《CalebBarlow_2016S[迦勒.巴罗][网路犯罪究竟从何而来].pdf》由会员分享,可在线阅读,更多相关《CalebBarlow_2016S[迦勒.巴罗][网路犯罪究竟从何而来].pdf(5页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、www.XiYuS锡育软件Cybercrime is out of control.网路犯罪已经失控了。00:12Its everywhere.它无所不在。00:18We hear about it every single day.我们每天都会耳闻这样的事件。00:19This year,over two billion records lost or stolen.在今年,超过 20 亿笔纪录 遗失或遭窃。而在去年,有一亿人,其中大部分是美国人,00:24And last year,100 million of us,mostly Americans,lost ourhealth insu
2、rance data to thieves-myself included.健保资料落入窃贼手中,我也身受其害。更令人担忧的是:00:31Whats particularly concerning about this is that in mostcases,it was months before anyone even reported that theserecords were stolen.在大多数事件中,就算有人回报资料被偷,往往也是几个月之后的事了。00:44So if you watch the evening news,you would think that mostof
3、 this is espionage or nation-state activity.所以你看到晚间新闻报导时,你可能会认为这些大部分是 谍报或国家层级的行动。00:56And,well,some of it is.嗯,有些的确是。01:05Espionage,you see,is an accepted international practice.如你所见,谍报活动 已经是一种国际惯例,01:08But in this case,it is only a small portion of the problem thatwere dealing with.但在这个案例当中,它只是我们所面
4、对难题 其中的一小部分。01:13How often do we hear about a breach followed by,.it wasthe result of a sophisticated nation-state attack?我们是否经常听到这些入侵事件,被描述成:这是件精心策划的国家攻击行动01:21Cybercrime:n.网路犯罪 espionage:n.间谍;间谍活动;刺探 nation-state:n.单一民族国家 breach:n.违背,违反;缺口/vt.违反,破坏;打破 sophisticated:adj.复杂的;精致的;久经世故的;富有经验的/v.使变得世故;
5、使迷惑;篡改(sophisticate的过去分词形式)Well,often that is companies not being willing to own up totheir own lackluster security practices.通常,这是公司不愿意承认 自身安全措施失灵的推托之词。01:30There is also a widely held belief that by blaming an attackon a nation-state,you are putting regulators at bay-atleast for a period of time.而
6、且这些公司普遍相信,只要将攻击归咎于某个国家,就可以逃避主管机关的监督 或是至少拖延一段时间。01:38So where is all of this coming from?那么实际上网路犯罪从何而来?01:51The United Nations estimates that 80 percent of it is fromhighly organized and ultrasophisticated criminal gangs.联合国估计 80%的网路犯罪,来自具有高度组织且分工精细的犯罪集团。01:56To date,this represents one of the larges
7、t illegal economiesin the world,topping out at,now get this,445 billion dollars.时至今日,网路犯罪已是世界上 最大的非法经济体之一。而在这之上 大家听好了 是 4,450 亿美金的获利。02:09Let me put that in perspective for all of you:445 billiondollars is larger than the GDP of 160 nations,includingIreland,Finland,Denmark and Portugal,to name a few
8、.我来给大家更具体的概念:4,450 亿美金已经超过了 160 个国家的国内生产总值,其中包括爱尔兰、芬兰、丹麦和葡萄牙.等等国家。02:25So how does this work?这个体系是如何运作的?02:44How do these criminals operate?这些罪犯又如何进行作業?02:46Well,let me tell you a little story.让我说个小故事给你们听。02:48lackluster:n.无光泽;暗淡/adj.无光泽的;平凡的 regulators:n.调整者;调节阀(regulator的复数形式)estimates:n.估计;预算(est
9、imate的复数);概数/v.评价(estimate的三单形式);估量 gangs:n.帮派(gang的复数)/v.成帮结伙;合伙行动(gang的三单形式)topping:n.糕点上的装饰配料;构成顶部的东西;除顶部;修剪树稍/adj.杰出的,一流的;高耸的/v.加顶;超越(top的现在分词形式)About a year ago,our security researchers were tracking asomewhat ordinary but sophisticated banking Trojan calledthe Dyre Wolf.大约一年前,我们的资安研究员正在追踪一个 看似
10、寻常却很精密的 银行木马程式 Dyre Wolf。02:52The Dyre Wolf would get on your computer via you clickingon a link in a phishing email that you probably shouldnthave.这只程式会进入你的电脑,是因为你点击了 钓鱼信件中的网址 你不应该点击的。03:03TED演讲者:Caleb Barlow|迦勒巴罗演讲标题:Where is cybercrime really coming from?|网路犯罪究竟从何而来?内容概要:Cybercrime netted a whopp
11、ing$450 billion in profits last year,with 2 billion recordslost or stolen worldwide.Security expert Caleb Barlow calls out the insufficiency of our currentstrategies to protect our data.His solution?We need to respond to cybercrime with the samecollective effort as we apply to a health care crisis,s
12、haring timely information on who is infectedand how the disease is spreading.If were not sharing,he says,then were part of the problem.去年,网路犯罪狂捞了 4,500 亿美金的暴利,于此同时,全球超过 20 亿笔纪录遗失或遭窃。安全专家迦勒巴罗指出了当今资讯保护策略的不足之处。他的解决方案是面对网路犯罪,我们必须像处理公共卫生危机一样,集众人之力,并将疫情与疾病如何散播的即时资讯公开分享。他表示,若是拒绝共享,我们无疑成为网路犯罪的共犯。It would th
13、en sit and wait.接着它会守株待兔,03:10It would wait until you logged into your bank account.等待你登入银行帐户。03:13And when you did,the bad guys would reach in,steal yourcredentials,and then use that to steal your money.到时候,歹徒就大手一伸,盗用你的身份,然后偷走你的钱。03:17This sounds terrible,but the reality is,in the security industry
14、,this form of attack is somewhat commonplace.这听起来很吓人,但事实上,在资讯安全领域,这种形式的攻击还算常见。03:24However,the Dyre Wolf had two distinctly differentpersonalities-one for these small transactions,but it tookon an entirely different persona if you were in the business ofmoving large-scale wire transfers.然而,Dyre Wolf
15、 程式 具有双重人格 其中一个是针对刚提到的小额交易,但如果你的工作 会接触到大笔金钱往来,它就会展现出截然不同的另一面。03:35Trojan:n.勇士;特洛伊人;勤勉的人/adj.特洛伊的;特洛伊人的 phishing:n.网络钓鱼;网络欺诈(以虚假的身份和形象随机骗取个人帐号和密码等)logged:adj.笨拙的;锯成圆木的;停滞的;进水的/v.伐树;把树木锯成段木;记入航海日志;把输入计算机(log的过去分词)credentials:n.管理证书;文凭;信任状(credential的复数)/v.得到信用;授以证书(credential的三单形式)commonplace:n.老生常谈;司
16、空见惯的事;普通的东西/adj.平凡的;陈腐的 distinctly:adv.明显地;无疑地,确实地personalities:n.人身攻击;诽谤;人格;个性;名人 transactions:n.处理,图情会报;汇报(transaction复数)persona:n.人物角色;伪装的外表 large-scale:adj.大规模的,大范围的;大比例尺的 transfers:n.电子计传输(tansfer的复数);动心理迁移/v.计转移;变换;调任(transfer的第三人称单数)Heres what would happen.过程会是这样的。03:51You start the process o
17、f issuing a wire transfer,and up inyour browser would pop a screen from your bank,indicatingthat theres a problem with your account,and that you needto call the bank immediately,along with the number to thebanks fraud department.当你启动汇款流程,在浏览器上,你的网路银行会跳出一个画面,显示你的帐户出现问题,你必须马上打电话给银行,并附上银行防诈骗部门的专线号码。03:
18、53So you pick up the phone and you call.于是你拿起电话拨过去。04:08And after going through the normal voice prompts,youremet with an English-speaking operator.经过一连串看似正常的语音指示后,你被转接给一位英语客服。04:10Hello,Altoro Mutual Bank.How can I help you?哈啰!奥多罗互助银行。很高兴为您服务。04:16And you go through the process like you do every ti
19、me youcall your bank,of giving them your name and your accountnumber,going through the security checks to verify you arewho you said you are.接着你一如往常进行整个流程:给出你的名字、帐户、回答安全问题以确认你的身份。04:19Most of us may not know this,but in many large-scale wiretransfers,it requires two people to sign off on the wiretra
20、nsfer,so the operator then asks you to get the secondperson on the line,and goes through the same set ofverifications and checks.大部分的人可能不知道,在许多的巨额转帐中,规定要经过两个人的确认,接着客服请第二个人听电话,然后进行同样的确认流程。04:31issuing:n.发行物;争论点;期刊号/v.发行(issue的ing形式);分配;流出 browser:n.计浏览器;吃嫩叶的动物;浏览书本的人indicating:n.表明;指示/v.表明;指示;要求(indi
21、cate的ing形式)/adj.指示的 fraud:n.欺骗;骗子;诡计 prompts:n.计提示;提示性语言(prompt的复数形式)English-speaking:adj.说英语的 Mutual:adj.共同的;相互的,彼此的 sign off:停止活动;停止广播 on the line:处于危险中;模棱两可;在电话线上Sounds normal,right?听起来很正常吧?04:45Only one problem:youre not talking to the bank.只有一个问题:在电话另一端的不是银行。04:47Youre talking to the criminals.
22、和你通电话的是歹徒。04:51They had built an English-speaking help desk,fake overlaysto the banking website.他们还设置了英语客服中心,并制作了假的银行网站。04:52And this was so flawlessly executed that they were movingbetween a half a million and a million and a half dollars perattempt into their criminal coffers.在这天衣无缝的过程中,每一次作案,就会有
23、50 万至 150 万美金的不法所得 落入歹徒的口袋。这些犯罪组织的运作04:56These criminal organizations operate like highly regimented,legitimate businesses.就像纪律严明的合法企業。他们的员工从周一工作到周五,05:07Their employees work Monday through Friday.周末则是放假休息。05:14They take the weekends off.我们为什么知道?05:17How do we know this?这是因为我们的资安研究人员发现05:18We know t
24、his because our security researchers see repeatedspikes of malware on a Friday afternoon.每当周五下午,恶意程式都会大量出现。这些坏蛋们陪老婆小孩度过周末,05:20overlays:v.覆盖;把一物置于之上;镶;遮掩(overlay的三单形式)/n.覆盖图;镶边;包镶物(overlay的复数)flawlessly:adv.完美无瑕地 executed:v.履行(execute的过去分词)/adj.已执行的;已生效的 coffers:n.金库(coffer的复数);花格镶板(屋顶或墙上的凹陷)/v.用花格镶
25、板装饰;把珍藏起来(coffer的三单形式)regimented:adj.受管制的/v.编成团;管制(regiment的过去式和过去分词)legitimate:adj.合法的;正当的;合理的;正统的/vt.使合法;认为正当(等于legitimize)Monday:n.星期一spikes:n.钉鞋(spike的复数)/v.把钉牢(spike的第三人称单数)malware:n.恶意软件The bad guys,after a long weekend with the wife and kids,come back in to see how well things went.之后就可以回来验收成
26、果。暗网是他们栖息的地方。05:27come back in to see how well things went.The Dark Web is where they spend their time.这个词是用来描述 隐藏在网际网路中的匿名空间。05:35That is a term used to describe the anonymous underbellyof the internet,where thieves can operate with anonymityand without detection.窃贼们在此得以匿名行事,而不会被人发现。他们在此兜售攻击软体,05:3
27、9Here they peddle their attack software and share informationon new attack techniques.并且分享各种新的攻击技术。在那里,你能买到任何东西,05:50You can buy everything there,from a base-level attack to amuch more advanced version.从基本等级的攻击服务 到更进阶的版本都有。05:57In fact,in many cases,you even see gold,silver and bronzelevels of servi
28、ce.在很多地方,你甚至会看到 被区分为金、银、铜等级 的各种攻击服务。06:03www.XiYuS锡育软件You can check references.你可以查询他人的推荐心得。06:09You can even buy attacks that come with a money-backguarantee-你所购买的攻击服务 甚至还能有退款保证06:11(Laughter)if youre not successful.(笑声)如果你的攻击没有成功。06:17Now,these environments,these marketplaces-they looklike an Amaz
29、on or an eBay.这样的环境、这样的交易市集,看起来跟亚马逊或eBay 一模一样。06:21anonymous:adj.匿名的,无名的;无个性特征的 underbelly:n.下腹部;薄弱部分;易受攻击的部位,区域等 anonymity:n.匿名;匿名者;无名之辈 peddle:vt.叫卖;兜售;散播/vi.沿街叫卖;忙于琐事 references:n.图情参考文献;参照;推荐信(reference的复数)/v.附以供参考;把引作参考(reference的三单形式)marketplaces:n.市场;集贸市场(marketplace的复数)Amazon:亚马逊;古希腊女战士You s
30、ee products,prices,ratings and reviews.你看得到产品、价格、评分跟评论。06:28Of course,if youre going to buy an attack,youre going tobuy from a reputable criminal with good ratings,right?如果你要买攻击服务,你当然会向评分高、名声好的罪犯购买,对吧?06:32(Laughter)This isnt any different than checking on Yelp orTripAdvisor before going to a new re
31、staurant.(笑声)这就像你要到一间新的餐厅之前,会先到Yelp 或 TripAdvisor 网站 查询评价一样。06:37So,here is an example.我举个例子。06:46This is an actual screenshot of a vendor selling malware.这是从恶意软体贩卖者的网页 所擷取的真实画面。06:48Notice theyre a vendor level four,they have a trust level ofsix.他是属于第四级的贩卖商,他的信赖度则是第六级。06:53Theyve had 400 positive r
32、eviews in the last year,and onlytwo negative reviews in the last month.他在去年得到 400 个正面评价,而在上个月的负面评价只有两个。06:57We even see things like licensing terms.我们甚至在上面看到授权条款。07:02Heres an example of a site you can go to if you want tochange your identity.另外这个网站,如果你想要改变个人身分,可以上去看看。07:06ratings:n.评级;等级(rating的复数形
33、式)reviews:n.综述;评论;复习(review的复数);复核/v.回顾;复习(review的三单形式);检验 reputable:adj.声誉好的;受尊敬的;卓越的 different than:不同于 Yelp:vi.叫喊;狗吠/vt.(因痛而)叫喊,叫喊着说/n.尖叫,大叫;吠声 screenshot:n.屏幕截图(截图软件名称)vendor:n.卖主;小贩;贸易自动售货机 licensing:v.许可;批准(license的ing形式)identity:n.身份;同一性,一致;特性;恒等式They will sell you a fake ID,fake passports.他们
34、贩卖假身分证、假护照。07:10But note the legally binding terms for purchasing your fakeID.特别注意有关购买假证件的法律条款。07:14Give me a break.饒了我吧!07:20What are they going to do-sue you if you violate them?就算你违反了这些条款,他们能怎样?控告你吗?07:21(Laughter)This occurred a couple of months ago.(笑声)就在几个月前,07:24One of our security researcher
35、s was looking at a newAndroid malware application that we had discovered.我们的一位资安研究员 正在分析新发现的一个Android 恶意程式。07:29It was called Bilal Bot.这个程式叫 Bilal Bot。07:38In a blog post,she positioned Bilal Bot as a new,inexpensiveand beta alternative to the much more advanced GM Botthat was commonplace in the cr
36、iminal underground.在一篇部落格文章中,她(部落格作者)将 BilalBot 定位为 新颖、便宜、待测试修正的、另一个GM Bot 程式的替代品,而 GM Bot 更为先进,在地下黑市非常普及。07:41This review did not sit well with the authors of Bilal Bot.Bilal Bot 作者对此评论感到不满。07:58So they wrote her this very email,pleading their case andmaking the argument that they felt she had eval
37、uated anolder version.所以他们写了这封信给她,除了为产品辩护,并认为她所评测的是旧版程式。08:03binding:n.装订;捆绑;粘合物/adj.有约束力的;捆绑的/v.捆绑(bind的ing形式)violate:vt.违反;侵犯,妨碍;亵渎 Android:n.机器人;安卓操作系统 positioned:adj.放置的/v.放置;确定的位置(position的过去分词)inexpensive:adj.便宜的 beta:n.贝它(希腊字母表的第二个字母)pleading:n.恳求;答辩;辩论,诉状/adj.恳求的/v.辩护(plead的ing形式)evaluated:v
38、i.评估;估的价(evaluate的过去分词形式)They asked her to please update her blog with more accurateinformation and even offered to do an interview to describeto her in detail how their attack software was now far betterthan the competition.他们要求她更新部落格 以提供更正确的资讯,甚至要求当面对谈,好向她详细解释 他们的攻击程式如何比竞争对手更好。08:16So look,you don
39、t have to like what they do,but you do haveto respect the entrepreneurial nature of their endeavors.所以你瞧,你不需认同他们的行为,但你得敬佩他们 在努力的过程中 所流露出的创業家特质。08:32(Laughter)So how are we going to stop this?(笑声)所以,我们要如何阻止这一切?08:43Its not like were going to be able to identify whosresponsible-remember,they operate w
40、ith anonymity andoutside the reach of the law.并不是说我们要找出某个人 来追究责任 记住,他们都匿名行事,置身法律之外。08:51Were certainly not going to be able to prosecute theoffenders.我们确实无法起诉这些犯罪份子。09:03I would propose that we need a completely new approach.我提议,采用完全不同的作法。09:06And that approach needs to be centered on the idea that
41、weneed to change the economics for the bad guys.这个作法的核心观念是:我们要顛覆那些坏蛋的经济体系。09:13And to give you a perspective on how this can work,letsthink of the response we see to a healthcare pandemic:为了让你们了解这个方法为何有效,先回想我们如何面对以下这些传染病:09:22in detail:详细地 entrepreneurial:adj.企业家的,创业者的;中间商的 endeavors:尽力 prosecute:vt
42、.检举;贯彻;从事;依法进行/vi.起诉;告发;作检察官 offenders:n.罪犯(offender的复数);冒犯者 centered:adj.居中的;有圆心的/v.集中;居中(center的过去式和过去分词形式)see to:注意;负责;照料 healthcare:n.医疗保健;健康护理,健康服务;卫生保健 pandemic:adj.(疾病等)全国流行的;普遍的/n.流行性疾病SARS,Ebola,bird flu,Zika.SARS、伊波拉、禽流感、兹卡病毒。09:30What is the top priority?第一要务是什么?09:33Its knowing who is in
43、fected and how the disease isspreading.是知道谁受到感染 以及疾病如何传播。09:35Now,governments,private institutions,hospitals,physicians-everyone responds openly and quickly.现在,包括政府、私人机构、医院、医师 所有人都能开放、迅速地 做好应对工作。09:43This is a collective and altruistic effort to stop the spread inits tracks and to inform anyone not
44、infected how to protector inoculate themselves.这样的集体利他行为,遏止了疾病的传播,并告知尚未被感染者 如何自保或接种疫苗。09:55Unfortunately,this is not at all what we see in response to acyber attack.不幸地,在面对网路攻击时,我们看到的完全不是这样。10:10Organizations are far more likely to keep information on thatattack to themselves.组织更倾向于 将受到攻击的相关资讯 采取保密。
45、10:17Why?为什么?10:24Because theyre worried about competitive advantage,litigation or regulation.因为他们担心失去竞争优势、面对法律诉讼、或是接受监督管理。10:26We need to effectively democratize threat intelligence data.我们必须有效率地 将网路威胁情资公开。10:33Ebola:n.埃博拉病毒 infected:adj.被感染的/v.传染(infect的过去分词)physicians:n.内科内科医生(physician的复数)respon
46、ds:响应 altruistic:adj.利他的;无私心的 inoculate:vt.医接种;嫁接;灌输 in response to:响应;回答;对有反应competitive:adj.竞争的;比赛的;求胜心切的 litigation:n.诉讼;起诉 democratize:vt.使民主化;使大众化/vi.民主化;大众化We need to get all of these organizations to open up andshare what is in their private arsenal of information.我们必须让这些组织 开放并分享他们的情报资料庫。10:3
47、9The bad guys are moving fast;weve got to move faster.犯罪份子的手法一日千里,我们必须走在他们之前。10:50And the best way to do that is to open up and share data onwhats happening.最好的方式便是开放 并且共享即时资讯。10:56Lets think about this in the construct of securityprofessionals.让我们从资讯安全人员的角度 来反思一下。11:03Remember,theyre programmed rig
48、ht into their DNA tokeep secrets.要知道,这群人 保密的天性深入骨子里。11:07Weve got to turn that thinking on its head.我们得扭转这样的习性。11:12Weve got to get governments,private institutions andsecurity companies willing to share information at speed.我们得想办法让政府、私人机构,还有资安服务業者,愿意迅速地分享资讯。11:16And heres why:because if you share t
49、he information,itsequivalent to inoculation.原因如下:若是共享讯息,就像是接种了疫苗。11:23And if youre not sharing,youre actually part of the problem,because youre increasing the odds that other people couldbe impacted by the same attack techniques.若是拒绝共享,我们就等于是共犯,因为你可能助长了他人 被相同手法攻击的机会。11:30open up:打开;开发;开始;展示,揭露 arsen
50、al:n.兵工厂;军械库 professionals:n.管理专业人员(professional的复数)equivalent:adj.等价的,相等的;同意义的/n.等价物,相等物 inoculation:n.医接种;接木;接插芽 odds:n.几率;胜算;不平等;差别 impacted:adj.压紧的;结实的;嵌入的;(人口)稠密的/v.装紧;挤满(impact的过去分词)But theres an even bigger benefit.这么做还有更大的好处。11:43By destroying criminals devices closer to real time,we breakth