能忽略政府.
But we still can't ignore government, because that's who we turn to for collective action to keep us safe and secure. But we see where that's gotten us so far, where there's an inability to adapt and learn in digital conflict, where at the highest levels of leadership, the Director of the CIA, Secretary of Defense, they say, "Cyber Pearl Harbor will happen." "Cyber 9/11 is imminent." But this only makes us more fearful, not more secure. By banning encryption in favor of mass surveillance and mass hacking, sure, GCHQ and the NSA can spy on you. But that doesn't mean that they're the only ones that can. Capabilities are cheap, even free. Technical ability is rising around the world, and individuals and small groups have the advantage. So today it might just be the NSA and GCHQ, but who's to say that the Chinese can't find that backdoor? Or in another generation, some kid in his basement in Estonia?
因為那是我們通過求助來 使其做出一系列的行動 而保障我們的安全的. 但是我們看看目前為止發生了什麼, 對適應以及研究網路衝突的無能, 在最高層的領導力上, 中央情報局的主管, 國防部長, 他們說, "網路珍珠港事件將會發生. " " 網路911事件迫近. " 這種評論只會讓我們更加恐慌, 而不是感到安全. 通過禁止加密, 並且大量監控以及黑客行為, 国家通信总局和国家安全局 當然能監視你. 但是這並不意味著 他們是唯一一個能監控你的人. 才能是廉價的, 甚至免費. 技術能力在全世界內都在上升, 並且個人和小團隊更為有利. 所以說今天或許只有 国家通信总局和国家安全局監視你. 但是誰又能說中國人不能找到 你的系統的後門呢? 或者在將來的某一代, 一些自己鑽研黑客技術的孩子? 所以我想說這不是政府能做的事.
And so I would say that it's not what governments can do, it's that they can't. Governments today need to give up power and control in order to help make us more secure. Giving up mass surveillance and hacking and instead fixing those backdoors means that, yeah, they can't spy on us, but neither can the Chinese or that hacker in Estonia a generation from now. And government support for technologies like Tor and Bitcoin mean giving up control, but it means that developers, translators, anybody with an Internet connection, in countries like Cuba, Iran and China, can sell their skills, their products, in the global marketplace, but more importantly sell their ideas, show us what's happening in their own countries.
他們做不了. 今天的政府們需要放棄權力和控制權 來幫助讓我們更加安全. 放棄大量的監控和黑客行為, 修補好那些系統的後門-- 這也許意味著他們不能監視我們, 但是中國人也不能, 或者那些深諳黑客技術的下一代年輕人. 並且, 政府支持 防追踪瀏覽器以及比特幣等技術, 也意味著放棄一些控制權, 但是也意味著開發者, 翻譯者, 擁有網路連接的任何人, 在一些像古巴, 伊朗以及中國這樣的國家, 能銷售他們的技能, 他們的產品, 在這全球市場中, 但更重要的是兜售他們的想法, 向我們展示在他們自己的國家正發生著什麼. 並且這並不可怕,
And so it should be not fearful, it should be inspiring to the same governments that fought for civil rights, free speech and democracy in the great wars of the last century, that today, for the first time in human history, we have a technical opportunity to make billions of people safer around the world that we've never had before in human history. It should be inspiring.
它對那些為公民權利, 自由言論, 民主制度 所努力的政府是充滿鼓舞的, 它對在上個世紀世界大戰中的 為公民權利, 自由言論, 民主制度 所努力的政府是充滿鼓舞的, 直到今日,人類史上的第一次, 我們有一個關於技術的機會, 能使全球上億萬人們更安全. 這是在人類歷史上的首次. 這是令人激動的. (掌聲)
(Applause)