Cl)? ost

作者/Author(s): Ellen Nakashima and Joseph Menn 

網站來源/Source: The Washington Post 


關鍵字/Keywords: 網路戰 




  • 大約一年前,美國發現了一場名為「伏特颱風」的網路攻擊行動。雖然該組職活動細節非常零碎,但美國安全專家認為伏特颱風」針對印太地區美國基礎設施的網路間諜行動
  • 安全專家推測網路攻擊者將試圖竊取關鍵基礎設施公司員工的身分認證,然後駭進基礎設施系統,並在命令下達時發動攻擊
  • 目前被「伏特颱風」入侵的受害者,大多是美國不太重要的小型公司合組織,但解放軍可能會將目標擴大到更大型、更重要的基礎設施 
  • 解放軍有一份內部文件指出,在衝突中可以將網路工具或 「網路戰」與其他戰爭領域結合起來使用。雖然該文件沒有明確指出是哪一個衝突,但專家認為用在台海戰爭的機率最高
  • 美國官員不認為這些行動是解放軍刻意想要對外展示他們的能力,這些行動都是秘密進行的
  • 美國試圖加強協調政府、專門從事網路威脅檢測的科技公司、和主導國家關鍵基礎設施的私營部門。科技公司看不到網路裡的駭客,但它們可以通過伺服器通訊找出漏洞。 
  • 拜登政府還試圖透過強制性網路安全規則來提高基礎設施提供商的網路防禦能力,但一些公司對這些決定提出抗議,認為此舉已經監管過度
  • 美國政府還與其盟友和私人科技公司合作,了解網路攻擊策略,制定對策與保護措施 
The PLA is improving its capability to disrupt critical US power, water, communications, and transport infrastructures through cyber intrusions. Although the Chinese cyber intrusions have yet to disrupt the infrastructures' daily functions, it may be a way to sow panic or chaos or complicate logistics if a US-China conflict over Taiwan in the Pacific breaks out.

Operation Volt Typhoon 
  • The US detected a cyber campaign called Volt Typhoon around a year ago. Although the details are piecemeal, US security experts suggest Volt Typhoon is a cyber espionage operation focused on US infrastructure in the Indo-Pacific Region. 
  • Security experts hypothesize cyber attackers will try to steal employees' credentials in critical infrastructure companies, then infiltrate the infrastructure's system and launch the attack when the order comes. 
  • The current victims of the Volt Typhoon are small companies and organizations less critical to the US, but the PLA may expand its target to larger and more critical infrastructures. 
  • The PLA has an internal document that states the use of cyber tools or "network warfare," which could be integrated with other warfare domains during a conflict. While it does not specify any conflicts explicitly, experts consider the scenario of the Taiwan invasion as the most plausible. 
  • US officials dismissed the PLA's desire to show off its capabilities because it stealthily conducts these operations. 
US Reactions 
  • The US tries to improve coordination between the government, tech companies specializing in cyber threat detection, and the private sector, which dominates the nation's critical infrastructure. The tech companies may not see the presence of hackers in the network, but they can detect vulnerabilities through server communications. 
  • The Biden administration also seeks to improve the cyber defense capabilities of infrastructure providers through mandatory cybersecurity rules, but some companies protested the decisions, claiming regulatory overreach. 
  • The US government is also working with its allies and private tech companies to understand the cyberattack strategies and devise countermeasures or protections.