美国国家公共电台 NPR DarkSide组织袭击美国油管 拜登要俄罗斯负责（在线收听）

The White House says it's working closely with a major fuel pipeline operator

白宫表示，他们正在与一家主要燃油管道运营商密切合作，

to restore service that has been shut down since last Friday due to an ongoing ransomware attack.

以恢复自上周五以来因勒索软件攻击而关闭的服务。

The company, Colonial Pipeline, runs a network that stretches for more than 5,000 miles, from Houston to just outside New York City.

殖民管道公司运营着从休斯顿到纽约市外绵延5000多英里的网络。

It supplies close to half of the refined gasoline used on the east coast of the U.S.

这条管道供应美国东海岸近一半的精炼汽油。

For the latest, we're joined now by NPR national security correspondent Greg Myre. Hey, Greg.

NPR新闻国家安全记者格雷格·迈尔将带来最新报道。你好，格雷格。

Hi, Ailsa.

你好，艾尔莎。

OK, so let's start with the pipeline itself. Where do things stand now with this shutdown?

好，我们先从管道本身谈起。该管道已经关闭，现在情况如何？

Well, Colonial Pipeline said that after it learned about the ransomware attack last Friday,

殖民管道公司表示，公司在上周五得知遭遇勒索软件攻击后，

as a precaution, it took all its pipeline systems offline just to contain the threat, make sure it didn't spread.

作为预防措施，已让所有管道系统下线，旨在遏制威胁并确保威胁不会扩散。

Now, the company has begun to restore some smaller systems that feed the main pipelines.

现在该公司已开始恢复为主要管道供电的部分小型系统。

They did this over the weekend. Today they say they hope to substantially restore systems by the end of the week.

他们在上周末开始恢复工作。今天，该公司表示希望在本周末之前恢复系统。

We don't know if the company has or will pay the ransom. But generally, that is what happens.

我们不清楚这家公司是否已经支付赎金，也不知道其是否打算支付赎金。但通常来说，他们会这样做。

And as you noted, these pipelines start in the Gulf outside Houston, Texas.

正如你所说，这些管道始于得克萨斯州休斯顿郊区的海湾地区。

They go east to Georgia, then all the way up the east coast to just outside New York City, going through more than a dozen states.

向东至佐治亚州，之后沿着东海岸一直绵延纽约市郊区，途经十多个州。

Wow. Will this disrupt the gasoline supply on the east coast or make the price of gas go up?

哇哦。这是否会扰乱东海岸的汽油供应，或使汽油价格上涨？

So at a White House briefing today, the official said there is no supply shortage. There's no crisis now.

官员在今天的白宫例行记者会上表示，不存在供应短缺的问题。现在危机已经解除。

Gas prices are averaging about $3 a gallon across the country. We're not seeing any sharp jumps.

美国的汽油价格平均为每加仑3美元。我们并未看到汽油价格飙升的情况。

Because of the pandemic and reduced driving, there really isn't a supply issue right now.

由于疫情和驾驶量减少，现在确实没有出现供应问题。

And the FBI has named the group that's responsible.

联邦调查局指认了要为这起袭击负责的组织。

It's known as DarkSide, and it's an organization that the FBI says it's been following since last October.

该组织名为DarkSide，联邦调查局称他们从去年10月就开始跟踪这个组织。

It's believed to be a private criminal group.

据悉这是一个私人犯罪组织。

Its location is not certain, but many analysts say it does look like it could be coming from Russia.

其位置尚不能确定，但许多分析人士表示，该组织可能来自俄罗斯。

And here's what President Biden had to say.

以下是拜登总统所说。

There is evidence that the actors' ransomware is in Russia. They have some responsibility to deal with this.

有证据表明这些攻击者的勒索软件在俄罗斯。他们有责任处理这起事件。

OK, so the president is pointing towards Russia, but do we even know if there's any link between this group and the Russian government?

好，总统将矛头指向俄罗斯，那我们知道这个组织与俄罗斯政府之间是否存在联系吗？

So at this point, the government and cyber experts say DarkSide is behaving much more like a criminal group that's just interested in money.

目前，政府和网络专家表示，DarkSide组织的行为更像是只对金钱感兴趣的犯罪集团。

It's contacting its victims. It's posting statements on the dark web.

该组织联系受害者。并在暗网上发布声明。

In contrast, a government operation might quietly seek intelligence or try to inflict some damage.

相比之下，政府发动的网络攻击可能会悄悄地寻求情报或试图造成一些损害。

Now, I spoke about DarkSide with Wendi Whitmore at Palo Alto Networks.

我就DarkSide组织采访了帕洛阿尔托网络安全公司的温迪·惠特莫尔。

She says her cybersecurity firm is currently involved in more than 10 separate cases involving DarkSide.

她表示，她所在的网络安全公司目前参与了10多起涉及DarkSide组织的独立事件。

So they're certainly very, very prolific today, and they're quite busy, right?

他们今天肯定非常多产，而且非常忙碌，对吧？

The organizations we have seen them thus far go after most commonly are health organizations or insurance carriers.

到目前为止，我们看到他们最常攻击的是卫生组织或保险公司。

So a pipeline would be something new for the group, she says.

她表示，管道对这个组织来说是个新事物。

But it is in keeping with a tendency to go after larger companies that can pay larger ransoms.

但这也符合一种趋势，即攻击能支付更高赎金的大公司。

And we should note that Russia has allowed these groups to operate freely as long as they keep their attacks abroad.

我们应该指出，只要这些组织攻击国外目标，俄罗斯就允许其自由行动。

OK, so there clearly is a known threat here.

好，很明显现在有一个已知威胁。

But where does that leave us? Like, what are private companies and the government doing to stop this?

那我们应该怎么办？私营企业和政府如何阻止这种情况？

Well, the cyber experts have been literally shouting for years about the risks to critical infrastructure.

网络专家多年来一直呼吁关注关键基础设施面临的风险。

They say the private companies, like Colonial Pipeline, haven't done enough to protect their systems,

他们表示，殖民管道这样的私营公司在保护自己的系统方面做得还不够，

and they say the government needs to do more to identify threats and offer clear guidance to the private sector.

他们认为政府需要采取更多措施来识别威胁，并为私营部门提供明确的指导。

Now, President Biden is pushing very hard for lots of new infrastructure, but this attack shows the need to protect existing infrastructure.

拜登总统正在大力推动建设大量新的基础设施，但这次攻击表明有必要保护现有基础设施。

That is NPR's Greg Myre. Thank you, Greg.

以上是NPR新闻的格雷格·迈尔带来的报道。谢谢你，格雷格。

My pleasure.

不客气。