TED2017
Laura Galante: How (and why) Russia hacked the US election
Laura Galante: 俄罗斯如何(及为何)在美国大选期间进行黑客入侵
Filmed:
Readability: 5.9
2,575,021 views
黑客入侵、虚假新闻、信息泡沫……这一切人们早已司空见惯。而Laura Galante作为一名网络空间分析师,在演讲中警告人们,通过网络手段来影响地缘政治局势的做法,真正的目的其实简单得可怕:那就是影响你的看法。
Laura Galante - Cyberspace analyst
Laura Galante profiles advanced cyber threats and network breaches and investigates the political, military and financial implications of cyber operations. Full bio
Laura Galante profiles advanced cyber threats and network breaches and investigates the political, military and financial implications of cyber operations. Full bio
Double-click the English transcript below to play the video.
00:13
Let's say you despise
0
1325
2238
假设你很反感
西方民主。
00:15
Western democracy.
1
3587
1446
00:18
Democracy, in all its trappings,
2
6592
2212
一切民主制度的衍生物,
像自由选举、市政厅,
00:20
free elections, town halls,
3
8828
2663
以及关于政府角色的无数论辩,
00:23
endless debates about
the proper role of government.
the proper role of government.
4
11515
2836
都太乱,
00:26
Too messy,
5
14375
1333
不可捉摸,
00:27
too unpredictable,
6
15732
1156
在你看来局限太多。
00:28
too constraining for your taste.
7
16912
1964
00:31
And the way these democracies
band together and lecture everyone else
band together and lecture everyone else
8
19711
4250
而种种制度都在一起向人们灌输
00:35
about individual rights and freedoms --
9
23985
2291
个人权利和自由的观念——
这让你恼火。
00:38
it gets under your skin.
10
26300
2040
00:41
So what to do about it?
11
29380
1444
那怎么办?
00:44
You can call out the hypocrisy
and failures of Western democracies
and failures of Western democracies
12
32141
4538
你可以揭露西方民主的虚伪和失败,
00:48
and explain how your way is better,
13
36703
3229
说你的主张的优势,
但这对你而言并不实际。
00:51
but that's never really worked for you.
14
39956
2055
00:54
What if you could get the people
15
42716
2676
那如果你能让
00:57
whose support is the very foundation
of these democracies
of these democracies
16
45416
3140
民主制度的中坚分子
开始质疑这套制度呢?
01:00
to start questioning the system?
17
48580
2592
01:04
Make the idea occur in their own minds
18
52442
2448
让这些人自己感到
01:06
that democracy and its institutions
are failing them,
are failing them,
19
54914
4112
民主及其机制辜负了他们,
精英阶层腐败透顶,上下其手,
01:11
their elite are corrupt puppet masters
20
59050
2260
这个国家正急速衰落。
01:13
and the country they knew is in free fall.
21
61334
2766
01:17
To do that,
22
65783
1274
要做到这些,
01:19
you'll need to infiltrate
the information spheres
the information spheres
23
67081
2998
就要潜入相关机构的
信息系统,
01:22
of these democracies.
24
70103
1302
把民主最强有力的武器——
01:23
You'll need to turn
their most powerful asset --
their most powerful asset --
25
71429
3701
开明思想——
01:27
an open mind --
26
75154
1905
变成其要害。
01:29
into their greatest vulnerability.
27
77083
1982
01:32
You'll need people to question the truth.
28
80088
2052
要让人们开始质疑所谓真相。
01:36
Now, you'll be familiar of hacking
and leaks that happened in 2016.
and leaks that happened in 2016.
29
84102
4742
我想大家都熟知2016年的
黑客入侵和泄密事件。
黑客入侵和泄密事件。
01:40
One was the Democratic
National Committee's networks,
National Committee's networks,
30
88868
2822
一个是民主党全国委员会(DNC)
网站资料及其成员的电邮被窃取,
01:43
and the personal email
accounts of its staff,
accounts of its staff,
31
91714
2831
并发布在维基解密上。
01:46
later released on WikiLeaks.
32
94569
1853
01:49
After that, various online personas,
33
97024
2326
之后,网上有好几个人,
01:51
like a supposed Romanian cybercriminal
who didn't speak Romanian,
who didn't speak Romanian,
34
99374
4880
比如一个据说是罗马尼亚人,
却不会说该国语言的网络罪犯,
却不会说该国语言的网络罪犯,
极力向媒体推送有关消息。
01:56
aggressively pushed news
of these leaks to journalists.
of these leaks to journalists.
35
104278
3506
02:00
The media took the bait.
36
108991
1796
媒体上钩了。
记者们只关注DNC
多么讨厌伯尼·桑德。
多么讨厌伯尼·桑德。
02:02
They were consumed by how much
the DNC hated Bernie.
the DNC hated Bernie.
37
110811
3107
02:06
At the time, it was that narrative
that far outshined the news
that far outshined the news
38
114918
4240
那段时间,DNC和伯尼间的恩怨远比
02:11
that a group of Russian government
sponsored hackers
sponsored hackers
39
119182
3340
某个俄国政府支持的黑客组织更吸引人。
该组织被称为高持续性威胁28,
02:14
who we called "Advanced
Persistent Threat 28,"
Persistent Threat 28,"
40
122546
3233
02:17
or "APT28" for short,
41
125803
2581
简称APT28,
正是它进行了此次入侵。
02:20
was carrying out
these operations against the US.
these operations against the US.
42
128408
3057
02:24
And there was no shortage of evidence.
43
132192
2159
此事证据确凿。
02:26
This group of Russian government hackers
hadn't just appeared out of nowhere
hadn't just appeared out of nowhere
44
134984
3718
这一黑客组织并不是到了2016年才
凭空出现的。
02:30
in 2016.
45
138726
1164
从2014年起我们就在追踪它。
02:31
We had started tracking
this group back in 2014.
this group back in 2014.
46
139914
3157
APT28所使用的入侵手段表明
02:35
And the tools that APT28 used
to compromise its victims' networks
to compromise its victims' networks
47
143095
4881
其行动有计划性,资源充足,
02:40
demonstrated a thoughtful,
well-resourced effort
well-resourced effort
48
148000
3593
且运作长达十数年,
02:43
that had taken place for now over a decade
49
151617
2826
在莫斯科时区范围内
02:46
in Moscow's time zone
50
154467
1499
十分活跃。
02:47
from about 9 am to 6 pm.
51
155990
1986
02:51
APT28 loved to prey on the emails
and contacts of journalists in Chechnya,
and contacts of journalists in Chechnya,
52
159095
5082
APT28常常盯上记者的
电邮和通信记录,目标包括车臣、
电邮和通信记录,目标包括车臣、
格鲁吉亚政府
和东欧各国驻外武官,
和东欧各国驻外武官,
02:56
the Georgian government,
eastern European defense attachés --
eastern European defense attachés --
53
164201
3507
都是俄罗斯政府的兴趣所在。
02:59
all targets with an undeniable interest
to the Russian government.
to the Russian government.
54
167732
4041
并非只有我们关注他们。
03:03
We weren't the only ones onto this.
55
171797
1960
各国政府和全世界的研究团队
03:05
Governments, research teams
across the world,
across the world,
56
173781
3417
都得出了相似的结论,
03:09
were coming to similar conclusions
57
177222
1907
都注意到类似的活动。
03:11
and observing the same
types of operations.
types of operations.
58
179153
2321
03:14
But what Russia was doing in 2016
59
182332
3108
但2016年俄罗斯的所作所为
远不止窃取情报。
03:17
went far beyond espionage.
60
185464
1914
03:20
The DNC hack was just one of many
where stolen data was posted online
where stolen data was posted online
61
188060
6618
和DNC事件一样,被窃信息
经常在网上发布,
经常在网上发布,
辅以敏感的描写,
03:26
accompanied by a sensational narrative,
62
194702
2254
在社交媒体上被放大,
03:28
then amplified in social media
63
196980
1938
好在短时间内
得到媒体大量报道。
得到媒体大量报道。
03:30
for lightning-speed adoption by the media.
64
198942
2839
03:36
This didn't ring the alarm bells
65
204836
2542
人们不会警觉
03:39
that a nation-state was trying
to interfere with the credibility
to interfere with the credibility
66
207402
4491
一个国家正试图破坏他国
处理内政上的公信力。
03:43
of another's internal affairs.
67
211917
1924
那么从集体角度看,
为什么我们没预见到?
为什么我们没预见到?
03:45
So why, collectively,
did we not see this coming?
did we not see this coming?
68
213865
4662
03:51
Why did it take months
before Americans understood
before Americans understood
69
219111
3882
为什么几个月后美国民众才
意识到这是外国暗中支持的黑客行为?
03:55
that they were under a state-sponsored
information attack?
information attack?
70
223017
4121
04:00
The easy answer is politics.
71
228456
1639
简单而言,政治。
奥巴马政府正处于自相矛盾的困境中。
04:02
The Obama Administration was caught
in a perfect catch-22.
in a perfect catch-22.
72
230119
3923
要是指出俄罗斯有可能干预
04:06
By raising the specter that the Russian
government was interfering
government was interfering
73
234066
4398
美国总统大选,
04:10
in the US presidential campaign,
74
238488
2092
政府自己很可能背上干预大选的骂名。
04:12
the Administration risked appearing
to meddle in the campaign itself.
to meddle in the campaign itself.
75
240604
4261
04:17
But the better answer, I think,
76
245992
2055
但我想,更确切的是,
04:20
is that the US and the West
were utterly unequipped
were utterly unequipped
77
248071
3853
美国和其他西方国家根本没准备好
辨别和应对现代信息战,
04:23
to recognize and respond
to a modern information operation,
to a modern information operation,
78
251948
4654
哪怕美国在信息技术方面
04:28
despite the fact that the US
had wielded information
had wielded information
79
256626
5112
长期以来有着压倒性优势。
04:33
with devastating success
in an era not so long ago.
in an era not so long ago.
80
261762
3185
04:38
Look, so while the US and the West
spent the last 20 years
spent the last 20 years
81
266284
3894
因此在过去20年里,美国
和其他西方国家
和其他西方国家
04:42
caught up in cybersecurity --
82
270202
1554
忙着加强网络安全——
哪些网络需要加强防护,
04:43
what networks to harden,
83
271780
1495
哪些设备必须重视,
04:45
which infrastructure to deem critical,
84
273299
2309
如何组建网络军队和指挥系统——
04:47
how to set up armies of cyber warriors
and cyber commands --
and cyber commands --
85
275632
3993
俄罗斯却在考虑影响更为深远的策略。
04:51
Russia was thinking in far more
consequential terms.
consequential terms.
86
279649
3733
04:57
Before the first iPhone
even hit the shelf,
even hit the shelf,
87
285322
3327
早在苹果手机上市之前,
05:00
the Russian government understood
the risks and the opportunity
the risks and the opportunity
88
288673
4473
俄罗斯就了解了技术
和交际与
05:05
that technology provided
89
293170
1425
即时通讯方式带来的风险、机会。
05:06
and the inter-communication
and instant communication it provided us.
and instant communication it provided us.
90
294619
4411
05:12
As our realities are increasingly
based on the information
based on the information
91
300491
3217
我们的生活越来越依赖于
05:15
that we're consuming
at the palm of our hand
at the palm of our hand
92
303732
2356
通过移动设备
阅读媒体推送,
05:18
and from the news feeds
that we're scanning
that we're scanning
93
306112
2253
关注热门话题,以获取信息。
05:20
and the hashtags and stories
that we see trending,
that we see trending,
94
308389
2966
俄罗斯第一个意识到
05:23
the Russian government
was the first to recognize
was the first to recognize
95
311379
2927
这种革命性现象
05:26
how this evolution
96
314330
1875
能将人心变为最容易利用的武器。
05:28
had turned your mind into the most
exploitable device on the planet.
exploitable device on the planet.
97
316229
4789
05:34
And your mind is particularly exploitable
98
322954
2464
特别是有些人
05:37
if you're accustomed
to an unfettered flow of information,
to an unfettered flow of information,
99
325442
3775
喜欢关注来自非法渠道的信息,
这类信息常常根据
他们的兴趣加工过。
他们的兴趣加工过。
05:41
now increasingly curated
to your own tastes.
to your own tastes.
100
329241
3279
05:47
This panorama of information
that's so interesting to you
that's so interesting to you
101
335244
2891
这样呈现的信息很能引人关注,
05:50
gives a state, or anyone for that matter,
a perfect back door into your mind.
a perfect back door into your mind.
102
338159
5946
给了国家或其他人一个后门
进入你的思想。
进入你的思想。
05:56
It's this new brand of state-sponsored
information operations
information operations
103
344978
3678
正是这种由国家运作的新型信息战
06:00
that can be that much more successful,
104
348680
2135
更能取得成功,
更隐秘,
06:02
more insidious,
105
350839
1302
对其目标人群而言,包括媒体,
06:04
and harder for the target audience --
that includes the media --
that includes the media --
106
352165
4086
更难辨识和判别。
06:08
to decipher and characterize.
107
356275
1784
06:10
If you can get a hashtag
trending on Twitter,
trending on Twitter,
108
358702
2193
如果能制造推特热点话题,
06:12
or chum the waters with fake news
109
360919
3115
或是散布虚假新闻作为诱饵,
故意让某些人群看到,
06:16
directed to audiences
primed to receive it,
primed to receive it,
110
364058
2441
让记者们检查大量电邮
06:18
or drive journalists to dissect
terabytes of email
terabytes of email
111
366523
2877
以寻找敏感的字句——
06:21
for a cent of impropriety --
112
369424
1975
这些在俄罗斯的行动中均可看到——
06:23
all tactics used in Russian operations --
113
371423
2642
那么就能在不知不觉间有效地
06:26
then you've got a shot at effectively
camouflaging your operations
camouflaging your operations
114
374089
4291
左右目标人群的想法。
06:30
in the mind of your target.
115
378404
1804
06:33
This is what Russia's long called
"reflexive control."
"reflexive control."
116
381867
3832
这就是俄罗斯一直说的“反身性控制”,
06:38
It's the ability to use
information on someone else
information on someone else
117
386849
3782
即你可以通过对目标人群释放信息,
06:42
so that they make a decision
118
390655
2184
诱导他们做出判断,
他们自主的判断,
06:44
on their own accord
119
392863
1551
却对你有利。
06:46
that's favorable to you.
120
394438
1543
06:50
This is nation-state-grade image control
and perception management,
and perception management,
121
398291
4079
这是在国家层面上操控
公共形象和认知,
公共形象和认知,
06:54
and it's conducted by any means,
122
402394
2318
有很多种途径来实现,
很多工具可以利用,
无论是不是基于网络。
无论是不是基于网络。
06:56
with any tools, network-based
or otherwise, that will achieve it.
or otherwise, that will achieve it.
123
404736
4299
07:01
Take this for another example.
124
409811
1430
有另一个例子。
07:03
In early February 2014, a few weeks
before Russia would invade Crimea,
before Russia would invade Crimea,
125
411265
4953
2014年2月,俄罗斯
入侵克里米亚几周前,
入侵克里米亚几周前,
一段电话录音被传到YouTube上。
07:08
a phone call is posted on YouTube.
126
416242
2229
录音中是两名美国外交官,
07:10
In it, there's two US diplomats.
127
418495
2375
似乎在谈论在乌克兰扶植政权,
07:12
They sound like they're playing
kingmaker in Ukraine,
kingmaker in Ukraine,
128
420894
3194
还骂欧盟行动迟缓,缺乏领导力,
07:16
and worse, they curse the EU
for its lack of speed and leadership
for its lack of speed and leadership
129
424112
3443
不能解决危机。
07:19
in resolving the crisis.
130
427579
1586
07:22
The media covers the phone call,
131
430067
2459
媒体报道了这一事件,
随之而来的外交僵局
07:24
and then the ensuing diplomatic backlash
132
432550
3338
07:29
leaves Washington and Europe reeling.
133
437183
2335
让美国和欧洲措手不及。
07:32
And it creates a fissured response
and a feckless attitude
and a feckless attitude
134
440962
4079
于是美欧都不能有力地回击,
听任俄罗斯占领克里米亚。
07:37
towards Russia's land grab in Ukraine.
135
445065
2130
07:40
Mission accomplished.
136
448118
1535
目标达成。
07:42
So while hacked phone calls
and emails and networks
and emails and networks
137
450648
3380
所以,泄露的电话录音、
邮件和网站资料
邮件和网站资料
07:46
keep grabbing the headlines,
138
454052
2046
屡屡占据头条,
与此同时,真正的目标却是
07:48
the real operations are the ones
139
456122
2634
影响你的判断,
07:50
that are influencing
the decisions you make
the decisions you make
140
458780
2808
左右你的观点,
07:53
and the opinions you hold,
141
461612
1818
好为某个国家的战略利益服务。
07:55
all in the service of a nation-state's
strategic interest.
strategic interest.
142
463454
3874
07:59
This is power in the information age.
143
467944
2011
这就是信息时代的力量。
08:03
And this information is all
that much more seductive,
that much more seductive,
144
471527
3444
这些信息变得更加诱人,
08:06
all that much easier to take
at face value and pass on,
at face value and pass on,
145
474995
3787
更容易让人从表面解读,更易于传播,
因其像模像样。
08:10
when it's authentic.
146
478806
1382
08:12
Who's not interested in the truth
that's presented in phone calls and emails
that's presented in phone calls and emails
147
480877
5394
只有电话录音和邮件里才有
而不会公开的东西,
而不会公开的东西,
08:18
that were never intended
for public consumption?
for public consumption?
148
486295
2851
谁会不感兴趣?
08:22
But how meaningful is that truth
149
490241
1754
但这些若是出于某种原因
08:24
if you don't know why
it's being revealed to you?
it's being revealed to you?
150
492019
2440
给你看的,又有何意义?
08:27
We must recognize that this place
where we're increasingly living,
where we're increasingly living,
151
495966
4188
我们必须意识到,网络
越来越多地介入生活,
越来越多地介入生活,
08:32
which we've quaintly termed "cyberspace,"
152
500178
2285
这个我们称之为“网络空间”的地方,
起决定作用的并非0和1,
08:34
isn't defined by ones and zeroes,
153
502487
2206
而是信息和信息背后的人。
08:36
but by information
and the people behind it.
and the people behind it.
154
504717
2989
08:40
This is far more than a network
of computers and devices.
of computers and devices.
155
508828
3143
它并不只是电脑和其他设备组成。
08:43
This is a network composed of minds
156
511995
3152
它是由与电脑等设备交互的
无数人组成的网络。
08:47
interacting with computers and devices.
157
515171
2399
08:50
And for this network,
158
518950
1901
对于这样的网络,
08:54
there's no encryption,
there's no firewall,
there's no firewall,
159
522628
3381
没有加密,没有防火墙,
08:58
no two-factor authentication,
160
526033
1723
没有双重认证,
没有复杂的密码保护你。
08:59
no password complex enough to protect you.
161
527780
2876
09:03
What you have for defense
162
531568
2414
能保护你的,
更为强大,更易于更新,
永远都是最新版本。
永远都是最新版本。
09:06
is far stronger, it's more adaptable,
it's always running the latest version.
it's always running the latest version.
163
534006
4447
09:11
It's the ability to think critically:
164
539310
2925
那就是批判性思维:
09:14
call out falsehood,
165
542259
1719
揭穿谎言,
逼近事实。
09:16
press for the facts.
166
544002
1427
09:18
And above all, you must have the courage
167
546802
4193
但首先,你必须要有勇气
不懈地追寻真相。
09:23
to unflinchingly pursue the truth.
168
551019
2948
09:27
(Applause)
169
555752
5038
(掌声)
ABOUT THE SPEAKER
Laura Galante - Cyberspace analystLaura Galante profiles advanced cyber threats and network breaches and investigates the political, military and financial implications of cyber operations.
Why you should listen
Laura Galante analyzes how states use cyberspace, or more precisely, our information space. She describes a domain where militaries, intelligence services, criminal groups and individuals actively pursue their interests -- with far fewer restraints than in the physical world.
A leading voice on information operations and intelligence analysis, she founded Galante Strategies in spring 2017 to assist governments and corporations in recognizing and responding to cyber and information threats.
Galante previously served as Director of Global Intelligence at FireEye where her teams investigated network activity, profiled advanced cyber threats and portrayed the political, military and financial implications of cyber operations. A founding member of Mandiant Intelligence, her work has included leading strategic analysis, developing intelligence capabilities and offerings and directing intelligence publications including APT28: A Window into Russia's State Cyber Espionage; Red Line Drawn: China Recalculates its Use of Cyber Espionage and Hacking the Street? FIN4 Likely Playing the Market among others.
In November 2016, Galante spoke at the UN Security Council's meeting on cybersecurity and international peace and security. She frequently appears on and provides commentary to CNN, Bloomberg, NPR, BBC, Fox News, the New York Times, the Financial Times, The Wall Street Journal, Reuters, the Associated Press and other global and industry media.
Prior to her work at FireEye and Mandiant, Galante led a contractor team analyzing cyber capability development and military doctrine at the US Department of Defense. She supported the 2010 US-Russia bilateral information security talks.
Galante holds a J.D. from the Catholic University of America and a BA in Foreign Affairs and Italian from the University of Virginia.
Laura Galante | Speaker | TED.com