美国国家公共电台 NPR 美国遭遇大规模网络攻击 俄罗斯被疑是幕后黑手（在线收听）

In Washington, President Trump keeps pressing baseless claims that his opponents broke into election systems and manipulated votes. However, he has yet to comment on what appears to be a very real hack of U.S. government computer networks, a hack that is just now coming to light. The number of government agencies compromised is growing by the day, and Russia is the strongly suspected culprit. For more, we've called on NPR national security correspondent Greg Myre.

特朗普总统仍在华盛顿坚持毫无根据的言论，即其竞选对手入侵选举系统并操纵选票。不过，他尚未就看似非常真实的美国政府电脑网络遭入侵事件发表评论，这起黑客攻击事件刚刚曝光。遭受损害的政府机构数量与日俱增，人们强烈怀疑俄罗斯是幕后黑手。下面我们来连线NPR新闻的国家安全事务记者格雷格·迈尔，了解详细信息。

Hey, Greg.

你好，格雷格。

GREG MYRE, BYLINE: Hi, Mary Louise.

格雷格·迈尔连线：你好，玛丽·路易丝。

KELLY: So the White House may not want to talk about it, but this has all the hallmarks of a major espionage operation. Will anyone in the U.S. government talk about it?

凯利：白宫可能并不想谈论这个问题，但这具有重大间谍行动的所有特征。美国政府会有人谈论这起事件吗？

MYRE: Not in any detail. And all the signs suggest the government really was blindsided here. The national security community made this huge effort to prevent election interference, and it seems they were pretty successful on that front. But no one seemed to notice that the hackers were present and digging into U.S. government computers for months.

迈尔：没有任何细节。所有迹象都表明政府遭遇了出其不意地攻击。国家安全部门为防止选举干预做出了巨大努力，看来他们在这方面相当成功。但似乎没有人注意到黑客已经在美国政府的电脑里挖掘了数月之久。

And since this story broke on Sunday, the government is addressing it in a very minimal way. Some departments, including the Department of Homeland Security, have acknowledged that computers were breached, but there's been absolute silence from the White House. The government hasn't accused anyone, but cyber analysts say the signs all point to Russia's foreign intelligence service, the SVR, because of the highly sophisticated nature of the attack.

这起事件在上周日曝光后，政府正在以有限的方式解决问题。国土安全部等部门已承认电脑遭遇入侵，但白宫对此仍完全保持沉默。政府没有指控任何人，但网络分析人士表示，所有迹象都指向俄罗斯对外情报机构SVR，因为这次攻击的性质非常复杂。

KELLY: And do we know — you said highly sophisticated. Do we know how widespread this hack has been?

凯利：你刚说非常复杂。那我们知道这次黑客攻击的范围有多广泛吗？

MYRE: Well, it's very widespread. And according to the self-reporting by some government agencies and the media accounts, the hackers got into email systems at the Commerce Department, State Department, Treasury, Pentagon, National Institutes of Health. And there's almost certainly others we haven't yet heard about. So it's a very broad attack. That much seems clear. We don't know how deep. Was this routine email, or was it involving classified systems that are harder to get to? Now, I spoke about this with Glenn Gerstell. He was the general counsel at the National Security Agency for five years before stepping down this year.

迈尔：非常广泛。根据一些政府机构和媒体的自我报告，黑客入侵了美国商务部、国务院、财政部、五角大楼、国家卫生研究院的电子邮件系统。几乎可以肯定还有其他我们还尚未听说的部门也遭遇了入侵。因此，这是一起非常广泛的攻击。这点似乎相当明了。我们不知道程度有多严重。是只涉及日常电子邮件，还是涉及更难到达的机密系统？我就此采访了格伦·格斯特尔。他在今年卸任前曾在国家安全局任总法律顾问5年。

GLENN GERSTELL: It's as if you wake up one morning and suddenly realize that a burglar has been going in and out of your house for the last six months. And you'd have to go back and look at every room to see what was taken, what might have been touched. And, of course, that's just a horrifying thought.

格伦·格斯特尔：就好像你有一天早上醒来，突然意识到在过去的六个月里，有个窃贼不断在你的房子里进进出出。你要回去查看每个房间，看看有什么东西被偷，什么可能被碰过。当然，这是可怕的想法。

KELLY: Horrifying indeed. And it also, Greg, seems to raise questions for the NSA and for others as to how these hackers were able to carry out such a massive intrusion and go undetected for months and months.

凯利：真可怕。格雷格，这似乎也向国家安全局和其他人提出了疑问，即这些黑客是如何进行如此大规模的入侵，并在数月内不被发现的。

MYRE: Yeah. Mary Louise, you know those — that little note you sometimes get when you log onto your computer? It says your software has been updated, maybe by some company you've never heard of. Well, that's apparently what happened here.

迈尔：没错。玛丽·路易丝，你登录电脑时是否有时会收到提示？称你的软件已经更新，也许提示来自某家你从未听说过的公司。很明显这起攻击就是如此。

The case revolves around SolarWinds, a tech company from Austin, Texas. It's not widely known outside the industry, but they work extensively with the government and with many private companies. And they provide these periodic software updates, and they sent out these seemingly routine updates in March and June to about 18,000 customers. The hackers apparently placed their malware on these software updates. And this is what gave them access to all these government and company computer systems.

得克萨斯州奥斯汀市的科技公司“太阳风”是这起攻击的中心。该公司在行业外并不广为人知，但其与政府和多家私营公司存在广泛合作。这家公司定期提供软件更新，并在3月和6月向大约1.8万名客户发送了这些看似例行的更新。很明显，黑客将他们的恶意软件植入了这些软件更新中。因此，他们得以访问所有这些政府和企业的计算机系统。

KELLY: It's just — I mean, it's just mind-blowing. Let me just summarize what you have just told us. You just said 18,000 customers and government departments and private companies may have been hacked, that this has been going on for months and, again, that no one in the government or at these companies seems to have noticed until the last few days.

凯利：这真是令人震惊。我来总结一下你刚才介绍的信息。你刚才提到1.8万名客户、政府部门和私人公司可能遭到黑客攻击，而且攻击持续了数月之久，直到最近，政府或这些公司似乎都没有人发现。

MYRE: That's right. SolarWinds said it provided this 18,000 figure of customers. They said the good news is they think the hackers are focused on a few small targets. The bad news is that they probably focused on the most valuable targets. It's going to take a long time to figure it out, and that's exactly what Glenn Gerstell was telling me.

迈尔：没错。太阳风公司表示，其为1.8万名客户提供服务。该公司称，好消息是他们认为黑客攻击集中在几个小目标上。坏消息是黑客可能将攻击集中在最有价值的目标上。弄清这些需要花费很长时间，格伦·格斯特尔也是这样告诉我的。

GERSTELL: But it is going to be a many month-long process. It is painstaking work to determine exactly what level of penetration there was, what might have been taken, what files may have been accessed in the vast computer system around the world.

格斯特尔：但这将是一个长达数月的过程。要确定世界各地庞大的计算机系统中到底有多大程度的渗透，哪些信息可能被窃取，哪些文件可能被访问，这是一项艰苦的工作。

MYRE: And there's no real playbook about how to respond, so that's going to be the tough question when we get to the end of all this.

迈尔：如何回应尚未有具体策略，因此当一切结束时，这将是一个棘手的问题。

KELLY: All right. Thank you, Greg.

凯利：好。谢谢你，格雷格。

MYRE: My pleasure.

迈尔：不客气。

KELLY: NPR's Greg Myre.

凯利：以上是NPR新闻的格雷格·迈尔带来的报道。