新加坡拟让公务员“断网”
Singapore is planning to cut off web access for public servants as a defence against potential cyber attack – a move closely watched by critics who say it marks a retreat for a technologically advanced city-state that has trademarked the term “smart nation”.
新加坡计划切断公务员的网络连接以防止潜在网络攻击。新加坡是一个科技发达的城市国家, 拥有“智慧国家”之称。批评人士都在密切关注此举,他们认为这对于新加坡来说是一种退步。
Some security experts say the policy, due to be in place by May, risks damaging productivity among civil servants and those working at more than four dozen statutory boards, and cutting them off from the people they serve. It may only raise slightly the defensive walls against cyber attack, they say.
该计划预计在明年5月实施,一些安全专家认为该政策可能会降低公务员和四十多个法定机构的工作人员的效率,并且将他们与他们的服务对象隔离开来。专家说,对于网络攻击来说,此举只是建了一道微不足道的防御墙。
Ben Desjardins, director of security solutions at network security firm Radware, called it “one of the more extreme measures I can recall by a large public organisation to combat cyber security risks”. Stephen Dane, a Hong Kong-based managing director at networking company Cisco Systems, said it was “a most unusual situation” and Ramki Thurimella, chair of the computer science department at the University of Denver, called it both “unprecedented” and “a little excessive”.
瑞得韦尔网络安全公司安全解决方案部门主管本 德雅尔丹称此举是他“见过的大型公共组织为对抗网络安全问题而采取的极端手段之一。”思科系统驻香港总经理斯蒂芬 戴恩认为这是“非常少见的情况”。丹佛大学计算机科学教授拉姆基·土瑞梅拉也称此举“前所未有、有点过分”。
But other cyber security companies said that with the kind of threats governments face today, Singapore had little choice but to restrict internet access.
但是其他的网络安全公司认为鉴于目前各国政府面临的威胁,新加坡除了限制网络使用外,别无选择。
FireEye, a cyber security company, found that organisations in south-east Asia were 80% more likely than the global average to be hit by an advanced cyber attack.
网络安全企业火眼公司发现,东南亚的组织机构遭遇高级网络攻击的概率比全球平均要高80%。
Singapore officials said no particular attack triggered the decision but noted a breach of one ministry in 2015. David Koh, chief executive of the newly formed Cyber Security Agency, said officials realised there was too much data to secure and the threat “is too real”.
新加坡官员称该决定并非由特定攻击事件导致,但他提到了2015年一次政府部门信息泄露事件。大卫 戈是新成立的网络安全机构的负责人。他说政府官员们意识到有太多的数据需要保护而威胁也“真实存在”。
Public servants would still be able to surf the web but only on separate personal or agency-issued devices.
公务员们还是可以浏览网页,不过只能用自己的电脑或机构分发的设备。
Anthony James, chief marketing officer at cyber security company TrapX Security, recalled one case where an attacker was able to steal data from a law enforcement client after an employee connected his laptop to two supposedly separated networks. “Human decisions and related policy gaps are the number one cause of failure for this strategy,” he said.
网络安全公司TrapX Security的总经理安东尼 詹姆斯回忆起曾经有过这样一个案件:一个执法机关的员工将他的笔记本连接到两个应该毫无关联的网络后,黑客成功偷出了执法机关客户的资料和数据。他说:“人们的决定及相关的政策漏洞是此项策略失败的首要原因。”
Singapore’s Infocomm Development Authority (IDA) said it had worked with agencies on managing the changes “to ensure a smooth transition” and was “exploring innovative work solutions to ensure work processes remain efficient”.
新加坡资讯通信发展管理局表示他们已经在与一些机构合作来应对这些变化“以确保平稳过渡”。他们也在“探索新的解决方法,保证工作流程仍然高效。”
One 23-year-old manager, who gave only her family name, Ng, said blocking web access would only harm productivity and may not stop attacks. “Information may leak through other means, so blocking the internet may not stop the inevitable from happening,” she said.
一位23岁不愿透露名字的伍姓经理认为,封锁网络只会降低工作效率,也不能制止网络攻击。她说:“信息可能会从其他渠道泄露,所以封锁网络并不能防止这个不可避免的事情发生。”
It’s not just the critics who are watching closely.
关注此事的不只有批评人士。
Local media cited one Singapore minister as saying other governments, which he did not name, had expressed interest in its approach.
当地媒体援引新加坡一位部长的话,称还有别的国家政府对此政策有兴趣,不过他并没有说是哪个国家。
William Saito, a special cyber security adviser to the Japanese government, said some Japanese companies had cut internet access in the past year, usually after a breach. “They cut themselves off because they thought it was a good idea,” he said, “but then they realised they were pretty dependent on this internet thing.”
日本政府特别网络安全顾问威廉 西户说,去年有些日本公司切断了互联网连接,而这大多是在发生了信息泄露之后采取的措施。他说:“他们切断网络连接因为他们认为这是个好办法,但是之后,他们都意识到他们对互联网有多依赖。”
