ABOUT THE SPEAKER
Ralph Langner - Security consultant
Ralph Langner is a German control system security consultant. He has received worldwide recognition for his analysis of the Stuxnet malware.

Why you should listen

Ralph Langner heads Langner, an independent cyber-security firm that specializes in control systems -- electronic devices that monitor and regulate other devices, such as manufacturing equipment. These devices' deep connection to the infrastructure that runs our cities and countries has made them, increasingly, the targets of an emerging, highly sophisticated type of cyber-warfare. And since 2010, when the Stuxnet computer worm first reared its head, Langner has stood squarely in the middle of the battlefield.

As part of a global effort to decode the mysterious program, Langner and his team analyzed Stuxnet's data structures, and revealed what he believes to be its ultimate intent: the control system software known to run centrifuges in nuclear facilities -- specifically, facilities in Iran. Further analysis by Langner uncovered what seem to be Stuxnet's shocking origins, which he revealed in his TED2011 talk. (PS: He was right.)

More profile about the speaker
Ralph Langner | Speaker | TED.com
TED2011

Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon

Ralph Langner: 破解21世紀的網路武器---Stuxnet

Filmed:
1,567,512 views

於2010年首次發現的Stuxnet電腦蠕蟲引起了不解的謎. 在這異常複雜的程式背後,是更令人困擾的謎團: 它的目的. Ralph Langner 與其團隊合力破解程式, 找出這個數位攻擊彈頭的目標, 以及它的幕後黑手. 他將深入檢視數位犯罪,並解釋其原理
- Security consultant
Ralph Langner is a German control system security consultant. He has received worldwide recognition for his analysis of the Stuxnet malware. Full bio

Double-click the English transcript below to play the video.

00:15
The idea理念 behind背後 the StuxnetStuxnet蠕蟲 computer電腦 worm
0
0
3000
電腦蠕蟲 Stuxnet 背後的概念
00:18
is actually其實 quite相當 simple簡單.
1
3000
2000
其實相當簡單
00:20
We don't want Iran伊朗 to get the bomb炸彈.
2
5000
3000
我們不希望伊朗擁有核武
00:23
Their major重大的 asset財富 for developing發展 nuclear weapons武器
3
8000
3000
而他們能發展核武的主要資產
00:26
is the Natanz納坦茲 uranium enrichment豐富 facility設施.
4
11000
4000
就是Natanz 鈾料濃縮工廠
00:30
The gray灰色 boxes盒子 that you see,
5
15000
2000
你看到的灰色方塊
00:32
these are real-time即時的 control控制 systems系統.
6
17000
3000
就是即時控制系統
00:35
Now if we manage管理 to compromise妥協 these systems系統
7
20000
3000
現在如果我們真的能操弄系統
00:38
that control控制 drive駕駛 speeds速度 and valves閥門,
8
23000
3000
控制速度與閥門開關
00:41
we can actually其實 cause原因 a lot of problems問題
9
26000
3000
那我們就能讓離心機
00:44
with the centrifuge離心分離機.
10
29000
2000
出各種狀況
00:46
The gray灰色 boxes盒子 don't run Windows視窗 software軟件;
11
31000
2000
這個灰色方塊無法執行 Windows 軟體
00:48
they are a completely全然 different不同 technology技術.
12
33000
3000
而是用全然不同的科技
00:51
But if we manage管理
13
36000
2000
但如果我們能
00:53
to place地點 a good Windows視窗 virus病毒
14
38000
3000
在筆記電腦中
00:56
on a notebook筆記本
15
41000
2000
放個 Windows 的病毒
00:58
that is used by a maintenance保養 engineer工程師
16
43000
2000
而那筆電是設備工程師用來
01:00
to configure配置 this gray灰色 box,
17
45000
3000
控制系統的
01:03
then we are in business商業.
18
48000
2000
那我們就快成功了
01:05
And this is the plot情節 behind背後 StuxnetStuxnet蠕蟲.
19
50000
3000
這也就是 Stuxnet 的計畫
01:08
So we start開始 with a Windows視窗 dropper滴管.
20
53000
5000
讓我們從 Windows 的釋放程式開始
01:13
The payload有效載荷 goes onto the gray灰色 box,
21
58000
3000
使攻擊程式能進入灰色方塊
01:16
damages賠償 the centrifuge離心分離機,
22
61000
2000
破壞離心機
01:18
and the Iranian伊朗的 nuclear program程序 is delayed延遲 --
23
63000
2000
就會拖延伊朗的核武計畫
01:20
mission任務 accomplished完成.
24
65000
2000
任務達成
01:22
That's easy簡單, huh?
25
67000
2000
很容易對吧?
01:24
I want to tell you how we found發現 that out.
26
69000
3000
我想要告訴大家我們是怎麼發現的
01:27
When we started開始 our research研究 on StuxnetStuxnet蠕蟲 six months個月 ago,
27
72000
3000
我們六個月前開始研究 Stuxnet時
01:30
it was completely全然 unknown未知 what the purpose目的 of this thing was.
28
75000
3000
完全不明白這東西的攻擊目標是什麼
01:33
The only thing that was known已知
29
78000
2000
只知道這東西
01:35
is it's very, very complex複雜 on the Windows視窗 part部分, the dropper滴管 part部分,
30
80000
3000
是非常非常複雜的 Windows 釋放程式
01:38
used multiple zero-day零日 vulnerabilities漏洞.
31
83000
3000
使用多個零日攻擊 (註: 指利用軟體未修補漏洞進行攻擊)
01:41
And it seemed似乎 to want to do something
32
86000
3000
它似乎想對這些灰色方塊
01:44
with these gray灰色 boxes盒子, these real-time即時的 control控制 systems系統.
33
89000
2000
也就是即時控制系統下手
01:46
So that got our attention注意,
34
91000
2000
所以引起我們的關注
01:48
and we started開始 a lab實驗室 project項目
35
93000
2000
開始一個實驗室計畫
01:50
where we infected感染 our environment環境 with StuxnetStuxnet蠕蟲
36
95000
4000
我們故意讓系統感染 Stuxnet 的病毒
01:54
and checked檢查 this thing out.
37
99000
2000
再試著檢查
01:56
And then some very funny滑稽 things happened發生.
38
101000
3000
結果有趣的事發生了
01:59
StuxnetStuxnet蠕蟲 behaved like a lab實驗室 rat
39
104000
3000
Stuxnet 就像白老鼠一樣
02:02
that didn't like our cheese起司 --
40
107000
3000
它不喜歡我們的起司
02:05
sniffed, but didn't want to eat.
41
110000
2000
聞了聞, 卻不想吃
02:07
Didn't make sense to me.
42
112000
2000
我覺得這完全沒道理啊
02:09
And after we experimented試驗 with different不同 flavors口味 of cheese起司,
43
114000
3000
我們試過不同口味的起司
02:12
I realized實現, well, this is a directed針對 attack攻擊.
44
117000
4000
才明白這是一個指向性攻擊
02:16
It's completely全然 directed針對.
45
121000
2000
徹底的指向攻擊
02:18
The dropper滴管 is prowling潛行 actively積極地
46
123000
2000
釋放程式會主動潛伏在
02:20
on the gray灰色 box
47
125000
2000
灰色方塊裡
02:22
if a specific具體 configuration組態 is found發現,
48
127000
3000
如果它發現一個特定組態
02:25
and even if the actual實際 program程序 code that it's trying to infect感染
49
130000
4000
甚至是正在嘗試感染的程式
02:29
is actually其實 running賽跑 on that target目標.
50
134000
2000
都會確實在目標上執行
02:31
And if not, StuxnetStuxnet蠕蟲 does nothing.
51
136000
3000
不然 Stuxnet什麼也不做
02:34
So that really got my attention注意,
52
139000
2000
所以這真的引起我的注意
02:36
and we started開始 to work on this
53
141000
2000
我們沒日沒夜的
02:38
nearly幾乎 around the clock時鐘,
54
143000
2000
進行研究
02:40
because I thought, "Well, we don't know what the target目標 is.
55
145000
3000
因為我們並不知道它的目標為何
02:43
It could be, let's say for example,
56
148000
2000
可能是,打個比方
02:45
a U.S. power功率 plant,
57
150000
2000
美國的核電廠
02:47
or a chemical化學 plant in Germany德國.
58
152000
2000
或是德國的化工廠
02:49
So we better find out what the target目標 is soon不久."
59
154000
3000
所以我們最好趕快發現它的目標
02:52
So we extracted提取 and decompiled反編譯
60
157000
2000
我們抽出攻擊程式
02:54
the attack攻擊 code,
61
159000
2000
並進行反組譯
02:56
and we discovered發現 that it's structured結構化的 in two digital數字 bombs炸彈 --
62
161000
3000
才發現 它是由兩個 數位炸彈構成的 --
02:59
a smaller one and a bigger one.
63
164000
3000
一個較小 一個較大
03:02
And we also saw that they are very professionally專業 engineered工程
64
167000
4000
我們也發現 這是非常專業的設計
03:06
by people who obviously明顯 had all insider內幕 information信息.
65
171000
4000
設計者顯然知道一切內部資訊
03:10
They knew知道 all the bits and bites咬傷
66
175000
2000
他們知道所有需要攻擊的
03:12
that they had to attack攻擊.
67
177000
2000
位元和字節
03:14
They probably大概 even know the shoe size尺寸 of the operator操作者.
68
179000
3000
他們大概還知道控制員的鞋子尺寸
03:17
So they know everything.
69
182000
2000
總之 他們什麼都知道
03:19
And if you have heard聽說 that the dropper滴管 of StuxnetStuxnet蠕蟲
70
184000
3000
如果你們聽過Stuxnet釋放程式
03:22
is complex複雜 and high-tech高科技,
71
187000
2000
的高科技與複雜程度
03:24
let me tell you this:
72
189000
2000
讓我肯定地說:
03:26
the payload有效載荷 is rocket火箭 science科學.
73
191000
2000
這病毒根本就像是火箭科技
03:28
It's way above以上 everything
74
193000
2000
艱難得超過
03:30
that we have ever seen看到 before.
75
195000
3000
過去我們所研究的所有程式
03:33
Here you see a sample樣品 of this actual實際 attack攻擊 code.
76
198000
3000
這裡是一小段實際攻擊程式的樣本
03:36
We are talking about --
77
201000
2000
總共約有
03:38
around about 15,000 lines of code.
78
203000
3000
15,000 行的代碼
03:41
Looks容貌 pretty漂亮 much like old-style老式 assembly部件 language語言.
79
206000
3000
看起來像是舊式機器組合語言
03:44
And I want to tell you how we were able能夠
80
209000
2000
讓我向大家說明
03:46
to make sense out of this code.
81
211000
2000
我們是如何理解這些代碼的
03:48
So what we were looking for is, first of all, system系統 function功能 calls電話,
82
213000
3000
首先,我們會找出其中電腦系統函式呼叫
03:51
because we know what they do.
83
216000
2000
因為我們知道它們的作用
03:53
And then we were looking for timers計時器 and data數據 structures結構
84
218000
4000
再來找時間控制器與資料結構
03:57
and trying to relate涉及 them to the real真實 world世界 --
85
222000
2000
然後試著與真實世界中的運用連結
03:59
to potential潛在 real真實 world世界 targets目標.
86
224000
2000
也就是可能的真實攻擊目標
04:01
So we do need target目標 theories理論
87
226000
3000
所以我們的確需要推測目標
04:04
that we can prove證明 or disprove駁斥.
88
229000
3000
才能進一步證實
04:07
In order訂購 to get target目標 theories理論,
89
232000
2000
為了要找到這個目標
04:09
we remember記得
90
234000
2000
我們想起
04:11
that it's definitely無疑 hardcore鐵桿 sabotage破壞,
91
236000
2000
這會造成極大破壞
04:13
it must必須 be a high-value高價值 target目標
92
238000
2000
一定是高價值的目標
04:15
and it is most likely容易 located位於 in Iran伊朗,
93
240000
3000
它非常可能位於伊朗
04:18
because that's where most of the infections感染 had been reported報導.
94
243000
4000
因為據報大多數感染都在那裡發生
04:22
Now you don't find several一些 thousand targets目標 in that area.
95
247000
3000
現在已經不是數以千計的可能目標
04:25
It basically基本上 boils down
96
250000
2000
可以簡單歸納成
04:27
to the Bushehr布什爾 nuclear power功率 plant
97
252000
2000
Bushehr 核能電廠
04:29
and to the Natanz納坦茲 fuel汽油 enrichment豐富 plant.
98
254000
2000
以及 Natanz 核鈾料濃縮廠兩個
04:31
So I told my assistant助理,
99
256000
2000
我跟我的助理說
04:33
"Get me a list名單 of all centrifuge離心分離機 and power功率 plant experts專家 from our client客戶 base基礎."
100
258000
3000
"把我們客戶裡了解所有離心機與核電廠的專家列出一張表給我"
04:36
And I phoned打電話給 them up and picked採摘的 their brain
101
261000
2000
我一個個親自去電 聽取他們的意見
04:38
in an effort功夫 to match比賽 their expertise專門知識
102
263000
2000
努力把他們的專業知識
04:40
with what we found發現 in code and data數據.
103
265000
3000
和我們在代碼與資料找到的訊息做比對
04:43
And that worked工作 pretty漂亮 well.
104
268000
2000
這部份很成功
04:45
So we were able能夠 to associate關聯
105
270000
2000
我們確實找出
04:47
the small digital數字 warhead彈頭
106
272000
2000
小型數位彈頭
04:49
with the rotor轉子 control控制.
107
274000
2000
與轉子控制間的關聯
04:51
The rotor轉子 is that moving移動 part部分 within the centrifuge離心分離機,
108
276000
3000
而轉子就是離心機內重要的移動單元
04:54
that black黑色 object目的 that you see.
109
279000
2000
也就是畫面中黑色物體
04:56
And if you manipulate操作 the speed速度 of this rotor轉子,
110
281000
3000
若能控制轉子轉速
04:59
you are actually其實 able能夠 to crack裂紋 the rotor轉子
111
284000
2000
你就能破壞轉子
05:01
and eventually終於 even have the centrifuge離心分離機 explode爆炸.
112
286000
4000
最終甚至導致離心機爆炸
05:05
What we also saw
113
290000
2000
我們也發現
05:07
is that the goal目標 of the attack攻擊
114
292000
2000
這攻擊的目的
05:09
was really to do it slowly慢慢地 and creepy爬行 --
115
294000
3000
是緩慢而不引人注意的達成目標
05:12
obviously明顯 in an effort功夫
116
297000
2000
明顯的要把
05:14
to drive駕駛 maintenance保養 engineers工程師 crazy,
117
299000
3000
維修工程師們逼瘋
05:17
that they would not be able能夠 to figure數字 this out quickly很快.
118
302000
3000
而他們也不能馬上想到這是怎麼一回事
05:20
The big digital數字 warhead彈頭 -- we had a shot射擊 at this
119
305000
3000
而這大型數位彈頭 -- 我們試著
05:23
by looking very closely密切
120
308000
2000
仔細查看它的
05:25
at data數據 and data數據 structures結構.
121
310000
2000
資料與資料結構
05:27
So for example, the number 164
122
312000
2000
比如說, 數字164
05:29
really stands站立 out in that code;
123
314000
2000
在代碼裡相當突出
05:31
you can't overlook俯瞰 it.
124
316000
2000
很難忽視它
05:33
I started開始 to research研究 scientific科學 literature文學
125
318000
2000
我開始研究科學文獻
05:35
on how these centrifuges離心機
126
320000
2000
想了解這些離心機
05:37
are actually其實 built內置 in Natanz納坦茲
127
322000
2000
是怎樣在Natanz建造的
05:39
and found發現 they are structured結構化的
128
324000
2000
也找出他們的結構
05:41
in what is called a cascade級聯,
129
326000
2000
是一層層的
05:43
and each cascade級聯 holds持有 164 centrifuges離心機.
130
328000
4000
每一個層級有 164 個離心機
05:47
So that made製作 sense, that was a match比賽.
131
332000
2000
所以和我們的猜測相符
05:49
And it even got better.
132
334000
2000
我們更發現
05:51
These centrifuges離心機 in Iran伊朗
133
336000
2000
伊朗的離心機會下分為
05:53
are subdivided細分 into 15, what is called, stages階段.
134
338000
4000
15個等級
05:57
And guess猜測 what we found發現 in the attack攻擊 code?
135
342000
2000
你猜 我們在程式中找到什麼?
05:59
An almost幾乎 identical相同 structure結構體.
136
344000
2000
幾乎完全相同的架構
06:01
So again, that was a real真實 good match比賽.
137
346000
3000
又是完美的相符
06:04
And this gave us very high confidence置信度 for what we were looking at.
138
349000
3000
這給麼我們很大的信心
06:07
Now don't get me wrong錯誤 here, it didn't go like this.
139
352000
3000
但別會錯意了 這其實是非常嚴謹的
06:10
These results結果 have been obtained獲得
140
355000
3000
一切都是經由
06:13
over several一些 weeks of really hard labor勞動.
141
358000
3000
好幾週的艱苦努力才得來的
06:16
And we often經常 went into just a dead end結束
142
361000
3000
我們也常常遇到死胡同
06:19
and had to recover恢復.
143
364000
2000
得重頭做起
06:21
Anyway無論如何, so we figured想通 out
144
366000
2000
總之 我們推論出
06:23
that both digital數字 warheads彈頭
145
368000
2000
兩個數位彈頭
06:25
were actually其實 aiming瞄準 at one and the same相同 target目標,
146
370000
2000
都只針對一個目標
06:27
but from different不同 angles.
147
372000
2000
但從不同角度
06:29
The small warhead彈頭 is taking服用 one cascade級聯,
148
374000
3000
小彈頭是攻擊其中一個層級的
06:32
and spinning紡織 up the rotors轉子 and slowing減緩 them down,
149
377000
3000
轉子升速與降速
06:35
and the big warhead彈頭
150
380000
2000
而大的彈頭
06:37
is talking to six cascades級聯
151
382000
2000
是攻擊6個層級
06:39
and manipulating操縱 valves閥門.
152
384000
2000
控制閥門
06:41
So in all, we are very confident信心
153
386000
2000
簡言之 我們相當有信心
06:43
that we have actually其實 determined決心 what the target目標 is.
154
388000
2000
我們已經找出真正的特定攻擊目標
06:45
It is Natanz納坦茲, and it is only Natanz納坦茲.
155
390000
3000
就是Natanz 只會是Natanz
06:48
So we don't have to worry擔心
156
393000
2000
所以我們不用擔心
06:50
that other targets目標
157
395000
2000
會有其他的目標
06:52
might威力 be hit擊中 by StuxnetStuxnet蠕蟲.
158
397000
2000
受到 Stuxnet 攻擊
06:54
Here's這裡的 some very cool stuff東東 that we saw --
159
399000
3000
我們發現一些相當酷的東西
06:57
really knocked被撞 my socks襪子 off.
160
402000
2000
讓我印象深刻
06:59
Down there is the gray灰色 box,
161
404000
2000
在這灰色方塊的下方
07:01
and on the top最佳 you see the centrifuges離心機.
162
406000
3000
也就是離心機的上方
07:04
Now what this thing does
163
409000
2000
在這裡,病毒攻擊
07:06
is it intercepts攔截 the input輸入 values from sensors傳感器 --
164
411000
3000
攔截感應器的測得數值
07:09
so for example, from pressure壓力 sensors傳感器
165
414000
2000
像是 壓力感應計
07:11
and vibration振動 sensors傳感器 --
166
416000
2000
和震動感應器
07:13
and it provides提供 legitimate合法 program程序 code,
167
418000
3000
而病毒攻擊是持續提供正常數值
07:16
which哪一個 is still running賽跑 during the attack攻擊,
168
421000
2000
使得攻擊發生時 一切看似正常
07:18
with fake input輸入 data數據.
169
423000
2000
但卻是錯誤資料
07:20
And as a matter of fact事實, this fake input輸入 data數據
170
425000
2000
實際上 這一連串錯誤數值
07:22
is actually其實 prerecorded預錄 by StuxnetStuxnet蠕蟲.
171
427000
3000
是預藏在 Stuxnet 內的
07:25
So it's just like from the Hollywood好萊塢 movies電影
172
430000
2000
就像好萊塢電影一樣
07:27
where during the heist搶劫,
173
432000
2000
在搶劫時
07:29
the observation意見 camera相機 is fed美聯儲 with prerecorded預錄 video視頻.
174
434000
3000
監視器輸出畫面 被換入預錄的影像
07:32
That's cool, huh?
175
437000
2000
很酷吧?
07:35
The idea理念 here is obviously明顯
176
440000
2000
這個想法很明顯的
07:37
not only to fool傻子 the operators運營商 in the control控制 room房間.
177
442000
3000
不只是要騙過控制室的操作人員
07:40
It actually其實 is much more dangerous危險 and aggressive侵略性.
178
445000
4000
它的目標其實更加大膽與危險
07:44
The idea理念
179
449000
2000
想要
07:46
is to circumvent規避 a digital數字 safety安全 system系統.
180
451000
3000
規避數位電子安全系統
07:50
We need digital數字 safety安全 systems系統
181
455000
2000
我們需要數位電子安全系統
07:52
where a human人的 operator操作者 could not act法案 quick enough足夠.
182
457000
3000
來補足人類操控員不夠快的時候
07:55
So for example, in a power功率 plant,
183
460000
2000
舉例說 在電廠中
07:57
when your big steam蒸汽 turbine渦輪 gets得到 too over speed速度,
184
462000
3000
當大型蒸氣渦輪轉速過快
08:00
you must必須 open打開 relief浮雕 valves閥門 within a millisecond毫秒.
185
465000
3000
你一定要在一毫秒內打開洩壓閥
08:03
Obviously明顯, this cannot不能 be doneDONE by a human人的 operator操作者.
186
468000
3000
很明顯這絕不是人類辦的到的
08:06
So this is where we need digital數字 safety安全 systems系統.
187
471000
2000
所以需要數位電子安全系統
08:08
And when they are compromised妥協,
188
473000
2000
一旦它們被破壞
08:10
then real真實 bad things can happen發生.
189
475000
3000
真正嚴重的事情就會發生
08:13
Your plant can blow打擊 up.
190
478000
2000
電廠可能會爆炸
08:15
And neither也不 your operators運營商 nor也不 your safety安全 system系統 will notice注意 it.
191
480000
3000
而且人員和系統都無法及時察覺
08:18
That's scary害怕.
192
483000
2000
這就可怕了
08:20
But it gets得到 worse更差.
193
485000
2000
更糟的是
08:22
And this is very important重要, what I'm going to say.
194
487000
3000
接下來要說的是更重要的
08:25
Think about this:
195
490000
2000
想想看
08:27
this attack攻擊 is generic通用.
196
492000
3000
這個攻擊是一般性的
08:30
It doesn't have anything to do, in specifics細節,
197
495000
4000
它不一定要和特定
08:34
with centrifuges離心機,
198
499000
2000
核鈾料廠中的
08:36
with uranium enrichment豐富.
199
501000
3000
離心機有關
08:39
So it would work as well, for example,
200
504000
3000
舉例說吧 它也能適用於
08:42
in a power功率 plant
201
507000
2000
發電廠
08:44
or in an automobile汽車 factory.
202
509000
3000
或是汽車工廠
08:47
It is generic通用.
203
512000
2000
可以被廣泛利用
08:49
And you don't have -- as an attacker攻擊者 --
204
514000
2000
就攻擊形式而言
08:51
you don't have to deliver交付 this payload有效載荷
205
516000
3000
你不需要藉由
08:54
by a USBUSB stick,
206
519000
2000
USB 碟傳遞病毒載體
08:56
as we saw it in the case案件 of StuxnetStuxnet蠕蟲.
207
521000
2000
雖然這是 Stuxnet 預設方式
08:58
You could also use conventional常規 worm technology技術 for spreading傳播.
208
523000
3000
你也可以 用傳統蠕蟲技術來散播
09:01
Just spread傳播 it as wide as possible可能.
209
526000
3000
盡可能的擴散出去
09:04
And if you do that,
210
529000
2000
這麼一來
09:06
what you end結束 up with
211
531000
2000
最後你就有了
09:08
is a cyber網絡 weapon武器 of mass destruction毀壞.
212
533000
5000
可以造成大規模破壞的數位武器
09:14
That's the consequence後果
213
539000
2000
那也是我們得面對的
09:16
that we have to face面對.
214
541000
3000
後果
09:19
So unfortunately不幸,
215
544000
3000
不幸的是
09:22
the biggest最大 number of targets目標 for such這樣 attacks攻擊
216
547000
3000
大多數的攻擊目標
09:25
are not in the Middle中間 East.
217
550000
2000
不是在中東
09:27
They're in the United聯合的 States狀態 and Europe歐洲 and in Japan日本.
218
552000
3000
是在美國 歐洲 與 日本
09:30
So all of the green綠色 areas,
219
555000
2000
所有綠色區域
09:32
these are your target-rich目標豐富 environments環境.
220
557000
3000
就是充滿攻擊目標的地方
09:35
We have to face面對 the consequences後果,
221
560000
3000
我們得面對這些後果
09:38
and we better start開始 to prepare準備 right now.
222
563000
3000
而且最好現在就開始準備
09:41
Thanks謝謝.
223
566000
2000
謝謝大家
09:43
(Applause掌聲)
224
568000
6000
(掌聲)
09:49
Chris克里斯 Anderson安德森: I've got a question.
225
574000
2000
Chris Anderson: 我有個疑問
09:53
Ralph拉爾夫, it's been quite相當 widely廣泛 reported報導
226
578000
2000
Ralph, Stuxnet 已經廣為人知
09:55
that people assume承擔 that Mossad摩薩德
227
580000
2000
而人們猜測它背後
09:57
is the main主要 entity實體 behind背後 this.
228
582000
2000
的主使者是 Mossad (以色列特工)
09:59
Is that your opinion意見?
229
584000
3000
你也是這麼想嗎?
10:02
Ralph拉爾夫 Langner朗納: Okay, you really want to hear that?
230
587000
2000
Ralph Langner: 好, 你真的想知道?
10:04
Yeah. Okay.
231
589000
2000
是啊
10:06
My opinion意見 is that the Mossad摩薩德 is involved參與,
232
591000
3000
我的看法是 Mossad 有參與其中
10:09
but that the leading領導 force is not Israel以色列.
233
594000
3000
但以色列絕不是主導角色
10:12
So the leading領導 force behind背後 that
234
597000
2000
所以背後的主導力量
10:14
is the cyber網絡 superpower超級大國.
235
599000
3000
就是網路超級大國
10:17
There is only one,
236
602000
2000
也只有一個了
10:19
and that's the United聯合的 States狀態 --
237
604000
2000
那就是美國
10:21
fortunately幸好, fortunately幸好.
238
606000
2000
幸好、幸好
10:23
Because otherwise除此以外,
239
608000
2000
不然的話
10:25
our problems問題 would even be bigger.
240
610000
3000
我們的問題會更嚴重
10:28
CACA: Thank you for scaring驚嚇 the living活的 daylights一大跳 out of us. Thank you, Ralph拉爾夫.
241
613000
4000
CA: 謝謝你把我們都給嚇壞了 謝謝 Ralph.
10:32
(Applause掌聲)
242
617000
2000
(掌聲)
Translated by K. C. Peng
Reviewed by Crystal Tu

▲Back to top

ABOUT THE SPEAKER
Ralph Langner - Security consultant
Ralph Langner is a German control system security consultant. He has received worldwide recognition for his analysis of the Stuxnet malware.

Why you should listen

Ralph Langner heads Langner, an independent cyber-security firm that specializes in control systems -- electronic devices that monitor and regulate other devices, such as manufacturing equipment. These devices' deep connection to the infrastructure that runs our cities and countries has made them, increasingly, the targets of an emerging, highly sophisticated type of cyber-warfare. And since 2010, when the Stuxnet computer worm first reared its head, Langner has stood squarely in the middle of the battlefield.

As part of a global effort to decode the mysterious program, Langner and his team analyzed Stuxnet's data structures, and revealed what he believes to be its ultimate intent: the control system software known to run centrifuges in nuclear facilities -- specifically, facilities in Iran. Further analysis by Langner uncovered what seem to be Stuxnet's shocking origins, which he revealed in his TED2011 talk. (PS: He was right.)

More profile about the speaker
Ralph Langner | Speaker | TED.com