Why Covid-19 Is a Gift for Cyber Criminals

为何说新冠肺炎是网络罪犯“良机”

 

A few weeks ago I took part in a webinar designed to help US Hispanic-led businesses survive the economic shock of Covid-19. One of the speakers at this “Hispanic Recovery” event was Jesus Mantas, an IBM executive, who issued a heartfelt warning.

 

几周前，我参加了一场网络研讨会，这场研讨会旨在帮助美国由拉美裔人士领导的企业挺过新冠肺炎造成的经济冲击。这场“拉美裔复苏”活动中的发言者之一是国际商用机器公司高管赫苏斯·曼塔斯，他发出了衷心的警告。

 

Levels of cyber crime had multiplied recently, he said, pointing to “a 6,000 per cent increase in Covid-related spam” at the height of the pandemic. He went on to cite some chilling examples. One was of an email dispatched to people who “are desperate for PPP [the US Paycheck Protection Program]. It installs malware into their computers, steals all their information [and] says, ‘If you don’t pay us a ransom we will infect you and your family with Covid-19,’” he explained.

 

他说最近网络犯罪的数量迅速增加，他指出，在疫情最严重的时候，“新冠肺炎相关垃圾邮件增加了60倍”。接着，他列举了一些可怕的例子。其中一个例子是有一封电子邮件发给“渴望加入PPP（美国薪酬保护计划）”的人。他解释说：“它会在那些人的电脑里安装恶意软件，窃取他们的所有信息，（并且）声称：‘如果你不付给我们赎金，我们就会让你和你的家人感染新冠肺炎。’”

 

Another “pretends to be from the World Health Organization and is installed to grab every single thing you do to your computer”. His conclusion? “Cyber crime is one of the fastest-growing businesses right now.”

 

还有一封电邮“假装来自世界卫生组织，目的是抓取你在电脑上进行的每一项操作”。他的结论？“网络犯罪是目前发展最快的行当之一。”

 

But, as Mantas says, the more striking trend is the explosion of attacks on businesses and individuals. And although minorities in the US, who may be less informed about the risks and more nervous about approaching the authorities, seem particularly vulnerable, the onslaught is being felt by almost everyone, almost everywhere.

 

然而，如曼塔斯所说，更引人注目的趋势是对企业和个人的攻击迅速增加。美国的少数族群可能对风险了解较少，并且对于找当局沟通感到更紧张，因而他们似乎尤其脆弱，但几乎所有人、所有地方都正感受到攻击。

 

As Echo, the EU’s cyber security network, recently pointed out, Covid-19 has left many of us so distracted and disoriented that our defences are down, even as we are more dependent than ever on all things digital.

 

欧盟的“回声”网络安全系统最近指出，正当我们比以往任何时候都更加依赖数字技术时，新冠肺炎令我们中的许多人心烦意乱、六神无主，以至于我们的防御能力下降了。

 

“This pandemic offers cyber attackers unique opportunities to leverage existing attack tactics, techniques and procedures to exploit new opportunities,” Echo notes, before identifying “a massive increase of employees working from home, children using home computers for schooling, as well as the human factor and emotions caused by the pandemic”, as issues that are increasing risk levels.

 

“回声”系统指出：“这场大流行病为网络攻击者提供了独特的时机，让他们可以利用现有攻击手段、技术和步骤来抓住新机会。”该系统随后称，“居家办公的员工和利用家中电脑接受学校教育的孩子大幅增加以及这场大流行病导致的人为因素和情绪”是令风险加大的问题。

 

Microsoft has recently unveiled measures to prevent a spate of hacker attacks on companies via its Office program. These typically use phishing messages with terms such as “Covid-19 Bonus”, the company said. Meanwhile, the cyber-investment group Option3Ventures tells me it has seen an explosion in attacks on hospitals, often using a Covid-19 tag.

 

微软公司最近公布了一些措施，目的是防止黑客通过它的Office程序对企业展开一连串攻击。该公司说，这些攻击通常使用包含“新冠肺炎奖金”等字眼的网络钓鱼信息。与此同时，从事网络投资的“第三选择”投资公司告诉我，它发现针对医院的攻击急剧增加，这些攻击常使用新冠肺炎标签。

 

What should we conclude from this profoundly depressing trend, other than that for cyber criminals to attack vulnerable people now is truly callous? First, these attacks should remind us all that we still do not really understand the many second-order effects of the Covid-19 horrors. Long after the medical shock of the disease dies down we will be counting the other forms of collateral damage, cyber hacks being one.

 

除了网络罪犯现在攻击脆弱人群的行为真的很冷酷无情之外，我们应该从这种令人极度沮丧的趋势中得出什么结论呢？首先，这些攻击应该提醒我们所有人，我们仍然没有真正了解新冠肺炎可怕经历所带来的许多次级效应。在这种疾病造成的医疗冲击减弱很久以后，我们仍将盘点其他形式的附带损害，网络攻击就是其中之一。

 

Another lesson revolves around the issue of what economists might describe as “extreme information asymmetry” – the fact that we all rely heavily on processes that only a tiny minority of experts actually understand, be that in medicine, finance or cyberspace. In normal times, we usually quite happily ignore these asymmetries and dependencies. We live our lives, in other words, with extreme levels of blind faith in the safety of systems, and assume they will protect us, even though we are ill-equipped to check that.

 

另一个教训围绕经济学家可能会称之为“极端信息不对称”的问题，即我们都严重依赖一些只有极少数专家真正了解的过程，无论是在医学、金融还是网络空间领域。在正常时期，我们通常乐得忽略这些不对称和依赖。换句话说，我们在生活中极其盲目地相信系统的安全，认为它们会保护我们，尽管我们没有足够的能力去检验这一点。

 

However, Covid-19 has revealed the folly of assuming that medical systems – or digital experts – will always protect us: unless we all make more effort to understand pandemics, they are more difficult to fight. It should also remind us of the risks of putting excessive levels of trust in those experts – and networks – that we find even harder to comprehend.

 

然而，新冠肺炎揭示出，认为医疗系统或数字专家将一直保护我们的想法十分愚蠢：除非我们大家都更加努力了解大流行病，否则对抗它们会更难。它还应该提醒我们注意过度信任那些我们觉得更难理解的专家和网络的风险。

 

All of us need to close the “asymmetries” in our understanding of digital technology – something that we are relying on even more in the age of Covid-19.

 

我们大家都需要缩小我们对数字技术了解上的“不对称”，数字技术可是我们当前在新冠肺炎时代更加依赖的东西。

英文、中文版本下载：http://www.yingyushijie.com/shop/source/detail/id/2368.html