中文导读
上周一款名为“想哭”的病毒利用微软操作系统的漏洞,攻击了全球数万台电脑。这一事件暴露了计算机世界的两大隐患:一是信息包括病毒的极易传播性,二是更多类似事件发生的可能性。值得注意的是,上述安全漏洞最早是由美国国家安全局(NSA)发现并用于监视用户的,此次攻击也显示了间谍机构像囤积武器一样“囤积”这些漏洞的危险性。这让人不禁思考未来网络安全健康发展的重要意义。
Companies, individuals and governments need to wake up to the dangers of a computerised world
IT SOUNDS like a Hollywood disaster film. A group of hackers use a stolen cyber-weapon to try to extort money from people worldwide. The attack cripples hospitals, causing ambulances to be diverted and operations to be cancelled. Then a lone security researcher stumbles across a way to halt the bug in its tracks. Yet that is exactly what happened last week when a piece of ransomware called WannaCry, which infects computers running outdated versions of Microsoft’s Windows operating system, hit not just Britain’s National Health Service (NHS) but Russia’s interior ministry, Chinese universities, Germany’s state railways and plenty more besides.
It could have been much worse. WannaCry does not seem to have been a deliberate attack on hospitals, but a criminal money-making scheme in which the NHS was collateral damage. Indeed, as malicious programs go, WannaCry is not even in the premier league: although it has a nasty payload, it had compromised only about 300,000 computers and raised an estimated $80,000 as
The Economist
went to press. Earlier nasties, such as Conficker and SoBig, infected millions of machines. Even so, the incident rammed home two unpleasant truths about the computerised world.
The first is that the speed, scalability and efficiency of computers are a curse as well as a blessing. Digital data are weightless, easy to replicate, and can be sent around the world in milliseconds. That is welcome if those data are useful, but not if they are malicious. Modern software can contain millions of lines of code. Ensuring that no bugs slip through is almost impossible. A single vulnerability can affect thousands or millions of machines, and the internet gives a single individual the power to compromise them all at once. By comparison, paper files are heavy, cumbersome and awkward to work with. But at least a couple of crooks thousands of miles away cannot cause them all to vanish simultaneously. If WannaCry can cause so much random damage, imagine what might be done if hospitals were targeted deliberately.
