三、美国秘密监听不择手段 III. The
United States’ unscrupulous secret surveillance programs
“棱镜”等项目的披露,凸现了美国在互联网时代监听项目多、投入大、范围广、时间长,情报机构、政府和私营企业间在监控上“无缝合作”,其大数据处理能力使得网络监听的广度和深度极大拓展。
The revelations about PRISM and
other programs demonstrate that the U.S. has mounted the most wide-ranging,
costly, long-term surveillance operation in the history of the Internet. The
seamless cooperation among the intelligence agencies, government and the
private sector, with their big-data processing capabilities, allows the
surveillance to extend in scope, seemingly without limit.
1、项目之多、投入之大、范围之广、时间之长,无不是世界之最。
1. The world’s largest, longest,
most costly and wide-ranging surveillance operation
美国情报机构设立的与互联网监控直接相关的项目近十个,涵盖互联网、电信网,不仅有语音电话,也包括各种互联网信息,主要的互联网服务商都囊括在内。
U.S. intelligence has set up a
number of programs that are directly linked to cyberspace surveillance,
covering both the Internet and telecommunications networks, targeting telephone
calls and Internet information, and including the major Internet service
providers.
由美国国家安全局兴建的犹他州大数据中心,是目前世界上最大的数据中心,投入20亿美元,其主要任务是通过秘密监控系统收集数据,然后由密码破译专家、数据挖掘人员、情报分析员进行深度处理后分析运用,以获取有价值的情报。
The Utah Data Center set up by
the NSA is the world’s largest data center, costing 2 billion U.S. dollars to
build. It uses secret surveillance systems to collect vast amounts of data
which is then processed by code-breaking experts, data-mining professionals and
intelligence analysts to obtain useful information.
2013年8月30日《华盛顿邮报》披露的《2013财年国会预算论证》卷1——《国家情报项目摘要》显示:2013年美国情报预算翻番,高达526亿美元;网络行动预算占43亿美元,约占8%,任务显著侧重。自2007年9月11日开始从微软搜集信息算起,直到2012年10月开始从苹果搜集信息,此类美国情报机构与私营机构尤其是主要互联网服务提供商的监控合作,从来没有中断过,迄今已持续6年多时间。
An article in the Washington Post on Aug. 30, 2013,
reported that the budget request of the National Intelligence Program for
fiscal 2013 had doubled to 52.6 billion U.S. dollars, of which spending on
cyber operations accounted for 4.3 billion U.S. dollars, nearly 8 percent of
the total. Surveillance cooperation between U.S. intelligence and private
companies, especially Internet service providers, has never stopped. Microsoft
was the first to sign up to collect data on Sept. 11, 2007, and Apple the most
recent in October, 2012.
德国《明镜》周刊报道了代号为“特等舱”的情报项目:美国、英国、澳大利亚和加拿大的驻外大使馆秘密安装了监控设备,用于截听电子通讯信息。这四个国家和新西兰共同签署了一份情报共享协议。
German newspaper Der Spiegel reported on a surveillance
program codenamed Stateroom, in which the United States, the U.K., Australia and
Canada installed surveillance facilities in their embassies to intercept
information. The four nations have also signed an intelligence sharing
agreement with New Zealand.
2、情报机构、政府、私营企业之间的秘密合作极其深入且愈演愈烈。
2. Secret cooperation among
intelligence agencies, government and the private sector is increasing
美国互联网主要的九大软硬件供应商都提供了很核心的技术支持,特别是微软最早与美国国家安全局合作,开放outlook、hotmail内部接口,甚至在outlook.com的加密系统正式发布之间就已将其提供给美国情报部门。曾声称其加密技术和P2P架构无法被政府“搭线接听”的Skype,在被微软收购后,主动为“搭线窃听”打开“后门”。微软还与情报部门合作,帮助其破解大公司编码,以便能够监控用户;微软经常在漏洞发布前告知情报机构,使他们能够利用时间差发起远程漏洞攻击。
The nine major U.S. software and
hardware providers offer core technology support to U.S. intelligence.
Microsoft, the earliest to work with the NSA, opened its Outlook and Hotmail
systems to the agency, going so far as to show intelligence agencies how to
circumvent encryption of Outlook chat messages before the product was
officially launched. Skype, which used to claim that its encryption technology
and P2P system could prevent governments from eavesdropping, offered a “backdoor”
to the NSA after being bought by Microsoft. Microsoft also worked with U.S.
intelligence to help crack the security systems of major companies in order to
keep a watch on their customers. It also informed intelligence agencies before
publishing details of bugs, so as to give them the opportunity to launch remote
attacks.
3、利用强大的大数据处理和运用能力大幅提升监控范围和深度。
3. Ramping up the range and depth
of surveillance through big-data processing capabilities
2012年3月,奥巴马政府将大数据战略上升为最高国策,认为大数据是“未来的新石油”,将对数据的占有和控制,作为陆权、海权、空权之外的另一种国家核心能力。而“棱镜”项目与美国大数据战略有着必然联系。美国国家安全局拥有一种名为“无边界情报员”系统,这套系统以30天为周期,可以从全球网络系统中接收到970亿条信息,再通过比对信用卡或通讯纪录等方式,能几近真实地还原个人的实时状况。
The Obama administration made big
data strategy a national priority in March 2012. It argued that “big data is
the new oil”, and that domination and control of data would become a national
core capacity, alongside land, sea and air power. The PRISM project is closely
associated with big data. The NSA also has a system codenamed Boundless
Informant, which can track anyone’s activity almost in real time by collecting
97 billion Internet data records during each 30-day period and matching them
against credit card and communication records.
4、美国情报机构一直致力于或明或暗地寻找其国内法律漏洞,突破法律限制,谋求从源头和根本上控制网络信息。
4. U.S. intelligence is seeking
legal loopholes to overcome legal restraints and take full control of Internet
information
“9·11”事件后,美国为了弥补通信情报收集的不足,开始建立监控项目的总统授权。2001年10月4日,布什总统颁布授权备忘录,“在一定时期内开展特定电子监控行动”。此后,总统授权中的“国内收集”甚至一度被解释为允许对国内信息包括美国境内和美国人的通信信息进行收集。其后数年间,美国国内就这类行政命令的效力、范围和法律依据产生争议。但总体上,美国总统与国家安全局、联邦调查局、司法部等机构就针对外国目标收集信息的法律说明逐渐趋于一致。
The United States used
presidential decrees to authorize additional information collection in the wake
of the 9/11 terrorist attacks. On Oct. 4, 2001, President George W. Bush signed
a memorandum to authorize specific surveillance actions over a limited period.
Since then, “domestic collection” authorized by the President had been
interpreted as the greenlight to gather information from U.S. citizens and
people inside the United States. Although debates have subsequently arisen
concerning the legitimacy, scope and legal basis of presidential executive
orders, the White House, NSA, FBI, and the Department of Justice have reached a
consensus on the legality of gathering information on foreign targets.
2006年5月24日,国外情报监视委员会彻底改变了对《爱国者法案》第215条内容的解读方式,允许联邦调查局与国家安全局分享与恐怖事件调查相关的“商业纪录”,包括电话公司的电话纪录。自此,美国政府每3个月向大型电话公司下达数据索取命令。
On May 24, 2006, the secret
Foreign Intelligence Surveillance Court completely redefined the interpretation
of Section 215 of the Patriot Act,
allowing the FBI and the NSA to share “business records” relevant to terrorist
attacks, including the calls databases of telephone companies. Since then, the
U.S. government has demanded data from major telephone companies every three
months.
2012年10月,奥巴马签署一项名为《美国网络作战政策》的总统指令,要求美国国家安全和情报官员制定一份美国可以进行网络攻击的目标名单。同时,指令规定,为实现美国在全世界的国家安全目标,美国可以动用独特的和非常规的武力,在事先不进行任何警告的情况下发动攻击。
In October 2012, President Obama
signed Presidential Policy Directive 20,
ordering America’s national security and intelligence officials to draw up a
list of potential overseas targets for U.S. cyber-attacks. The directive also
stated that what it called Offensive Cyber Effects Operations (OCEO) offered
unique, unconventional capabilities to advance U.S. national objectives around
the world, giving little or no warning to potential adversaries or targets.
荷兰《新鹿特丹商报》称,斯诺登披露的文件显示,美国国家安全局利用五种收集方式,在全球范围内开展情报收集行动。一份2012年的档案文件显示,五类情报收集方式包括:第三方/联络,即由美国国家安全局国际合作伙伴提供数据,其合作伙伴包括约30多个国家;区域获取,即以80多个区域为基础的专门收集服务行动,该行动是由美国国家安全局和中央情报局在黑色预算支持下开展的;网络入侵,该活动由美国国家安全局下属的获取特定情报行动办公室执行,已经在全球超过5万台计算机中植入了窃取敏感信息的恶意软件,主要目标为中国、俄罗斯、巴西、埃及、印度、墨西哥、沙特阿拉伯及东欧部分地区;大型电缆,即通过20个大型电缆主要节点获取信息,这些节点大多数位于美国境内;外国卫星情报收集,即拦截外国卫星处理的数据,如英国、挪威和日本。
The Dutch newspaper NRC Handelsblad reported that leaks by
Snowden show the NSA collects intelligence around the world in five ways. A
document dating from 2012 lists the collection approaches as: data provided by
the third-parties, i.e. international partners of the NSA in more than 30
countries; regional collection by Special Collection Service (SCS)
installations that gather intelligence in more than 80 regions, and are part of
a joint CIA-NSA program funded by a secret budget; computer network hacking
carried out by a special NSA department that implants malicious software to steal
sensitive information from 50,000 computers worldwide -- the major targets
being China, Russia, Brazil, Egypt, India, Mexico, Saudi Arabia and countries
in Eastern Europe; tapping into the fiber optic cables that transport Internet
traffic between continents at 20 major locations, mostly inside the United
States; and finally, intercepting data from foreign satellite communications in
countries such as Britain, Norway and Japan.
“棱镜”事件反映出美国以国家安全局为主的情报机构,实施互联网信息监控和信息获取的主要手段和方法有以下三种:
The PRISM scandal revealed that
intelligence agencies, led by the NSA in the United States, use three major
approaches to conduct Internet surveillance and data collection.
——从光缆获取世界范围内的数据。全球的通信流量大部分经过美国,目标数据流可以很容易流入或流经美国。美国国家安全局与国防部等机构在2003年与美国环球电讯公司签署《网络安全协议》,此后的10年间,又与更多的电讯公司签署了类似协议。这些协议规定,电讯企业要在美国本土建立“网络运行中心”,美国政府官员可以在发出警告半小时内进入查访。与此同时,美国的盟友英国、加拿大等也为其提供光缆监听情报。
– Obtaining data worldwide from
fiber optic cables. Most data flows pass through the United States, so
targeting data streams is a simple matter. The NSA, the Department of Defense
and other departments signed a “Network Security Agreement” in 2003 with the
telecommunication company Global Crossing. Over the following decade, the
United States signed similar agreements with other telecommunication operators.
The agreements required the companies to build “Network Operations Centers” on
the U.S. soil that could be visited by government officials with 30 minutes of
warning. Allies such as Britain and Canada also agreed to provide the United
States with fiber optic cable intelligence.
——直接进入互联网公司的服务器和数据库获取。“棱镜”项目相继与微软、雅虎、谷歌、脸谱、PalTalk、YouTube、Skype、AOL和苹果等9家互联网公司合作,大多数情况下,数据会通过这些公司的服务器以电子方式传输给政府,有时一些公司的服务器还会建立独立安全入口,以便于政府由此调取信息。情报人员可以直接进入上述公司的服务器和数据库获取数据,内容包括电子邮件、即时消息、视频、照片、存储数据、语音聊天、文件传输、视频会议、登录时间和社交网络资料等10类信息,甚至可以直接监控用户网络搜索内容。
– Getting direct access to
Internet companies’ servers and databases to retrieve intelligence. The PRISM
program cooperated with nine internet companies – Microsoft, Yahoo, Google,
Facebook, PalTalk, YouTube, Skype, AOL and Apple. The companies normally
delivered data to the government electronically. Some companies established
independent security access to make it easier for government agencies to
extract intelligence. The intelligence agents would access the companies’
servers and databases to collect emails, instant messages, videos, photos,
stored data, voice chat, file transfers, video conferences, login times and
social network profiles. They were even able to monitor users’ Internet
searches.
——美国国家安全局的特别机构主动、秘密、远程入侵获取。美国国家安全局早在1997年就下设“获取特定情报行动办公室”,其主要任务是通过秘密入侵目标计算机和电信系统、破译密码、攻破受保护目标计算机的安全系统等,窃取存储在目标计算机中的数据,然后复制目标邮件系统中的所有信息和通过的数据流量,来获取境外目标的情报。美国国家安全局描述这一系列行动的技术术语是“计算机网络漏洞利用侦察”,其实质就是网络攻击窃密。
– An NSA special unit was able to
obtain intelligence secretly and remotely by hacking. The agency created the
Office of Tailored Access Operations (TAO) as early as 1997. Its main task is
to hack target computers and telecommunication systems, crack passwords and
security systems, steal data from the target computers, copy information from
email systems and track data flows to acquire intelligence on foreign targets.
The NSA refers to these activities using the technical term “Computer Network
Exploitation” (CNE), but they boil down to cyber-attacks and theft of secrets. |