对印度库丹库拉姆核电站网络感染事件的分析与讨论

2019-11-29 11:53    印度  印度核电  库丹库拉姆核电站

对印度库丹库拉姆核电站网络感染事件的分析与讨论


相关阅读:库丹库拉姆核电站外部网络遭恶意软件感染

today with me I have object iron Metra
今天和我在一起,我有对象铁Metra
senior fellow of the nuclear program at
核计划高级研究员
the IPC s the Institute for peace and
 IPC是和平与创新研究所
Conflict Studies today we will be
今天我们将进行冲突研究
discussing a report which came out
讨论一份报告出来
yesterday first it came out on social
昨天首先它出现在社交上
media that there was a security breach
媒体认为存在安全漏洞
and the cordon column nuclear power
和警戒柱核能
plant following this the keh keh keh NPP
紧随其后的核电站
administration has denied any breach to
政府已否认有任何违反
discuss this and more with me IBG thank
与我讨论这个以及更多内容IBG谢谢
you obj so coming on poltical
你obj所以来上政治
buzzer let's just this was the incident
蜂鸣器,这就是事件
first first that such a breach had
首先,这种违反行为
happened at the nuclear power plant was
发生在核电站是
reported predominantly in social media
主要在社交媒体上报道
following which parliamentarians have
随后议员们
taken it up and even the administration
拿起它,甚至行政
has given a statement denying it can you
发表声明否认它可以
just give the brief of sure now this
现在就给我简短的简短说明
particular power plant other than of
除以下以外的特定电厂
course the infamy of all those
当然是所有这些的耻辱
anti-nuclear protests has had consistent
反核抗议活动一直持续
failures over a period of time I've been
我去过一段时间以来的失败
going through the reports at least since
至少因为
2016 we've seen several shutdowns
 2016年,我们已经关闭了几次
happening so when it was announced
发生在宣布时
earlier this month or last month that
本月初或上个月
had shut down again none of us really
再次关闭了我们一个人
took it seriously till this day
直到今天都认真对待
well not a maintenance because the
好吧不是维护,因为
problem was routine shutdowns are
问题是例行关机
announced in advance good and ghulam for
提前宣布好和古拉姆
some reason keeps shutting down with no
某些原因一直关闭,没有
no schedule so basically there's some
没有时间表,所以基本上有一些
problem with it now we always thought
现在我们一直以为它有问题
that it was a mechanical problem out
那是一个机械问题
there it was a design problem of them
那里是他们的设计问题
which is worrying in itself but it turns
这本身令人担忧,但事实证明
out and this is probably the good news
出来,这可能是个好消息
in all of this that it isn't it probably
在所有这一切中可能不是
isn't a mechanical problem it is
不是机械问题,而是
probably the cyber I'm hesitant to say
我可能会犹豫地说网络
cyberattack let's call it a cyber event
网络攻击我们称之为网络事件
that has occurred now what's important
现在发生了什么重要
out here is that the government has
这里是政府有
basically gone and contradicted itself
基本上消失了并且自相矛盾
within 12 hours itself if you look at
如果您看的话,本身会在12小时内
the denial that couldn't ghulam itself k
拒绝不能固执己见的否认
and k k let's just call it could and
和kk让我们称之为它可以和
ghulam that current Ghulam put out
当前古兰姆推出的古兰姆
yesterday in the morning they basically
昨天早上他们基本上
said that a security breach wasn't
说不是安全违规
possible because we've
可能是因为我们
air-gapped that is to say the internal
气隙即内部
networks have no connection with the
网络与
outside networks outside of : :
外部网络:
but then today's Indian Express report
但是今天的印度快报报道
then tells us that in fact there has
然后告诉我们,实际上
been a security it's the Indian Express
一直是印度快递的证券
report that came out this morning
今天早上出来的报告
actually quotes government officials
实际引用政府官员
saying that's considered confirmed that
说被认为证实了
an incident happened early September
 9月初发生了一起事件
afterwards the National Cyber Security
之后的国家网络安全
Council has taken you know notice of it
市政局已通知您
in mid-september they were there and
在9月中旬,他们在那里
they have given guidelines to rectify
他们给出了纠正的指导方针
what is or the problem that was there
那里是什么或存在的问题
now my thing is when you say air-gap
现在我的事情是当你说气隙时
just so that our listeners can also
只是为了让我们的听众也可以
understand an air-gap computer or a
了解气隙式计算机或
system is one which does not have at any
系统是根本没有的系统
point connectivity with the net
与网络的点连接
therefore it cannot be hat that's the
因此,不可能是帽子
idea no it has connectivity to an
想法不,它具有与
Internet so assume that this table is
互联网,因此假设此表是
the curriculum facility everything all
课程安排一切
most of the computers here will be
这里的大多数计算机将是
networked to each other in the internet
在互联网上互相联网
it's an intranet it will not be
这是一个内部网,它将不再是
connected to the Internet yes therefore
因此连接到互联网
you can't view sites like say money
您无法查看诸如说钱之类的网站
control or tv18
控制或电视18
on this net and it's only when you come
在这个网上,只有当你来的时候
outside that you're able to access
在您可以访问的外部
that's the area that's the air gap okay
那是气隙好的区域
and this breach what you're seeing
这违反了您所看到的
you're not you're not calling it a cyber
你不是,你不是在称它为网络
attack per se now but it's an incident
现在本身就发动攻击,但这是一个事件
the administration has also put up this
政府也提出了
clarify clarification saying that it has
澄清说
affected computers that are used for
用于的受影响的计算机
administrative purposes only now what is
现在仅行政目的是什么
the difference in this admin and/or ops
此管理员和/或操作的区别
right now here's the thing in the air
现在这是空中的东西
gap you basically have two sets of
差距你基本上有两套
functions one is the function that
功能一是功能
controls the reactor and it's
控制反应堆,它是
functioning which is the operations but
功能是操作,但
then you also need to do things like
那么你还需要做类似的事情
because it's also workspace so you have
因为它也是工作区,所以你有
thousands of employees and so on and so
数千名员工等等
forth you need to do their pay you need
第四,您需要支付他们需要的薪水
to do their attendance records and so on
做他们的出勤记录等等
and so forth if they're put in for leave
如果他们被请假,依此类推
normal administrative procedures
正常行政程序
ordering equipment ordering food because
订购设备订购食物,因为
they'd have a canteen and so on so forth
他们有一个食堂,依此类推
so all of that would be in a separate
所以所有这些都将放在单独的位置
intranet okay and what runs on
内联网还可以,运行什么
what actually runs the reactor would be
反应堆实际运行的是
a separate intranet linked to each other
相互链接的单独的Intranet
now remember an air-gap only means that
现在记住气隙只意味着
you can't be attacked over the net okay
你不能被网络攻击好吗
it still means that you can be attacked
仍然意味着您可能会受到攻击
through a USB stick right or any kind of
通过USB记忆棒或其他任何形式
if you've plugged your mobile phone for
如果您已将手机插入
example if you've just used this to any
例如,如果您刚刚将其用于任何
kind of phone you've charged it using
您使用过的那种手机
the usb on your computer on the intranet
内联网上计算机上的USB
even that would constitute a secure that
即使这样也可以确保
is a compromise so what has happened
是妥协,所以发生了什么事
here is very clear now
这里现在很清楚
first the government is contradicted
首先,政府是矛盾的
itself within 12 to 24 hours because
本身在12到24小时内
first they said the air-gap was
首先,他们说气隙是
foolproof then they say there has been a
万无一失,然后他们说已经有一个
cyber incident that's happened yes the
是的网络事件是
very admission tells you that the
录取通知书告诉你
air-gap was breached
气隙被破坏
that there was a laxity of data hygiene
数据卫生宽松
that the possibly a USB stick because it
可能是USB记忆棒,因为它
is an air-gap was taken by somebody
有人采取了气隙
inside and fit it onto one of the
内部并将其安装到其中一个
computers otherwise a cyber incident
计算机,否则会发生网络事件
simply could not now let me Club to
根本不能让我俱乐部去
other questions that I have and so that
我还有其他问题,所以
this is you know our viewers can
这是您知道我们的观众可以
understand it why is this security
明白为什么这是安全的
inside of the cyber incident what is the
网络事件内部是什么
implications of it and does it have any
它的含义,它是否有任何
security implications national security
安全影响国家安全
implications it has a lot of national
它有很多国家的含义
security implications because one of the
安全隐患,因为其中之一
things we keep looking at is cyber
我们一直关注的是网络
attack in the course of warfare but
在战争过程中发动进攻,但
remember it's you know warfare as we
记住,你知道战争,因为我们
used to think of it as a kinetic event
过去将其视为动力学事件
Army's going bombing killing people
陆军轰炸炸死人
today warfare bang can be carried out
今天可以进行战争爆炸
without that you know you can send say a
没有它,您知道您可以发送说
TMS haywire and create induce a
 TMS haywire和创造诱导
financial panic you can move funds
财务恐慌可以转移资金
around if you get passwords and so on
如果您获得密码等等
and so forth things like that now in
诸如此类的事情现在
this case the danger is that first they
这种情况下的危险是首先
managed to breach the air-gap and get in
设法突破气隙并进入
so if they breach the outside inside
所以如果他们突破内在
air-gap then there's no assurance that
气隙,那么不能保证
they couldn't reach the - the two gaps
他们无法达到-两个差距
that existed between the administrative
在行政之间存在
and the operation because if your
和操作,因为如果
security is lakhs and one then it's
安全是数十万,然后是
lakhs in the other as well if one has
如果一个人拥有另一个人,则也可以
been breached the other one has also
被违反了另一个
been breached
被违反
that's an assumption we're making it's
这是我们正在做的一个假设
an assumption they're making but it's
他们正在做一个假设,但这是
based on fact if if one can be breached
根据事实是否可以被违反
if one was lakhs
如果一个人是十万
purity is poor it should raise red flags
纯度很差,应该举起红旗
it should raise red flags across the
它应该在整个
board now with regards to why this is
关于现在为什么登机
important to security remember we've had
对安全很重要请记住,我们曾经
a culture of bad security in this
不良安全文化
country you know you can go do a Google
您知道可以去Google的国家/地区
search and how many times the MEA
搜索以及MEA的次数
computers have been hacked in one in
一台电脑被黑客入侵
Chinese hacker the Chinese hackers they
中国黑客他们是中国黑客
consistently keep hacking it was still
始终保持黑客状态
to come up with an effective response to
提出有效的回应
it in one incident I think it was in
我认为是在一次事件中
2011 they were able to remotely turn
 2011年,他们能够远程转向
microphones and cameras of Indian
印度的麦克风和相机
embassy computers across the world you
使馆计算机遍布世界各地
know being privy to information and so
知道对信息保密等等
on so forth so we don't know the extent
等等,所以我们不知道程度
to which this has gone only the third
这仅是第三次
thing we have to stress out here is we
我们要强调的是我们
don't know the entire nature of the
不知道
attack deep track is basically it's a
攻击深层轨迹基本上是
derivative of the ransomware that was
勒索软件的衍生产品
used by the Lazarus group believed to be
拉撒路小组使用的被认为是
a North Korean group to attack Sony you
朝鲜集团攻击索尼
know remember when that movie critical
知道记得那部电影很关键的时候
of kim jeong-hoon called the interview
金正勋的采访
Josh Rogin came out they used it to
 Josh Rogin出来了,他们用它来
attack Sony Pictures now we don't really
攻击Sony Pictures现在我们不是真的
know if this is a ransomware
知道这是否是勒索软件
or malware ransomware is basically
或基本上是恶意软件勒索软件
malware used for ransom earrings so it
用于勒索耳环的恶意软件
has a code or something which can undo
有代码或可以撤消的内容
the things if you cooperate with the guy
如果你和那个家伙合作的话
blackmailing you malware is just purely
勒索您的恶意软件纯粹是
sadistic that it's gone and destroyed a
悲伤的是它已经消失并摧毁了
lot of things for you and the third is
很多东西给你,第三点是
like Stuxnet which is what affected the
像Stuxnet这样影响了
Iranian in in in your article to money
伊朗人在你的文章中要钱
control you've actually talked about
控制您实际上已经在谈论
this you've compared it to the attack
您已经将其与攻击进行了比较
that happened in the Iranian nuclear
发生在伊朗核
facilities is it is that a stretch yes
设施是否是伸展
and no because see the point that was
也不是因为看到了
being highlighted out there with a lack
缺乏突出显示
of his security culture that Iran's
伊朗的安全文化
program nuclear program was so recessed
计划核计划是如此隐蔽
it was so secret nobody was meant to
如此秘密,没人理应
know about it
知道了
the level of security precautions they
他们的安全防范措施级别
took was so extraordinary and still
采取了是如此的非凡而仍然
because of a lack security culture
由于缺乏安全文化
somebody was able to if we know for a
如果我们知道一个人能够
fact now that Stuxnet was fed into the
事实上,现在Stuxnet被馈入了
USB sticks of Russian contractors and it
俄罗斯承包商的USB随身碟及其
attacked a certain Siemens processor
攻击了某个西门子处理器
right so we don't know
对,所以我们不知道
what else if one virus has gotten in
如果一种病毒进入了该怎么办
this way we don't know what else has got
这样我们不知道还有什么
so at the moment we don't know the depth
所以目前我们还不知道深度
of the damage that has been done it's a
造成的损害是
dog let me let me put it like this
狗让我让我这样说
whether damage has been done and the
是否已经造成损害,以及
depth of the damage correct and this is
损坏的深度正确,这是
you know what rapid eating different
你知道快速饮食有什么不同
things so what are the steps that can be
事情,那么可以采取哪些步骤
done or should be done at the moment or
已经完成或目前应该完成
the government and the codon column what
政府和密码子栏
are the steps so its first it's very you
是步骤,所以首先是你
know the first thing about this is
知道的第一件事是
transparency you can't fix a problem
透明,您无法解决问题
till you acknowledge there's a problem
直到你承认有问题
and the problem in India that we have is
而印度存在的问题是
because of hierarchies and things like
因为层次结构之类的东西
that you can never have a junior go up
你永远不会有一个初中生
to his boss and say sir you just took
向他的老板说,先生,你刚刚带走
out a USB stick and put it in there or
取出USB记忆棒并放入其中
you're not going to be charging your
您不会为您的手机充电
phone on the computer system better data
手机在计算机系统上更好的数据
hygiene is it's better data hygiene but
卫生是更好的数据卫生,但
see better data hygiene also requires
看到更好的数据卫生也需要
you to change this challenge social
你改变这个挑战社会
convention in this country you know the
在这个国家的惯例,你知道
reverence for your superior hierarchy
尊敬您的上级
and all of that how that's going to
以及所有这些如何
happen we don't know but it's basically
发生,我们不知道,但是基本上
a thing of training of constant training
不断训练的训练
over and over again in the days ahead
在未来的日子里一遍又一遍
news about current column and the
有关当前专栏和
alleged breach will be in the news till
被指控的违规行为将成为新闻,直到
then do read the article that object has
然后阅读该对象具有的文章
written for us on money control for more
为我们写的关于金钱控制的更多内容
news and updates stay tuned - money
新闻和更新敬请期待-金钱
control calm
控制冷静
 



图为技术

深圳核博会

中国核电网


阅读推荐

正在加载

阅读排行