[ti:US to Set New Pipeline Rules to Protect Against Cyberattacks] [by:www.51voa.com] [00:00.00]更多听力请访问51VOA.COM [00:00.04]The United States plans to launch new rules [00:05.00]designed to protect pipeline companies [00:09.28]against increasing cyberattacks. [00:13.04]The action follows a cyberattack earlier this month [00:18.32]that shut down a major U.S. fuel pipeline. [00:23.68]The outage, involving a 9,000 kilometer pipeline system, [00:29.28]led to temporary fuel shortages in some places [00:34.36]in the eastern United States. [00:37.32]U.S. officials say new cybersecurity regulations [00:43.00]are expected to be issued this week [00:46.28]by the Transportation Security Administration (TSA). [00:50.40]The TSA oversees the nation's network of pipelines. [00:56.56]The Department of Homeland Security (DHS) said Tuesday [01:01.32]that TSA officials had already begun [01:05.16]working with private pipeline companies [01:08.68]on ways to identify and prevent cyberattacks. [01:14.36]One of the new regulations will require the companies [01:18.84]to report cyber threats to the federal government, [01:22.80]one official told The Associated Press. [01:26.80]Another rule is expected to require pipeline operators [01:32.68]to complete a self-examination of their systems [01:37.16]for possible vulnerabilities to cyberattacks. [01:41.68]Mark Montgomery is with the Foundation for the Defense of Democracies. [01:48.24]He is also the former director of the congressionally supported [01:53.60]Cyberspace Solarium Commission. [01:56.76]Montgomery told the AP he sees the expected requirements [02:02.72]as "a good step" forward in the fight against cyberattacks. [02:08.40]He added that such regulations need to be put in place [02:13.60]for non-pipeline companies as well, [02:16.88]"so that all our national critical infrastructure is at a higher level." [02:23.80]At a news conference this week, DHS Secretary Alejandro Mayorkas [02:30.76]spoke about the ransomware attack that shut down the Colonial Pipeline. [02:36.44]He said that kind of attack "is one of the greatest [02:41.20]cybersecurity threats that we face in the United States." [02:46.56]In a ransomware attack, online attackers [02:51.32]infect the computer systems of organizations [02:55.32]and hijack data in a way that leaves it unreadable. [03:00.36]The attacker then demands payment [03:03.48]in exchange for returning the data to a usable state. [03:08.40]Colonial Pipeline in Georgia said it had paid a ransom of $4.4 million [03:17.00]to regain control of its data from the cybercriminals. [03:22.04]The Federal Bureau of Investigation has linked the attack [03:26.80]to a Russian-speaking criminal group known as DarkSide. [03:31.96]Suzanne Spaulding is a cybersecurity expert [03:36.60]with the Center for Strategic and International Studies [03:40.96]based in Washington, D.C. [03:43.44]She said many companies are still not taking steps to protect themselves. [03:50.68]"There are two kinds of companies in the world, [03:54.48]those who have been hacked and those who haven't detected it yet," [03:59.92]she told the French press agency AFP. [04:04.44]Spaulding noted one problem is that many countries [04:09.04]cannot produce enough computer workers [04:12.32]who are trained to deal with serious cyber threats. [04:16.84]This shortage drives up pay rates, making it difficult [04:21.84]for many organizations to employ quality workers with the right skills. [04:28.68]Private cybersecurity companies have been helpful [04:33.20]to organizations facing threats and can also help prevent new attacks. [04:40.16]But a new report suggests that publicizing [04:44.52]anti-ransomware measures can also help cybercriminals. [04:50.04]The report was published jointly by MIT Technology Review and ProPublica. [04:59.04]It details how Romanian cybersecurity company BitDefender [05:04.96]announced in January it had found a fix to help companies [05:09.96]avoid ransomware attacks by the DarkSide group. [05:14.56]BitDefender said it had discovered a flaw in the ransomware [05:20.60]that DarkSide had been using to freeze computer networks [05:25.36]of American and European businesses. [05:30.00]But by bringing attention to its fix, [05:33.44]BitDefender also let DarkSide know about the flaw, [05:38.64]which it was able to quickly repair. [05:42.72]The next day, DarkSide declared: "Special thanks to BitDefender [05:48.56]for helping fix our issues. This will make us even better." [05:54.36]The fix was quickly confirmed when DarkSide [05:58.72]carried out a series of new attacks, [06:01.80]including the hijack of Colonial Pipeline's data. [06:06.20]The joint report notes that two other cybersecurity experts [06:11.64]had also discovered BitDefender's flaw a month before BitDefender. [06:17.92]But those researchers did not publicly announce their finding. [06:23.56]Instead, they began secretly reaching out [06:27.56]to possible victims to offer help. [06:31.04]I'm Bryan Lynn. 更多听力请访问51VOA.COM