无国界网络：在距风险210公里处守卫。[特别版]

您正在收听由n two k提供支持的CyberWire网络。

You're listening to the CyberWire network powered by n two k.

你好，欢迎收听我们关于北约2025年网络联合演习三部曲系列的最终集。

Hello, and welcome to our final episode of our three part series on NATO's twenty twenty five cyber coalition exercise.

我是莉兹·斯托克斯。

I'm Liz Stokes.

在我们旅程的最后一章中，玛丽亚·韦尔马扎斯和我退后一步，不仅回顾我们所看到的，更反思这一切的意义。

In this last chapter of our journey, Maria Vermazas and I step back, not just to recap what we saw, but to reflect on what it all means.

在本集中，您将听到我们的反思穿插在我们带回来的那些时刻、对话和场景之中。

Throughout this episode, you'll hear our reflections woven between the moments, conversations, and scenes we brought home with us.

过去、现在和未来在这里略显模糊，但这是因为这个故事对我们而言就是这样展开的。

The past, present, and future blur a bit here, but that's because that's how this story unfolded for us.

这是一个关于警觉、团结以及网络防御在保障安全的同时挑战国界并带来真实后果的故事。

This is a story about vigilance, solidarity, and what's at stake when cyber defense both secures and defies borders with very real consequences.

在我们继续讲述的过程中，我们将与您一同反思。

And as we move through it, we'll be reflecting right alongside with you.

我是玛丽亚·韦尔马扎斯。

Maria Vermazas here.

我和我的同事莉兹·斯托克斯现在位于佛罗里达州奥兰多。

I am in Orlando, Florida with my colleague Liz Stokes.

你好。

Hello.

我们实际上在这里参加佛罗里达州奥兰多的商业航天周。

And we're actually here for, Commercial Space Week in Orlando, Florida.

这和北约没什么关系。

Nothing to do with NATO.

是的。

Yeah.

但你知道，我们来这里还有其他任务。

But, you know, we're here on another assignment.

所以我们觉得，既然我们人在这里，不如聚一聚，聊聊我们的北约经历。

So we figured we would, since we're here in person, get together and talk about our NATO experience.

那已经是两个月前了。

So that was two months ago now.

差不多就是。

Just about.

对吧？

Right?

是的。

Yeah.

对。

Yeah.

现在差不多快两个月了。

It's about almost two months now.

所以我们有了一些时间来消化一下。

So we've had some time to digest it a little bit.

所以我想知道，在那天我们参观网络靶场时，有什么特别让你印象深刻的事情吗？

So I'm curious if anything stood out to you on that specific day when we had the tour of the cyber range.

是的。

Yeah.

我记得很清楚。

I remember well.

首先，这是一次很棒的经历，我知道你和我都非常感激能有机会去参加这次活动。

First of all, it was a great experience, and I'm I know that you and I are both very appreciative that we got to go and do that.

哦，是的。

Oh, yes.

没错。

Yep.

很明显，这让我想到一个词，是‘保密’。

It was very apparent that it was I don't want the word that's coming to mind is secretive.

当然，这是保密的。

Of course, it's secretive.

它是新的。

It's neo.

这是军事的。

It's military.

是的。

Yeah.

是的。

Yeah.

是的。

Yeah.

但是，玛丽亚，你和我走进去的时候，我们进入了一艘小船。

But, I mean, Maria, you and I walked in, and we walked into a skiff.

是的。

Yeah.

是的。

Yeah.

是的。

Yeah.

所有东西都被封起来了。

Everything was boarded up.

我们什么也看不到。

We could not see anything.

是的。

Yeah.

我的意思是，进去之后什么也看不到，这真的很有趣。

I mean, it was just it was very interesting, getting in there and kind of seeing nothing.

嗯，我们看了很多东西，非常有收获，学到了很多。

Well, we went to see a lot, and it was very informative, and we learned a lot.

而且整个过程非常保密，就像那样。

We also it was very secretive, like Yeah.

大多数军事事务都是这样的。

Most, you know, military things are.

而且是的。

And Yeah.

我的意思是，这没问题。

I mean, that's fine.

对。

Yeah.

我们去学习了。

We went to learn.

我们确实去了。

We did.

是的。

Yeah.

而且，我们去见证了，我们也确实去了。

And, we went to witness, and we did.

我们确实去了。

We did.

见证了。

Witnessed.

我们亲眼见证了他们希望我们看到的一切。

We witnessed exactly what they wanted us to witness.

正是如此。

That's exactly it.

这是因为，我们回来后讨论的正是这一点：当你去参加这样的活动时，因为你实际上接触的都是些常规内容，你被妥善安排了。

That because that that was the conversation we had when we got back was when you go to something like this, because you are effectively we were standard stuff, you're handled.

你知道，我们全程都有人陪同。

You know, like, we were escorted at all times.

当然，这并不令人惊讶，也没什么特别的。

Of course, this is not shocking or anything like that.

这仅仅是标准程序。

This is just standard procedure.

你所听到的那些叙述、你被告知的那些事情，都是他们希望你知道的内容。

The narratives that you are shared, the things that you were told, this is what they want you to know.

他们告诉你这些，是有原因的。

And there's a reason they're telling you this.

他们之所以这样沟通，是有原因的。

There's a reason they're communicating this all with this.

对我们来说，你可以试着揣摩言外之意，但其实也没必要想得那么复杂。

So for us, it's like, you can try to read in between the lines, but it's also it doesn't have to be that complicated.

他们是在刻意向世界传递一个故事。

It's like they're specifically a story that they're communicating to the world.

对我来说，这就像一条连贯性的信息。

And to me, it was like a message of coherence.

就像另一个没被明说的‘C’，但他们显然想传达一种感觉：是的，我们在做这三件‘C’事——协作、合作、协调，但更重要的是，他们是一个团结一致、协同运作的联盟。

Like, that's the other c that wasn't maybe said, but it was like they're trying to convey a sense of, yes, we're doing these three c's of what, to collaborate, cooperate, coordinate, but it's also that they're a coherent alliance that is working together.

而且，两个月后，我们现在又在想，真的吗？

And again, two months later, here we are going, is it?

但当时，确实看起来是这样，或者至少，他们想传递的就是这个印象。

But at that time, it certainly was it seemed that way, or at least that was what they were trying to project.

我希望这种情况能一直持续下去。

And I would love for it to continue to be that way.

我们仍在继续合作。

We are continuing to work together.

我们正在以对各自国家有意义的方式持续共享信息。

We are continuing to share information in ways that make sense for our respective nations.

并非所有内容都会随时共享，但那些可以且应该共享的信息将会迅速传递。

Not everything's gonna be shared all the time, but what can and should be will be shared with expediency.

我们希望你们知道这一点，也希望我们的对手知道这一点。

And we want you to know that, and we also want our adversaries to know that.

我的意思是，我们理解媒体的职责就是传递他们想要讲述的这种故事，我们只是这个故事的传播渠道。

And it's like that I mean, we understand that our job as being the media is like, that's the story that they want to tell in a way we're a conduit for that.

人们是否认同这个故事，这不是我们的事。

Whether or not people sign on to that is not our thing.

我的意思是，我们无法断言他们是否成功实现了这一点。

I mean, we we have no way of saying, yes, they were successful in that or not.

但这是我们所能看到的。

But this is this is the what we were able to see.

这是他们与我们分享的内容，也是他们希望我们了解并传达的信息。

This is what they shared with us, and this is the message that they wanted us to know that they wanted to convey.

是的。

Yeah.

你自己去理解吧。

Take that for what you will.

对。

Yeah.

我回来的时候，正是这样跟我家人说的。

That's exactly what I was telling my family exactly, when I was coming back.

他们问我：你去那里是为了什么？

And they were asking me, what what did you go over there for?

我当时就说，是的。

I was like Yeah.

我们去那里是为了采访北约，让他们告诉我们他们真正希望我们了解的内容，而我们确实做到了。

Well, we went over there to interview NATO and have them tell us what they really wanted us to know, and that's exactly what we did.

对于一个不生活在网络安全世界中的普通人来说，有时这些风险看起来有些抽象。

To a regular person who doesn't live and breathe cybersecurity, sometimes the stakes can seem a little bit abstract.

当然。

Sure.

当系统突然崩溃时，这一点是显而易见且不可避免的。

When systems come to a crashing halt, that much is obvious and unavoidable.

但很多时候，这只是一个IT问题，有对应的IT解决方案，所以就让IT部门去处理吧。

But a lot of the time, it's an IT problem with IT solutions, so just let IT handle it.

对吧？

Right?

但像爱沙尼亚在2007年经历的那种系统性、全社会范围的危机，也可能发生在任何人、任何地方。

But, yeah, systemic society wide crises like what Estonia experienced in 2007 can happen to anyone, anywhere.

当然，许多聪明且勤奋的人正在接受培训，以防止这种情况发生。

And certainly, a lot of smart, hardworking people are training to prevent that from happening.

但这种威胁正是北约网络靶场诸多工作的潜在驱动力。

But that threat is the undercurrent of so much of what drives the work being done at the NATO cyber range.

有趣的是，‘你们去那边做了什么、看到了什么？’这个问题，我和莉兹回来后都从身边很多人那里听到过。

And it's funny that what did you go to do and see over there question was one that Liz and I both got from a lot of people in our lives after we came back.

我想，也许有些人对我们没有分享一些炫酷的、前沿高科技的惊人故事感到失望。

And I think maybe it was disappointing to some folks that we didn't have flashy stories about some crazy cutting edge high-tech to share.

没有什么疯狂到能让人震惊的事情。

Nothing bonkers to blow people's minds.

相反，我们看到的实际上，恕我直言，有点平淡无奇。

Instead, what we saw was actually, dare I say it, kind of mundane.

但正是这种平淡无奇，让我觉得它如此重要——像北约这样庞大的国际组织，竟然专门拨出一个地方，并投入整整两周的时间，把人们聚集在一起，只为提升某项技能，这在我看来非同寻常。

But it being mundane is to me what made it so important, that a massive international organization like NATO has devoted a place and serious time, two weeks, remember, to getting people together to get better at something, to me, is notable.

是的。

Yes.

军队进行训练，新闻十一点播报。

Military organizations train, News at eleven.

但你仔细想想。

But think about it.

他们仍然会从日常运作中抽出两周时间进行训练。

They are still taking two weeks out of their day to day operations to train.

尽管有影响，他们仍认为花时间提升网络领域的沟通与协同能力是值得的。

Despite the impact, they see the value in taking that time to refine their communication and coherence in the cyber realm.

有多少私营部门的网络安全组织能这么说呢？

How many private sector cybersecurity organizations can say the same?

所以，玛丽亚，我知道我们过去两个月一直一起制作这个节目，对吧？

So Maria, I know that you and I have been producing this together for the past, what, two months now.

我们一直在写脚本、撰稿，一切都在进行中。

We've been scripting, writing, everything.

我们一直在努力用语言准确描述我们在那里的经历。

We've been trying to put into words exactly what happened, while we were over there.

对你来说，进展如何？

How has it been going for you?

你对这些事情有什么看法？

What are your thoughts on things?

你有什么想分享的吗？

Do you have anything that you'd like to share?

是的。

Yeah.

我的意思是，我们已经谈到了一个宏观的挑战——用更准确的说法，就是当我们从这次旅行回来时，地缘政治正在我们脚下发生剧烈变动。

I mean, we've touched on sort of the meta challenge, for lack of better terminology, of geopolitics seismically shifting underneath our feet as we came back from this trip.

现在是1月初，美国在北约中的地位突然变得极不确定，而且美国还在威胁自己的盟友。

It's now early January, and now suddenly, The United States' position in NATO is extremely in question, and, also, The United States is threatening its own allies.

我的意思是，仅从个人层面来说，我只是在努力理解这一切，而且，用更恰当的说法，我感到震惊不已。

Like, how I mean, just on a personal level, I'm just trying to make sense of this all, and and I'm aghast, for lack of better term.

我的意思是，害怕得要命，震惊、困惑、愤怒。

I mean, scared as hell, shocked, confused, angry.

我正感受到所有这些情绪。

Like, I'm feeling all of these feelings.

这还只是我一个人的感受。

And this is just me.

这是我对此情况的理解，同时努力思考，好吧。

I'm my my read of that situation while trying to think, okay.

我正试图讲述一个关于我们在众多北约盟国遇到的了不起的人的故事，尽量不带太多感情色彩。

I'm trying to tell this story about these incredible people that we met from so many NATO allied nations trying to be, you know, not too emotional about it.

但说实话，我无法隐瞒。

But, I mean, I won't I can't lie.

那次访问非常触动人心。

It was a very affecting visit.

看到这些人正在处理如此艰巨的问题——为众多国家构建网络安全防御体系，同时还要与他们家中无法看到的团队协调，我知道这些人要么在努力保护自己国家的安全，要么在与那些将要这么做的人合作，这两者都极其困难，而且在许多情况下，他们同时承担着这两项任务。

Seeing all those people working on these incredibly difficult problems, working on cybersecurity defenses for a whole bunch of different countries, but also coordinating with their teams back home that we couldn't see, and knowing that these are the people who are either working on keeping their country secure or working with the people who would be doing that, both of which is extraordinarily hard, and in many cases, both at the same time.

从企业网络安全领域的背景来看，我知道即使在企业环境中，这些问题也极其艰巨。

Coming from the corporate cybersecurity world, I know even within a corporate situation, these are extraordinarily hard problems.

但当你谈论的是军事和民用网络防御、关键基础设施防护时，这些工作从来得不到任何认可，人们只有在失败时才会想到它们。

When But you're talking about military and civil network defense, critical infrastructure defense, this is the stuff that nobody gives any credit to, nobody thinks about until it fails.

当然，这些工作总是资源不足，却对人类生命至关重要。

And, of course, it's always under resourced, and it's so crucial for human life.

所以，这正是那种双重性——正是这些事情维系着文明的运转，但却无人知晓。

So it's just like that whole duality of this is the stuff that keeps civilization going and yet nobody knows about it.

他们就像是我们默默无闻的英雄。

These are like our unsung heroes.

就像遇见了这些默默无闻的英雄一样。

It's like meeting those unsung heroes.

对吧？

Right?

当然，他们都对此非常谦逊，也非常低调。

And, of course, they're all very humble about it, and they're all very modest.

我必须确保，在讲述他们的故事时，我能给予他们应得的尊重与庄重感——如果这个词用在这里合适的话。

And I wanna make sure that as I'm scripting their story that I'm giving them the respect and gravitas, if that's the right word to use here, that they deserve.

有太多未说出口的话。

There were so many unsaid things.

你能感受到其中的分量。

You could feel the weight of it.

我想，我一直纠结的问题是，你能感受到他们使命的重要性有多沉重。

That's, I guess, the thing I've been I've been struggling with is you could feel the weight of how important their mission is.

我能感受到这对他们来说有多严肃。

I could feel how serious it was for them.

我在网络安全领域接触过很多守护者，但这次的层次完全不同。

And I've met many defenders in my day in the cybersecurity realm, but this was a different echelon.

尽管这只是一个演练，我只能想象他们在日常中面对的是什么，以及他们所承担的风险。

Even though this was an exercise, I can only begin to imagine what they're dealing with in their day to day and the and the stakes for them.

而身处一个与俄罗斯接壤的国家——一个目前相当敌对的国家，风险是显而易见的，就摆在眼前。

And then being in a country that is on the border with Russia, you know, a a nation that is pretty adversarial right now, the stakes are really explicit and just like, they're right there.

尤其是爱沙尼亚人，这对他们来说是生死攸关的事。

The people, especially in Estonia, this is this is very life or death for them.

我的意思是，想想我们看到多少次乌克兰国旗在飘扬。

I mean, think about how many times we saw the Ukrainian flag flying.

对吧？

Right?

是的。

It was Yeah.

到处都是。

Everywhere.

乌克兰国旗的颜色确实无处不在。

The Ukrainian flag colors were absolutely everywhere.

这真的是生死攸关。

I mean, this is life or death.

真的，真的是生死攸关。

It really, really literally is.

我想对我来说，问题是：我有没有充分传达出这种紧迫性？

And I guess for me, it's like, am I communicating the stakes well enough?

我有没有表达清楚，这不仅仅是‘如果我们被黑了，可能有些个人信息会泄露’这种事？

Am I am I getting across that this is not just some, you know, if we get hacked, maybe some of our PII gets breached.

虽然很糟糕，但至少不会有人丧命。

Not great, but, you know, nobody's gonna die.

这些人所面对的情况可不是这样。

That's not the situation these folks are dealing with.

这些人正面对着实实在在的生死攸关的局势。

These are people who are dealing with literal life or death stakes.

当我们与他们交谈时，我感受到了这一点，那种沉重感让我难以释怀。

I felt that when we spoke with them, and I it just felt heavy to me.

但你知道，总得有人来处理这些事吧。

But, like, you know, somebody's gotta deal with it.

对吧？

Right?

我只是在想，我有没有把这一点充分传达出来？

And I'm just I'm wondering to myself, am I doing a good enough job in communicating that?

我不确定。

I don't know.

所以我不确定现在是不是提出这个想法的好时机。

So I'm not sure if this is a good idea right at the moment.

也许我们应该换个地方继续。

Maybe we should proceed somewhere else.

我们沿着这条街往下走吧。

And we we let's go down the street this way.

当然，我们不是该往这边走吗？

Sure You we're not due for any should we go on this way?

我只是想确认我们有没有漏掉什么。

I was just making sure we didn't Or do

你想往下走吗？

you wanna go down

这条路？

the way?

你还在录吗？

Are you still recording?

好的。

Okay.

所以现在的情况是，我们位于塔林老城中心，刚刚拐进一条靠近圣诞市场的侧街，俄罗斯大使馆就在那里。

So situation is we are in the center of Tallinn Old Town, and we you just turn down a side street very close to the Christmas market, and the Russian embassy is right there.

俄罗斯大使馆正前方的围栏上贴满了抗议海报，全是手工制作的，抗议俄乌战争。

And the fence right in front of the Russian embassy is absolutely plastered with protest posters, handmade, all of them, protesting the Ukraine war.

上面写着‘停止杀人’之类的标语。

Messages like stop killing people.

‘普京手上沾满鲜血’，诸如此类的内容。

Putin has blood on his hands, things like that.

对我来说，这也很有意义：每面可见的旗帜都紧贴着大使馆边缘，或是骄傲地悬挂着立陶宛国旗，以示反抗。

And it's very significant to me also that every other visible flag were immediately on the edges of the embassy or very proud Estonian flags held open in defiance.

这再次凸显了我们前几天一直在讨论的利害关系。

Again, it just drives home the stakes that we've been talking about the last few days.

对许多人来说，这类事情只是理论上的，但在这里，却并非如此。

And for many people, these kinds of things are theoretical, but here, it's not.

这是非常真实的。

It's very real.

但除此之外，生活照常进行，这条街在老城区的这一部分也和其他街道没什么不同。

But, otherwise, life goes on, and it's an otherwise ordinary street in the part of Old Town.

看起来和其他街道都一样，除非你转过那个拐角。

Looks like all the rest of them, except when you turn that corner.

那道围栏和

That fence is and that

当然，俄罗斯国旗，

the Russian flag, of course,

就在正上方。

right above.

它清楚地告诉你这里正在发生什么。

It tells you exactly what's going on.

是的。

Yeah.

当我们正在……的时候，有一名武装警卫走了出来。

There was an armed guard that would came outside as we were sort

我们站在它前面，因为你知道，

of standing in front of it because, you know,

我们背着背包，还带着一大堆

we were standing there with our backpacks and a whole

装备，我敢肯定我们看起来特别可疑。

bunch of gear, and I'm sure we probably looked super suspicious.

所以我们想着，现在该走了。

So we were like, we're gonna get to move on now.

在我们拜访期间，莉兹和我与房东闲聊时，每当我们提到我们真的很享受在老城区的时光，人们 inevitably 会压低声音问：你们有没有路过俄罗斯大使馆？

When Liz and I chitchatted with our hosts during our visit, whenever we mentioned that we really had been enjoying our time in the old town, inevitably, people would drop their voice to a whisper and ask, did you happen to go past the Russian embassy?

你们看到那里发生了什么吗？

Did you see what was going on there?

偶然遇到

Happening upon

在俄罗斯大使馆附近遇到他们的圣诞集市，可能是最让我震惊的事情之一，因为我完全没想到会看到周围大使馆挂着二十面乌克兰国旗。

the Russian embassy in the middle of their Christmas market was probably one of the things that, like, threw me the most because I was not expecting to see, you know, 20 Ukraine flags on the surrounding embassies No.

只是为了表示声援。

Just in solidarity Yeah.

对正在发生的事情。

With what was going on.

考虑到爱沙尼亚和乌克兰的历史，这很合理。

And it makes sense given Estonia and Ukraine's history.

就像他们是兄弟一样。

Like, they're they're brothers.

你只有亲眼目睹时才会意识到，而这正是我们所经历的。

You don't realize it until you witness it firsthand, which is exactly what we did.

是的。

Yep.

我的意思是，这本来就是我知道的事情。

I mean, it's like one of those things that I knew.

我一直都知道。

I've known.

但当你真正身处前线，尤其是2007年网络攻击发生的地方时，大家都知道指的是2007年。

But when you're actually on quite literally the front lines especially where the cybersecurity attack happened, the two thousand and seven attacks, right, where they just they know everyone just says 2007.

每个人一听就知道你在说什么。

Everybody knows what you're talking about.

对吧？

Right?

爱沙尼亚知道。

Estonia knows.

爱沙尼亚非常清楚，这里的利害关系有多高。

Estonia knows well how much higher the stakes are.

直到我们深入研究之后，我才真正理解2007年网络攻击对爱沙尼亚造成了多大的影响。

I I mean, only after us researching that heavily did I even fully grasp what the two thousand seven cyber attacks did to Estonia.

而且我觉得，这又是一类事情，你必须亲身经历才能明白。

And I I think, again, it's like one of those things where you have to kind of you

你必须亲眼见证才行。

have to witness it firsthand.

爱沙尼亚坚决致力于维护其独立，他们与乌克兰——另一个前苏联共和国——的团结，从你一下飞机就能明显感受到。

Estonia is fiercely determined to keep their independence, and their solidarity with Ukraine, a fellow former Soviet Republic, is obvious from the moment you step off of the plane.

乌克兰国旗在爱沙尼亚随处可见，正如我在之前的节目中提到的，它常常与爱沙尼亚国旗处于同等高度并享有同等荣誉。

The Ukrainian flag is absolutely everywhere in Estonia, as I mentioned a bit in previous episodes, and it often flies at the same level and equal honors as the Estonian flag.

摩天大楼被点亮为黄蓝两色。

Skyscrapers were lit up yellow and blue.

就连城市树木上的圣诞灯饰，也全部使用乌克兰国旗的黄蓝两色。

Even city tree Christmas lights were solely in yellow and blue Ukrainian flag colors.

爱沙尼亚人非常清楚，乌克兰同胞遭遇的一切，很可能也会发生在他们自己身上。

People in Estonia understand very well that whatever happens to their Ukrainian brethren could very well mean them next.

爱沙尼亚也为自己是北约成员而感到自豪。

Estonia is also very proud of being part of NATO.

除了在旗杆等处看到北约旗帜骄傲地飘扬外，即使在我前往塔林机场准备回家时，也看到一款纪念徽章，上面印有爱沙尼亚和北约的旗帜。

Aside from seeing NATO's flag flying proudly on flagpoles and the like, even when I was at Tallinn Airport heading home, I saw a pin souvenir that featured the Estonian and NATO flags.

事实上，我至今还把它放在桌上，包装纸都还没拆。

Actually, I still have it here on my desk, still in its cellophane.

我从没想过，在旅游纪念品商店里，NATO旗帜会和钥匙扣、高档巧克力摆在一起，有如此高的曝光度。

I don't think I've ever seen the NATO flag with that level of prominence in a tourist tchotchke shop before, right next to the keychains and the fancy chocolates.

老实说，我正努力回想上一次在美国看到NATO旗帜飘扬是在什么时候。

And, honestly, I'm trying to remember the last time I saw the NATO flag flying anywhere in The United States.

我们常说网络安全是一个全球无国界的行业，但当你所面对的对手并不在你家门口时，这样说自然容易。

While we often say cybersecurity is a global borderless business, that might be easy to say when your adversary is not literally right next door.

当你身处爱沙尼亚时，几乎不可能忘记，真正的威胁就在仅210公里外的俄罗斯边境。

When you are in Estonia, it's just about impossible to forget that the stakes are a mere 210 kilometers away at the Russian border.

爱沙尼亚作为前苏联共和国，于1991年苏联解体后获得独立。

Estonia, as a former Soviet Republic, became independent with the fall of the USSR in 1991.

在这个高度现代化、科技领先的国家，苏联时代的影响正在消退，但语言、苏式建筑，甚至有时是雕像等实物痕迹，依然清晰可见。

The legacy of the Soviet years are fading in this uber modern tech forward nation, but the physical reminders from the languages spoken to the Soviet era buildings and, yes, sometimes even the statues, those physical reminders, they are still there.

你希望人们从这一切中获得什么启示？

What would you like people to take away from it?

这是个很好的问题。

A It's great question.

我的意思是，我确实希望人们能了解这段历史。

I mean, I definitely want people to learn the history.

再次说，我们回来后，我坐在那里看了好几个小时，吸收信息。

Again, I sat there for hours after we got back learning, ingesting.

我往返的整个飞行途中，我都

And my whole flight over and back, I

只是觉得，

was just, like,

读了大量资料。

reading so much.

是的。

Yeah.

好几个小时。

Hours and hours.

而且我不觉得你们非得这么做。

And I don't I mean, you guys don't have to do that.

我们在这里就是为了这个。

That's what we're here for.

但我认为你们应该了解发生过的事情，因为这并不是永远不会再次发生。

But I think you should learn about what happened because not that it's never gonna happen again.

它可能会再次发生。

It can happen again.

很可能会发生。

Probably will.

我，是的。

I yeah.

你说得对。

You're right.

是的。

Yeah.

它很可能会发生。

It probably will.

而且，你知道，这就像是

And, you know, it's like

以我们无法想象的方式。

In ways that we can't imagine.

是的。

Yeah.

这是老生常谈了：哦，这种事情永远不会发生在我身上。

It's the age old thing of, oh, it's never gonna happen to me.

但你永远说不准。

Well, you never know.

是的。

Yeah.

老实说，了解那段历史，认真思考它，并了解北约现在如何帮助保护这些盟国，这是我希望每个人都能记住的。

Honestly, just learning about that history, kind of taking that into consideration, and learning about what NATO now does to kind of help protect these allied countries is something that I want everybody to take away of.

对我来说，除了你所说的之外，因为你完全说对了。

To me, in addition to what you said, because you're right on.

你完全正确。

You are absolutely right on.

我带走的主要想法是，也许这也是娜达希望我带走的，我完全承认这一点：当我想到网络安全时，我不会说技术问题现在已经解决了。

The thing that I walked away with, and maybe this is also because this is what Nada wanted me to walk away with, and I will totally fess up to that, was that when I think of cybersecurity in general, I'm not going to say, you know, the technical problems are fixed now.

这并不是说完全不对。

It's that's not it's like wildly not correct.

但多年来，重点一直放在你需要一个炫酷的工具上。

But for years, the emphasis has been on just you need a shiny tool.

你遇到了这个问题。

You've got this problem.

我们有个工具能解决它。

We've got a tool to fix it.

让我感到非常惊讶的是，北约并没有关注这一点。

And it was really remarkable to me that NATO was not focusing on that.

他们给我们展示的其实是一个工具。

Like, was a tool that they showed us about.

是VSIC。

Was VSIC.

VSIC是最难念的缩写，它

VSisc was the hardest acronym to say It

是非常它

is a very It

是一个极其复杂的缩写。

is a beast of an acronym.

但他们非常注重人与人之间的交流，人理解人，人学会如何与人合作。

But they were really all about humans talking to humans, humans understanding humans, humans understanding how to work with humans.

就像是，好吧，工具充其量只是次要的。

It's like, okay, the tools are are really tertiary at best.

关键是我们如何彼此沟通？

It was how do we communicate to each other?

我们如何理解彼此的需求？

How do we understand what each other needs?

这让我很感兴趣，因为我们正在回归到合作这一最根本的人类问题与解决方案。

That's interesting to me, that we're we're we're going back to really the core human problem and solution of working together.

而一个联盟必须擅长这一点。

And an alliance needs to be good at that.

我的意思是，这正是联盟的本质，也是它必须具备的核心。

And, I mean, that's kind of the core of what it it is, what it needs to be in an alliance.

北大西洋公约，更广为人知的名称是北约，其正式文本撰写于1949年4月4日。

The North Atlantic Treaty, better known as NATO and its official text, was written on 04/04/1949.

我们必须思考，当时的世界与现在有多么不同，那时互联网甚至还在DARPA的构想中尚未出现。

We have to think about how different the world was back then, well before the Internet was even a glimmer in DARPA's eye.

网络安全是在2017年被列为北约的专业领域，而太空领域则是在2019年加入的，顺便说一下。

Cybersecurity was added in as a domain of expertise to NATO in 2017, with space added in 2019, by the way.

毫无疑问，战争的性质已经发生了巨大变化，更广泛的地缘政治背景也是如此，尤其是自2022年俄罗斯入侵乌克兰以及2024年美国总统特朗普再次当选以来。

Certainly, the nature of warfare has changed a lot, as have the broader geopolitical contexts, especially since Russia's invasion of Ukraine in 2022 and US president Trump's reelection in 2024.

就在从北约演习回国一个月后，美国在北约中的角色前景似乎变得极其不确定。

Just a month after coming home from the NATO exercise, the future of The United States' role in and with NATO seems profoundly uncertain.

撇开我个人的政治立场不谈，从网络安全的角度来看，退出像北约这样的联盟确实让我深感忧虑，这是最少的说辞。

And putting all of my own personal and political viewpoints on that aside, the idea of leaving an alliance like NATO from a cybersecurity perspective really gives me pause, to say the least.

有效的防御和进攻始终是协作、合作与协调的成果。

Effective defense and offense are always stronger as a collaborative, cooperative, coordinated exercise.

还记得指挥官卡普兰一直强调的那三个‘C’吗？

Remember those three c's that commander Kaplan kept saying?

当没有人与你共享信息时，你如何可能对敌对活动保持任何优势？

How can you possibly maintain any kind of advantage over adversarial activity when no one's sharing information with you.

没有人会帮你发现盲点。

Nobody's catching your blind spots.

当你不可避免地遇到语言、文化、思维模式、流程、技术等障碍时，没有人会为你提供支持。

Nobody's covering you when you inevitably hit a language, cultural, mindset, process, technological, you name it, barrier.

如果你认为美国在网络安全领域处于领先地位——确实，我们很多人都这么认为，那么如果我们基本上孤军奋战，这种技术优势还能维持多久？

If you consider The United States to be ahead of the game in the cyber realm, and sure, many of us do, genuinely, how long do we think a technological head start in cybersecurity possibly could last if we're basically going it alone.

我从爱沙尼亚回来两个月后，脑海中不断浮现的是在塔林遇到的那些优秀的人们，是爱沙尼亚国旗旁高高飘扬的乌克兰国旗，还有机场上那个北约徽章，以及当联盟出现裂痕、承诺未能兑现、信任被缓慢侵蚀乃至瞬间崩塌时，所牵涉的明示与隐含的一切。

Two months after my trip to Estonia, all I can think about is the many wonderful people that I met in Tallinn and the many Ukrainian flags flying high and proud next to the Estonian flags and that NATO flag pin at the airport, and everything that is at stake, explicitly and implicitly when an alliance frays, when promises aren't kept, When trust is eroded slowly and then seemingly all at once.

当防御不再合作、协作或协调时，它肯定就不再团结了。

When defense is not cooperative, collaborative, or coordinated anymore, it's definitely not cohesive.

在某个时刻，它也将变得不再有效。

And at a certain point, it won't be very effective either.

鉴于当前的利害关系如此重大，这不仅仅会成为我们最顶尖的网络安全防御者的问题，而会变成每个人的问题。

With the stakes being as high as they are, this won't be just a problem for our most elite of cybersecurity defenders, it will become everyone's problem.

感谢您收听我们这个三部分系列的第三集。

Thank you for listening to this third episode of our three part series.

我们还准备了一个小彩蛋，将会发布在播客频道中。

We do have a little bonus that we'll be dropping in the podcast feed for you.

那是我的记者笔记本，里面收录了我在塔林期间录制的片段，无论是散步时、刚从快艇上下来，还是凌晨四点试图让咖啡机工作时录下的。

That's my audio reporter's notebook with clips that I recorded while in Tallinn, walking around or freshly out of the skiff, or at four in the morning trying to get the coffee machine to work.

如果您想了解这次任务中更真实、未经修饰的体验，那么记者笔记本就是为您准备的。

If you are interested in the more unfiltered experience from this assignment, the reporter's notebook is for you.

你可以把它看作是第四集的附加内容。

Think of it as a bonus episode four, if you will.

本集由莉兹·斯托克斯制作。

This episode was produced by Liz Stokes.

混音、剪辑和音效设计由特雷·赫斯特负责。

Mixing, editing, and sound design by Trey Hester.

我们的执行制片人是詹妮弗·伊本，内容策略由马詹·普劳特提供。

Our executive producer is Jennifer Iben with content strategy by Majaan Plaut.

彼得·基尔佩是我们的出版人，而我则是您的主持人，玛丽亚·瓦尔马泽斯。

Peter Kilpey is our publisher, and I am your host, Maria Varmazes.

非常感谢您的收听。

Thank you so much for listening.

谈谈零信任。

Talk about Zero Trust.

零信任世界带您身临其境。

Zero Trust World puts you inside.

这是一场面向实践者的实战型网络安全活动，旨在传授真实技能，而非空谈理论。

This is a hands on cybersecurity event designed for practitioners who want real skills, not just theory.

你将参与实时黑客实验室，在真实环境中进行攻击，了解现代威胁的实际运作方式，并学习如何在它们演变为事件之前阻止它们。

You'll take part in live hacking labs where you'll attack real environments, see how modern threats actually work, and learn how to stop them before they turn into incidents.

但Zero Trust World不仅仅是实验室。

But Zero Trust World is more than labs.

你还将参加由专家主导的课程、实用案例研究和技术深度解析，专注于实际应用。

You'll also experience expert led sessions, practical case studies, and technical deep dives focused on real world implementation.

无论你是蓝队、红队，还是负责保护整个组织，这些内容都旨在立即派上用场。

Whether you're blue team, red team, or responsible for securing an entire organization, the content is built to be immediately useful.

你将获得CPE学分，与行业同行建立联系，并带走可以立即付诸实践的策略。

You'll CPE credits, connect with peers across the industry, and leave with strategies you can put into action right away.

今年三月，来佛罗里达州奥兰多加入我们。

Join us March in Orlando, Florida.

立即访问 ztw.com 注册，将你的零信任策略从理论转化为执行。

Register now at z t w dot com and take your zero trust strategy from theory to execution.