夜雨聆风
AI也有黑客,小心 | 经济学人
01 文章选材
May 2ND-May 8TH |Science & technology
【Para. 1】介绍黑帽大会的特殊性与高强度网络防护需求
【Para. 2】说明AI技术已大幅提升黑客能力,成为网络安全分水岭
【Para. 3】指出黑帽大会防护难度极高,面临规模与甄别双重挑战
【Para. 4】讲述大会监测到各类隐私泄露与设备安全隐患
【Para. 5】说明防护工具可识别恶意攻击,全球黑客均试图攻陷大会
【Para. 6】介绍NOC团队用AI工具以攻制攻应对自动化攻击
【Para. 7-9】讲解三款 AI 防护工具的功能与实际应用案例
【Para. 10】揭示参会设备常遭入侵,AI驱动的网络攻击将加剧
【Para. 11-12】展望AI攻防竞赛刚起步,未来两年行业将经历动荡转型
03 原文音频
949 words ★★★☆☆(难度评级)
A glimpse into cyber-security’s AI-driven future
【Para.1】It takes only a brief chat with the organisers of Black Hat Asia to realise this is no ordinary conference. Whereas most professional get-togethers invite their guests to piggyback on the hotel Wi-Fi, Black Hat builds the network for its annual conferences in Las Vegas, London and Singapore from scratch, installing switches, access points, firewalls and monitoring sensors before the conference opens. The Network Operations Centre (NOC) must then defend it in real time from thousands of the world’s best hackers—not just the conference’s adversaries, but also those attending, who are explicitly tasked with attacking its infrastructure.
【Para.2】This year’s Singapore edition, held from April 21st to 24th, took place in the shadow of announcements from large tech companies that artificial-intelligence models could now outperform all but the best hackers. Anthropic’s Mythos, for example, the most prominent such model, is already said to have identified severe vulnerabilities in “every major operating system and web browser”. For most tech users, this feels like a watershed moment. For those at Black Hat, however, it is confirmation of what they have long seen coming.
【Para.3】Defending Black Hat is “orders of magnitude” harder than ordinary corporate cyber-security, says Neil “Grifter” Wyler who has run the NOC for 24 years, all but 6 of which have been alongside his colleague Bart Stump. Indeed, when the head of cyber-security for the Paris Olympics needed a model for his own security-operations centre, he spent a week with the NOC at Black Hat London. Part of the challenge is scale: a typical firm faces one or two attackers at a time whereas Black Hat must deal with thousands, many testing exploits freshly taught by world-class instructors. The other challenge is filtering: the NOC team must allow such coursework to happen while distinguishing it from real attacks.
【Para.4】What they see ranges from the trivial to the unsettling. Some of those attending used a weather app that leaked their GPS co-ordinates. Another was feeding their cat remotely through an app that others could have hijacked. Visits were logged to 81 unique adult-website domains.
【Para.5】But the same tools that spot compromised pet feeders catch nefarious activity. A few years ago a participant used the conference network to hack a water-treatment facility in America (Messrs Wyler and Stump are cagey about the details). Another hid behind the din of legitimate hacker traffic to attack government websites and payment systems. The NOC team traced him, sent him a message reminding him that doing illegal things from Black Hat was still illegal, then watched him close his laptop and walk away. Hackers on the other side of the world try their luck too. When the registration server was switched on, attacks began at once, including traffic that appeared to originate in Romania. “It would be a feather in their cap to take down Black Hat,” says Mr Wyler.
【Para.6】The team has used AI to defend the network for years, says Mr Wyler, against bots as well as humans. But the bots are becoming noticeably more skilled. “The problem is that the attacks have gone from taking a week to a day to hours or minutes.” The NOC team has, therefore, built a stack of AI tools to fight fire with fire.
【Para.7】Trevor, for example, an AI chatbot, can turn questions written in plain English into code that can navigate the NOC’s complex database. This helps get members of the team, many of whom are freelancers, up to speed more quickly. Another tool monitors the patterns of encrypted beacons—the small, regular check-ins that compromised devices send back to attackers’ servers—and uses machine learning to distinguish them from the millions of legitimate connections the devices make each day.
【Para.8】It was with the help of this tool that the computer of a Taiwanese journalist attending Black Hat was found to have been infected with malware: among the noise of normal traffic, it was making connections to an unfamiliar server at a metronomic cadence, repeating at intervals that no legitimate app would produce.
【Para.9】A third tool makes use of an AI agent to profile every device on the network, flagging unusual behaviour. Once the NOC saw suspicious traffic on the journalist’s laptop, the agent checked clues obtained from the network against information available on the internet to quickly identify the owner. The team used the conference’s registration database to confirm the match before compiling a report and informing both the journalist and his organisation.
【Para.10】Mr Stump says the NOC has seen a pattern across multiple Black Hat conferences in which Taiwanese participants show up with hacked devices. “Most of [the traffic] goes back to China,” he says. AI-powered attacks by nation-states or cybercriminals are likely to intensify.
【Para.11】The team thinks the AI race is only beginning. For Mr Wyler, the vulnerabilities discovered by Mythos, including some that have gone undetected for decades, are to be welcomed rather than feared. “We now know they’re there.”
【Para.12】All the same, cautions Mr Stump, the next two years will be turbulent, as more flaws will be uncovered; more breaches will occur as firms feed sensitive data into AI systems; and more insecure code will be written. If that transitional period can be handled responsibly, a new equilibrium may be reached that resembles the one now being left behind. One thing, says Mr Stump, is certain. “In a year there will be a new AI model that makes Mythos look like a toddler with a keyboard.”
05 检验题
Read the following text carefully and answer the questions below by choosing A, B, C or D.
21. According to Paragraphs 1 and 2, the Black Hat conferences are different from most professional events in that ___.
[A] they invite thousands of the world’s best hackers to test and attack the conference infrastructure
[B] they construct their own network infrastructure from scratch and defend it against attacks in real time
[C] they rely on hotel Wi-Fi networks that are specially monitored by cybersecurity experts throughout the event
[D] they use artificial intelligence exclusively to identify vulnerabilities in major operating systems and web browsers
22. According to Paragraph 3, one reason why defending Black Hat is considerably harder than ordinary corporate cyber-security is that ___.
[A] the NOC team has to prevent all hacker activities on the network without exception
[B] the head of cyber-security for the Paris Olympics modelled his operations centre on Black Hat’s approach
[C] the team must allow legitimate coursework attacks while identifying genuinely malicious ones
[D] Mr Wyler and his colleague have run the NOC for 24 years with only 6 years of collaboration
23. The author mentions the water-treatment facility incident in Paragraph 5 in order to ___.
[A] illustrate the real-world consequences that can result from vulnerable pet-feeding apps and adult-website visits
[B] demonstrate that the NOC team lacks the authority to stop participants from launching illegal attacks on external targets
[C] show that the same monitoring tools used to detect trivial threats can also catch genuinely dangerous ones
[D] prove that most attacks on Black Hat’s network originate from hackers based in Romania rather than from participants
24. It can be inferred from Paragraphs 7 and 8 that the AI tool monitoring encrypted beacons was able to detect the malware on the Taiwanese journalist’s laptop because ___.
[A] the journalist had deliberately installed the malware to test the NOC team’s detection capabilities
[B] the device was sending data to its command server at intervals that no legitimate application would produce
[C] the NOC team had previously identified a pattern of Taiwanese participants bringing compromised devices to the conference
[D] the AI agent cross-referenced the device’s network behaviour with information available on the public internet
25. Which of the following would be the best title for the text?
[A] Black Hat Asia: How the World’s Largest Hacker Conference Operates Behind the Scenes
[B] The Cat-and-Mouse Game Between Hackers and Cyber-Security Experts at Black Hat
[C] Why AI-Powered Cyber-Security Tools Will Soon Make Human Hackers Obsolete
[D] Defending the Indefensible: How AI Is Transforming Cyber-Security at the Front Line
看更多单词注释,全文翻译,长难句解析,写作积累以及答疑服务;
扫码下方报名训练营获取👇👇👇
注:在线课程报名之后不接受退款,报名之前有疑问请先加助教微信(ttzhujiao888)查看例文免费试学和训练营介绍,考虑清楚再报名