作者/Author(s): Erica Lonergan and Michael Poznansky 

網站來源/Source: War on the Rocks 

日期/Date: 02/25/2025 

關鍵字/Keywords: 網路、中國、駭客 


摘要:
伏特颱風(Volt Typhoon)「鹽颱風」(Salt Typhoon)是中國對美國網路的新興網路威脅。雖然這兩者存在明顯差異,美國的決策者卻將它們一視同仁,使用一刀切的方式來解決這些網路威脅。這些網路威脅如今已經危及美國國家安全,新政府必須瞭解它們的差異,並制定相應的對策。 
兩種不同的網路颱風 
  • 伏特颱風」「鹽颱風」有一些共同點 
  1. 它們的命名方式反映了威脅的來源 
  2. 它們使用類似的機制入侵美國關鍵系統 
  3. 美國兩黨決策者認為這兩種威脅是相同的現象 
  • 然而,「鹽颱風」與「伏特颱風」有不同的作戰方式與戰略目標: 
  1. 鹽颱風 主要負責間諜行動,透過入侵電信網路獲取情報與關鍵資訊,可以主動且持續利用存取漏洞來滲透網路系統 
  2. 伏特颱風」則是在關鍵基礎建設網路內預先部署的演算法,在地緣政治衝突發生時,負責破壞或癱瘓美國重要服務伏特颱風」會先入侵脆弱網路並隱藏自幾,以便在未來需要時啟動攻擊 
  • 因此,美國決策者必須使用不同的嚇阻方法來對抗各種網路威脅 
對抗「鹽颱風 
  • 嚇阻網路間諜行動的關鍵在於向對手施壓,讓對手覺得服從比違抗所付出的代價更小 
  • 美國能否威脅到「鹽颱風」仍是一個未解之謎:  
  1. 中國已成功入侵美國電信網路供應商獲得敏感資訊,並根據情報採取相應行動
  2. 中國可能會認為繼續進行網路間諜行為,比服從美國的警告更有價值 
  3. 國家行為體普遍認可間諜行動對國家安全的必要性 
  • 與其專注於嚇阻,美國應採取反間諜策略來對抗「鹽颱風 
  1. 當務之急是立即停損並清除已滲透的威脅 
  2. 美國應升級並重建現有的電信基礎設施,降低未來再被入侵的風險 
  3. 美國情報機構應提升反情報能力,並預測自身最容易受到攻擊的區域 
  • 美國可採取「前置防禦」的網路反制行動,以阻止中國發動類似的網路間諜活動 
  1. 然而,這並非唯一的解決方案,亦不能取代上述措施 
  2. 中國有強烈的動機進行網路間諜活動,加之嚇阻網路間諜行動的難度極高,美國的反制行動恐無法改變中國的行為,甚至可能引發報復行動 

Summary: 
Volt Typhoon and Salt Typhoon are Chinese cyber threats on US networks. Despite stark differences, US policymakers treat them the same and use a one-for-all approach to solve these cyber threats. Since these threats endanger US national security, the new administration must understand their distinction and formulate countermeasures against them. 
Two Different Typhoons 
  • Salt Typhoon and Volt Typhoon have some commonalities: 
  1. They have similar nomenclature reflecting the origins of the threat. 
  2. They intrude on critical US systems using similar mechanisms. 
  3. Bipartisan US policymakers perceive the threats as the same phenomenon. 
  • However, Salt Typhoon and Volt Typhoon have different operational and strategic objectives: 
  1. Salt Typhoon: Largely responsible for espionage operations by hacking into telecommunication networks to obtain information and critical intelligence. Salt Typhoon could breach networks by exploiting access vulnerabilities actively. 
  2. Volt Typhoon: Pre-positioned algorithm inside critical infrastructure networks that could disrupt or destroy essential services in the event of geopolitical conflict. Volt Typhoon first accesses vulnerable networks and conceals itself so that the user can activate it in the future. 
  • Therefore, US policymakers must use different deterrence methods to combat various cyber threats. 
Countering Salt Typhoon 
  • Deterring cyber espionage requires threatening a foe to prevent it from unwanted actions such that complying inflicts fewer costs than defecting.  
  • It is dubious whether the US could deter Salt Typhoon: 
  1. China has already gained sensitive information by breaching US telecommunication network providers and is acting according to the intelligence. 
  2. China may perceive continuing cyber espionage as more worthy than complying with the US's warnings. 
  3. State actors acknowledge the necessity for espionage practices for national security. 
  • Rather than deterrence, the US should use counter-espionage tactics against Salt Typhoon. 
  1. The immediate actions are to contain the damage and expel the threat from exposed networks. 
  2. The US should upgrade and rebuild existing telecommunication infrastructure to be less vulnerable to future intrusions. 
  3. The US intelligence community should improve its counterintelligence abilities and anticipate its most vulnerable areas. 
  • The US could use a "defend forward" counter-cyber response to discourage China from conducting similar cyber-espionage operations.  
  1. However, this is not the only solution and cannot replace the abovementioned measures. 
  2. Due to the incentives for China and difficulties in thwarting cyber espionage, it may not change China's behavior and may risk retaliation. 
回上層