華爲呼籲全球同行攜手應對網絡安全問題

Chinese networking equipment firm Huawei Technologies Co. says there's a risk that the global technology industry could splinter along geographic or political lines in the wake of revelations that the National Security Agency has targeted specific technology products. The company is calling for international cooperation among technology manufacturers to create standards and best practices that help everybody better protect data and networks.

中國網絡設備供應商華爲技術有限公司(Huawei Technologies Co.)稱，隨着美國國家安全局(National Security Agency, 簡稱：國安局)入侵部分科技產品遭到曝光，全球科技產業將面臨按地域或政治立場出現分裂的風險。該公司呼籲全球科技製造商展開國際合作，建立行業標準，打造最優業務，幫助所有人更好地保護數據和網絡。

'There's a very real concern for political or geography-based balkanization, which is in nobody's best interest,' said William Plummer, Huawei's Washington, D.C.-based vice president of external affairs. On December 30, Der Spiegel reported that the NSA has targeted Huawei products, among those of other manufacturers, with malicious software and hardware that create backdoors in products.

常駐華盛頓特區的華爲國際事務副總裁普盧默(William Plummer)說，我們非常擔心發生以地理或政治爲界限的分裂，這不符合任何人的最佳利益。12月30日《明鏡》週刊(Der Spiegel)報道稱，美國國安局將華爲（還有其他一些製造商的）產品納入了監聽對象範圍，通過惡意軟件及硬件在產品中植入“後門”實施監聽活動。

Huawei is familiar with what happens when trust splinters. For years it has received complaints from the United States government about the Chinese government potentially introducing backdoors into Huawei equipment. Huawei has denied that this has happened. In October 2012, a U.S. House Intelligence Committee Report urged U.S. telecom providers not to do business with Huawei and ZTE Corp., another Chinese equipment manufacturer. Now that the tables are turned, Huawei is not expressing schadenfreude. Instead, Mr. Plummer suggests that the industry find a global standards-setting organization such as the International Telecommunications Union to help manufacturers bolster security in their products.

華爲對於信任破裂的情況並不陌生。多年來美國政府一直指責華爲，稱中國政府可能在其設備中開設後門。華爲對此予以了否認。2012年10月的一份美國衆議院情報委員會(House Intelligence Committee)報告極力主張美國通信服務商不要與華爲和中興通訊股份有限公司(ZTE Corp., 簡稱：中興通訊)進行商業合作（中興通訊是中國另一家設備生產商）。如今形勢扭轉，華爲並沒有表示出幸災樂禍的態度。相反，普盧默建議所在的行業通過國際電信聯盟(International Telecommunications Union)這樣的全球標準設定組織，來幫助設備製造商提升產品安全。

The NSA reportedly also targeted enterprise products from Cisco Systems Inc., Juniper Networks Inc., Hewlett-Packard Co. and Dell Inc. These companies say they did not assist the NSA in creating backdoors for their products and will work with customers to communicate any vulnerabilities they find. Juniper, Cisco and Huawei say they are investigating specific allegations about products made in the story.

據報道，美國國安局還將思科系統(Cisco Systems Inc., CSCO, 簡稱：思科)、瞻博網絡(Juniper Networks Inc., JNPR)、惠普公司(Hewlett-Packard Co., HPQ)以及戴爾公司(Dell Inc., DELL)納入監聽範圍。上述公司稱沒有協助國安局在其產品內開設後門，並表示將與客戶合作，就發現的任何潛在漏洞進行溝通。瞻博網絡、思科及華爲稱，他們正在對文中提及的產品問題進行調查。

Huawei is 'conducting audits of its products to determine if any compromise has occurred.' If so, it will develop and communicate appropriate fixes, said Mr. Plummer.

普盧默稱，華爲正在對其產品進行評審，以確定是否被植入後門。如果確有此事，公司將研究出修改方法並告知客戶。

Cisco is investigating allegations about the creation of alleged implants for some of the Cisco PIX and Cisco ASA platforms and is posting updates on a blog.

思科正在就部分Cisco PIX和Cisco ASA平臺被植入後門程序的傳聞進行調查，並將在博客上更新進展情況。

Juniper Networks, in a statement, said it is not aware of any implants and the company takes 'allegations of this nature very seriously and are working to address any possible exploit paths.'

瞻博網絡在一份聲明中稱，公司並不知道任何後門軟件植入的事情，公司非常嚴肅地對待此類傳聞，並將堵住任何可能的入侵路徑。

H-P, in a statement, said it 'was not aware of any of the information presented in the Der Spiegel article, and we have no reason to believe that the HP ProLiant G5 server mentioned was ever compromised as suggested in the article.'

惠普在一份聲明中稱，公司此前並不知道《明鏡》週刊文章所給出的信息，且沒有理由相信惠普Proliant G5服務器如文中提及的那樣遭到入侵。

Dell, in a statement, said it 'does not work with any government - United States or otherwise - to compromise our products to make them potentially vulnerable for exploit.' That includes software implants or so-called backdoors.

戴爾在一份聲明中稱，公司沒有與任何（美國或其他國家或地區）政府合作對公司產品做手腳，爲監聽製造機會。這當中包括植入軟件或所謂的後門。

The NSA, in a statement, said that the U.S. technology industry builds the most secure hardware and software in the world today. 'Given its own reliance on many of the very same technologies that the public uses, the U.S. Government is as concerned as the public is with the security of these products.' The NSA won't comment on specific alleged intelligence-gathering activities, but the 'NSA's interest in any given technology is driven by the use of that technology by foreign intelligence targets.'

國安局在一份聲明說，美國科技產業生產着當今世界最安全的硬件和軟件產品。聲明稱，考慮到公衆使用的許多技術也被美國政府賴以使用，因此美國政府也像公衆一樣非常關心這些產品的安全性。國安局未就外界提及的具體情報蒐集活動置評，但稱國安局對任何特定技術的關注源於這種技術被外國情報目標所使用。

For now, many customers are upset and there is skittishness about whether their internal networks have been somehow compromised by the NSA, said Avivah Litan, vice president and distinguished analyst at Gartner Research Inc. 'You can't just redo your network,' she said, adding that IT budgets are tight.

Gartner Research Inc.副總裁兼著名分析師利坦(Avivah Litan)說，當前有許多客戶感到不快，並擔心其內部網絡可能受到國安局的入侵。她說，重建網絡是一件很困難的事情，並補充說客戶的科技經費有限。

Most customers are trying to find more information at the moment, which includes putting pressure on vendors to delineate which products may have been impacted. Some are looking at taking legal action, she said, which could take years. The prospect of closing the alleged backdoors could take several months from a technical perspective.

此刻多數客戶都在試圖獲取更多相關信息，包括向供應商施壓以瞭解有哪些產品可能受到了影響。她說，一些客戶正打算採取法律手段，這可能會花費數年時間。技術上講，關閉後門程序可能會需要數月時間。

Already, in Europe, companies are looking for suppliers not based in the U.S., said Ms. Litan. 'The trust level is on rock bottom,' she added. 'It's really going to hurt U.S. company business - we're already seeing it.'

利坦說，歐洲一些公司已經開始尋找美國之外的供應商。她說，人們的信任度降至了最低點，並補充說此事的確會傷害到美國公司的業務，我們已經看到了這一跡象。