在线广播

您现在的位置：首页 > 在线广播 > VOA慢速英语 > VOA慢速-新闻杂志 > 正文

美国官员商讨是否为勒索软件交赎金?

时间:2021-06-29 09:43:00 来源:可可英语编辑:clover 可可英语APP下载 | 可可官方微信:ikekenet

字号：大 | 中 | 小

打印

收藏本文

American business leaders are looking for advice on how to deal with ransomware - a kind of software designed to seize a computer system until money is paid.
美国商界领袖正在寻求有关如何应对勒索软件的建议，勒索软件是一种用来侵占计算机系统直到用户缴纳赎金的软件。

The question is whether payments should be made for ransomware attacks.
问题在于是否应该为勒索软件的攻击付赎金。

But the U.S. government has not yet given clear rules or policies on the issue.
但是美国政府尚未就这一问题出台明确规定或政策。

Eric Goldstein is a top cybersecurity official in the Department of Homeland Security.
埃里克·戈德斯坦（Eric Goldstein）是美国国土安全部的高级网络安全官员。

Goldstein told a congressional hearing last week, "It is the position of the U.S. government that we strongly discourage the payment of ransoms."
戈德斯坦上周在国会听证会上表示：“美国政府的立场是，我们强烈反对支付赎金。”

Discourage means to try to make people not want to do something.
“Discourage”指设法让人不想做某事。

Goldstein told lawmakers that paying a ransom does not guarantee that you will get your data back or that stolen files will be safe.
戈德斯坦对议员表示，支付赎金无法保证拿回数据或确保被盗文件的安全。

He added even if the criminals keep their word, the money will be used to pay for the next round of attacks.
他还表示，即使犯罪分子信守承诺，这笔钱也将被用于下一轮的攻击。

But current laws do not punish business for making ransomware payments.
但是现有法律并不会对支付勒索软件赎金的企业实施惩罚。

Refusing to make the payments would be bad for businesses, however, especially for small and medium-sized companies.
然而，拒绝支付赎金对企业不利，尤其是对中小企业而言。

And the effect of non-payment could be serious for the U.S. itself.
对美国自身而言，不付赎金也可能会面临严重影响。

Recent well-known ransomware attacks led to a shortage and high gas prices in the eastern U.S. and threatened the nation's meat supplies.
近来著名的勒索软件攻击导致美国东部地区出现石油短缺和高油价，以及威胁到美国的肉类供应。

The issue has left public officials searching for an answer.
这个问题迫使政府官员一直在寻求解决方案。

Congress is now looking at legislation requiring immediate reporting of ransomware attacks to federal officials.
美国国会现在正在考虑立法，要求立即向联邦官员报告勒索软件攻击。

The idea is that such reporting would help identify those responsible and even help get back some of the ransom money.
他们的初衷是报告将有助于确定责任人，甚至有助于追回部分赎金。

Recently, U.S. law enforcement recovered most of the $4.4 million that Colonial Pipeline paid to a gang of criminal hackers called DarkSide.
最近，美国执法官员追回了科洛尼尔管道公司支付给一家名为DarkSide的黑客犯罪团伙的440万美元中的大部分资金。

That was the first time the U.S. government has said that it had recovered money from the Russia-based gang.
这是美国政府首次声称从这个俄罗斯团伙手中追回资金。

Last week, U.S. President Joe Biden met with Russian President Vladimir Putin in Geneva to talk about several issues including cybersecurity.
上周，美国总统拜登在日内瓦会见了俄罗斯总统普京，讨论了包括网络安全在内的几大问题。

Biden said he gave Putin a list of 16 "critical infrastructure" items, including energy and water systems, that are considered off-limits to criminal activities.
拜登称，他给普京提供了一份名单，其中有16个包括能源和供水系统在内的关键基础设施项目，这些项目被视为犯罪活动禁区。

Without additional action soon, however, experts say ransomware attacks will continue to increase.
然而专家表示，如果不立即采取其他行动，勒索软件攻击将会继续增加。

U.S. Energy Secretary Jennifer Granholm said this month that she supports banning payments.
美国能源部长詹妮弗·格兰霍姆（Jennifer Granholm）本月表示，她支持禁止支付赎金。

But she did not know whether Congress or the president would.
但是她不知道国会和总统的想法是否一致。

Some of the strongest supporters of a payment ban are those who know ransomware criminals best — cybersecurity experts.
一些坚定地支持赎金禁令的人士是最了解勒索软件犯罪分子的网络安全专家。

Lior Div is the head of Boston-based Cybereason.
里尔·迪福（Lior Div）是总部位于波士顿的Cybereason公司的负责人。

He compared ransomware criminals to digital-age terrorists. "It is terrorism in a different form, a very modern one," Div said.
他将勒索软件犯罪分子比作数字时代的恐怖分子。他说：“这是一种另类的、非常现代的恐怖主义。”

A 2015 British law forbids United Kingdom-based insurance firms from paying back companies for terrorism ransom payments.
一项2015年出台的英国法律禁止总部位于英国的保险公司为支付恐怖主义赎金的公司进行理赔。

Some believe this idea should be applied to ransomware payments.
有人认为这一法律应该也适用于勒索软件赎金。

Adrian Nish is the threat intelligence chief at BAE Systems.
埃德里安·尼斯（Adrian Nish）是BAE Systems公司的威胁情报主管。

Nish noted that "terrorists stopped kidnapping people because they realized that they weren't going to get paid."
尼斯指出，“恐怖分子不再绑架人质，因为他们意识到此举拿不到赎金。”

U.S. law forbids material support for terrorists, but the Justice Department in 2015 waived the threat of criminal prosecution for citizens who pay terrorist ransoms.
美国法律禁止向恐怖分子提供物质支持，但是美国司法部在2015年撤回了对支付恐怖主义赎金的公民提起刑事诉讼的威胁。

Some ransomware victims have refused to make payments at a high cost.
一些勒索软件受害人拒绝支付高额赎金。

One is the University of Vermont Health Network, where the bill for recovery and lost services after an October attack was around $63 million.
其中一位受害者是佛蒙特大学健康网络，在10月份遭受攻击后，恢复服务和丢失服务的总损失约为6300万美元。

Ireland, too, refused to negotiate when its national healthcare service was hit last month.
爱尔兰国家医疗保健服务在上个月受到攻击后也拒绝进行谈判。

Five weeks later, healthcare information technology in the nation of 5 million remains badly damaged.
5周后，这个拥有500万人口的国家的医疗保健信息技术仍然严重受损。

Most ransomware victims end up paying. Insurance company Hiscox says over 58 percent of its affected customers pay the ransom.
大多数勒索软件受害者最终会支付赎金。Hiscox保险公司表示，超过58%的受影响客户支付了赎金。

And leading cyber insurance company Marsh McLennan says about 60 percent of its affected U.S. and Canadian customers pay theirs.
领先的网络保险公司Marsh McLennan表示，其受影响的美国和加拿大客户中约有60%付了赎金。

But paying does not guarantee anything near full recovery.
但是支付赎金并不能保证服务能完全恢复。

In a study of 5,400 technology decision-makers from 30 countries, the cybersecurity company Sophos found that on average,
网络安全公司 Sophos 对来自30个国家的5400名技术决策者进行了研究，

ransom-payers got back just 65 percent of the encrypted data.
他们发现，支付赎金者平均只拿回了 65% 的加密数据。

In a separate study of nearly 1,300 security professionals, cybersecurity company Cybereason found that
网络安全公司 Cybereason 在一项针对近1300名安全专家的另一项研究中发现，

4 in 5 businesses that chose to pay ransoms suffered a second ransomware attack.
有五分之四选择支付赎金的企业遭受了第二次勒索软件攻击。

I'm John Russell.
约翰·罗塞尔为您播报。

手机扫描二维码查看全部内容

US Officials Considering How to Deal with Ransomware Payments

American business leaders are looking for advice on how to deal with ransomware - a kind of software designed to seize a computer system until money is paid.

The question is whether payments should be made for ransomware attacks. But the U.S. government has not yet given clear rules or policies on the issue.

How to respond?

Eric Goldstein is a top cybersecurity official in the Department of Homeland Security. Goldstein told a congressional hearing last week, "It is the position of the U.S. government that we strongly discourage the payment of ransoms." Discourage means to try to make people not want to do something.

Goldstein told lawmakers that paying a ransom does not guarantee that you will get your data back or that stolen files will be safe. He added even if the criminals keep their word, the money will be used to pay for the next round of attacks.

But current laws do not punish business for making ransomware payments. Refusing to make the payments would be bad for businesses, however, especially for small and medium-sized companies. And the effect of non-payment could be serious for the U.S. itself.

Recent well-known ransomware attacks led to a shortage and high gas prices in the eastern U.S. and threatened the nation's meat supplies. The issue has left public officials searching for an answer.

美国官员商讨是否为勒索软件交赎金？.jpg

Congress is now looking at legislation requiring immediate reporting of ransomware attacks to federal officials. The idea is that such reporting would help identify those responsible and even help get back some of the ransom money.

Recently, U.S. law enforcement recovered most of the $4.4 million that Colonial Pipeline paid to a gang of criminal hackers called DarkSide. That was the first time the U.S. government has said that it had recovered money from the Russia-based gang.

Last week, U.S. President Joe Biden met with Russian President Vladimir Putin in Geneva to talk about several issues including cybersecurity. Biden said he gave Putin a list of 16 "critical infrastructure" items, including energy and water systems, that are considered off-limits to criminal activities.

Without additional action soon, however, experts say ransomware attacks will continue to increase.

Cybersecurity experts

U.S. Energy Secretary Jennifer Granholm said this month that she supports banning payments. But she did not know whether Congress or the president would.

Some of the strongest supporters of a payment ban are those who know ransomware criminals best — cybersecurity experts.

Lior Div is the head of Boston-based Cybereason. He compared ransomware criminals to digital-age terrorists. "It is terrorism in a different form, a very modern one," Div said.

A 2015 British law forbids United Kingdom-based insurance firms from paying back companies for terrorism ransom payments. Some believe this idea should be applied to ransomware payments.

Adrian Nish is the threat intelligence chief at BAE Systems. Nish noted that "terrorists stopped kidnapping people because they realized that they weren't going to get paid."

U.S. law forbids material support for terrorists, but the Justice Department in 2015 waived the threat of criminal prosecution for citizens who pay terrorist ransoms.

Standing up against attacks

Some ransomware victims have refused to make payments at a high cost.

One is the University of Vermont Health Network, where the bill for recovery and lost services after an October attack was around $63 million.

Ireland, too, refused to negotiate when its national healthcare service was hit last month. Five weeks later, healthcare information technology in the nation of 5 million remains badly damaged.

Most ransomware victims end up paying. Insurance company Hiscox says over 58 percent of its affected customers pay the ransom. And leading cyber insurance company Marsh McLennan says about 60 percent of its affected U.S. and Canadian customers pay theirs.

But paying does not guarantee anything near full recovery. In a study of 5,400 technology decision-makers from 30 countries, the cybersecurity company Sophos found that on average, ransom-payers got back just 65 percent of the encrypted data.

In a separate study of nearly 1,300 security professionals, cybersecurity company Cybereason found that 4 in 5 businesses that chose to pay ransoms suffered a second ransomware attack.

I'm John Russell.

JS%#ED^Z|Y,j*mZkSiX1]v9geKun|UYf5idBQM22);WOc~&qq

上一页 [1] [2] [3] 下一页 查看《VOA慢速-新闻杂志》更多内容>>

保存到QQ日志登录QQ空间

重点单词		查看全部解释
additional	[ə'diʃənl]	想一想再看 adj. 附加的，另外的
payment	['peimənt]	想一想再看 n. 支付，付款，报偿，报应
ransom	['rænsəm]	想一想再看 n. 赎金，赎身，赎回	联想记忆 X 单词ransom 联想记忆： ran跑，som＝some：抢到some赎金就ran
intelligence	[in'telidʒəns]	想一想再看 n. 理解力，智力 n. 情报，情报工作，情报	联想记忆 X 单词intelligence 联想记忆： intel在…中间+lig选择，收集+ence→从中选出好的→智力；聪明
threat	[θret]	想一想再看 n. 威胁，凶兆 vt. 威胁, 恐吓
separate	['sepəreit]	想一想再看 n. 分开，抽印本 adj. 分开的，各自的，
immediate	[i'mi:djət]	想一想再看 adj. 立即的，即刻的，直接的，最接近的	联想记忆 X 单词immediate 联想记忆： im无+med中间+iate→无中间→即刻的；直接的
prosecution	[.prɔsi'kju:ʃən]	想一想再看 n. 实行，经营，起诉	联想记忆 X 单词prosecution 联想记忆： pro前，secu跟随，tion：跟随你，发现你的罪行－检举
recovery	[ri'kʌvəri]	想一想再看 n. 恢复，复原，痊愈
marsh	[mɑ:ʃ]	想一想再看 n. 沼泽，湿地 Marsh：马什（人名）	联想记忆 X 单词marsh 联想记忆：读：妈湿－能使妈妈湿的地方－沼泽。