官方APP下载:英语学习播客(支持苹果手机、安卓手机)
创办于2003年
UNSV记不住?那就记中文谐音“忧安思危”吧!
  Slow and Steady Wins the Race!
UNSV英语学习频道 - Slow and steady wins the race!
公众微信服务号(英语全能特训)
英语全能特训(微信公众服务号)
UNSV英语学习频道淘宝网店
客服短信:18913948480
客服邮箱:web@unsv.com
初级VIP会员
全站英语学习资料下载。
¥98元/12个月

US to Set New Pipeline Rules to Protect Against Cyberattacks

作者:Bryan Lynn 发布日期:5-27-2021

The United States plans to launch new rules designed to protect pipeline companies against increasing cyberattacks.

The action follows a cyberattack earlier this month that shut down a major U.S. fuel pipeline. The outage, involving a 9,000 kilometer pipeline system, led to temporary fuel shortages in some places in the eastern United States.

U.S. officials say new cybersecurity regulations are expected to be issued this week by the Transportation Security Administration (TSA). The TSA oversees the nation's network of pipelines.

The Department of Homeland Security (DHS) said Tuesday that TSA officials had already begun working with private pipeline companies on ways to identify and prevent cyberattacks.

One of the new regulations will require the companies to report cyber threats to the federal government, one official told The Associated Press. Another rule is expected to require pipeline operators to complete a self-examination of their systems for possible vulnerabilities to cyberattacks.

Mark Montgomery is with the Foundation for the Defense of Democracies. He is also the former director of the congressionally supported Cyberspace Solarium Commission.

Montgomery told the AP he sees the expected requirements as "a good step" forward in the fight against cyberattacks. He added that such regulations need to be put in place for non-pipeline companies as well, "so that all our national critical infrastructure is at a higher level."

At a news conference this week, DHS Secretary Alejandro Mayorkas spoke about the ransomware attack that shut down the Colonial Pipeline. He said that kind of attack "is one of the greatest cybersecurity threats that we face in the United States."

In a ransomware attack, online attackers infect the computer systems of organizations and hijack data in a way that leaves it unreadable. The attacker then demands payment in exchange for returning the data to a usable state.

Colonial Pipeline in Georgia said it had paid a ransom of $4.4 million to regain control of its data from the cybercriminals. The Federal Bureau of Investigation has linked the attack to a Russian-speaking criminal group known as DarkSide.

Suzanne Spaulding is a cybersecurity expert with the Center for Strategic and International Studies based in Washington, D.C. She said many companies are still not taking steps to protect themselves.

"There are two kinds of companies in the world, those who have been hacked and those who haven't detected it yet," she told the French press agency AFP.

Spaulding noted one problem is that many countries cannot produce enough computer workers who are trained to deal with serious cyber threats. This shortage drives up pay rates, making it difficult for many organizations to employ quality workers with the right skills.

Private cybersecurity companies have been helpful to organizations facing threats and can also help prevent new attacks. But a new report suggests that publicizing anti-ransomware measures can also help cybercriminals.

The report was published jointly by MIT Technology Review and ProPublica. It details how Romanian cybersecurity company BitDefender announced in January it had found a fix to help companies avoid ransomware attacks by the DarkSide group.

BitDefender said it had discovered a flaw in the ransomware that DarkSide had been using to freeze computer networks of American and European businesses.

But by bringing attention to its fix, BitDefender also let DarkSide know about the flaw, which it was able to quickly repair. The next day, DarkSide declared: "Special thanks to BitDefender for helping fix our issues. This will make us even better."

The fix was quickly confirmed when DarkSide carried out a series of new attacks, including the hijack of Colonial Pipeline's data.

The joint report notes that two other cybersecurity experts had also discovered BitDefender's flaw a month before BitDefender. But those researchers did not publicly announce their finding. Instead, they began secretly reaching out to possible victims to offer help.

I'm Bryan Lynn.

Bryan Lynn wrote this story for VOA Learning English, based on reports from Reuters, The Associated Press, Agence France-Press, MIT Technology Review and ProPublica. Mario Ritter, Jr. was the editor.

We want to hear from you. Write to us in the Comments section, and visit our Facebook page.

Words in This Story

regulation n. an official rule that controls how something is done

vulnerableadj. able to be easily hurt, influenced or attacked

infrastructuren. the basic equipment and structures (such as roads and bridges) that are needed for a country or region

hack n. to use a computer to illegally get into someone else's computer system to read the information that is kept there

detectv. to discover or notice something

flaw n. a mistake or defect

版权所有©2003-2019 南京通享科技有限公司,保留所有权利。未经书面许可,严禁转载本站内容,违者追究法律责任。 互联网经营ICP证:苏B2-20120186
网站备案:苏公网安备 32010202011039号苏ICP备05000269号-1中国工业和信息化部网站备案查询
广播台