30行代碼如何摧毀一臺27噸的發電機

{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"摘要："},{"type":"text","text":"本文內容摘錄自《沙蟲：網絡戰的新時代，追剿克里姆林宮最危險的黑客》一書，介紹了2007年在愛達荷國家實驗室開展的一次黑客攻擊發電機的實驗。此次實驗表明了網絡攻擊物理世界的潛在可能性，不僅可以對受害者的工作造成暫時性破壞，還可以損毀一些最關鍵的設備以至於無法修復。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"正文："}]},{"type":"image","attrs":{"src":"https:\/\/static001.geekbang.org\/resource\/image\/ef\/ff\/ef56ea04412bd1af2a28a23095d01fff.png","alt":null,"title":"","style":[{"key":"width","value":"75%"},{"key":"bordertype","value":"none"}],"href":"","fromPaste":false,"pastePass":false}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"愛達荷州國家實驗室設施的控制室。照片來源：《紐約時報》Jim McAauley"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"blockquote","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"早些時候，美國司法部宣佈了"},{"type":"link","attrs":{"href":"https:\/\/www.wired.com\/story\/us-indicts-sandworm-hackers-russia-cyberwar-unit\/","title":"","type":null},"content":[{"type":"text","text":"對“沙蟲”（Sandworm）黑客團伙的起訴"}]},{"type":"text","text":"。起訴文件指控六名爲俄羅斯GRU軍事情報局工作的黑客，涉及過去五年內全球多宗網絡計算機犯罪，從"},{"type":"link","attrs":{"href":"https:\/\/www.wired.com\/story\/untold-story-2018-olympics-destroyer-cyberattack\/","title":"","type":null},"content":[{"type":"text","text":"破壞2018年韓國冬季奧運會"}]},{"type":"text","text":"，到釋放"},{"type":"link","attrs":{"href":"https:\/\/www.wired.com\/story\/notpetya-cyberattack-ukraine-russia-code-crashed-the-world\/","title":"","type":null},"content":[{"type":"text","text":"烏克蘭歷史上最具破壞性的惡意軟件"}]},{"type":"text","text":"。在被起訴的網絡攻擊罪行中，包括"},{"type":"link","attrs":{"href":"https:\/\/www.wired.com\/story\/russian-hackers-attack-ukraine\/","title":"","type":null},"content":[{"type":"text","text":"2016年對烏克蘭的電網進行了前所未有的攻擊"}]},{"type":"text","text":"，此次攻擊不僅想要造成大面積停電，而且還"},{"type":"link","attrs":{"href":"https:\/\/www.wired.com\/story\/russia-ukraine-cyberattack-power-grid-blackout-destruction\/","title":"","type":null},"content":[{"type":"text","text":"意圖對電氣設備造成物理損壞"}]},{"type":"text","text":"。網絡安全研究人員Mike Assante深入研究了此類攻擊的細節，他意識到電網攻擊手段並非由俄羅斯黑客發明的，而是由美國政府提出並在十年前就進行了測試。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"上述內容摘錄自本週出版的平裝書《沙蟲：網絡戰的新時代，追剿克里姆林宮最危險的黑客》，其中提及的試驗稱爲“極光發電機測試”（Aurora Generator Test），是由工業控制系統安全領域的先驅和傳奇人士Mike Assante領導的。時至今日，該試驗依然是對通過網絡攻擊物理世界的潛在可能性的嚴重警示，很好地預測了隨後出現的“沙蟲”攻擊。"}]}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"2007年3月的一個寒風凜冽的早晨，Mike Assante進入了位於愛達荷瀑布（Idaho Falls）以西32英里處的愛達荷國家實驗室（Idaho National Laboratory）設施。該設施坐落在一片高大的沙漠景觀中間，被積雪和鼠尾草所覆蓋。Assante步入訪客中心的大廳時，那裏已經聚集了一小羣人，其中包括來自美國國土安全部、能源部、北美電力可靠性公司（NERC）的官員、全美各地部分電力公司的高管，以及像Assante這樣的研究人員和工程師。此項工作由國家實驗室牽頭開展，爲期一天時間，探索可能針對美國關鍵基礎設施的災難性威脅。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}}]}