-
(单词翻译:双击或拖选)
The United States plans to launch new rules designed to protect pipeline1 companies against increasing cyberattacks.
The action follows a cyberattack earlier this month that shut down a major U.S. fuel pipeline. The outage, involving a 9,000 kilometer pipeline system, led to temporary fuel shortages in some places in the eastern United States.
U.S. officials say new cybersecurity regulations are expected to be issued this week by the Transportation Security Administration (TSA). The TSA oversees2 the nation's network of pipelines3.
The Department of Homeland Security (DHS) said Tuesday that TSA officials had already begun working with private pipeline companies on ways to identify and prevent cyberattacks.
One of the new regulations will require the companies to report cyber threats to the federal government, one official told The Associated Press. Another rule is expected to require pipeline operators to complete a self-examination of their systems for possible vulnerabilities to cyberattacks.
Mark Montgomery is with the Foundation for the Defense4 of Democracies. He is also the former director of the congressionally supported Cyberspace5 Solarium Commission.
Montgomery told the AP he sees the expected requirements as "a good step" forward in the fight against cyberattacks. He added that such regulations need to be put in place for non-pipeline companies as well, "so that all our national critical infrastructure6 is at a higher level."
At a news conference this week, DHS Secretary Alejandro Mayorkas spoke7 about the ransomware attack that shut down the Colonial Pipeline. He said that kind of attack "is one of the greatest cybersecurity threats that we face in the United States."
In a ransomware attack, online attackers infect the computer systems of organizations and hijack9 data in a way that leaves it unreadable. The attacker then demands payment in exchange for returning the data to a usable state.
Colonial Pipeline in Georgia said it had paid a ransom8 of $4.4 million to regain10 control of its data from the cybercriminals. The Federal Bureau of Investigation11 has linked the attack to a Russian-speaking criminal group known as DarkSide.
Suzanne Spaulding is a cybersecurity expert with the Center for Strategic and International Studies based in Washington, D.C. She said many companies are still not taking steps to protect themselves.
"There are two kinds of companies in the world, those who have been hacked13 and those who haven't detected it yet," she told the French press agency AFP.
Spaulding noted14 one problem is that many countries cannot produce enough computer workers who are trained to deal with serious cyber threats. This shortage drives up pay rates, making it difficult for many organizations to employ quality workers with the right skills.
Private cybersecurity companies have been helpful to organizations facing threats and can also help prevent new attacks. But a new report suggests that publicizing anti-ransomware measures can also help cybercriminals.
The report was published jointly16 by MIT Technology Review and ProPublica. It details how Romanian cybersecurity company BitDefender announced in January it had found a fix to help companies avoid ransomware attacks by the DarkSide group.
BitDefender said it had discovered a flaw in the ransomware that DarkSide had been using to freeze computer networks of American and European businesses.
But by bringing attention to its fix, BitDefender also let DarkSide know about the flaw, which it was able to quickly repair. The next day, DarkSide declared: "Special thanks to BitDefender for helping17 fix our issues. This will make us even better."
The fix was quickly confirmed when DarkSide carried out a series of new attacks, including the hijack of Colonial Pipeline's data.
The joint15 report notes that two other cybersecurity experts had also discovered BitDefender's flaw a month before BitDefender. But those researchers did not publicly announce their finding. Instead, they began secretly reaching out to possible victims to offer help.
Words in This Story
regulation – n. an official rule that controls how something is done
vulnerable – adj. able to be easily hurt, influenced or attacked
infrastructure – n. the basic equipment and structures (such as roads and bridges) that are needed for a country or region
hack12 – n. to use a computer to illegally get into someone else's computer system to read the information that is kept there
detect – v. to discover or notice something
flaw – n. a mistake or defect
收听单词发音 |
1
pipeline
|
|
| n.管道,管线 | |
参考例句: |
|
|
|
|
2
oversees
|
|
| v.监督,监视( oversee的第三人称单数 ) | |
参考例句: |
|
|
|
|
3
pipelines
|
|
| 管道( pipeline的名词复数 ); 输油管道; 在考虑(或规划、准备) 中; 在酿中 | |
参考例句: |
|
|
|
|
4
defense
|
|
| n.防御,保卫;[pl.]防务工事;辩护,答辩 | |
参考例句: |
|
|
|
|
5
cyberspace
|
|
| n.虚拟信息空间,网络空间,计算机化世界 | |
参考例句: |
|
|
|
|
6
infrastructure
|
|
| n.下部构造,下部组织,基础结构,基础设施 | |
参考例句: |
|
|
|
|
7
spoke
|
|
| n.(车轮的)辐条;轮辐;破坏某人的计划;阻挠某人的行动 v.讲,谈(speak的过去式);说;演说;从某种观点来说 | |
参考例句: |
|
|
|
|
8
ransom
|
|
| n.赎金,赎身;v.赎回,解救 | |
参考例句: |
|
|
|
|
9
hijack
|
|
| v.劫持,劫机,拦路抢劫 | |
参考例句: |
|
|
|
|
10
regain
|
|
| vt.重新获得,收复,恢复 | |
参考例句: |
|
|
|
|
11
investigation
|
|
| n.调查,调查研究 | |
参考例句: |
|
|
|
|
12
hack
|
|
| n.劈,砍,出租马车;v.劈,砍,干咳 | |
参考例句: |
|
|
|
|
13
hacked
|
|
| 生气 | |
参考例句: |
|
|
|
|
14
noted
|
|
| adj.著名的,知名的 | |
参考例句: |
|
|
|
|
15
joint
|
|
| adj.联合的,共同的;n.关节,接合处;v.连接,贴合 | |
参考例句: |
|
|
|
|
16
jointly
|
|
| ad.联合地,共同地 | |
参考例句: |
|
|
|
|
17
helping
|
|
| n.食物的一份&adj.帮助人的,辅助的 | |
参考例句: |
|
|
|
购买
在百度中搜索