中國優先發展網絡戰略信息化戰 // China to give priority to the development of network strategy & information warfare

中國優先發展網絡戰略信息化戰 //

China to give priority to the development of network strategy & information warfare

Cyberspace has become the national comprehensive security of the door. Network warfare reality, the network battlefield globalization, network confrontation normalization, the network attack heart white hot, the network to build the army of the general trend, no one can block. Give priority to the development of network strategy, and actively seize the commanding heights of network strategy, for my army building is of great significance.

  The main features of network strategy

Network strategic strength refers to the ability to achieve the desired results through cyberspace. From the current development and possible future trends, mainly with the following characteristics.

Composed of multiple. In recent years, the major network events in the world have shown that the strategic power of the military network is the main force of cyberspace competition. The strategic power of the government departments and the private sector is an important part of the cyberspace competition. The “cyber warrior” An important addition.

Strong professionalism. Network strategy strength has a strong latent and difficult to predict, and the speed of light, instantaneous effect, monitoring and early warning is difficult; once the action is effective, damage effect superimposed magnification or non-linear step, with a typical “butterfly effect.” In 2010, the “shock net” virus attacked the centrifuges of the Iranian Bushehr nuclear power plant and the Natanz uranium enrichment plant, resulting in nearly a thousand centrifuge scrapped, forcing Iran’s nuclear capacity building to delay 2 to 3 years, opened the network attack soft means Destroy the national hard facilities.

Destructive. The strategic power of the network is no less than the weapons of mass destruction. Russia and Georgia in 2008, “the five-day war”, the Russian military to Georgia’s television media, government websites and transportation systems as the goal, to carry out a comprehensive “bee group” type of network paralysis attacks, leading to grid government agencies operating chaos, Logistics and communication system collapse, much-needed war materials can not be delivered in a timely manner, the potential of the war has been seriously weakened, a direct impact on the grid of social order, operational command and troop scheduling. The Russian military doctrine has identified cybercrime as a weapon of mass destruction and has retained the right to use weapons of mass destruction or nuclear weapons to counterattack.

Advanced technology and phase. Network strategy strength development speed, replacement fast, technical materialization for the equipment cycle is short. At present, the speed of the microprocessor doubles every 18 months, the backbone bandwidth doubled every six months, a variety of new electronic information equipment after another, all kinds of application software dizzying. Cyber ​​space confrontation is the field of information in the field of offensive and defensive struggle, the use of network strategy forces in the confrontation of the phase with grams, constantly renovated. The development of the firewall and the information monitoring technology makes the software of the anti-wall software upgrade continuously. The development of the firewall and the information monitoring technology has led to the development of the firewall. , Can be described as “a foot high, magic high ten feet.”

  The Developing Trend of Network Strategic

From the subordinate force to the development of key forces. In the past, the network strategic power is mainly for other forces to provide information security, in a subordinate position; with the development of network information technology, network system control of other rights, network strategic forces from subordinate status to the dominant position to accelerate into, to maintain the country The key to safety. There is no network security there is no sovereign security, “no net” to become a new law of war, the world’s major countries around the network space development rights, dominance and control of a new round of competition, especially the United States and Russia adhere to the practice In the use and continue to develop.

From the maintenance of force to the development of specialized forces. In the past, the network strategy is mainly to maintain the network information system and all kinds of network transmission system, network attack and defense attributes are not clear. At present, all areas of the network space in depth, the world’s major countries are hard to build cyberspace offensive and defensive capabilities, the main military power of the network strategy has become a network of reconnaissance, network attacks, network defense and other clear division of labor, professional regular military forces. The United States has so far built the world’s most complete and powerful network of the army, and held a series of “network storm” series of exercises. The new “cyberspace strategy” in the United States, the first public to cyberspace combat as one of the tactical options for future military conflict, clearly proposed to improve the US military in the cyberspace of deterrence and offensive capability. In order to adapt to the new strategy, the US Department of Defense proposed 2018 to build a offensive and defensive, flexible form, with full combat capability of the network forces construction goals.

From the military to the integration of military and civilian development. The development of the strategic power of the military network started relatively late compared with the civil field, and because of the confidentiality of military confrontation and the specificity of the operational objectives, it is often developed independently. With the development of network technology, the military’s own network strategic strength is difficult to meet the needs of diversified tasks, we must learn from local folk technical means, integrate local network resources, realize the integration of military and civilian development. Network space capacity building on the talent, intelligence, experience and other software environment is extremely high, coupled with the local convergence of a wealth of network resources, military and civilian forces to promote the development of cyberspace capabilities become the strong tone of the times.

From a single model to the “network integration” development. At present, the network includes both the computer IP system network and the non-computer IP system network including a large number of complex early warning detection network, satellite communication network and tactical data link. The traditional single network confrontation model is difficult to meet the challenge of cyberspace. With the development of information technology, especially the Internet of Things technology, the relationship between the network and the power of the battlefield network more and more closely, which for the “network integration” in the technical means to provide the possibility. The use of electronic warfare and network warfare means, for different systems around the open bow, broken chain broken network, to achieve complementary advantages, system damage, as the latest guidance on the construction of network space. Data show that the US military typical network of integrated attack equipment “Shu special” system has been from the “Shu-1” to the current development of “Shu-5”. According to reports, “Shute” system through the enemy radar antenna, microwave relay station, network processing nodes to invade the enemy air defense network system, real-time monitoring of enemy radar detection results, even as a system administrator to take over the enemy network, Control of the sensor.

From non-state actors to state actors. At present, the network attack has developed from a single hacker behavior for the national, political, military confrontation, the attack object has been developed from the personal website to the country, the army’s important information system, attack “unit” has grown from stand-alone to tens of thousands Hundreds of thousands of terminals, and can instantly release the amazing attack energy. Although many of the intentions of malicious acts of non-State actors are non-state, the consequences are national, whether they are espionage, political opinions, or personal discontent, or terrorist activities , Have a direct impact on social stability, disrupt the economic order, endanger the stability of state power. Once the relevant reaction is made, the subject of the act must be the state and the army, and not the non-state actors themselves.

  The Construction of Network Strategic Strength

Strengthen strategic planning. Cyberspace competition is the first strategic battle of the contest. From the national level, the network strategy of the power of the main function is to reduce the risk of cyberspace, maintaining the normal operation of the country. We must understand the extreme importance and realistic urgency of cyberspace security from the perspective of national security, raise the focus of cyberspace capacity building to the strategic level, and try to reduce the national cyberspace security while trying to solve the problem of how to make good use of cyberspace Risk, so that cyberspace security has become an important support for national prosperity and security. From the military level, the network strategy is mainly to seize the system of network power. We must expand the military vision, the cyberspace as an important area of ​​action, to seize the system as the core, change the military ideas and ideas, adjust the structure and composition of armed forces, the development of weapons and equipment and take a new tactics.

Speed ​​up the construction of the power system. Maintain cyberspace security in the final analysis depends on the strength. We must base ourselves on the characteristics and laws of cyberspace capacity building, focus on the core elements of network capability system and the overall layout of network strategy, and systematically design the system structure which conforms to the law and characteristics of cyberspace confrontation in our country, and perfect the system of leadership and command Functional tasks, straighten out the relationship between command and management. We should take the network strategic power as an important new combat force, from the organization construction, personnel training, equipment development, elements of training and other aspects, to take extraordinary measures to give priority construction, focus on protection. To normalize the national network of offensive and defensive exercises, test theory, tactics, equipment and technology effectiveness, and comprehensively enhance the comprehensive prevention of cyberspace capabilities.

Promote technological innovation. The essence of cyberspace confrontation is the competition of core technology, and it is necessary to accelerate the independent innovation of network information technology. To improve the ability of independent innovation as a strategic basis to the national innovation system as the basic support, focus on breaking the forefront of network development technology and international competitiveness of the key core technology, advanced deployment and focus on the development of information technology and information industry. To speed up the process of localization of key core technologies, strengthen the construction of safety testing and active early warning means, and gradually improve the equipment system of cyberspace in China, and comprehensively improve our network space capability. To follow the basic laws of cyberspace confrontation, in accordance with the “asymmetric checks and balances” strategy, increase the quantum technology, Internet of things and cloud computing and other new technology research and development efforts to create unique combat capability, master the initiative of cyberspace security development The

Promote the integration of military and civilian development. The integration of the military space ability of military and civilian development is not only the overall situation of national security and development strategy, the overall planning of national defense and economic and social development, but also the objective fact that cyberspace security can not be avoided. We must actively promote the deep integration of military and civilian development, to promote China’s network space capacity supporting the construction. It is necessary to formulate top-level planning in the form of policies and regulations, clarify the objectives, methods, organizational division and basic requirements of the deepening development of cyberspace in the form of policies and regulations, and make the integration of military and civilian development into law enforcement and organizational behavior; To establish a sound military coordination, demand docking, resource sharing mechanism, through a unified leadership management organization and coordination of military needs and major work, to achieve risk sharing, sharing of resources and common development of the new situation. We should pay attention to the distinction between the boundaries of military and civilian integration, clear the concept of development-oriented people and the main battle concept of the army, and actively explore the military and the people, the advantages of complementary channels.

Original Mandarin Chinese:

网络空间成为国家综合安全的命门。网络战争现实化、网络战场全球化、网络对抗常态化、网络攻心白热化、网络建军正规化的大势,无人可挡。优先发展网络战略力量,积极抢占网络战略制高点,对于我军队建设具有重要意义。

  网络战略力量的主要特点

网络战略力量,是指通过网络空间来实现预期结果的能力。从当前发展及未来可能的走势看,主要有以下特点。

组成多元。近年来发生在全球范围内的重大网络事件表明,军队网络战略力量是网络空间竞争的主力军,政府部门、私营机构网络战略力量是网络空间竞争的重要部分,民间“网络战士”是网络空间竞争的重要补充。

专业性强。网络战略力量具有极强的潜伏性和难预测性,且以光速进行、瞬时产生效果,监测预警难度大;一旦行动奏效,损害效果叠加放大或非线性阶跃,具有典型的“蝴蝶效应”。2010年,“震网”病毒攻击了伊朗布什尔核电站和纳坦兹铀浓缩厂的离心机,造成近千台离心机报废,迫使伊朗核能力建设延迟2至3年,开启了网络攻击软手段摧毁国家硬设施的先河。

破坏性大。网络战略力量破坏力不亚于大规模杀伤性武器。2008年俄国与格鲁吉亚“五日战争”中,俄军以格方的电视媒体、政府网站和交通系统等为目标,开展全面的“蜂群”式网络阻瘫攻击,导致格政府机构运作混乱,物流和通信系统崩溃,急需的战争物资无法及时投送,战争潜力受到严重削弱,直接影响了格的社会秩序、作战指挥和部队调度。俄罗斯军事学说已将网络攻击手段定性为大规模毁灭性武器,并保留了运用大规模毁灭性武器或核武器反击的权利。

技术先进且相生相克。网络战略力量发展速度快、更新换代快,技术物化为装备的周期短。当前,微处理器的速度每18个月翻一番,主干网带宽每6个月增加一倍,各种新型电子信息设备层出不穷,各种应用软件目不暇接。网络空间对抗是信息领域的攻防斗争,网络战略力量使用的手段在对抗中相生相克、不断翻新。常规通信受干扰催生了跳、扩频通信体制,跳、扩频通信的出现又催生了频率跟踪干扰、相关信号干扰等新型电子干扰手段;防火墙、信息监控技术的发展,使翻墙软件不断升级,可谓“道高一尺,魔高一丈”。

  网络战略力量的发展趋势

由从属性力量向关键性力量发展。以往网络战略力量主要是为其他力量提供信息保障,处于从属地位;随着网络信息技术的发展,制网权统揽其他制权,网络战略力量由从属地位向主导地位加速转进,成为维护国家安全的关键。没有网络安全就没有主权安全,“无网不胜”成为战争的新定律,世界各主要国家围绕网络空间的发展权、主导权和控制权展开了新一轮的角逐,特别是美俄坚持在实践中运用并不断发展。

由维护型力量向专业化力量发展。以往网络战略力量主要是维护网络化信息系统和各类网络传输系统,网络攻击和防御属性均不鲜明。当下各领域对网络空间深度依赖,世界主要国家无不竭力打造网络空间攻防能力,主要军事强国的网络战略力量业已成为集网络侦察、网络攻击、网络防御等分工明确、专业化的正规军事力量。美国迄今已建成全球编制最齐全、力量最庞大的网军,并多次举行“网络风暴”系列演习。美国新版《网络空间战略》,首次公开把网络空间作战作为今后军事冲突的战术选项之一,明确提出要提高美军在网络空间的威慑和进攻能力。为适应新战略,美国防部提出2018年建成一支攻防兼备、形式灵活,具备全面作战能力的网络部队的建设目标。

由军地自主向军民融合发展。军队网络战略力量的发展相对于民用领域起步较晚,且由于军事对抗的保密性和作战目标的特定性,往往自主发展。随着网络技术的发展,军队自身的网络战略力量难满足多样化任务的需要,必须学习借鉴地方民间技术手段,整合地方网络资源,实现军民融合发展。网络空间能力建设对人才、智力、经验等软件环境要求极高,加上地方汇聚了丰富的网络资源,军民联手推进网络空间能力发展成为时代的强音。

由单一模式向“网电一体”发展。现阶段,网络既包括计算机IP体制网络,更包含大量复杂的预警探测网、卫星通信网、战术数据链等非计算机IP体制网络,传统的单一网络对抗模式难以应对网络空间的挑战。随着信息技术特别是物联网技术的发展,战场网中网与电的关系越来越紧密,这为“网电一体”在技术手段上提供了可能。综合运用电子战与网络战手段,针对不同体制的网络左右开弓、断链破网,实现优势互补、体系破击,成为网络空间能力建设的最新指导。有资料显示,美军典型网电一体攻击装备“舒特”系统已从“舒特-1”发展到目前的“舒特-5”。据报道,“舒特”系统可通过敌方雷达天线、微波中继站、网络处理节点入侵敌方防空网络系统,能够实时监视敌方雷达的探测结果,甚至以系统管理员身份接管敌方网络,实现对传感器的控制。

由非国家行为体向国家行为体发展。目前,网络攻击已从单个的黑客行为发展为国家、政治、军事上的对抗行为,攻击对象已从个人网站发展到国家、军队的重要信息系统,攻击“单元”已从单机发展到数万乃至数十万台终端,且能在瞬时释放惊人的攻击能量。尽管非国家行为体的恶意网络行为目的许多是非国家的,但由此所造成的后果却是国家的,无论是进行间谍活动,还是发表政治主张,或是发泄个人不满情绪,或是进行恐怖活动,都直接影响社会稳定、扰乱经济秩序、危及国家政权稳固。一旦因之作出相关反应,其行为主体一定是国家和军队,而不再是非国家行为体本身。

  网络战略力量的建设指向

加强战略统筹谋划。网络空间竞争首先是战略运筹的较量。从国家层面看,网络战略力量的职能主要是降低网络空间的风险,维护国家正常运转。必须从国家安全的视角认清网络空间安全的极端重要性和现实紧迫性,将网络空间能力建设的着眼点上升到战略层面,在着力解决如何利用好网络空间的同时,努力降低国家网络空间安全风险,使网络空间安全成为国家繁荣与安全的重要支撑。从军队层面看,网络战略力量主要是夺取制网权。必须拓展军事视野,把网络空间作为制权行动的一个重要领域,以夺取制网权为核心,变革军事思想和观念,调整武装力量结构与构成,发展武器装备并采取新的战法。

加快力量体系构建。维护网络空间安全说到底要靠实力。必须立足于网络空间能力建设的特点、规律,围绕我国网络能力体系核心要素和网络战略力量建设总体布局,以系统思维设计符合我国网络空间对抗规律和特点的体系架构,健全领导指挥体制机制,明确职能任务,理顺指挥管理关系。要把网络战略力量作为重要的新型作战力量突出出来,从组织建设、人才培养、装备发展、要素演训等各方面,采取超常举措,给予重点建设、重点保障。要常态化开展国家级网络攻防演练,检验理论、战法、装备及技术的有效性,全面提升网络空间综合防范能力。

推进技术自主创新。网络空间对抗的实质是核心技术的比拼,必须加快推进网络信息技术自主创新。要把提高自主创新能力作为战略基点,以国家创新体系为基本依托,集中力量突破网络发展的前沿技术和具有国际竞争力的关键核心技术,超前部署和重点发展信息技术和信息产业。要加速关键核心技术的国产化进程,加强安全测试和主动预警手段的建设,逐步完善我国网络空间的装备体系,全面提高我国网络空间能力。要遵循网络空间对抗的基本规律,按照“非对称制衡”方略,加大对量子科技、物联网和云计算等新技术的研发力度,以独创技术塑造实战能力,掌握网络空间安全发展的主动权。

推动军民融合发展。网络空间能力的军民融合式发展,既是站在国家安全与发展的战略全局,对国防和经济社会发展统筹谋划,也是网络空间安全不能回避的客观事实。必须积极推动军民深度融合发展,全力推进我国网络空间能力配套建设。要综合军民需求制定顶层规划,以政策法规的形式明确网络空间军民融合深度发展的目标任务、方法路径、组织分工和基本要求等关系全局的重大问题,变军民融合发展为执法行为、组织行为;要建立健全军地协调、需求对接、资源共享机制,通过统一的领导管理机构组织协调军地的各类需求和重大工作,达成风险共担、资源共享、共同发展的新局面。要注重军民融合的界限区分,明确以民为主的发展理念和以军为主的作战理念,积极探索军民一体、优势互补的可行性渠道。

Source URL:

http://theory.people.com.cn/n1/2016/1226/c40531-28977153.html

Full Text of China’s National Cyberspace Security Strategy // 國家網絡空間安全戰略全文

Full Text of China’s National Cyberspace Security Strategy

國家網絡空間安全戰略全文

Beijing,People’s Republic of China

27 DEC 2017

December 27, approved by the Central Network Security and Information Technology Leading Group, the National Internet Information Office released the “national cyberspace security strategy”, the full text is as follows.

The extensive application of information technology and the rise and development of cyberspace have greatly promoted the economic and social prosperity and progress, but also brought new security risks and challenges. Cyberspace security (hereinafter referred to as cybersecurity) concerns the common interests of mankind, related to world peace and development, and national security. Safeguarding China’s network security is an important measure to coordinate and promote the comprehensive construction of a well-off society, comprehensively deepen reform, comprehensively administer the country according to law, and strictly pursue the strategic layout of the party, and realize the goal of “two hundred years” and realize the great rejuvenation of the Chinese nation An important guarantee. In order to implement the “four principles” of promoting the transformation of the global Internet governance system and the “five-point proposition” to build the cyberspace destiny community, we have clarified China’s important position on cyberspace development and security, guided China’s network security work, The state in the cyberspace of sovereignty, security, development interests, the development of this strategy.

First, opportunities and challenges

(A) a major opportunity

With the rapid development of information revolution, Internet, communication network, computer system, automation control system, digital equipment and its application, service and data, such as the network space, is a comprehensive change in people’s production and lifestyle, profound impact on human society Development process.

New channels for information dissemination. The development of network technology, breaking the time and space constraints, expanding the scope of communication, innovative means of communication, triggering a fundamental change in the pattern of communication. The network has become a new channel for people to access information and learn to communicate, and become a new carrier of human knowledge transmission.

Production and life of the new space. In today’s world, the depth of the network into people’s learning, life, work and other aspects of online education, entrepreneurship, health care, shopping, finance and other increasingly popular, more and more people through the network exchange ideas, achievements and dreams.

The new engine of economic development. The Internet is becoming the leading force of innovation-driven development. Information technology is widely used in all sectors of the national economy. It has promoted the upgrading of traditional industries, promoted new technologies, new forms, new industries and new models, promoted the adjustment of economic structure and economic development , For economic and social development has injected new impetus.

Cultural prosperity of the new carrier. The network promotes the cultural exchange and the popularization of knowledge, the release of cultural development vitality, the promotion of cultural innovation creation, the enrichment of people’s spiritual and cultural life, has become a new way to spread culture, provide a new means of public cultural services. Network culture has become an important part of cultural construction.

A new platform for social governance. The role of the network in advancing the national governance system and the modernization of the governance capability has become increasingly prominent. The application of e-government has been deepened, and the government information has been shared and publicized. The government has made scientific decision-making, democratization and rule of law, and has smoothed the channels of citizens’ participation in social governance. An important way to protect citizens’ right to know, to participate, to express and to supervise.

Exchange and cooperation of the new link. The development of information and globalization has promoted the global flow of information, capital, technology, talent and other elements, and promoted the integration of different civilizations. Network to the world into a global village, the international community more and more you have me, I have your fate in the community.

National sovereignty of the new territory. Cyber ​​space has become an important part of human activity with land, sea, sky and space. National sovereignty extension extends to cyberspace, and cyberspace sovereignty becomes an important part of national sovereignty. Respect for cyberspace sovereignty, safeguard network security, seek co-governance, achieve win-win situation, is becoming the international community consensus.

(B) severe challenges

The security situation of the network is becoming more and more serious, the national politics, economy, culture, society, national defense security and the legitimate rights and interests of citizens in cyberspace are facing severe risks and challenges.

Network penetration threatens political security. Political stability is the basic prerequisite for national development and people’s happiness. The use of the network to interfere in the internal affairs of other countries, to attack other countries political system, incite social unrest, subversion of other countries, as well as large-scale network monitoring, network theft and other activities seriously endanger the national political security and user information security.

Network attacks threaten economic security. Network and information systems have become the key infrastructure and the entire economic and social center of the nerve, suffered damage, a major security incident, will lead to energy, transportation, communications, financial and other infrastructure paralysis, resulting in catastrophic consequences, seriously endangering national economic security And public interest.

Network Harmful Information Erosion Cultural Security. Various ideological and cultural networks on the network agitation, confrontation, excellent traditional culture and mainstream values ​​facing the impact. Network rumors, decadent culture and obscenity, violence, superstition and other harmful information contrary to the socialist core values ​​erode the physical and mental health of young people, corrupt the social atmosphere, misleading the value orientation, endangering cultural security. Online moral anomie, the phenomenon of lack of integrity frequent, the degree of network civilization need to be improved.

Network terror and criminals undermine social security. Terrorism, separatism, extremism and other forces to use the network to incite, plan, organize and implement violent terrorist activities, a direct threat to people’s lives and property security, social order. Computer viruses, Trojans and other cyberspace spread spread, cyber-fraud, hacking, infringement of intellectual property rights, abuse of personal information and other illegal acts exist, some organizations want to steal user information, transaction data, location information and business secrets, serious damage to the country , Business and personal interests, affecting social harmony and stability.

The international competition in cyberspace is in the ascendant. International competition and control of cyberspace strategic resources, to seize the right to formulate rules and strategic high ground, to seek strategic competition in the increasingly fierce. Individual countries to strengthen the network deterrence strategy, intensify the cyberspace arms race, world peace by new challenges.

Cyberspace opportunities and challenges coexist, opportunities are greater than challenges. We must insist on active use, scientific development, management according to law, ensure safety, resolutely safeguard network security, make maximum use of cyberspace development potential, and benefit more than 1.3 billion Chinese people for the benefit of all mankind and firm maintenance of world peace.

Second, the goal

With the overall national security concept as the guide, implement the innovation, coordination, green, open and shared development concept, enhance the sense of risk and crisis awareness, the overall situation of domestic and international, overall development of security two major events, active defense, effective response, Promote network space peace, security, openness, cooperation and orderly, safeguard national sovereignty, security, development interests, and realize the strategic goal of building a network power.

Peace: the abuse of information technology has been effectively curbed, cyberspace arms race and other activities threatening international peace have been effectively controlled, cyberspace conflict has been effectively prevented.

Security: network security risks are effectively controlled, the national network security system is sound and perfect, the core technology and equipment are safe and controllable, and the network and information system are stable and reliable. Network security personnel to meet the needs of the whole society of network security awareness, basic protection skills and the use of network confidence greatly improved.

Open: Information technology standards, policies and markets open, transparent, product circulation and information dissemination more smoothly, the digital divide is increasingly bridging. Regardless of size, strength, rich and poor, countries around the world, especially developing countries can share development opportunities, share the fruits of development, fair participation in cyberspace governance.

Cooperation: the world in the technical exchanges, the fight against cyber terrorist and cyber crime and other areas of cooperation more closely, multilateral, democratic and transparent Internet governance system sound and perfect, win-win cooperation as the core of the network space fate community gradually formed.

Order: public interest in the cyberspace, participation, expression, supervision and other legitimate rights and interests are fully protected, cyberspace personal privacy is effectively protected, human rights are fully respected. The network environment of the domestic and international legal system, the standard norms gradually established, the network space to achieve effective management according to law, network environment integrity, civilization, health, freedom of information flow and safeguard national security, public interests to achieve organic unity.

Third, the principle

A safe, stable and prosperous cyberspace is of great significance to all countries and the world. China is willing to work with all countries to strengthen communication, expand consensus, deepen cooperation, and actively promote the global Internet governance system changes, and jointly safeguard the peace and security of cyberspace.

(A) respect for the maintenance of cyberspace sovereignty

Cyberspace sovereignty is inviolable, respect for the independent choice of development path, network management model, Internet public policy and equal participation in international network space management rights. The network affairs within the sovereign scope of each country are made by the people of each country, and each country has the right to take the necessary measures to manage the network activities of its own information system and its own territory according to its own national conditions and draw lessons from international experience, formulate laws and regulations on cyberspace, National information systems and information resources from intrusion, interference, attack and destruction, to protect the legitimate rights and interests of citizens in cyberspace; to prevent, prevent and punish harmful information harmful to national security and interests in the national network to disseminate and maintain cyberspace order. Any country does not engage in network hegemony, do not engage in double standards, do not use the network to interfere in the internal affairs of other countries, do not engage in, condone or support national activities against national security.

(B) the peaceful use of cyberspace

Peaceful use of cyberspace is in the common interest of mankind. States should abide by the principles of the Charter of the United Nations concerning the non-use or threat of use of force and prevent the use of information technology in the context of the maintenance of international security and stability, to boycott cyberspace arms races and prevent cyberspace conflicts. Adhere to mutual respect, equal treatment, seeking common ground while reserving differences, tolerance and mutual trust, respect for each other in cyberspace security interests and major concerns, to promote the construction of a harmonious network world. Against the use of national security as an excuse to use technological advantages to control other countries network and information systems, to collect and steal other countries data, but can not sacrifice the security of other countries to seek their own so-called absolute security.

(C) to manage cyberspace according to law

Comprehensively promote the legalization of cyberspace, adhere to the rule of law network, according to the law network, according to the Internet, so that the Internet in the rule of law on the healthy operation of the track. According to the law to build a good network order, the protection of cyber space information according to the law of free flow, protection of personal privacy, protection of intellectual property rights. Any organization and individual in the cyberspace to enjoy freedom, exercise the rights at the same time, to comply with the law, respect for the rights of others, their own words and deeds on the network.

(4) co-ordinate network security and development

There is no national security without national security, there is no information without modernization. Network security and information is one of the two wings, driven by the two wheels. Correctly handle the development and security of the relationship, adhere to the security development, to promote the development of security. Security is the prerequisite for development, and any development at the expense of security is difficult to sustain. Development is the foundation of security, and development is not the greatest insecurity. No information development, network security is not guaranteed, the existing security and even lost.

Fourth, strategic tasks

China’s Internet users and network size of the world’s first, to maintain China’s network security, not only their own needs, for the maintenance of global network security and world peace are of great significance. China is committed to safeguarding the national cyberspace sovereignty, security, development interests, promote the Internet for the benefit of mankind, and promote the peaceful use of cyberspace and co-governance.

(A) firmly defended cyberspace sovereignty

According to the Constitution and laws and regulations to manage China’s sovereignty within the network activities to protect China’s information facilities and information resources security, including economic, administrative, scientific and technological, legal, diplomatic, military and other measures, unswervingly maintain China’s cyberspace sovereignty. Resolutely oppose all the acts of subverting China’s state power through the Internet and undermining our national sovereignty.

(B) firmly uphold national security

To prevent, stop and punish any act of using the Internet for treason, secession, incitement to rebellion, subversion or incitement to subdue the people’s democratic dictatorship; to prevent, stop and punish the use of the Internet to steal, to disclose state secrets and other acts endangering national security; Prevent, stop and punish foreign forces to use the network to penetrate, destroy, subvert, split the activities.

(Iii) Protection of critical information infrastructures

The key information infrastructure of the country refers to the information facilities that are related to national security, national economy and people’s livelihood, which have been damaged, destroyed or lost, which may seriously endanger the national security and public interests, including but not limited to the provision of public communication, radio and television transmission Information network, energy, finance, transportation, education, scientific research, water conservancy, industrial manufacturing, health care, social security, public utilities and other areas of important information systems, important Internet applications. Take all necessary measures to protect critical information infrastructures and their important data from attack damage. Adhere to the combination of technology and management, protection and deterrence simultaneously, focus on identification, protection, detection, early warning, response, disposal and other aspects, the establishment of the implementation of key information infrastructure protection system, from management, technology, personnel, Comprehensive measures to effectively strengthen the key information infrastructure security protection.

Key information infrastructure protection is the common responsibility of the government, enterprises and society as a whole. The supervisors, the operating units and organizations shall take the necessary measures to ensure the safety of the key information infrastructure in accordance with the requirements of laws, regulations and system standards. Strengthen critical information infrastructure risk assessment. Strengthen the party and government organs and key areas of the site security protection, grassroots party and government organs to build an intensive mode of operation and management. The establishment of government, industry and business network security information orderly sharing mechanism, give full play to enterprises in the protection of key information infrastructure in the important role.

Adhere to open to the outside world, based on open environment to maintain network security. Establish and implement the network security review system, strengthen the supply chain security management, the party and government organs, key industries procurement and use of important information technology products and services to carry out security review, improve product and service security and control, to prevent product service providers And other organizations use information technology to implement unfair competition or harm the interests of users.

(D) to strengthen the construction of network culture

Strengthen the construction of online ideological and cultural positions, vigorously cultivate and practice the socialist core values, the implementation of network content construction projects, the development of a positive network culture, the dissemination of positive energy, gather a strong spiritual strength, and create a good network atmosphere. Encourage the development of new business, create new products, to create the spirit of the times reflect the network culture brand, and constantly improve the network culture industry scale. The implementation of the outstanding culture of Chinese online communication project, and actively promote the excellent traditional culture and contemporary culture of digital, network production and dissemination. Play the advantages of Internet communication platform, promote the excellent cultural exchange between China and foreign countries, so that people understand the Chinese culture, so that the Chinese people understand the excellent culture of all countries, and jointly promote the prosperity and development of network culture, enrich people’s spiritual world and promote the progress of human civilization.

Strengthen the network ethics, network civilization construction, play moral education guide role, with human civilization excellent results nourish network space, repair network ecology. The construction of civilized integrity of the network environment, advocate civilization network, civilized Internet, the formation of safe, civilized and orderly information dissemination order. Resolutely crack down on rumors, obscenity, violence, superstition, cults and other harmful information spread in cyberspace spread. Improve the youth network literacy literacy, strengthen the protection of minors online, through the government, social organizations, communities, schools, families and other aspects of the joint efforts for the healthy growth of young people to create a good network environment.

(5) to combat cyber terror and crime

Strengthen the network anti-terrorism, anti-spy, anti-stealing capacity building, crack down on cyber terror and cyber espionage.

Adhere to comprehensive management, source control, according to the law to prevent, crack down on cyber fraud, Internet theft, trafficking in drug trafficking, infringement of personal information, dissemination of pornography, hacking, infringement of intellectual property rights and other criminal acts.

(6) improve the network management system

Adhere to the law, open, transparent network management network, and effectively do law, according to law, law enforcement must be strict, illegal research. Improve the network security laws and regulations system, enacted network security law, minor network protection regulations and other laws and regulations, a clear social responsibility and obligations, a clear network security management requirements. To speed up the revision and interpretation of existing laws, so that it applies to cyberspace. Improve the network security related system, establish a network trust system, improve the network security management of the scientific standardization level.

Speed ​​up the construction of legal norms, administrative supervision, industry self-discipline, technical support, public supervision, social education, a combination of network governance system to promote the network of social organization and management innovation, improve the basic management, content management, industry management and network crime prevention and combat Work linkage mechanism. Strengthen the cyberspace communication secrets, freedom of speech, trade secrets, as well as the right to reputation, property rights and other legitimate rights and interests of protection.

Encourage social organizations to participate in network governance, the development of network public welfare undertakings, strengthen the new network of social organization. Encourage Internet users to report network violations and bad information.

(7) reinforce the network security foundation

Adhere to innovation-driven development, and actively create a policy environment conducive to technological innovation, co-ordinate resources and strength to enterprises as the main body, combining production and research, collaborative research to point to the surface, the overall advance, as soon as possible in the core technology breakthrough. Attention to software security, accelerate the application of secure and credible products. The development of network infrastructure, rich network space information content. The implementation of “Internet +” action, vigorously develop the network economy. The implementation of national large data strategy, the establishment of large data security management system to support large data, cloud computing and other new generation of information technology innovation and application. Optimize the market environment, encourage network security enterprises bigger and stronger, to protect the national network security and consolidate the industrial base.

Establish and improve the national network security technology support system. Strengthening the basic theory and major problems of network security. Strengthen the network security standardization and certification work, more use of standard norms cyberspace behavior. Do a good job of level protection, risk assessment, vulnerability discovery and other basic work, improve the network security monitoring and early warning and network security emergency response mechanism.

The implementation of network security personnel projects, strengthen the network security professional construction, build first-class network security college and innovation park, the formation of personnel training and innovation and entrepreneurship of the ecological environment. Run the network security publicity week activities, vigorously carry out the national network security publicity and education. Promote the network security education into the teaching materials, into the school, into the classroom, improve the network media literacy, enhance the whole society network security awareness and protection skills, improve the network of Internet users harmful information, network fraud and other illegal and criminal activities identification and resistance.

(8) to enhance the ability of network space protection

Cyberspace is the new territory of national sovereignty. Construction and international status commensurate with the network power to adapt to the network space protection, and vigorously develop the network security and defense means to detect and resist the network invasion, casting and maintenance of national network security strong backing.

(9) to strengthen international cooperation in cyberspace

On the basis of mutual respect and mutual trust, strengthen cooperation in international cyberspace dialogue and promote the transformation of the global governance system of the Internet. Deepen cooperation with the bilateral and multilateral network security dialogue and information communication, effective control of differences, and actively participate in global and regional organizations, network security cooperation, to promote the Internet address, root domain name servers and other basic resource management internationalization.

Support the United Nations to play a leading role in promoting the development of international agreements on cyberspace, international cyberspace international anti-terrorism conventions, and sound legal mechanisms to combat cybercrime, deepening policy and legal, technical innovation, standards, emergency response, critical information infrastructure Protection and other fields of international cooperation.

Strengthen support for assistance in the development of Internet technologies and infrastructure in developing and backward regions, and strive to bridge the digital divide. To promote “along the way” building, improve the level of international communication interoperability, smooth information Silk Road. To build the World Internet Conference and other global Internet sharing system, and jointly promote the healthy development of the Internet. We will build a multilateral, democratic and transparent international Internet governance system through active and effective international cooperation to build a peaceful, safe, open, cooperative and orderly cyberspace.

Original Mandarin Chinese:

12月27日,經中央網絡安全和信息化領導小組批准,國家互聯網信息辦公室發布《國家網絡空間安全戰略》,全文如下。

信息技術廣泛應用和網絡空間興起發展,極大促進了經濟社會繁榮進步,同時也帶來了新的安全風險和挑戰。網絡空間安全(以下稱網絡安全)事關人類共同利益,事關世界和平與發展,事關各國國家安全。維護我國網絡安全是協調推進全面建成小康社會、全面深化改革、全面依法治國、全面從嚴治黨戰略佈局的重要舉措,是實現“兩個一百年”奮鬥目標、實現中華民族偉大復興中國夢的重要保障。為貫徹落實習近平主席關於推進全球互聯網治理體系變革的“四項原則”和構建網絡空間命運共同體的“五點主張”,闡明中國關於網絡空間發展和安全的重大立場,指導中國網絡安全工作,維護國家在網絡空間的主權、安全、發展利益,制定本戰略。

一、機遇和挑戰

(一)重大機遇

伴隨信息革命的飛速發展,互聯網、通信網、計算機系統、自動化控制系統、數字設備及其承載的應用、服務和數據等組成的網絡空間,正在全面改變人們的生產生活方式,深刻影響人類社會歷史發展進程。

信息傳播的新渠道。網絡技術的發展,突破了時空限制,拓展了傳播範圍,創新了傳播手段,引發了傳播格局的根本性變革。網絡已成為人們獲取信息、學習交流的新渠道,成為人類知識傳播的新載體。

生產生活的新空間。當今世界,網絡深度融入人們的學習、生活、工作等方方面面,網絡教育、創業、醫療、購物、金融等日益普及,越來越多的人通過網絡交流思想、成就事業、實現夢想。

經濟發展的新引擎。互聯網日益成為創新驅動發展的先導力量,信息技術在國民經濟各行業廣泛應用,推動傳統產業改造升級,催生了新技術、新業態、新產業、新模式,促進了經濟結構調整和經濟發展方式轉變,為經濟社會發展注入了新的動力。

文化繁榮的新載體。網絡促進了文化交流和知識普及,釋放了文化發展活力,推動了文化創新創造,豐富了人們精神文化生活,已經成為傳播文化的新途徑、提供公共文化服務的新手段。網絡文化已成為文化建設的重要組成部分。

社會治理的新平台。網絡在推進國家治理體系和治理能力現代化方面的作用日益凸顯,電子政務應用走向深入,政府信息公開共享,推動了政府決策科學化、民主化、法治化,暢通了公民​​參與社會治理的渠道,成為保障公民知情權、參與權、表達權、監督權的重要途徑。

交流合作的新紐帶。信息化與全球化交織發展,促進了信息、資金、技術、人才等要素的全球流動,增進了不同文明交流融合。網絡讓世界變成了地球村,國際社會越來越成為你中有我、我中有你的命運共同體。

國家主權的新疆域。網絡空間已經成為與陸地、海洋、天空、太空同等重要的人類活動新領域,國家主權拓展延伸到網絡空間,網絡空間主權成為國家主權的重要組成部分。尊重網絡空間主權,維護網絡安全,謀求共治,實現共贏,正在成為國際社會共識。

(二)嚴峻挑戰

網絡安全形勢日益嚴峻,國家政治、經濟、文化、社會、國防安全及公民在網絡空間的合法權益面臨嚴峻風險與挑戰。

網絡滲透危害政治安全。政治穩定是國家發展、人民幸福的基本前提。利用網絡干涉他國內政、攻擊他國政治制度、煽動社會動亂、顛覆他國政權,以及大規模網絡監控、網絡竊密等活動嚴重危害國家政治安全和用戶信息安全。

網絡攻擊威脅經濟安全。網絡和信息系統已經成為關鍵基礎設施乃至整個經濟社會的神經中樞,遭受攻擊破壞、發生重大安全事件,將導致能源、交通、通信、金融等基礎設施癱瘓,造成災難性後果,嚴重危害國家經濟安全和公共利益。

網絡有害信息侵蝕文化安全。網絡上各種思想文化相互激盪、交鋒,優秀傳統文化和主流價值觀面臨衝擊。網絡謠言、頹廢文化和淫穢、暴力、迷信等違背社會主義核心價值觀的有害信息侵蝕青少年身心健康,敗壞社會風氣,誤導價值取向,危害文化安全。網上道德失範、誠信缺失現象頻發,網絡文明程度亟待提高。

網絡恐怖和違法犯罪破壞社會安全。恐怖主義、分裂主義、極端主義等勢力利用網絡煽動、策劃、組織和實施暴力恐怖活動,直接威脅人民生命財產安全、社會秩序。計算機病毒、木馬等在網絡空間傳播蔓延,網絡欺詐、黑客攻擊、侵犯知識產權、濫用個人信息等不法行為大量存在,一些組織肆意竊取用戶信息、交易數據、位置信息以及企業商業秘密,嚴重損害國家、企業和個人利益,影響社會和諧穩定。

網絡空間的國際競爭方興未艾。國際上爭奪和控製網絡空間戰略資源、搶占規則制定權和戰略制高點、謀求戰略主動權的競爭日趨激烈。個別國家強化網絡威懾戰略,加劇網絡空間軍備競賽,世界和平受到新的挑戰。

網絡空間機遇和挑戰並存,機遇大於挑戰。必須堅持積極利用、科學發展、依法管理、確保安全,堅決維護網絡安全,最大限度利用網絡空間發展潛力,更好惠及13億多中國人民,造福全人類,堅定維護世界和平。

二、目標

以總體國家安全觀為指導,貫徹落實創新、協調、綠色、開放、共享的發展理念,增強風險意識和危機意識,統籌國內國際兩個大局,統籌發展安全兩件大事,積極防禦、有效應對,推進網絡空間和平、安全、開放、合作、有序,維護國家主權、安全、發展利益,實現建設網絡強國的戰略目標。

和平:信息技術濫用得到有效遏制,網絡空間軍備競賽等威脅國際和平的活動得到有效控制,網絡空間衝突得到有效防範。

安全:網絡安全風險得到有效控制,國家網絡安全保障體系健全完善,核心技術裝備安全可控,網絡和信息系統運行穩定可靠。網絡安全人才滿足需求,全社會的網絡安全意識、基本防護技能和利用網絡的信心大幅提升。

開放:信息技術標準、政策和市場開放、透明,產品流通和信息傳播更加順暢,數字鴻溝日益彌合。不分大小、強弱、貧富,世界各國特別是發展中國家都能分享發展機遇、共享發展成果、公平參與網絡空間治理。

合作:世界各國在技術交流、打擊網絡恐怖和網絡犯罪等領域的合作更加密切,多邊、民主、透明的國際互聯網治理體系健全完善,以合作共贏為核心的網絡空間命運共同體逐步形成。

有序:公眾在網絡空間的知情權、參與權、表達權、監督權等合法權益得到充分保障,網絡空間個人隱私獲得有效保護,人權受到充分尊重。網絡空間的國內和國際法律體系、標準規範逐步建立,網絡空間實現依法有效治理,網絡環境誠信、文明、健康,信息自由流動與維護國家安全、公共利益實現有機統一。

三、原則

一個安全穩定繁榮的網絡空間,對各國乃至世界都具有重大意義。中國願與各國一道,加強溝通、擴大共識、深化合作,積極推進全球互聯網治理體系變革,共同維護網絡空間和平安全。

(一)尊重維護網絡空間主權

網絡空間主權不容侵犯,尊重各國自主選擇發展道路、網絡管理模式、互聯網公共政策和平等參與國際網絡空間治理的權利。各國主權範圍內的網絡事務由各國人民自己做主,各國有權根據本國國情,借鑒國際經驗,制定有關網絡空間的法律法規,依法採取必要措施,管理本國信息系統及本國疆域上的網絡活動;保護本國信息系統和信息資源免受侵入、干擾、攻擊和破壞,保障公民在網絡空間的合法權益;防範、阻止和懲治危害國家安全和利益的有害信息在本國網絡傳播,維護網絡空間秩序。任何國家都不搞網絡霸權、不搞雙重標準,不利用網絡干涉他國內政,不從事、縱容或支持危害他國國家安全的網絡活動。

(二)和平利用網絡空間

和平利用網絡空間符合人類的共同利益。各國應遵守《聯合國憲章》關於不得使用或威脅使用武力的原則,防止信息技術被用於與維護國際安全與穩定相悖的目的,共同抵製網絡空間軍備競賽、防範網絡空間衝突。堅持相互尊重、平等相待,求同存異、包容互信,尊重彼此在網絡空間的安全利益和重大關切,推動構建和諧網絡世界。反對以國家安全為藉口,利用技術優勢控制他國網絡和信息系統、收集和竊取他國數據,更不能以犧牲別國安全謀求自身所謂絕對安全。

(三)依法治理網絡空間

全面推進網絡空間法治化,堅持依法治網、依法辦網、依法上網,讓互聯網在法治軌道上健康運行。依法構建良好網絡秩序,保護網絡空間信息依法有序自由流動,保護個人隱私,保護知識產權。任何組織和個人在網絡空間享有自由、行使權利的同時,須遵守法律,尊重他人權利,對自己在網絡上的言行負責。

(四)統籌網絡安全與發展

沒有網絡安全就沒有國家安全,沒有信息化就沒有現代化。網絡安全和信息化是一體之兩翼、驅動之雙輪。正確處理髮展和安全的關係,堅持以安全保發展,以發展促安全。安全是發展的前提,任何以犧牲安全為代價的發展都難以持續。發展是安全的基礎,不發展是最大的不安全。沒有信息化發展,網絡安全也沒有保障,已有的安全甚至會喪失。

四、戰略任務

中國的網民數量和網絡規模世界第一,維護好中國網絡安全,不僅是自身需要,對於維護全球網絡安全乃至世界和平都具有重大意義。中國致力於維護國家網絡空間主權、安全、發展利益,推動互聯網造福人類,推動網絡空間和平利用和共同治理。

(一)堅定捍衛網絡空間主權

根據憲法和法律法規管理我國主權範圍內的網絡活動,保護我國信息設施和信息資源安全,採取包括經濟、行政、科技、法律、外交、軍事等一切措施,堅定不移地維護我國網絡空間主權。堅決反對通過網絡顛覆我國國家政權、破壞我國國家主權的一切行為。

(二)堅決維護國家安全

防範、制止和依法懲治任何利用網絡進行叛國、分裂國家、煽動叛亂、顛覆或者煽動顛覆人民民主專政政權的行為;防範、制止和依法懲治利用網絡進行竊取、洩露國家秘密等危害國家安全的行為;防範、制止和依法懲治境外勢力利用網絡進行滲透、破壞、顛覆、分裂活動。

(三)保護關鍵信息基礎設施

國家關鍵信息基礎設施是指關係國家安全、國計民生,一旦數據洩露、遭到破壞或者喪失功能可能嚴重危害國家安全、公共利益的信息設施,包括但不限於提供公共通信、廣播電視傳輸等服務的基礎信息網絡,能源、金融、交通、教育、科研、水利、工業製造、醫療衛生、社會保障、公用事業等領域和國家機關的重要信息系統,重要互聯網應用系統等。採取一切必要措施保護關鍵信息基礎設施及其重要數據不受攻擊破壞。堅持技術和管理並重、保護和震懾並舉,著眼識別、防護、檢測、預警、響應、處置等環節,建立實施關鍵信息基礎設施保護製度,從管理、技術、人才、資金等方面加大投入,依法綜合施策,切實加強關鍵信息基礎設施安全防護。

關鍵信息基礎設施保護是政府、企業和全社會的共同責任,主管、運營單位和組織要按照法律法規、制度標準的要求,採取必要措施保障關鍵信息基礎設施安全,逐步實現先評估後使用。加強關鍵信息基礎設施風險評估。加強黨政機關以及重點領域網站的安全防護,基層黨政機關網站要按集約化模式建設運行和管理。建立政府、行業與企業的網絡安全信息有序共享機制,充分發揮企業在保護關鍵信息基礎設施中的重要作用。

堅持對外開放,立足開放環境下維護網絡安全。建立實施網絡安全審查制度,加強供應鏈安全管理,對黨政機關、重點行業採購使用的重要信息技術產品和服務開展安全審查,提高產品和服務的安全性和可控性,防止產品服務提供者和其他組織利用信息技術優勢實施不正當競爭或損害用戶利益。

(四)統籌網絡安全與發展

沒有網絡安全就沒有國家安全,沒有信息化就沒有現代化。網絡安全和信息化是一體之兩翼、驅動之雙輪。正確處理髮展和安全的關係,堅持以安全保發展,以發展促安全。安全是發展的前提,任何以犧牲安全為代價的發展都難以持續。發展是安全的基礎,不發展是最大的不安全。沒有信息化發展,網絡安全也沒有保障,已有的安全甚至會喪失。

四、戰略任務

中國的網民數量和網絡規模世界第一,維護好中國網絡安全,不僅是自身需要,對於維護全球網絡安全乃至世界和平都具有重大意義。中國致力於維護國家網絡空間主權、安全、發展利益,推動互聯網造福人類,推動網絡空間和平利用和共同治理。

(一)堅定捍衛網絡空間主權

根據憲法和法律法規管理我國主權範圍內的網絡活動,保護我國信息設施和信息資源安全,採取包括經濟、行政、科技、法律、外交、軍事等一切措施,堅定不移地維護我國網絡空間主權。堅決反對通過網絡顛覆我國國家政權、破壞我國國家主權的一切行為。

(二)堅決維護國家安全

防範、制止和依法懲治任何利用網絡進行叛國、分裂國家、煽動叛亂、顛覆或者煽動顛覆人民民主專政政權的行為;防範、制止和依法懲治利用網絡進行竊取、洩露國家秘密等危害國家安全的行為;防範、制止和依法懲治境外勢力利用網絡進行滲透、破壞、顛覆、分裂活動。

(三)保護關鍵信息基礎設施

國家關鍵信息基礎設施是指關係國家安全、國計民生,一旦數據洩露、遭到破壞或者喪失功能可能嚴重危害國家安全、公共利益的信息設施,包括但不限於提供公共通信、廣播電視傳輸等服務的基礎信息網絡,能源、金融、交通、教育、科研、水利、工業製造、醫療衛生、社會保障、公用事業等領域和國家機關的重要信息系統,重要互聯網應用系統等。採取一切必要措施保護關鍵信息基礎設施及其重要數據不受攻擊破壞。堅持技術和管理並重、保護和震懾並舉,著眼識別、防護、檢測、預警、響應、處置等環節,建立實施關鍵信息基礎設施保護製度,從管理、技術、人才、資金等方面加大投入,依法綜合施策,切實加強關鍵信息基礎設施安全防護。

關鍵信息基礎設施保護是政府、企業和全社會的共同責任,主管、運營單位和組織要按照法律法規、制度標準的要求,採取必要措施保障關鍵信息基礎設施安全,逐步實現先評估後使用。加強關鍵信息基礎設施風險評估。加強黨政機關以及重點領域網站的安全防護,基層黨政機關網站要按集約化模式建設運行和管理。建立政府、行業與企業的網絡安全信息有序共享機制,充分發揮企業在保護關鍵信息基礎設施中的重要作用。

堅持對外開放,立足開放環境下維護網絡安全。建立實施網絡安全審查制度,加強供應鏈安全管理,對黨政機關、重點行業採購使用的重要信息技術產品和服務開展安全審查,提高產品和服務的安全性和可控性,防止產品服務提供者和其他組織利用信息技術優勢實施不正當競爭或損害用戶利益。

(四)加強網絡文化建設

加強網上思想文化陣地建設,大力培育和踐行社會主義核心價值觀,實施網絡內容建設工程,發展積極向上的網絡文化,傳播正能量,凝聚強大精神力量,營造良好網絡氛圍。鼓勵拓展新業務、創作新產品,打造體現時代精神的網絡文化品牌,不斷提高網絡文化產業規模水平。實施中華優秀文化網上傳播工程,積極推動優秀傳統文化和當代文化精品的數字化、網絡化製作和傳播。發揮互聯網傳播平台優勢,推動中外優秀文化交流互鑑,讓各國人民了解中華優秀文化,讓中國人民了解各國優秀文化,共同推動網絡文化繁榮發展,豐富人們精神世界,促進人類文明進步。

加強網絡倫理、網絡文明建設,發揮道德教化引導作用,用人類文明優秀成果滋養網絡空間、修復網絡生態。建設文明誠信的網絡環境,倡導文明辦網、文明上網,形成安全、文明、有序的信息傳播秩序。堅決打擊謠言、淫穢、暴力、迷信、邪教等違法有害信息在網絡空間傳播蔓延。提高青少年網絡文明素養,加強對未成年人上網保護,通過政府、社會組織、社區、學校、家庭等方面的共同努力,為青少年健康成長創造良好的網絡環境。

(五)打擊網絡恐怖和違法犯罪

加強網絡反恐、反間諜、反竊密能力建設,嚴厲打擊網絡恐怖和網絡間諜活動。

堅持綜合治理、源頭控制、依法防範,嚴厲打擊網絡詐騙、網絡盜竊、販槍販毒、侵害公民個人信息、傳播淫穢色情、黑客攻擊、侵犯知識產權等違法犯罪行為。

(六)完善網絡治理體系

堅持依法、公開、透明管網治網,切實做到有法可依、有法必依、執法必嚴、違法必究。健全網絡安全法律法規體系,制定出台網絡安全法、未成年人網絡保護條例等法律法規,明確社會各方面的責任和義務,明確網絡安全管理要求。加快對現行法律的修訂和解釋,使之適用於網絡空間。完善網絡安全相關製度,建立網絡信任體系,提高網絡安全管理的科學化規範化水平。

加快構建法律規範、行政監管、行業自律、技術保障、公眾監督、社會教育相結合的網絡治理體系,推進網絡社會組織管理創新,健全基礎管理、內容管理、行業管理以及網絡違法犯罪防範和打擊等工作聯動機制。加強網絡空間通信秘密、言論自由、商業秘密,以及名譽權、財產權等合法權益的保護。

鼓勵社會組織等參與網絡治理,發展網絡公益事業,加強新型網絡社會組織建設。鼓勵網民舉報網絡違法行為和不良信息。

(七)夯實網絡安全基礎

堅持創新驅動發展,積極創造有利於技術創新的政策環境,統籌資源和力量,以企業為主體,產學研用相結合,協同攻關、以點帶面、整體推進,盡快在核心技術上取得突破。重視軟件安全,加快安全可信產品推廣應用。發展網絡基礎設施,豐富網絡空間信息內容。實施“互聯網+”行動,大力發展網絡經濟。實施國家大數據戰略,建立大數據安全管理制度,支持大數據、雲計算等新一代信息技術創新和應用。優化市場環境,鼓勵網絡安全企業做大做強,為保障國家網絡安全夯實產業基礎。

建立完善國家網絡安全技術支撐體系。加強網絡安全基礎理論和重大問題研究。加強網絡安全標準化和認證認可工作,更多地利用標準規範網絡空間行為。做好等級保護、風險評估、漏洞發現等基礎性工作,完善網絡安全監測預警和網絡安全重大事件應急處置機制。

實施網絡安全人才工程,加強網絡安全學科專業建設,打造一流網絡安全學院和創新園區,形成有利於人才培養和創新創業的生態環境。辦好網絡安全宣傳周活動,大力開展全民網絡安全宣傳教育。推動網絡安全教育進教材、進學校、進課堂,提高網絡媒介素養,增強全社會網絡安全意識和防護技能,提高廣大網民對網絡違法有害信息、網絡欺詐等違法犯罪活動的辨識和抵禦能力。

(八)提升網絡空間防護能力

網絡空間是國家主權的新疆域。建設與我國國際地位相稱、與網絡強國相適應的網絡空間防護力量,大力發展網絡安全防御手段,及時發現和抵禦網絡入侵,鑄造維護國家網絡安全的堅強後盾。

(九)強化網絡空間國際合作

在相互尊重、相互信任的基礎上,加強國際網絡空間對話合作,推動互聯網全球治理體系變革。深化同各國的雙邊、多邊網絡安全對話交流和信息溝通,有效管控分歧,積極參與全球和區域組織網絡安全合作,推動互聯網地址、根域名服務器等基礎資源管理國際化。

支持聯合國發揮主導作用,推動制定各方普遍接受的網絡空間國際規則、網絡空間國際反恐公約,健全打擊網絡犯罪司法協助機制,深化在政策法律、技術創新、標準規範、應急響應、關鍵信息基礎設施保護等領域的國際合作。

加強對發展中國家和落後地區互聯網技術普及和基礎設施建設的支持援助,努力彌合數字鴻溝。推動“一帶一路”建設,提高國際通信互聯互通水平,暢通信息絲綢之路。搭建世界互聯網大會等全球互聯網共享共治平台,共同推動互聯網健康發展。通過積極有效的國際合作,建立多邊、民主、透明的國際互聯網治理體系,共同構建和平、安全、開放、合作、有序的網絡空間。

Original Source: http://politics.people.com.cn/n1/2016/1227/c1001-28980829.html

 

A Summary of China ‘s Internet Security Situation in China in 2016 // 2016年中國中國互聯網安全形勢總結

A Summary of China ‘s Internet Security Situation in China in 2016

2016年中國中國互聯網安全形勢總結

19 APRIL 2017 BEIJING, People’s Republic of China

April 19, the National Computer Network Emergency Technology Processing Coordination Center (referred to as “National Internet Emergency Response Center”, the English referred to as “CNCERT”) released “China’s Internet security situation in 2016,” a review of China’s Internet macro security situation monitoring On the basis of the combination of network security warning and emergency response work, the paper focuses on analyzing and summarizing the Internet security situation of China in 2016 and predicting the hotspot of network security in 2017.

Analysis of Internet Security Monitoring Data in China in 2016

CNCs continued to monitor the macroeconomic situation of China’s cybersecurity. In 2016, the number of mobile Internet malicious programs was captured, the number of backdoor attacks and the number of security vulnerabilities were increased compared with 2015, and the number of Trojans and botnets was denied. Quantity, phishing and page tampering the number of pages have declined.

According to the sampling monitoring, about 70,000 Trojans and botnet control servers in 2016 control 1699 million hosts in our country, the number of control servers decreased by 8.0% compared with 2015, the number of domestic infection host decreased by 14.1% compared with 2015. The Among them, about 48,000 from outside the control server control of China’s 1499 million units in the host, from the United States the number of control servers in the first place, followed by Hong Kong, China and Japan.

In the botnet found in the detection of malicious programs and the formation of botnets, the size of more than 100 hosts in the number of botnets 4896, of which the size of more than 100,000 units in the number of botnets 52. According to the quantitative analysis of the distribution of Trojans and botnets in China, the top three were Guangdong Province (13.4% of the total number of infections in China), Jiangsu Province (9.2%) and Shandong Province (8.3 %). In order to effectively control the damage caused by the host of Trojans and botnets, in 2016, under the guidance of the Ministry of Industry and Information Technology, under the guidance of “Trojan and botnet monitoring and disposal mechanism”, CNCERT organization basic telecommunications companies, domain name service agencies, etc. successfully closed 1011 Control the larger botnets.

In 2016, CNCERT received more than 205 million mobile Internet malpractions through autonomous capture and vendor switching, an increase of 39.0% over 2015, and continued to maintain rapid growth in the past seven years. According to their malicious behavior classification, the top three were hooliganism, malicious deductions and tariff consumption class 1, accounting for 61.1%, respectively, 18.2% and 13.6%. CNCERT found that mobile Internet malicious program download links nearly 670,000, an increase of nearly 1.2 times compared with 2015, involving more than 22 million source of the source, IP address of more than 30,000, the number of malicious programs spread to 124 million times.

In 2016, CNCERT focused on the “album” category 2 Andrews and malicious pornographic software with malicious deductions and maliciously disseminated attributes that were spread by SMS and had malicious behavior such as stealing user messages and correspondence, and coordinated work The A total of 47,316 cases of such malicious programs were found in the year, and more than 1.01 million were collected, and 6045 domain names were used to disseminate malicious programs. 7645 malicious mailbox accounts for receiving user’s text messages and contacts were used to receive user text messages Malicious mobile phone number 6616, leaked users SMS and address book mail 222 million, seriously endangering the user’s personal information security and property security. Under the guidance of the Ministry of Industry and Information Technology, according to the “mobile Internet malicious program monitoring and disposal mechanism”, CNCERT organization of e-mail service providers, domain name registrar and other active coordination work to find the malicious mailbox account, malicious domain name, etc. Dispose of.

Second, 2016 China’s Internet security situation

In recent years, with China’s network security laws and regulations, management system of continuous improvement, China’s network security technology strength, personnel, international cooperation, and achieved remarkable results. In 2016, China’s Internet security situation is generally stable, the rapid development of network security industry, network security and protection capabilities have been improved, international cooperation to further strengthen the network security. But with cyberspace strategically

The increasing number of countries, the world’s major countries have set up cyberspace attack capability, the growing national network conflict, China’s cyberspace security challenges facing increasingly complex.

Domain name system security in good condition, anti-attack ability increased significantly. In 2016, China’s domain name service system security in good condition, no major security incidents. According to the sampling monitoring, 2016 years for China’s domain name system traffic scale of more than 1Gpbs DDoS attacks on the daily average of about 32 cases, did not affect the domain name resolution services in China, the basic telecommunications companies have not seriously affected the success rate of analysis Attack events, mainly with the domain name system to strengthen security measures, anti-DDoS attack ability significantly improved related. In June 2016, there were large-scale DDoS attacks against the global root domain name servers and their mirrors. Most of the root domain servers were affected to varying degrees. The domain name mirroring servers in China also suffered large-scale network traffic attacks at the same time. Due to emergency treatment in a timely manner, and the root zone top-level domain cache expiration time is often more than 1 day, the attack did not affect the domain name system network security.

For the industrial control system of network security attacks increasing, many important industrial control system security incidents should pay attention. In 2016, the world occurred more than the major areas of industrial accidents worthy of our country wake up. In August, Kaspersky Security Laboratories exposed the “ghoul” network attack against the industrial sector, which focused on the Middle East and other countries’ Industrial enterprises launched a targeted network intrusion; in December, the Ukrainian power grid once again experienced a power supply failure, according to the analysis of the origin of this malpractice “dark forces” variants.

China’s industrial control system is huge, security vulnerabilities, malicious detection, etc. to our industrial control system to bring some security risks. As of the end of 2016, CNVD included 1036 industrial malpractices, of which 173 were included in 2016, an increase of 38.4% over 2015. Industrial control system mainly exists buffer overflow, lack of access control mechanism, weak password, directory traversal and other loopholes risk. Through the analysis of network traffic, 2016 CNCERT cumulative monitoring to the network of industrial equipment fingerprint detection event more than 880,000 times, and found 60 countries from outside the 1610 IP address of China’s network of industrial equipment for fingerprint detection.

High-level persistent threat normalization, China’s attack is particularly serious threat. As of the end of 2016, domestic enterprises issued a senior Sustainability Threat (APT) study reported a total of 43 APT organizations, including targeted targets for China’s APT organizations have 36 4. From the attack to achieve the point of view, more APT attacks using engineering to achieve, that is, relying on commercial attack platform and the Internet black industry

Chain data and other mature resources to achieve APT attacks. This kind of attack not only reduces the technical and resource threshold of initiating APT attack, but also increases the difficulty of traceability analysis. In 2016, many of the important information system for the implementation of the APT attacks were exposed, including “white elephant action 5”, “Man Linghua attack action”, mainly in China’s education, energy, military and scientific research as the main target The In August 2016, the hacker organization “Shadow Brokers” published the Formula Organization 6 frequently used toolkits, including various firewall exploits, hacking tools and scripts involving Juniper, Flying Tower, Cisco, and Financial letter, Huawei and other manufacturers products. CNCERT released 11 software vulnerabilities (there are four suspected 0day vulnerability) for census analysis and found that the world has about 120,000 IP addresses carrying the relevant products of network equipment, of which China’s IP address of about 33,000, accounting for 27.8% of all IP addresses poses a serious potential threat to cyberspace security in China. In November 2016, the hacker organization “shadow broker” also announced a group has been attacked by the National Security Agency network control and IP address and domain name data, China is the most attacked countries, involving at least nine universities in China, 12 Energy, aviation, telecommunications and other important information systems departments and two government information centers.

A large number of networked smart devices were attacked by malicious programs to form botnets, which were used to initiate large traffic DDoS attacks. In recent years, with the intelligent wearable equipment, intelligent home, intelligent routers and other terminal equipment and network equipment, the rapid development and popularization, for the Internet of intelligent devices, the proportion of network attacks increased, the attackers use the Internet of things intelligent device vulnerabilities Access to device control rights, or other hacker underground transactions for user information data theft, network traffic hijacking, or for controlling the formation of large-scale botnets. CNCERT on-line monitoring of vehicle network security system analysis and found that some car network information service providers and related products, security vulnerabilities can lead to vehicle, location and vehicle owners information disclosure and vehicle remote control and other security risks. At the end of 2016, Mirai malicious programs were widely watched as a result of large-scale off-site events on the east coast of the United States and a large number of users of Deutsche Telekom visited Internet anomalies. Mirai is a typical use of Internet of things intelligent device vulnerabilities to penetrate infiltration to achieve the control of the device malicious code, the number of charged devices accumulated to a certain extent will form a huge “botnet”, known as “Mirai botnet.” And because of Internet of things intelligent devices are generally 24 hours online, infected with malicious programs are not easily perceived by the user, forming a “stable” attack source. CNC inspections of the Mirai botnet show that by the end of 2016, a total of 2526 control servers were deployed to control 125.4 million devices, which posed a serious potential security threat to the stable operation of the Internet. In addition, CNCERT also analyzed the Gafgyt botnet sampling analysis. In the fourth quarter of 2016, a total of 817 control servers were selected to control 425,000 devices, and more than 18,000 DDoS attacks were initiated, with peak traffic 5Gpbs more than 72 times the number of attacks.

Web site data and personal information leak is not uncommon, “derivative disaster” serious. Due to the disappearance of the traditional boundaries of the Internet, all kinds of data spread across the terminal, network, mobile phone and cloud, coupled with the interests of the Internet black industry chain driven by data leakage threats are increasing. In 2016, the domestic and international website data and personal information leakage incidents frequently, the political, economic and social impact gradually deepened, and even personal life safety has also been violated. In the United States, the United States election candidate Hillary’s mail leak, directly affect the US election process; Yahoo two account information disclosure involving about 1.5 billion personal accounts, resulting in US telecom operators Verizon $ 4.8 billion acquisition of Yahoo plans to shelve May even be canceled. In the country, China’s immune planning system network was malicious invasion, 200,000 children’s information was stolen and publicly sold online; information leakage led to frequent fraud cases, college entrance examination information leaks to take away the university students will soon enter the life of Xu Yuyu ; 2016 public security organs were detected more than 1,800 cases of infringement of personal information, seized 30 million pieces of personal information of various types of citizens. In addition, according to the news media reported that Russia, Mexico, Turkey, the Philippines, Syria, Kenya and other countries of the government website data leaked.

Mobile Internet malicious program more profitable, mobile Internet black industry chain has matured. In 2016, CNCERT received more than 205 million mobile Internet malpractions through autonomous capture and vendor exchange, up 39.0% from 2015 and continued to grow at a high rate in the past six years. Through malware behavior analysis, it was found that the number of applications for fraudulent, malicious deductions, lockdowns and other economic interests was 59.6% of the total number of malicious programs, nearly three times over 2015. From the spread of malicious programs found that fraudulent acts of fraudulent procedures mainly through SMS, advertising and network disk and other specific communication channels to spread, the number of infected users reached 24.93 million, causing significant economic losses. From the attack mode of malicious programs, it is found that the number of malicious programs that steal SMS verification codes is larger than that of SMS, and 10845 samples are obtained in the whole year. It shows the characteristics of simple production, fixed attack mode and huge profits. The mobile Internet industry Mature.

Extortion software raging, a serious threat to local data and intelligent equipment security. According to CNCERT monitoring found in 2016 in the traditional PC side, to capture extortion class malicious program sample of about 19,000, the number of a record high in recent years. Analysis of extortion software attack object found that extortion software has been gradually extended from the individual terminal equipment to business users, especially for high-value target blackmail situation

Heavy. For enterprise users, blackmail software exploits security vulnerabilities to attack, the enterprise database encryption and extortion, the end of 2016 open source MongoDB database was a blackmail software attacks, a large number of users affected. For personal terminal equipment, extortion software malicious behavior in the traditional PC and mobile terminals show obvious different characteristics: in the traditional PC side, mainly through the “encrypted data” to blackmail, that is, the user’s computer file encryption, stress users Purchase the decryption key; on the mobile side, mainly through the “encryption device” to blackmail, that is, remote lock the user mobile devices, so that users can not use the device, and to coerce users to pay the cost of unlocking. However, from the extortion of software transmission point of view, the traditional PC and mobile side show a common, mainly through e-mail, counterfeit normal application, QQ group, network disk, paste it, victims and other spread.

Three, 2017 worthy of attention to the hot spots

According to the analysis of the characteristics of China’s Internet security situation in 2016, CNCERT predicts that the hot spots that are worthy of attention in 2017 are as follows.

(A) cyberspace according to the law of governance more clear. On November 7, 2016, the Twenty-fourth Session of the Standing Committee of the 12th National People’s Congress passed the “Network Security Law” and came into effect on June 1, 2017. The Act has 7 chapters and 79 articles on cyberspace sovereignty, network products and service providers ‘security obligations, network operators’ safety obligations, personal information protection rules, critical information infrastructure security protection systems and important data cross-border transmission rules, etc. Has been clearly defined. It is expected that the departments will pay more attention to the propaganda and interpretation work of the “Network Security Law” in 2017, compile relevant supporting policies and regulations, implement various supporting measures, and make cyberspace according to law more clear.

(B) the use of Internet of things intelligent device network attacks will continue to increase. 2016 CNVD collection of intelligent networking equipment vulnerabilities 1117, mainly related to web cameras, intelligent routers, smart appliances, intelligent gateway and other equipment. The vulnerability type is mainly privilege to bypass, information disclosure, command execution, etc., which weak password (or built-in default password) vulnerability is easy to be used, the actual impact is very extensive, malicious code attack to use an important risk point. With the development of unmanned aerial vehicles, autopilot vehicles, the popularity of smart home appliances and the development of smart cities, the number of vulnerabilities in networked smart devices will increase significantly, and network attacks against or using intelligent networking devices will be more frequent.

(C) the Internet and the traditional industry integration caused by the security threat is more complex. With the deepening of China’s “Internet +” and “Made in China 2025” action plan, almost all traditional industries, traditional applications and services in China are being changed by the Internet, bringing innovation and development opportunities to various industries. In the process of integration innovation and development, the traditional industry closed mode gradually changed to open mode, but also the future of the Internet virtual network security events into real-world security threats. Internet finance, industrial Internet and other emerging industries rapid development, but triggered a new network security threats can not be ignored, the Internet financial integration of information flow and capital flow, the risk of information flow is likely to lead to loss of capital flow; industrial control system more For the intelligent, network, open Internet brings malicious sniffing behavior increased, the risk of malicious attacks continue to increase. Traditional Internet security and real-world security issues intertwined with the security threat is more complex, the consequences are more serious.

(D) personal information and important data protection will be more attention. In recent years, the development of Internet technology is extremely convenient and rich in our lives and work, online shopping, online job search, social platform, government services and other platforms are filled with a large number of personal detailed privacy information. Since 2011, China’s serious personal information on the leak of the event, especially in recent years, the case of network fraud, the victim’s details have been grasped by fraud, to social stability and serious harm. 2013 “Snowdon incident” and the follow-up of the US government has been a large-scale monitoring of the project, to stimulate countries to strengthen the protection of important data measures, strict norms of Internet data collection, use, storage and so on. China in the “Network Security Law” on the personal information protection rules, important data cross-border transmission has been clearly defined, is expected on personal information and important data protection of the detailed regulatory documents will be enacted, and effectively implement the protection measures.

(5) Network security threats Information sharing has attracted the attention of all parties. Timely comprehensive access to and analysis of network security threats, ahead of network security early warning and deployment of emergency response measures, fully embodies a national network security comprehensive defense capabilities. Through the network security threat information sharing, the use of collective knowledge and technical ability, is to achieve a comprehensive grasp of the network security threats an effective way. The United States as early as 1998 in the Clinton administration signed a presidential decree to encourage the government and enterprises to carry out network security information sharing, to the Obama administration is the network security information sharing is written into the government bill. In recent years, China attaches great importance to the work of network security information sharing, in the “Network Security Law” clearly put forward to promote the relevant departments, key information infrastructure operators and the relevant research institutions, network security services and other network security information sharing The However, in the face of complex and multi-dimensional data source information, how to carry out sharing and in-depth analysis efficiently, we need to establish a set of information security standards for network security threats based on large data analysis. At present, many organizations in our country have been engaged in the exploration and practice of information sharing of network security threats. The relevant national standards and industry standards have been formulated. CNCERT has also established a network security threat information sharing platform for sharing in the communication industry and security industry. jobs.

(6) the background of the network disputes will continue to heat up the degree of concern. At present, China’s Internet penetration rate has reached 53.2% 7, the public through the Internet to get the news more and more fast and convenient, people concerned about the global political hot spots are also rising. 2016 US presidential election “mail door” incident, the Russian hacker exposure of the World Anti-Doping Agency scandal, etc., allow netizens to feel organized, purposeful careful network attacks can have a serious impact on the politics of other countries, Will have a national background of the network disputes from the perspective of industry concerns extended to all Internet users. With a large number of countries continue to strengthen the network space military capacity building, there are national background of the network dispute event will be hot, the crisis frequently, the trend of popular discussion will continue to heat up.

(7) based on artificial intelligence network security technology research in full swing. In the third World Internet Conference, “World Internet leading technology results release activities” site, Microsoft, IBM, Google three major international technology giants show machine learning based on artificial intelligence technology, for us to describe a beautiful future of artificial intelligence. At present, the network attack events are endless, the means are complex, the purpose is complex, the shortage of network security personnel is difficult to cope with the rapid changes in the network security situation, and machine learning in the field of data analysis outstanding performance, artificial intelligence is considered in the network security will “Great as”. There are statistical agencies found that the 2016 “network security” and “artificial intelligence” co-appeared in the article the frequency of rapid rise, indicating that more and more discussions will be linked together with the two together. Based on the large data related to network security, artificial intelligence technology such as machine learning can make breakthrough progress in unknown threat discovery, network behavior analysis and network security warning.

Original Mandarin Chinese:

4月19日消息,國家計算機網絡應急技術處理協調中心(簡稱“國家互聯網應急中心”,英文簡稱“CNCERT”)發布《2016年我國互聯網網絡安全態勢綜述》,在對我國互聯網宏觀安全態勢監測的基礎上,結合網絡安全預警通報、應急處置工作實踐成果,著重分析和總結了2016年我國互聯網網絡安全狀況,並預測2017年網絡安全熱點問題。
一、2016年我國互聯網網絡安全監測數據分析
CNCERT持續對我國網絡安全宏觀狀況開展抽樣監測,2016年,移動互聯網惡意程序捕獲數量、網站後門攻擊數量以及安全漏洞收錄數量較2015年有所上升,而木馬和殭屍網絡感染數量、拒絕服務攻擊事件數量、網頁仿冒和網頁篡改頁面數量等均有所下降。
據抽樣監測,2016年約9.7萬個木馬和殭屍網絡控制服務器控制了我國境內1699萬餘台主機,控制服務器數量較2015年下降8.0%,境內感染主機數量較2015年下降了14.1%。 。其中,來自境外的約4.8萬個控制服務器控制了我國境內1499萬餘台主機,來自美國的控制服務器數量居首位,其次是中國香港和日本。
在監測發現的因感染惡意程序而形成的殭屍網絡中,規模在100台主機以上的殭屍網絡數量4896個,其中規模在10萬台以上的殭屍網絡數量52個。從我國境內感染木馬和殭屍網絡主機按地區分佈數量分析來看,排名前三位的分別是廣東省(占我國境內感染數量的13.4%)、江蘇省(佔9.2%)和山東省(佔8.3 %)。為有效控制木馬和殭屍網絡感染主機引發的危害,2016年,在工業和信息化部指導下,根據《木馬和殭屍網絡監測與處置機制》,CNCERT組織基礎電信企業、域名服務機構等成功關閉1011個控制規模較大的殭屍網絡。
2016年,CNCERT通過自主捕獲和廠商交換獲得移動互聯網惡意程序數量205萬餘個,較2015年增長39.0%,近7年來持續保持高速增長趨勢。按其惡意行為進行分類,前三位分別是流氓行為類、惡意扣費類和資費消耗類1,佔比分別為61.1%、18.2%和13.6%。 CNCERT發現移動互聯網惡意程序下載鏈接近67萬條,較2015年增長近1.2倍,涉及的傳播源域名22萬餘個、IP地址3萬餘個,惡意程序傳播次數達1.24億次。
2016年,CNCERT重點對通過短信傳播,且具有竊取用戶短信和通信錄等惡意行為的“相冊”類2安卓惡意程序及具有惡意扣費、惡意傳播屬性的色情軟件進行監測,並開展協調處置工作。全年共發現此類惡意程序47316個,累計感染用戶超過101萬人,用於傳播惡意程序的域名6045個,用於接收用戶短信和通訊錄的惡意郵箱賬戶7645個,用於接收用戶短信的惡意手機號6616個,洩露用戶短信和通訊錄的郵件222萬封,嚴重危害用戶個人信息安全和財產安全。在工業和信息化部指導下,根據《移動互聯網惡意程序監測與處置機制》,CNCERT組織郵箱服務商、域名註冊商等積極開展協調處置工作,對發現的惡意郵箱賬號、惡意域名等進行關停處置。
二、2016年我國互聯網網絡安全狀況
近年來,隨著我國網絡安全法律法規、管理制度的不斷完善,我國在網絡安全技術實力、人才隊伍、國際合作等方面取得了明顯的成效。 2016年,我國互聯網網絡安全狀況總體平穩,網絡安全產業快速發展,網絡安全防護能力得到提升,網絡安全國際合作進一步加強。但隨著網絡空間戰略地
位的日益提升,世界主要國家紛紛建立網絡空間攻擊能力,國家級網絡衝突日益增多,我國網絡空間面臨的安全挑戰日益複雜。
域名系統安全狀況良好,防攻擊能力明顯上升。 2016年,我國域名服務系統安全狀況良好,無重大安全事件發生。據抽樣監測,2016年針對我國域名系統的流量規模達1Gpbs以上的DDoS攻擊事件日均約32起,均未對我國域名解析服務造成影響,在基礎電信企業側也未發生嚴重影響解析成功率的攻擊事件,主要與域名系統普遍加強安全防護措施,抗DDoS攻擊能力顯著提升相關。 2016年6月,發生針對全球根域名服務器及其鏡像的大規模DDoS攻擊,大部分根域名服務器受到不同程度的影響,位於我國的域名根鏡像服務器也在同時段遭受大規模網絡流量攻擊。因應急處置及時,且根區頂級域緩存過期時間往往超過1天,此次攻擊未對我國域名系統網絡安全造成影響。
針對工業控制系統的網絡安全攻擊日益增多,多起重要工控系統安全事件應引起重視。 2016年,全球發生的多起工控領域重大事件值得我國警醒。 3月,美國紐約鮑曼水壩的一個小型防洪控制系統遭攻擊;8月,卡巴斯基安全實驗室揭露了針對工控行業的“食屍鬼”網絡攻擊活動,該攻擊主要對中東和其他國家的工業企業發起定向網絡入侵;12月,烏克蘭電網再一次經歷了供電故障,據分析本次故障緣起惡意程序“黑暗勢力”的變種。
我國工控系統規模巨大,安全漏洞、惡意探測等均給我國工控系統帶來一定安全隱患。截至2016年年底,CNVD共收錄工控漏洞1036條,其中2016年收錄了173個,較2015年增長了38.4%。工控系統主要存在緩衝區溢出、缺乏訪問控制機制、弱口令、目錄遍歷等漏洞風險。通過對網絡流量分析發現,2016年度CNCERT累計監測到聯網工控設備指紋探測事件88萬餘次,並發現來自境外60個國家的1610個IP地址對我國聯網工控設備進行了指紋探測。
高級持續性威脅常態化,我國面臨的攻擊威脅尤為嚴重。截止到2016年底,國內企業發布高級持續性威脅(APT)研究報告共提及43個APT組織,其中針對我國境內目標發動攻擊的APT組織有36個4。從攻擊實現方式來看,更多APT攻擊採用工程化實現,即依托商業攻擊平台和互聯網黑色產業
鏈數據等成熟資源實現 APT攻擊。這類攻擊不僅降低了發起APT攻擊的技術和資源門檻,而且加大了受害方溯源分析的難度。 2016年,多起針對我國重要信息系統實施的APT攻擊事件被曝光,包括“白象行動5”、“蔓靈花攻擊行動”等,主要以我國教育、能源、軍事和科研領域為主要攻擊目標。 2016年8月,黑客組織“影子經紀人(Shadow Brokers)”公佈了方程式組織6經常使用的工具包,包含各種防火牆的漏洞利用代碼、黑客工具和腳本,涉及Juniper、飛塔、思科、天融信、華為等廠商產品。 CNCERT對公佈的11個產品漏洞(有4個疑似為0day漏洞)進行普查分析,發現全球有約12萬個IP地址承載了相關產品的網絡設備,其中我國境內IP地址有約3.3萬個,佔全部IP地址的27.8%,對我國網絡空間安全造成嚴重的潛在威脅。 2016年11月,黑客組織“影子經紀人”又公佈一組曾受美國國家安全局網絡攻擊與控制的IP地址和域名數據,中國是被攻擊最多的國家,涉及我國至少9所高校,12家能源、航空、電信等重要信息系統部門和2個政府部門信息中心。
大量聯網智能設備遭惡意程序攻擊形成殭屍網絡,被用於發起大流量DDoS攻擊。近年來,隨著智能可穿戴設備、智能家居、智能路由器等終端設備和網絡設備的迅速發展和普及利用,針對物聯網智能設備的網絡攻擊事件比例呈上升趨勢,攻擊者利用物聯網智能設備漏洞可獲取設備控制權限,或用於用戶信息數據竊取、網絡流量劫持等其他黑客地下產業交易,或用於被控制形成大規模殭屍網絡。 CNCERT對車聯網系統安全性進行在線監測分析,發現部分車聯網信息服務商及相關產品存在安全漏洞,可導致車輛、位置及車主信息洩露和車輛被遠程控制等安全風險。 2016年底,因美國東海岸大規模斷網事件和德國電信大量用戶訪問網絡異常事件,Mirai惡意程序受到廣泛關注。 Mirai是一款典型的利用物聯網智能設備漏洞進行入侵滲透以實現對設備控制的惡意代碼,被控設備數量積累到一定程度將形成一個龐大的“殭屍網絡”,稱為“Mirai殭屍網絡”。又因物聯網智能設備普遍是24小時在線,感染惡意程序後也不易被用戶察覺,形成了“穩定”的攻擊源。 CNCERT對Mirai殭屍網絡進行抽樣監測顯示,截至2016年年底,共發現2526台控制服務器控制了125.4萬餘台物聯網智能設備,對互聯網的穩定運行形成了嚴重的潛在安全威脅。此外,CNCERT還對Gafgyt殭屍網絡進行抽樣檢測分析,在2016年第四季度,共發現817台控制服務器控制了42.5萬台物聯網智能設備,累計發起超過1.8萬次的DDoS攻擊,其中峰值流量在5Gpbs以上的攻擊次數高達72次。
網站數據和個人信息洩露屢見不鮮,“衍生災害”嚴重。由於互聯網傳統邊界的消失,各種數據遍布終端、網絡、手機和雲上,加上互聯網黑色產業鏈的利益驅動,數據洩露威脅日益加劇。 2016年,國內外網站數據和個人信息洩露事件頻發,對政治、經濟、社會的影響逐步加深,甚至個人生命安全也受到侵犯。在國外,美國大選候選人希拉里的郵件洩露,直接影響到美國大選的進程;雅虎兩次賬戶信息洩露涉及約15億的個人賬戶,致使美國電信運營商威瑞森48億美元收購雅虎計劃擱置甚至可能取消。在國內,我國免疫規劃系統網絡被惡意入侵,20萬兒童信息被竊取並在網上公開售賣;信息洩露導致精準詐騙案件頻發,高考考生信息洩露間接奪去即將步入大學的女學生徐玉玉的生命;2016年公安機關共偵破侵犯個人信息案件1800餘起,查獲各類公民個人信息300億餘條。此外,據新聞媒體報導,俄羅斯、墨西哥、土耳其、菲律賓、敘利亞、肯尼亞等多個國家政府的網站數據發生了洩漏。
移動互聯網惡意程序趨利性更加明確,移動互聯網黑色產業鏈已經成熟。 2016年,CNCERT通過自主捕獲和廠商交換獲得移動互聯網惡意程序數量205萬餘個,較2015年增長39.0%,近6年來持續保持高速增長趨勢。通過惡意程序行為分析發現,以誘騙欺詐、惡意扣費、鎖屏勒索等攫取經濟利益為目的的應用程序驟增,佔惡意程序總數的59.6%,較2015年增長了近三倍。從惡意程序傳播途徑發現,誘騙欺詐行為的惡意程序主要通過短信、廣告和網盤等特定傳播渠道進行傳播,感染用戶數達到2493萬人,造成重大經濟損失。從惡意程序的攻擊模式發現,通過短信方式傳播竊取短信驗證碼的惡意程序數量佔比較大,全年獲得相關樣本10845個,表現出製作簡單、攻擊模式固定、暴利等特點,移動互聯網黑色產業鏈已經成熟。
敲詐勒索軟件肆虐,嚴重威脅本地數據和智能設備安全。根據CNCERT監測發現,2016年在傳統PC端,捕獲敲詐勒索類惡意程序樣本約1.9萬個,數量創近年來新高。對敲詐勒索軟件攻擊對象分析發現,勒索軟件已逐漸由針對個人終端設備延伸至企業用戶,特別是針對高價值目標的勒索情況嚴
重。針對企業用戶方面,勒索軟件利用安全漏洞發起攻擊,對企業數據庫進行加密勒索,2016年底開源MongoDB數據庫遭一輪勒索軟件攻擊,大量的用戶受到影響。針對個人終端設備方面,敲詐勒索軟件惡意行為在傳統PC端和移動端表現出明顯的不同特點:在傳統PC端,主要通過“加密數據”進行勒索,即對用戶電腦中的文件加密,脅迫用戶購買解密密鑰;在移動端,主要通過“加密設備”進行勒索,即遠程鎖住用戶移動設備,使用戶無法正常使用設備,並以此脅迫用戶支付解鎖費用。但從敲詐勒索軟件傳播方式來看,傳統PC端和移動端表現出共性,主要是通過郵件、仿冒正常應用、QQ群、網盤、貼吧、受害者等傳播。
三、2017年值得關注的熱點
根據對2016年我國互聯網網絡安全形勢特點的分析,CNCERT預測2017年值得關注的熱點方向主要如下。
(一)網絡空間依法治理脈絡更為清晰。 2016年11月7日第十二屆全國人大常委會第二十四次會議表決通過《網絡安全法》,並將於2017年6月1日起施行。該法有7章79條,對網絡空間主權、網絡產品和服務提供者的安全義務、網絡運營者的安全義務、個人信息保護規則、關鍵信息基礎設施安全保護製度和重要數據跨境傳輸規則等進行了明確規定。預計2017年各部門將更加重視《網絡安全法》的宣傳和解讀工作,編制出台相關配套政策法規,落實各項配套措施,網絡空間依法治理脈絡將更為清晰。
(二)利用物聯網智能設備的網絡攻擊事件將繼續增多。 2016年CNVD收錄物聯網智能設備漏洞1117個,

(三)互聯網與傳統產業融合引發的安全威脅更為複雜。隨著我國“互聯網+”、“中國製造2025”行動計劃的深入推進,我國幾乎所有的傳統行業、傳統應用與服務都在被互聯網改變,給各個行業帶來了創新和發展機會。在融合創新發展的過程中,傳統產業封閉的模式逐漸轉變為開放模式,也將以往互聯網上虛擬的網絡安全事件轉變為現實世界安全威脅。互聯網金融、工業互聯網等融合的新興行業快速發展,但引發的新的網絡安全威脅也不容忽略,互聯網金融整合了信息流和資金流,信息流的風險很可能引發資金流損失;工業控制系統更為智能化、網絡化,開放互聯帶來的惡意嗅探行為增多,被惡意攻擊的風險不斷加大。傳統互聯網安全與現實世界安全問題相交織引發的安全威脅更為複雜,產生的後果也更為嚴重。
(四)個人信息和重要數據保護將更受重視。近年來,互聯網技術的發展極大的方便和豐富了我們的生活和工作,網上購物、網上求職、社交平台、政府服務等平台上充斥著大量的個人詳細隱私信息。自2011年以來我國關於嚴重個人信息洩露的事件不絕於耳,特別是近年來的網絡詐騙案件中,受害人的詳細信息都被詐騙分子所掌握,給社會安定帶來嚴重危害。 2013年 “斯諾登事件”及後續相繼爆出的美國政府大範圍監聽項目,刺激著各國加強重要數據的保護措施,嚴格規範互聯網數據的收集、使用、存儲等。我國在《網絡安全法》中對個人信息保護規則、重要數據跨境傳輸進行了明確規定,預計關於個人信息和重要數據信息保護的詳細規範性文件將製定出台,切實落實保護措施。
(五)網絡安全威脅信息共享工作備受各方關注。及時全面獲取和分析網絡安全威脅,提前做好網絡安全預警和部署應急響應措施,充分體現了一個國家網絡安全綜合防禦能力。通過網絡安全威脅信息共享,利用集體的知識和技術能力,是實現全面掌握網絡安全威脅情況的有效途徑。美國早在1998年的克林頓政府時期就簽署了總統令,鼓勵政府與企業開展網絡安全信息共享,到奧巴馬政府時期更是將網絡安全信息共享寫入了政府法案。近年來,我國高度重視網絡安全信息共享工作,在《網絡安全法》中明確提出了促進有關部門、關鍵信息基礎設施的運營者以及有關研究機構、網絡安全服務機構等之間的網絡安全信息共享。但面對紛繁複雜的、多維度的數據源信息,如何高效地開展共享和深入分析,需建立一套基於大數據分析的網絡安全威脅信息共享標準。目前,我國很多機構已經在開展網絡安全威脅信息共享的探索與實踐,相關國家標準和行業標準已在製定中,CNCERT也建立了網絡安全威脅信息共享平台,在通信行業和安全行業內進行相關共享工作。
(六)有國家背景的網絡爭端受關注度將繼續升溫。目前,我國互聯網普及率已經達到53.2%7,民眾通過互聯網獲得的新聞資訊越來越快捷方便,民眾關注全球政治熱點的熱度也不斷高漲。 2016年美國總統大選“郵件門”事件、俄羅斯黑客曝光世界反興奮劑機構醜聞事件等,都讓網民真切感受到有組織、有目的的一場縝密的網絡攻擊可以對他國政治產生嚴重的影響,將有國家背景的網絡爭端從行業領域關注視角延伸到了全體網民。隨著大量的國家不斷強化網絡空間軍事能力建設,有國家背景的網絡爭端事件將會熱點不斷、危機頻出,全民討論的趨勢將會持續升溫。
(七)基於人工智能的網絡安全技術研究全面鋪開。在第三屆世界互聯網大會“世界互聯網領先科技成果發布活動”現場,微軟、IBM、谷歌三大國際科技巨頭展示了基於機器學習的人工智能技術,為我們描繪了人工智能美好的未來。目前,網絡攻擊事件層出不窮、手段多樣、目的複雜,較為短缺的網絡安全人才難以應對變化過快的網絡安全形勢,而機器學習在數據分析領域的出色表現,人工智能被認為在網絡安全方面將會“大有作為”。有研究機構8統計發現,2016年“網絡安全”與“人工智能”兩詞共同出現在文章中的頻率快速上升,表明越來越多的討論將二者聯繫在一起共同關注。以網絡安全相關的大數據為基礎,利用機器學習等人工智能技術,能夠在未知威脅發現、網絡行為分析、網絡安全預警等方面取得突破性進展。

中國軍事戰雲 ~ Chinese Military Use of the Battle Cloud

中國軍事戰雲 ~ Chinese Military Use of the Battle Cloud

“Cloud” is a metaphor of the network, the Internet, “cloud concept” is one of the hottest high-tech concept in recent years, its Internet, efficient, shared and other characteristics, not only profound impact and change our lives, Is also promoting major changes in the military field. In 2013, the US Air Force for the first time the “cloud concept” into the field of operations, put forward the “operational cloud” concept, and quickly get the US Department of Defense, Navy and other military recognition, and gradually become the US military response to the 21st century, a new information war Strategy.

Why –

Intended to build the new US military superiority

In the 21st century, the US military has launched a number of wars in Afghanistan, Iraq, Libya and Syria in the name of anti-terrorism and the suppression of the proliferation of weapons of mass destruction. Every time the war is almost entirely dominated by powerful information and firepower, Quickly won the war. But the US military has a clear sense of this: the above war a few US military did not encounter a truly strong opponent, the war in the United States to grasp the absolute air power and the right to information under the low confrontation environment, the future if the loss of absolute space and information advantages , The US military will be difficult to maintain control of the battlefield. The US military believes that if you want to maintain a sustained battlefield advantage in future wars, facing an unprecedented “threat and challenge”:

Rival strong “anti-entry / regional denial” threat. The US military believes that its information in previous local wars, the advantages of firepower, mainly rely on a strong space-based information systems, large-scale maritime combat platform, joint command and control center, etc., and in the “opponents into the area and the ability to continue Enhance the “background, especially in the face of a large number of” precision-guided long-range cruise missiles and ballistic missiles “threat, these traditional strengths and the strength of the US military to rely on these forces formed by the combat style” will not be renewed, “” opponents Can be a small number of key nodes through the attack quickly paralyzed US military combat power system.

The Challenges of Advanced Combat Weapons and Backward Combat. In the new century, after a large number of equipment F-22 advanced stealth fighters, the US military has ushered in F-35 fighters, DDG-1000 missile destroyers, Ford-class aircraft carrier and other highly informative weapons and equipment. But the appearance of the US military command and control, but also remain in the 2003 “free Iraq” action, highly dependent on satellite, early warning aircraft and other core equipment platform “network-centric war” era. Former US Air Force Secretary Mike Wayne exclaimed: “Just as the use of the 20th century mechanized forces in the First World War was fighting in the 19th century, we now have the danger of fighting in the twentieth century in the twentieth century. “The US military in urgent need of new operational theory to activate the new information technology equipment combat potential,” to regain the US military and rival superiority. ”

Combat power to maintain the challenges with the defense budget tightening. In the United States “financial crisis” “debt crisis” and “national security needs continue to grow” and other factors, the US military arms are also caught in financial dilemma. In the same report, the US Air Force is mainly from the old A-10, F-15/16, B-1, B-1, the first deputy chief of staff, 52 aircraft and B-2 and a small number of F-22, F-35, not enough to meet the opponent’s “anti-entry and regional denial” capabilities, and called to “change strategy” to deal with “available for defense resources The proportion of decline “challenge.

These “threats and challenges” that the US military consider themselves are the context of the concept of “operational cloud”.

Core concept –

To achieve a variety of platforms cross-domain joint operations

In the face of these new “threats and challenges”, in January 2013, the US Air Force Air Combat Command Commander Michael Ostić first proposed the “operational cloud” concept program. In 2014, David de Putura on its basis, the “operational cloud” concept of a comprehensive program, pointed out: “similar to the way cloud computing, ‘combat cloud’ is a kind of military air force use Decentralized air combat, in the evolution of the data chain, anti-jamming communication systems and new targeting tools to support the realization of the air, ground, sea and space field information sharing capabilities jump, and thus maximize the stealth aircraft, accurate Combat weapons, advanced command and control systems, and the combined use of unmanned systems to create large, modular and flexible combat capabilities to ensure that enemies’ attacks on single combat units will not paralyze US operations.

In the same year, the United States “Aviation Week” released a “operational cloud” concept map, described by the orbital space reconnaissance / communications / navigation satellites, airborne early warning aircraft, F-15/16 fighter, maritime aviation battle group, and in-depth integrated air defense system F-22/35 stealth fighter, RQ-180 unmanned reconnaissance aircraft, new long-range bomber (LRS-B) and other multi-dimensional combat unit, jointly build the “air superiority cloud” development prospects, more clearly show the US military “combat Cloud “concept of the whole picture.

From the above US military interpretation and description of the concept of “operational cloud”, we can roughly analyze the characteristics of the US military “operational cloud” and its basic ideas to deal with “threats and challenges”

Battlefield information cross – domain integration. “Combat cloud” relying on “evolving data link, anti-jamming communication system” and other advanced battlefield information network, and “new targeting tool” and other new battlefield sensor system, large data and cloud computing and other information network technology support , Will be widely distributed in space, near the space, air, ground, sea and underwater combat platform of the battlefield intelligence information integration, and real-time seamless operation in the various areas of the platform on-demand distribution. “Combat cloud” formed by the “information sharing capabilities”, both to ensure that the US military on the battlefield on demand is highly transparent, but also to avoid the “anti-entry / regional denial” ability of opponents, its space-based information system , Large-scale maritime combat platform, joint command and control center and other key information nodes “break a little, paralysis of a” situation. The US military envisages that in the “battle cloud” system, the absence of any one or more battlefield nodes will not decisively influence the sharing and distribution of information on the unity of its battlefield.

Group strength distribution operations. With the traditional combat forces of the air forces according to the platform attribute classification allocation, according to the administrative means of combining different ways, “combat cloud” through the “continuous evolution of the data chain, anti-jamming communication system”, the arms of the air force to ” Decentralized air combat form “, according to real-time task requirements, online optimization configuration combination, the formation of” modular “group strength. Each group of forces in a highly integrated cross-domain integration of information support, through the “operational cloud” system of efficient scheduling and control, distribution operations. This group of forces distribution mode of operation, not only inherited the “network-centric war” to obtain the advantages of information, and further developed from the information to the fire distribution, target damage transformation advantages, significantly reduced the combat ” – Review “cycle chain, comprehensively enhance the combat effectiveness of US military information equipment.

Cross – platform platform synergies. Through the “battle cloud” battlefield information cross-domain integration capabilities, three generations of four generations of combat platform to gain dive into the enemy of the five generations of stealth combat platform, unmanned combat platform target information, to achieve an effective blow to the depth of the battlefield; But also to get three generations of four generations of combat platform for long-range fire support, to make up for their own lack of volatility. “Combat cloud” of this inter-generation platform synergies, is considered the US military to deal with “power and financial dilemma” an important means. In September 2014, the outgoing Michael Ostić at the annual meeting of the American Air Force Association made it clear that the US Air Force did not have enough budget to form a full five fleet, to fulfill the role of the Air Force, the highest priority The task is to achieve the “four generations and five generations” of information fusion, collaborative operations.

Development status –

Is changing from concept to actual action

As soon as possible to the “operational cloud” concept program into a practical state, in the United States Department of Defense co-ordination and traction, the US military arms and arms are in line with their own military functions and equipment characteristics, to promote their own “combat cloud” project construction and experiment verification.

Ministry of Defense steadily traction “cloud” infrastructure and conceptual improvement. As early as 2009, the US Department of Defense proposed a concept of data sharing at sea, air and space, and tried to apply the increasingly sophisticated Internet technology to tactical intelligence. In July 2012, the US Department of Defense Chief Information Officer signed the “Ministry of Defense cloud computing strategy” to the military strategy in the form of advancing the process, and continued to carry out “cloud” related storage facilities, computing platform and software services. At present, the US Department of Defense has identified this concept as a “war cloud”, and from the arms and arms, industrial sector and academia deployed personnel, work together to create a perfect “combat cloud” concept program, the ultimate goal is to form an arch Data network, expansion and upgrading of the existing “global information grid” to achieve the maritime warships, combat aircraft, space satellite real-time data sharing.

Each army and arms competing to carry out “combat cloud” project construction. The Air Force is the pioneer of the concept of “operational cloud”, which argues that the key to achieving the “operational cloud” is information fusion and the focus of the “Sky Advantage Cloud” on F-15/16 and F-22/35 Five generations of information on the exchange of information. In 2014, the “Multi-Domain Adaptive System (MAPS) Program” was launched to attempt to integrate the F16-16 Link16 data link, the F-22 IFDL data link, and the F-35’s MADL data link to achieve battlefield data Real-time exchange. US Navy also through the “Naval Integrated Fire Control and Air Defense (NIFC-CA) program” to achieve its use of air E-2D early warning aircraft or sea “Aegis” ship and other combat platforms for the F / A-18E / F and F- 35C and other carrier-based aircraft and the “standard” series of ship-to-air missiles to provide targeted information, and even command the future of the sixth generation F / A-XX multi-purpose fighter aircraft to launch weapons vision. Although the Navy project is not called “combat cloud” due to military interests, the project emphasizes multi-platform information cross-domain integration has a typical “cloud” features. In addition, the US Marine Corps also launched the implementation of its “expeditionary combat sea tactical cloud” project construction.

“Combat cloud” combat mode test verification has been in full swing. September 23, 2014, the US Air Force F-22 for the first time led the joint air raid fleet, the Syrian territory of the “Islamic countries” extreme organizational goals of air strikes. After the completion of the task, when the US Air Operations Commander Mike Hustage in an interview with “defense headlines”, said, “generally believed that stealth is a symbol of the five generations of machines, in fact, the focus is on ‘integration’,” Fusion “makes the F-22 fundamentally different from other platforms,” ​​”Fusion” is the fundamental feature of the five generations of machines, “” Five generations of machines in front of reconnaissance detection targets, and then let four generations of machines in the area to fight it, you must have ‘combat Cloud ‘, which has the ability to transfer data back and forth. ” The position, but also directly proved that the US Air Force is actively against the “combat cloud” combat mode to carry out actual test verification.

(Author: Air Force Military Theory Institute)

Edit comments

Jump on the “cloud” end of the wind and thunder

Huyongbo

When we shop online, the website will be based on the previous shopping records to determine our purchase preferences, push a lot of commodity information; when we browse the news, the software will be based on our reading habits, “good” Directional push content topic … … these phenomena are that we have come to a cloud computing era.

“Combat cloud” reason to enter our topic vision, not only because it frequently appeared in the latest US combat theory, everywhere revealed against the “system of combat” thinking, more importantly, it represents the US military cloud computing used in the field of military the latest achievements, reflecting the US military use of scientific and technological achievements to maximize the effectiveness of combat a train of thought.

Like many high-tech, cloud computing first appeared in the commercial field. In August 2006, Google CEO Eric Schmidt first proposed the “cloud computing” concept. Soon, the US military on this new technology showed a strong interest. In 2008, the US Department of Defense and Hewlett-Packard Company to establish a cloud computing infrastructure. Then, the United States air, sea, land and other military services are signed with commercial companies related to cloud computing systems. The US military’s passion for cloud computing has a strong background in the field of information technology, but it also reflects their keen sense of smell and rapid transformation of the latest cutting-edge technology.

In attending the plenary session of the PLA delegation at the Second Session of the 12th National People’s Congress, the Chairman stressed that “it is necessary to take the initiative to discover, cultivate and use the cutting-edge technology that can serve the national defense and army building to capture the potential growth point of military capability development”. Obviously, to promote the field of cloud computing military and civilian collaboration innovation, we are promising. Because, compared to the United States and other developed countries in the field of cloud computing development, China is not backward, some domestic companies have a more mature use of experience. The key is how to combine our military reality, to achieve the transformation of cloud computing technology in the military field.

Of course, we develop the use of cloud computing technology, we must learn from the experience of foreign troops, but not step by step also cloning. The practice of the US military is only to provide a model used. In the era of information revolution boom, through the core key technological breakthrough is possible to achieve “corner overtaking”. Dare to hit the water flow, Fang Xian hero character.

Original Mandarin Chinese:

“雲”是對網絡、互聯網的一種比喻說法,“雲概念”則是近年來最火的高科技概念之一,其互聯、高效、共享等特質,不但深刻影響和改變著我們的生活,也正在推動軍事領域的重大變革。 2013年,美空軍首次將“雲概念”引入作戰領域,提出“作戰雲”概念,並迅速得到美國防部、海軍及其他軍種的認可,逐漸成為美軍應對21世紀下一場信息化戰爭的新方略。

緣何提出——

意在打造美軍新的跨代優勢

進入21世紀,美軍先後以反恐和製止大規模殺傷性武器擴散等名義在阿富汗、伊拉克、利比亞和敘利亞發動多場戰爭,每次戰爭美國幾乎都憑藉強大的信息、火力優勢,完全掌控戰場局面,快速取得戰爭勝利。但美軍高層對此有著清醒意識:以上幾場戰爭美軍並未遇到真正強大的對手,戰爭在美軍掌握絕對製空權和製信息權的低對抗環境下進行,未來倘若喪失絕對的空天和信息優勢,美軍將很難保持對戰場的控制。美軍認為,若想在未來戰爭中保持持續的戰場優勢,面臨著前所未有的“威脅和挑戰”:

對手強大“反進入/區域拒止”能力的威脅。美軍認為,其在歷次局部戰爭中所仰仗的信息、火力優勢,主要依托強大的天基信息系統、大型海上作戰平台、聯合指揮控制中心等獲得,而在“對手反進入與區域拒止能力不斷提升”的背景下,尤其是面對大量“精確制導遠程巡航導彈和彈道導彈”威脅,這些傳統的優勢力量,以及美軍依托這些優勢力量所形成的作戰樣式“都將不可續存”,“對手可以通過對少數關鍵節點的攻擊迅速癱瘓美軍的作戰力量體系”。

先進作戰武器與落後作戰方式的挑戰。進入新世紀,在大量裝備F-22先進隱身戰機後,美軍又先後迎來F-35戰機、DDG-1000導彈驅逐艦、福特級航母等高度信息化武器裝備。但綜觀美軍的作戰指揮與控制,還停留在2003年“自由伊拉克”行動時,高度依賴衛星、預警機等核心裝備平台的“網絡中心戰”時代。美國前空軍部長麥克·韋恩就驚呼:“正如第一次世界大戰使用20世紀的機械化部隊卻在以19世紀的方式作戰,我們現在同樣存在以20世紀的方式在21世紀作戰的危險。 ”美軍急需新的作戰理論來激活新型信息化裝備的作戰潛能,“重拾美​​軍與對手的跨代優勢”。

作戰力量保持與國防預算緊縮的挑戰。在美國“金融危機”“債務危機”和“國家安全需求不斷增長”等多重因素影響下,美軍各軍兵種也陷入財政窘境。美空軍前情報主管、第一副參謀長大衛·德普圖拉在一份報告中指出,目前美軍空中力量主要由老舊的A-10、F-15/16、B-1、B- 52飛機和B-2以及少量的F-22、F-35組成,不足以應對21世紀對手的“反進入與區域拒止”能力,並呼籲要“改變方略”以應對“可用於國防的資源比重下降”的挑戰。

美軍自認為的這些“威脅和挑戰”,正是其提出“作戰雲”概念的背景。

核心理念——

實現多種平台跨域聯合作戰

面對這些新的“威脅和挑戰”,2013年1月,美空軍空中作戰司令部司令邁克爾·奧斯蒂奇首次提出“作戰雲”概念方案。 2014年,大衛·德普圖拉在其基礎上,對“作戰雲”概念方案進行了全面闡述,指出:“類似於雲計算的方式,’作戰雲’是一種各軍種的空中力量採用分散的空中作戰形式,在不斷進化的數據鏈、抗干擾通信系統和新的瞄準工具等支持下,實現空中、地面、海上和太空領域信息共享能力的躍升,進而最大程度地發揮隱身飛機、精確打擊武器、先進指揮與控制系統以及有人與無人系統結合的優勢,創造出規模化、模塊化的靈活作戰能力,並以此確保敵人對單一作戰單元的攻擊不會癱瘓美軍的作戰行動。”

同年,美國《航空周刊》發布了“作戰雲”構想圖,描述了由在軌太空偵察/通信/導航衛星,空中預警機、F-15/16戰鬥機,海上航空戰鬥群,與深入對方綜合防空系統區的F-22/35隱身戰機、RQ-180無人偵察機、新型遠程轟炸機(LRS-B)等多維作戰單元,共同構建的“空中優勢雲”發展遠景,更加清晰地展現了美軍“作戰雲”概念全貌。

從以上美軍對於“作戰雲”概念的闡釋和描述,我們可以粗略探析美軍“作戰雲”的特徵和其應對“威脅和挑戰”的基本思路:

戰場信息跨域融合。 “作戰雲”依托“不斷進化的數據鏈、抗干擾通信系統”等先進的戰場信息網絡,和“新的瞄準工具”等新型戰場傳感系統,在大數據和雲計算等信息網絡技術的支撐下,將廣泛分佈於太空、臨近空間、空中、地面、海上和水下各域作戰平台的戰場情報信息一體融合,並實時無縫地在各域作戰平台按需分發。 “作戰雲”所形成的這種“信息共享能力”,既保證了美軍對戰場的按需高度透明,同時也避免了具備“反進入/區域拒止”能力的對手,對其天基信息系統、大型海上作戰平台、聯合指揮控制中心等關鍵信息節點“破一點、癱一片”的局面。美軍設想,在“作戰雲”體系中,任何一個和多個戰場節點的缺失,都不會決定性地影響其戰場統一態勢信息的共享和分發。

群組力量分佈作戰。與傳統作戰各軍兵種空中力量按平台屬性分類編配、按行政手段組合的方式不同,“作戰雲”通過“不斷進化的數據鏈、抗干擾通信系統”,將各軍兵種的空中力量以“分散的空中作戰形式”,根據實時任務需求,在線優化配置組合,形成“模塊化”的群組力量。各群組力量在高度一體跨域融合的信息支撐下,通過“作戰雲”體系的高效調度和管控,分佈實施作戰。這種群組力量分佈作戰的模式,既繼承了“網絡中心戰”獲取信息的優勢,又進一步發展了從信息向火力分配、目標毀傷轉化的優勢,大幅縮減了作戰的“偵-控-打-評”週期鏈,全面提升了美軍信息化裝備的作戰效能。

跨代平台協同增效。通過“作戰雲”的戰場信息跨域融合能力,三代四代作戰平台能夠獲得潛入敵縱深的五代隱身作戰平台、無人作戰平台的目標指示信息,實現對縱深戰場的有效打擊;五代隱身作戰平台也能夠獲得三代四代作戰平台的遠程火力支援,彌補自身載彈量不足的劣勢。 “作戰雲”的這種跨代平台協同增效,被認為是美軍應對“力量與財務困局”的重要手段。 2014年9月,即將離任的邁克爾·奧斯蒂奇在美國空軍協會年會上明確表示,美國空軍沒有足夠的預算來組建一支全五代機隊,要履行好空軍的職能,最優先的任務是實現“四代與五代”的信息融合、協同作戰。

發展現狀——

正在由概念向實戰行動轉變

為盡快地將“作戰雲”概念方案轉化到實用狀態,在美國防部的統籌和牽引下,美軍各軍兵種都在結合自身軍種職能和裝備特色,推進自己的“作戰雲”項目建設和實驗驗證。

國防部穩步牽引“雲”基礎建設和概念完善。早在2009年,美國防部就提出了覆蓋海上、空中、太空的數據共享概念,嘗試將日益成熟的互聯網技術應用到戰術情報領域。 2012年7月,美國防部首席信息官簽署了《國防部雲計算戰略》,以軍隊戰略的形式推進這一進程,並持續穩步開展“雲”相關的存儲設施、計算平台和軟件服務建設。目前,美國防部已將這一概念確定為“作戰雲”,並分別從各軍兵種、工業部門和學術界抽調人員,共同著力塑造完善“作戰雲”概念方案,最終目標是要形成一個拱形數據網絡,擴展升級現有“全球信息柵格”,實現海上戰艦、作戰飛機、空間衛星的實時數據共享。

各軍兵種爭相開展“作戰雲”項目建設。美空軍是“作戰雲”概念的先行者,其認為實現“作戰雲”的關鍵是信息融合,並將“空中優勢雲”的重點放在F-15/16等四代機與F-22/35五代機的信息互通上。 2014年啟動了“多域自適應系統(MAPS)計劃”,企圖將F-15/16的Link16數據鏈、F-22的IFDL數據鏈、F-35的MADL數據鏈有機融合,實現戰場數據的實時交換。美海軍也在通過“海軍綜合火控與防空(NIFC-CA)計劃”,實現其用空中E-2D預警機或海上“宙斯盾”艦等作戰平台,為F/A-18E/F和F- 35C等艦載機及“標準”系列艦空導彈提供瞄准信息,甚至指揮未來第六代F/A-XX多用途戰鬥機發射武器的願景。雖然由於軍種利益,海軍項目並不叫“作戰雲”,但其項目強調的多平台信息跨域融合具有典型的“雲”特徵。此外,美海軍陸戰隊也啟動實施了其“遠征作戰海上戰術雲”項目建設。

“作戰雲”作戰模式檢驗驗證已經全面展開。 2014年9月23日,美空軍F-22首次率領聯合空襲機群,對敘利亞境內的“伊斯蘭國”極端組織目標實施空襲作戰。任務完成後,時任美軍空中作戰司令部司令麥克·侯斯塔奇在接受《防務頭條》採訪時,表示“一般認為隱身是五代機的標誌,其實不然,重點在於’融合’”,“’融合’使得F-22與其他平台根本不同”,“’融合’是五代機的根本特徵”,“五代機在前方偵察探測目標,然後讓四代機在防區外打擊它,你必須擁有’作戰雲’,其擁有將數據來回傳輸的能力”。這次表態,也直接證明了美空軍正在積極針對“作戰雲”作戰模式開展實戰性檢驗驗證。

(作者單位:空軍軍事理論研究所)

編輯點評

躍上“雲”端觀風雷

侯永波

當我們在網上購物時,網站會根據以往的購物記錄來判斷我們的購買偏好,推送大量的商品信息;當我們在瀏覽新聞時,軟件同樣會根據我們的閱讀習慣,“投其所好”地定向推送內容話題……這些現像都說明,我們已經來到了一個雲計算時代。

“作戰雲”之所以進入我們的選題視野,不僅僅是因為它頻繁地出現於美軍最新的作戰理論中,處處透露著對抗消解“體系破擊戰”的思維,更重要的是它代表著美軍把雲計算運用於軍事領域的最新成果,反映出美軍運用科技成果最大限度提高作戰效能的一種思路。
像很多高新技術一樣,雲計算最早出現在民用商業領域。 2006年8月,谷歌首席執行官埃里克·施密特首次提出“雲計算”概念。很快,美軍就對這種新技術表現出濃厚興趣。 2008年,美國防部與惠普公司合作建立了一個雲計算基礎設施。緊接著,美國空、海、陸等各軍種都與商業公司簽約設計相關雲計算系統。美軍對雲計算技術的熱情擁抱,有其在信息技術領域處於領先地位的大背景,但同時也反映了他們對最新前沿科技的敏銳嗅覺以及迅速的轉化運用能力。

習主席在出席十二屆全國人大五次會議解放軍代表團全體會議時強調,“要主動發現、培育、運用可服務於國防和軍隊建設的前沿尖端技術,捕捉軍事能力發展的潛在增長點”。顯然,推進云計算領域的軍民協同創新,我們是大有可為的。因為,相比美國等發達國家在雲計算領域的發展,我國並不落後,國內一些公司已經有著較為成熟的運用經驗。關鍵是如何結合我軍實際,來實現雲計算技術在軍事領域的轉化運用。

當然,我們發展運用雲計算技術,須藉鑑外軍的經驗,但絕非亦步亦趨克隆。美軍的做法只是提供了運用的一種模式。在信息革命大潮雲湧的時代,通過核心關鍵性技術突破是有可能實現“彎道超車”的。敢於擊水中流,方顯英雄本色。

Original Source:

2017年03月21日09:52  来源:解放军报

中國軍方解釋了美軍演習在網絡戰中的作用 ~ China Military Explains Role of US Military Theater Operations in Network War

中國軍方解釋了美軍演習在網絡戰中的作用 ~ China Military Explains Role of US Military Theater Operations in Network War

Who is responsible for configuring the information resources owned by the United States? Who is responsible for assigning these resources to use the priority order? What measures have we taken to ensure that the Global Information Grid (GIG), the Independent Joint Service System, and the GCCs: Geographic Combatant Commanders (GCCs) and Global Network Associations (GCCs), which rely on information from them, Trojans (JTF-GNO: Joint Task Force-Global NetOps) security? In recent years, the entire network combat system on the discussion of these issues has not been suspended, the focus of debate is the theater operations in the network operations should play what role.

The US military has announced the deployment of the war command for each theater, and also announced that it would reduce military support in the cross-border areas. For each theater combat command, how to configure the information infrastructure to support the war in the theater has become very important. The enemy may be infiltrated into the critical network system area responsible for military power dispatch, which is often underestimated and even treated as an accident or incidental event, but these intrusion is virtually Made a connection request to block the normal operation of the commercial website, and even led to some of the military logistics business logistics company was marked as invalid. The theater warfare command should ensure that the information conditions of its zone are not affected by external invasions. Countless viruses are destroying the Internet, the Department of Defense system began to be attacked. It is now under discussion whether the Global Network Joint Task Force should be disconnected from the military network on the Internet, but the military is concerned that with the cooperation of commercial suppliers alone, the Department of Defense can not guarantee that all logistical support operations will continue without error To go on. Each theater combat command is not sure about the state of the theater itself, and they are skeptical about the security of the global information grid itself, and they are concerned about their ability to carry out the tasks assigned to it.

(STRATCOM) and the global network of joint contingents in the network operations in the dominant ideology of the impact of the theater operations headquarters of its command and control of the zone has a more global network of operations control institutions to strengthen the United States Strategic Command Weakened. The focus on the operational information grid to the global information grid has also affected, to a certain extent, the battlefield operations command of the global information grid is how to support the theater of the specific behavior of the understanding. This article will introduce the existing command relationship, the war between the theater operations command, the direct relationship between command and combat, the old and emerging joint operational principles of a special case analysis, and finally will be the theater combat command In the network operations should play the role of the proposed recommendations.

Network combat environment

The command and control in cyber warfare is a concept that appeared ten years ago, and its connotation has been evolving. Each of the relevant departments, the theater operations headquarters and the global network of joint contingents have carried out some organizational structure and work focus on the adjustment, but ultimately did not solve their respective roles should play this issue. To really understand why the role of theater warfare in cyber operations will be a problem, it is necessary to clarify the question: where is cyber warfare, what is real cyber warfare, and every What is the organizational structure and command and control structure of the department?

The first thing to explain is, what is the global information grid? According to the definition of Ministry of Defense No. 8100.1, it includes “global interconnection, terminal-to-terminal information transmission capability and joint processing capability.” Ability to collect, process, store, transmit and manage information according to the needs of warriors and policy makers ” This covers government and leased communications information systems and services, as well as other software, security and service support required for global information grids, as well as the Clinger- The National Security System, as defined in Section 5142 of the Cohen Act. According to this definition, the global information grid contains all levels of information systems from the Department of Defense and the national security system, from the tactical level to the strategic level, as well as the interconnected communication system.

Most of the discussion on the command and control of the Global Information Grid Network Operations Center focuses on the defense capabilities of the system, but the content of the network operations is far more than that. The tasks to be accomplished by the network operations include three: departmental management, Content management and network defense, whose purpose is to provide a lack of central support across the boundaries of strategic, tactical and operational concepts, and to support the Department of Defense’s full range of combat, intelligence and mission tasks.

1. Sector management is one of the specific tasks of the global information grid, which is the technology, process and policy management of systems and networks that make up the global information grid, including public sector management, systems management, network management, satellite communications management and Electromagnetic spectrum management of these aspects.

2. Content management refers to managing the information itself in the global information grid. It ensures that information is available to users, operators, and decision makers in real time. Content management includes the search, access, transmission, storage and integration of specific information content of the global information grid.

3. Network defense is the global information grid all the information, including additional information to protect, it mainly includes a number of policies, processes, projects and operations. If necessary, the task can be requested through cross-agency cooperation to complete. It is responsible for the global information grid information security, computer network defense, computer defense response capabilities and critical infrastructure protection.

Now we have learned about the basic organizational structure of the cyber warfare, the next step in the various organizations in the network operations and how they are performing the tasks, which are mainly composed of troops, theater warfare headquarters and global network joint contingents, all of which are With the changes in the battlefield requirements to improve their organizational structure.

The change in the organizational structure of the force is mainly to meet the requirements of the global information grid for information transmission, access, control and protection. Ten years ago, the troops had some changes to regional control in order to adapt to cyber warfare, but those measures eventually developed into centralized controls, and these measures were not preserved. Now it is necessary to understand the composition of the forces in order to better understand why the network operations command and control will become so full of controversy.

GEM: GIG Enterprise Management GCM: GIG Content Management GND: GIG network defense

Army ‘s network operations command and control

The army is the least of all the reforms in the service. The Army continues to hold the previous commander, now known as the Theater Network Operations and Security Centers (TNOSC), which is directly responsible for the various theater war operations. The Army maintains an independent global network operations and security center (GNOSC: Global NetOps and Security Center), all of the battlefield network operations and security centers are its affiliates. The Global Network Operations and Security Center has technical control over the Battlefield Network Operations and Security Center, but the Battlefield Operations and Security Center is also part of the Theater Command and is also managed by the Theater Network Command. A typical example is the Army’s battlefield signal The brigade is managed by the Army Service Component Command.

The Global Network Operations and Security Center provides technical guidance to the network operations forces in each theater. The US Army Network Command and the 9th Signal Command are responsible for the technical and management of the Global Network Operations and Security Center. But in wartime, the Global Network Operations and Security Center was also commanded by the Strategic Command (STRATCOM) as Army Element.

ACERT: Army Computer Emergency Response Unit

AGNOSC: Army Global Network and Security Center

ASCC: Army Army Command

ARSTRAT: Army Strategic Command (Missile Defense and Strategy)

CIO: Chief Information Officer

GCC: Theater Combat Command (Regional Joint Command, Six of the US Army’s Top Ten Command)

INSCOM: Intelligence and Security Command (one of the Army’s reporting units)

JTF-GNO: Joint Task Force – Global Network Operations Command

NETCOM: Army Network War Command

RCERT: Regional Computer Emergency Response Team

STRATCOM: US Strategic Command

TNCC: Theater Network Operations Control Center

TNOCC: Theater Network Operations and Security Center

G6: Army Command Department of Communications

G2 Army Command Information Department

Installation Network Provider

COMMAND – Strategic level operational command

OPCON: Battle (Battle) Command

TACON: tactical control

GS: Global Strike

TECHCON: echelon

ADCON: management control

Air Force ‘s Network Operations Command Control

The Air Force has chosen a different organizational approach to move the focus from the former headquarters of the Network Operations and Security Center (MAJCOM NOSCs) to the Integrated Network Operations and Security Centers (I-NOSCs: Integrated NetOps and Security Centers). Unlike the Army’s Battlefield Network Operations and Security Center, which is managed by the Theater Operations Command, the Air Force’s Integrated Network Operations and Security Center is not affiliated with any theater war command, but only by the Air Force Operations Center (AFNOC : Air Force NetOps Center), which is similar to the Army’s Global Network Operations and Security Center. The Air Force realizes that the Theater Command must have the power to direct direct operations in its zone, and it is necessary to establish a general support relationship between the Air Force Operations Center and the Theater Operations Command, establishing a dedicated link between the two departments unit. In addition, the Air Force has given a command to the establishment of a communications control center in their respective theater areas. These control centers can be used as a shortcut between the Air Force Operations Center and their respective theater operations.

ACC: Air Warfare Center

AFCHQ: Air Force Command

AFNETOPS: Air Force Network Operations Command

ARSTRAT: Air Force Strategic Command Theater Network Operations Control Center

CIO: Chief Information Officer

I-NOSC: Integrated Network Operations and Security Center

GCC: Ibid., Regional Joint Command

JFCC-NW: Network War Joint Function Composition Command

JTF-GNO: Ibid., Joint Task Force – Global Network Operations Command

NCC: Network Control Center

STRATCOM: Ibid., Strategic Command

TNOS: Ibid., Theater Network Operations and Security Center

Naval network operations command control

The Navy and the Air Force, no longer regard the theater as a unit of command. In order to better support global operations, they assisted two existing theater naval warfare centers (RNOSCs) affiliated with the Naval Global Network Operations and Security Center (NAVGNOSC) to assist the original two naval schools in Naples and Bahrain Communication master station (NCTMS: Navy Computer and Telecommunications Master Station). In addition, since most of the Navy’s cyber operations were carried out at sea, they also established Fleet NetOps Centers (FNOCs: Fleet NetOps Centers), echoing the theater and cyber warfare centers located in the United States. The fleet network operations center is the tactical entry point for the fleet to conduct cyber operations, providing network services for audio, video and data for the fleet of the zone, and can be provided when the fleet goes from another area of ​​the fleet network operations center into another area Smooth information transitions. Most unclassified networks are contracted by the US Navy Marine Corps Internet or the US Overseas Overseas Navy Enterprise Network (ONENET: Outside of CONUS Navy Enterprise Network). In order to meet the needs of the battlefield, the Navy established the Overseas Marine Corps Intranet Global Network Operations and Security Center to provide global combat support, as well as the establishment of a war zone network combat and security center of the theater network security center on each Specific battlefield support. There is no subordinate relationship between the Theater Network Operations and Security Center and the theater operations headquarters in the theater.

Fleet NOC: Fleet Network Operations Center

GCC: Ibid., Regional Joint Command

INSCON: Ibid., Army Intelligence and Security Command

JTF-GNO: Ibid., Joint Task Force – Global Network Operations Command

NAVGNOSC: Navy Global Network Operations and Security Center

NAVSOC: Navy Satellite Operations Center

NCC MHQ: Navy Network Operations Information Operations and Space Warfare Center

NMCI GNOC: Maritime Network Global Network Operations Center

RNOSC: ibid, regional network operations center

STRATCOM: Ibid., Strategic Command

TNCC: Ibid., Theater Network Operations Control Center

Navy Global Network Operations and Security Center (NAVGNOSC) and the East and West Regional Network Operations and Security Center (East and West RNOSCs), which support the most basic organization of global naval operations. The Naval Global Network Operations and Security Center brings together information from the Theater Network Operations and Security Center, the Overseas Marine Corps Intranet and the Naval Satellite Operations Center to provide global command and control information for the Global Network Operations Joint Task Force. Unlike the Navy and the Army, they did not maintain a body belonging to the Theater Command. The support relationship between the forces established by the Joint Operations Task Force of the Global Network Operations and the Theater Warfare Command did not give the theater war command the power to command the Naval Department’s global information grid. All command requests of the Theater Warfare Command must be approved by the Navy’s Global Network Operations and Security Center.

Command and Control of Theater Combat Command

Although each theater combat command in their respective jurisdictions for network operations are not the same way, but they have a common feature, that is, have established a theater network operations control center and a subordinate to the defense information system (DISA: Defense Information Systems Agency) of the theater network operations center. (CENTCOM) will be the theater network operations control center and the Defense Information Systems Agency’s theater network operations center known as the Central Theater Network Operations Center (Central Region Theater NetOps), the Central Commander of the Central Theater, Center, and the European Command (EUCOM) has established a Theater Communication Control Center (Theater Communication Control Center). Although there are some differences in the organization, but all the theater network operations control center are basically used by the theater combat command for the area of ​​the global information grid command control (area of ​​the global information grid is also known as the theater Information Grid TIG: Theater Information Grid).

The Theater Operations Command has optimized the configuration and control of the information resources of the global information grid through the Theater Network Operations Control Center to enable them to better serve the battle, while the Theater Network Operations Control Center is also connected to the Defense Information Systems Authority, the regular forces and the global Joint Operations of the Network Operations Joint Task Force. They collaborated with the Theater Network Warfare Center, the Theater Network Operations and Security Center to monitor the status of the theater information grid, to decide on the proposed global operations of the Joint Operations Task Force, and to assess the impact of its actions. The Theater Network Warfare Control Center has the right to decide on the reduction and termination of combat operations and to adjust the priority of operations through the Theater Network Operations Center and the Theater Network Operations and Security Center. If there is no theater network operations and security center in the theater, the theater network operations control center under the Global Network Operations and Security Center tie is responsible for completing the mission required by the Theater Operations Command.

The North North Command (NORTHCOM) is a rather special sector, although it is a theater warfare command with a clear zone, but most of its troops in the zone – including cyber combat troops – are not affiliated with the commander , But belong to the United States Joint Forces Command (JFCOM: Join Forces Command). This deployment is intended to facilitate the global management of the force. The North Command, like several other theater warfare commanders, also set up a theater network operations control center, but did not establish a theater network operations and security center, which makes the North Command must rely on network operations and security centers and other departments for its Provide general support. In this case, the role of the North Command is to be responsible for the operations within its jurisdiction, but also the lack of understanding of the corresponding battlefield information grid, and no direct control of its power.

Strategic Command Network Operations Command Control

With the troops fighting command on the network combat structure to adjust the same, the Ministry of Defense departments are also undergoing reform. Over the years, the Department of Defense has not had a centralized control of the network operations. But in 1997 when the Department of Defense conducted this attempt to find some of the weaknesses of the network at that time, also came to the “combat command – troops – defense agencies,” this network mode of operation is not suitable for modern battlefield situation The That attempt has led to the formation of a Defense Force (IAA) bureau, which is part of today’s Global Network Operations Joint Task Force, which is responsible for the operation and defense of global information grids.

Global Network Operations Joint Task Force network operations command and control mechanism is also constantly evolving. Prior to the advent of the existing UCP: Unified Command Plan, the command and control of the Global Network Operations Joint Task Force was under the responsibility of the Theater Operations Command, but it proved that it was not conducive to managing all the components in the network, It is also difficult to provide enough information for the global information grid information. The original version of the operational concept of cyber warfare emphasizes the control of the theater operations of the theater in the theater, which was described as follows: “The combat command has the power to command the troops assigned to its zone, Is conducive to the completion of the task, when the combat command feel appropriate, or even adjust the priority of the global information grid.All of these activities should be through the theater network operations center to achieve. “In fact, even the global Event, the initial version of the network combat concept document also provides that the global network operations Joint Task Force needs to be in the theater combat command of the theater network operations control center under the command of combat.

The follow-up version of the operational concept has been adapted to this principle. The control of the Global Network Operations Joint Task Force was moved to a more global command and control structure, through which the overall role of the strategic headquarters, the Global Network Operations Joint Task Force and other forces involved in the network operations Has been strengthened. The operational concept of the Global Network Operations Joint Task Force is subdivided into three environmental operational concepts: global, theater and non-global. What kind of environmental concepts apply to different events depends on the actual impact of the events and the impact of the theater. This form of command and control structure is more suitable for the current network combat diversity characteristics, for different levels of events, theater combat command can take a more flexible response measures, and even at the same time to support and supportive action. In this system, sometimes the process of dealing with the event to go through a complete command system chain, and sometimes you can skip some steps.

Global events

Global events refer to activities or events that clearly affect the preparedness of the entire global information grid, which often requires the concordation of multiple theater combatants to be resolved. Commander of the Strategic Command must have the ability to quickly identify global events and to be able to determine which theater combat operations or other agencies of the Department of Defense will be affected. Global events include fast-spreading network malicious code attacks, satellite communications attacks, and enterprise application attacks that are not limited to single-theater network events.

The Global Strategic Command is a reliable command center with command and command for the Global Network Operations Joint Task Force and the Theater Command. The Global Network Operations Joint Task Force uses its own resources to execute the instructions of the Strategic Command, which can be quickly sent to troops around the world. It is noteworthy that this order is not in the event of transmission to the theater of combat operations.

Although the notion of operational concept conferred the command of the commander of the strategic command worldwide, it did not completely deny the right of the theater war command to be commanded by the assigned joint command. While the Global Network Operations Joint Task Force performs the operational command of the Strategic Command, the Theater Operations Command can also deploy its troops to carry out the corresponding activities. Of course, in accordance with the requirements of the operational concept, the forces under the leadership of the theater operations command must be consistent with the action guidelines of the Joint Operations Task Force under the leadership of the Strategic Command. In fact, according to the historical action log of the Joint Operations Task Force of the Global Network Operations, most of the cyber operations began at the beginning of a small theater, and the Theater Command was always the first unit to deal with these incidents, and If they are handled properly, these theater-level events will not develop into global events.

Theater events

Theater events are those that occur in a battlefield area, and its foreseeable range of influence does not go beyond the theater, and the biggest difference between theater and global events is that. In the event of such incidents, the theater operations headquarters played a leading role, while the strategic headquarters only take the support role. The Global Network Operations Joint Task Force can provide support to the Theater Command by its Theater Network Operations and Security Center. If the local forces do not have a theater network operations and security center, it can also provide general support for the Theater Network Operations Control Center through the Global Network Operations and Security Center. The Command of the Theater Combat Command to the Global Network Operations Joint Task Force is subordinate to the subordinate command, that is to say there is no right to direct the Global Network Operations Joint Task Force through its Global Network Operations and Security Center to operate in its area.

Non-global event

A non-global event is an event that only affects the functional warfare headquarters and a particular defense agency. Since such institutions do not have a clear zone, these events can neither be regarded as global nor can they be seen as theater. In dealing with non-global events, the Strategic Command plays the role of auxiliary command, and the Global Network Operations Joint Task Force provides general support for the operational operational warfare headquarters involved. Most of the non-global events generally occur in the northern command zone, since many of the relevant functional departments are subordinate to the Northern Command. In the case of command and control procedures, non-global events and global events are the same.

Contradictory command and control requirements

Tactical technical requirements

Although the positioning of the various forces are not the same, but in the pursuit of efficient network operations, reasonable combat methods are their common theme. Different forces shoulder different responsibilities, they established an independent combat network, application facilities and auxiliary tools to meet their own and global information grid to maintain connectivity needs. Each unit is responsible for operating part of the global information grid, which to some extent the need for combat operations between the various departments of the centralized management, so as to get the desired combat efficiency and return on investment.

The focus of the discussion on centralized control of global information grids is the global nature of cyber warfare. The only way for the Department of Defense to achieve a network-centric commanding mechanism, to enhance the Force’s awareness of the situation and to significantly shorten the decision-making cycle, is to integrate the network and the forces horizontally, which is a centralized control mechanism The The latest “four-year defense assessment report” mentioned in the “to simplify the current ‘chimney’ system structure, to achieve a network-centric command mechanism.”

In order to make better use of scarce resources, the Department of Defense must consider when and where to allocate resources from a global perspective. The allocation of essential resources for network operations such as satellite transmission bands, standard tactical entry network sites and bandwidth must have clear mission objectives and easy to understand global significance. From the perspective of the force, the centralized command is, to some extent, a reshuffle of the existing force institutions and operations, defense networks.

The combat operations led by the theater war command will no longer be strictly limited to its zone. Ground forces are re-starting to use aircraft (including unmanned aerial vehicles) to routinely fly in the United States to support their operations. With the development of the PGS: Prompt Global Strike project, the commander has the power to call for conventional strike assistance from weapons systems outside the theater.

On the Navy, they pointed out that one of the essential characteristics of the maritime forces was global mobility, and the naval forces were constantly interspersed between the various theater warheads. Especially as aircraft carrier battle group such units, once deployed, it can not stay in a small battlefield. In addition, even the theater-level operations taken by the theater war command may have a global impact. The adjustment of the network defensive posture may have a huge financial burden on the Internet sector, and the combat command may not be able to understand the specific details of the adjustment behavior.

For the Department of Defense’s network system, all attacks are essentially global in nature. The enemy can not easily from the other side of the Earth to the United States to attack the physical objectives, but in the field of computer network technology, such things happen often. Once such an attack is detected, the information about it must be communicated to all relevant departments in the shortest possible time to ensure that such attacks are identified from anywhere to protect the security of the global information grid. Every time a network intrusion – even if it does not seem to fail the invasion – is likely to give the global information grid content a huge potential harm, because they invade the system behind the back door will be in the future Attack to play a role. The outbreak of the virus is an undisputed global event, and if we do not realize this, we will suffer more losses.

The Navy emphasizes that the impact of no events will be limited to a theater area, and that all efforts to combat cyber operations must be global. Their defense is that there is no theater boundaries, the Department of Defense every battlefield combat headquarters are facing the same potential threat, in order to obtain information on the advantages of the Department of Defense must make full use of its large coverage of the network resources , Quickly share all useful information on a global basis.

In addition, the Air Force and the Navy have pointed out that their cyber warfare forces are not deployed by the Theater Warfare Command. The Air Force and the Navy have their own cyber warfare organizations (such as the Theater Network Operations and Security Center) in each zone of the Theater Command, and the Air Force and Navy’s cyber warfare forces are usually defender in the theater. Finally, the Air Force and the Navy believe that the Strategic Command is responsible for the Global Information Grid through the Theater Operations Command, based on the description of the official documents available for reference.

Theater war command

There are two issues that need to be concerned about the command and control of cyber warfare against the Theater Command. One is the need for timely control of the battlefield information grid, the second is the need to turn the network into a weapon system, so that commanders can be the same as the conventional weapon system to use the same network resources, the use of the full range of network advantages to conduct a comprehensive battle.

Those forces that have been assigned specific responsibilities have already deployed their own unique solutions, each of which is involved in a network operation or each institution believes that it already has the most effective allocation of scarce resources. But the global information grid is not exclusive to a particular department, but a joint structure. “Chimney” type system and the existing deployment of the troops is actually to reduce the efficiency of the battlefield information grid efficiency. For example, the Army developed a secure IP telephony solution before other departments in the Department of Defense to communicate with the secret voice. For security reasons, other departments usually do not use this program, but their own development of a set of the same function of the solution. So there will be two sets of independent, confidential IP voice schemes in the zone of the Combat Command, which can not be connected to each other. The theater warfare command had to be screened, leaving only a set of programs to ensure that all departments in their zones could cooperate with each other. But the solution is eliminated by the party can no longer with the theater outside the brother forces for confidential contact.

Some of the resources in the combat command zone can serve multiple forces and the public sector. However, there are many examples of the use of duplication of work for the establishment of their own can not be linked to each other independent systems, such as satellite terminals and some technical control equipment. Sometimes, to send a message, you need to send the signal back to the United States, and then sent from the local distance from the initial sender only two miles of the recipient there. All kinds of fibers are arranged one by one on the same route, but the data between them can not be exchanged directly because they belong to different forces or public departments. The theater operations command must take measures to address the interconnection between the troops or the civil service in the zone.

To solve this problem, you can use centralized control approach. The centralized command of the cyber warfare forces requires the theater war command to make some adjustments to its own organization, but at the same time it does not affect its power to direct action when there is a need for combat. Relevant forces must accept orders for multiple combat orders and effectively optimize and feedback battlefield information. At present, the troops sent to the front are becoming more and more independent, and through the help of the global information grid they can cross the border of the theater combat command back and forth, and the theater warfare command has been compromised by the support and confrontation of the cyber warfare , After the implementation of centralized command, the troops can not or do not want to respond to the requirements of the theater combat command.

The Pacific Command (PACOM: Pacific Command) first adopted a “joint attempt” approach in humanitarian aid operations when it participated in the Indonesian tsunami relief work in 2004. The Pacific Command issued instructions to the assigned troops to carry out special network defenses under the framework of the entire action plan. Many naval forces and Marine Corps units have established relatively direct network defenses under the centralized command of the Navy’s Global Network Operations Center, which goes beyond the mandate of the Pacific Command to the Navy and Marine Corps, which Posing a potential risk factor for the global operations of the Pacific Command.

The Combat Command is concerned that the idea of ​​centralizing control of global information grids will always reduce their grip on information and control of the global information grid. Under the existing command system, a unit will carry out training or perform other tasks under the command of its troops, and participate in the battle under the command of the theater combat command, and the rules of command and control are very clear. The command and control of the forces in the field of information is as important as their command and control in the air, land, sea and space fields. For the C3S system (control, communications and computer systems), under its command to combat and responsible for the protection of its forces are often in a double or even triple the report chain, the results can not tell who is responsible for the final battle. In a global or non-global event, the Global Network Operations Joint Task Force often conducts direct operations around the theater operations headquarters. Although the operational concept of joint cyber warfare specifically emphasizes the need for coordinated operations with the theater combat command, this requirement has become almost in the context of modern combat rapid changes. Information Security Weakness Alert System, Computer Task Sequence, and Information Condition Adjustment System Problems outside the jurisdiction of the Combat Command are typical examples of this requirement failure. These events directly affect the command of the Theater Command in the battlefield, when the troops want to directly use these mechanisms from the management level to strengthen their own control, they can not determine when and how in the implementation of these Operation, and do not know what impact this will have on the command of the theater combat command, because under current conditions, only the theater combat command has the ability to carry out these operations. When a threat event requires the Air Force’s Space Command to seek the cooperation of the Joint Operations Task Force of the Global Network Operations with Air Force forces, it would bring to the command of the North Command if it did not notify or obtain cooperation with the Northern Command Big trouble.

In the Central Command, due to the lack of adequate control of the network combat forces, resulting in the commander sometimes can not determine whether the network resources are available. The Navy is responsible for operating a large number of battlefield information grids. Navy network combat forces in the operational area are not responsible for the Central Command of the Navy, who only need to report to the Theater Network Operations and Security Center. The central theater’s central theater theater operations center, whose duty is to maintain and direct all the combat operations of the theater operations, but it is not in the naval network combat force report chain, so it is often impossible to get all the battlefield information grid Of the state of affairs, there are already alternatives to deal with this problem, but this can not be said to be a formal solution.

For the North Command, because of the lack of cyber warfare control, they encountered great trouble in the rescue work of Hurricane Katrina in 2005. In that operation, the troops’ equipment was transported to the joint warfare zone without permission. Which makes the North Command can not grasp and guide the transfer of materials, but can not coordinate the actions of various forces, which is a multi-directional management and operational issues.

As the various forces advocate the implementation of a centralized command framework centered on the Global Network Operations Joint Task Force, it is necessary to emphasize the fact that the theater commanders are reluctant to see such changes, Some of them are responsible for the strategic headquarters, with the global information grid operating rights and defense rights mechanism. The presence of the Strategic Command has been instrumental in maintaining the command of the theater combat command in combat operations in theater and global events and in enhancing communication between the theater combat command and the Joint Staff.

Combat headquarters and troops want to focus on the network operations from the level of joint operations, but there are several issues that need to be discussed:

Who is responsible for the first leadership?

2. Network operations to focus on what the specific direction of the command to be reflected, the global level, the theater level or what other level?

3. What is the change brought about by this adjustment only when a part of the theater combat command sends a request to the Global Network Operations Joint Task Force or is the theater commander’s complete command and priority in the theater?

Finally, the Theater Command is the body that is ultimately responsible for the President’s mission to complete the military mission in the area, and the troops dispatched to the theater combat command need to complete their respective tasks under their jurisdiction. It is unquestionable that they will still be under the command of the strategic command when the troops advocate the implementation of a global centralized command. But the current global information grid is a key part of the command and control capability of the theater combat command and the commander’s ability to guide the troops. Without a global information grid, the plane can not fly, the ground forces can not move, the ships can not sail, even the satellite can not provide the signal. Commanders need to get the status of the global information grid and control, just as they need to master the position and status of the troops as important. They must grasp the scope, ability and status of the battlefield information grid, and must know how the situation outside the theater will affect the battlefield information grid in the area where the troops are located and must be able to command and optimize the troops to support operations. If we really believe that the speculation of the centralized command will have a better effect, it can not be ignored for the theater war command to retain the appropriate command and control.

Also, as long as the structure of the Theater Command is still preserved, all military missions, including those directed by the Functional Command Command, will inevitably occur in the theater of the Theater Command, as all networks Combat missions must be carried out by an entity unit. At the same time, centralized command is necessary to achieve a network-centric command model and to more effectively defend against attacks. The concept of this centralized command and the command of the theater war command to master and optimize the battlefield information grid is not mutually exclusive.

The way forward

To develop a viable network combat command and control framework, it is necessary to avoid extremes, taking into account the needs of theater warfare headquarters and the need to establish centralized control of global information grids. In the process of the development of the operational concept of joint network operations and the transformation process of network combat forces, the principle of organization needs to play the role of adjusting the interests of all parties. In order to achieve this goal, the Department of Defense should do the following:

1. Create a simple, clear network combat command chain, to ensure that the strategic headquarters of all network operations can be directed. This can solve the problem just mentioned “who is responsible for the first leadership”. Only when the event occurred in a rapidly changing environment, the theater command and control agencies began to play a role. Simple command chain can ensure that troops involved in network operations know who should listen to who should report to whom, in this command chain, must include the theater combat command.

2. The command of the theater war command in its zone can be given:

– to amend the Joint Command plan to clarify the responsibilities of the Theater Operations Command to operate the network in its zone.

– Revise the existing global information grid network operational concept, detailing that those outside the theater network operations and security centers can obtain direct assistance from the World Network Operations and Security Center of the Theater Operations Command.

– All orders for the Global Network Operations Joint Task Force shall be enforced through the Theater Operations Command.

These adjustments ensure that all units in the theater are acting under a single command chain, which is responsible for the strategic headquarters through the Theater Operations Command. This can also solve the North Command should be responsible for the area but did not command the power of the network fighting the embarrassing situation.

3. In each theater combat command, a joint network operations center under the jurisdiction of the Central Command shall be established to integrate the Theater Network Operations Control Center of the Theater Command Command and the Theater Network Operations Center of the Global Network Operations Joint Task Force. As a result, each theater war command will have a joint operations command in the field of computer space, just as in the battlefield of land, sea and air. Any troops outside the Theater Network Operations and Security Center can obtain direct assistance from the Global Network Operations and Security Center of the Joint Network Operations Center.

4. To consolidate the status of the global information grid, the highest control to the strategic headquarters. The development of centralized command is now focused on the command of the forces involved in the network operations, which runs counter to the network-centric command concept. The force-centric “chimney” command system is not conducive to the transmission and processing of information, let us from the “all users to provide the latest and most accurate information” goal farther and farther. In the previous “Goldwater Nichols Defense Ministry Reconstruction Law” report has made it clear that the organization and management and command and control should be controlled by a joint agency.

Concluding remarks

The current centralized command of network operations is an urgent need. Optimizing the network operational command mechanism can help the Department of Defense to improve efficiency, save costs and better allocate scarce resources. More importantly, this allows network combat troops to provide information more quickly and accurately to commanders, which is important in large-scale network operations. The process of centralized command can not affect the efficiency of network combat command and control. This depends on whether the global information grid can provide enough information for all participating units and whether the commander makes full use of the theater information grid to help command operations.

“We have to change the network combat problem discussion and thinking mode, we are in the network” combat “rather than the network” management “, all participating units must ensure that they are ready to war every time to ensure that the network system A decisive weapon system. ” Network operations are a key part of our country’s ability to win war, it can help us provide command and control, shorten the decision-making cycle and adjust the resources of the theater. The Strategic Command has taken a big step in strengthening the concept of cyber warfare, and these efforts need to be continued. The theater warfare command must be an important part of the control and protection of the global information grid to ensure that we can continue to win the network.

Original Mandarin Chinese:

是誰在負責配置美國所擁有的信息資源?誰在負責分配這些資源利用時的優先級順序?我們採取了哪些措施來保證全球信息柵格(GIG:Global Information Grid)、獨立聯合服務系統以及依靠從它們身上獲取信息來開展工作的戰區作戰司令部(GCCs:Geographic Combatant Commanders)和全球網絡聯合特遣部隊(JTF-GNO:Joint Task Force-Global NetOps)的安全?最近幾年以來,整個網絡作戰系統對這些問題的討論一直沒有停息過,人們爭論的焦點就是戰區作戰司令部在網絡作戰中應該扮演什麼樣的角色。

美國軍方公佈了對每個戰區作戰司令部的部署,同時還宣布將會減少跨戰區的軍事支持行動。對每個戰區作戰司令部來說,如何配置支持本戰區作戰的信息基礎設施就變得非常重要了。敵人有可能會滲透進負責軍事力量調度的關鍵網絡系統區域進行破壞,這些入侵的危害常常被低估,甚至被當作意外事件或者偶發事件輕描淡寫地處理掉,但是這些入侵行為實際上完全有可能濫發連接請求來阻塞商業網站的正常運行,甚至導致一些承擔軍隊後勤業務的物流公司被標為無效狀態。戰區作戰司令部應該保證其防區的信息條件不受外部入侵的影響。不計其數的病毒正在破壞著互聯網,國防部的系統也開始遭到攻擊。現在有人在討論是否應該讓全球網絡聯合特遣隊斷開互聯網上的軍事入網點,但軍方又擔心僅靠和商業供應商的合作,國防部不能保證所有的後勤支持行動都能繼續無差錯地進行下去。每個戰區作戰司令部對各自的戰區網絡狀態都不太確定,他們對全球信息柵格本身的安全持有懷疑態度,他們擔心其是否有能力執行分配給它的任務。

受到建立一個更全球化的網絡作戰控制機構、加強美國戰略司令部(STRATCOM)和全球網絡聯合特遣隊在網絡作戰中的主導地位思想的影響,戰區作戰司令部對其防區的指揮控制權有所削弱。將作戰信息集中到全球信息柵格的做法也在一定程度上影響了戰區作戰司令部對全球信息柵格是如何支持該戰區的作戰的具體行為的了解。本文將會介紹現有的指揮關係、戰區作戰司令部的職責、指揮和作戰之間的線性關係、舊有的和新興的聯合作戰原則一級特殊戰例分析,最後還將會對戰區作戰司令部在網絡作戰中所應扮演的角色提出建議。

網絡作戰的環境

網絡作戰中的指揮控制是一個在十年以前就出現了的概念,之後它的內涵一直處在演變之中。每個相關部門、戰區作戰司令部和全球網絡聯合特遣隊都為此進行過一些組織結構和工作重心上的調整,但是最終都沒有解決好各自應該扮演的角色這個問題。要想真正明白為什麼戰區作戰司令部在網絡作戰中的角色會成為一個難題,就必須先弄清楚這幾個問題:網絡作戰是在哪兒發生的、什麼是真正的網絡作戰、網絡作戰中的每個部門的組織結構和指揮控制結構是怎樣的。

首先需要解釋的是,什麼是全球信息柵格?按照國防部第8100.1號文件的定義,它包括“全球互聯的、終端到終端的信息傳輸能力和聯合處理能力。按照戰士、決策者的需要來進行信息採集、處理、儲存、傳播和管理的能力”。這就涵蓋了政府的和租用的通信信息系統及服務,以及全球信息柵格所需的其他軟件、安全和服務支持,還包括1996年3月頒布的《克林格-科恩法》(Clinger- Cohen Act)第5142節所定義的國家安全系統(National Security System)。按照這個定義,全球信息柵格包含了國防部和國家安全系統的所有級別的信息系統,從戰術層次到戰略層次,以及互聯通信系統。

大多數關於全球信息柵格網絡作戰中心的指揮控制的討論都在著重強調該系統的防禦能力,但是網絡作戰包含的內容其實遠不止這點,網絡作戰要完成的任務包括三項:部門管理、內容管理和網絡防禦,其工作目的是提供跨越戰略、戰術和作戰概念邊界的無中心式支持,為國防部的全方位的戰鬥、情報和考察任務提供支持。

1.部門管理是全球信息柵格的具體任務之一,它是對構成全球信息柵格的系統和網絡的技術、過程和政策管理,包括公務部門管理、系統管理、網絡管理、衛星通信管理和電磁光譜管理這幾個方面。

2.內容管理指的是管理全球信息柵格里的信息本身。它用即時的方式保證信息對使用者、操作者和決策者都是可用的。內容管理包括對全球信息柵格的具體信息內容的查找、訪問、傳輸、儲存和一體化。

3.網絡防禦就是對全球信息柵格所有的信息包括附加信息進行保護,它主要包括一些政策、過程、項目和操作。如果有必要的話,該任務可以請求通過跨機構合作來完成。它負責的是全球信息柵格的信息安全、計算機網絡防禦、計算機防衛反應能力和關鍵性基礎設施保護。

現在已經了解了網絡作戰的基本組織結構,下一步介紹網絡作戰中的各個組織和他們是如何執行任務的,需要介紹的主要是部隊、戰區作戰司令部和全球網絡聯合特遣隊,它們都在隨著戰場要求的變化而改進著各自的組織結構。

部隊在組織結構上的改變主要是為了滿足全球信息柵格對信息傳輸、訪問、控制和保護能力的要求。十年之前,部隊為了適應網絡作戰曾針對區域控制進行過一些變革,但那些措施最終發展成了集中化的控制,這些措施也沒有保留下來。現在我們有必要了解一下部隊的組織構成,以便更好地理解為什麼網絡作戰的指揮控制會變得如此充滿爭議。
GEM:GIG企業管理 GCM:GIG內容管理 GND:GIG網絡防禦
陸軍的網絡作戰指揮控制

陸軍是所有軍種中改革措施最少的。陸軍繼續保持著以前的指揮機構,現在叫做戰場網絡作戰與安全中心(TNOSC:Theater NetOps and Security Centers),該組織直接對各個戰區作戰司令部負責。陸軍維持著一個獨立的全球網絡作戰與安全中心(GNOSC:Global NetOps and Security Center),所有的戰場網絡作戰與安全中心都是其下屬機構。全球網絡作戰與安全中心對戰場網絡作戰與安全中心進行技術控制,但是戰場網絡作戰與安全中心同時又隸屬於戰區作戰司令部,也受到戰區網絡司令部的管理,典型的例子就是陸軍的戰場信號旅受陸軍服務組件指揮部的管理。

全球網絡作戰與安全中心對各個戰區的網絡作戰部隊提供技術指導。美國陸軍網絡司令部暨第9信號司令部對全球網絡作戰與安全中心的技術和管理負責。但是在戰時,全球網絡作戰與安全中心又作為陸軍的元素受戰略司令部(STRATCOM)的指揮。
ACERT:陸軍計算機應急響應分隊
AGNOSC:陸軍全球網絡和安全中心

ASCC:陸軍軍種組成司令部

ARSTRAT:陸軍戰略司令部(導彈防禦與戰略)

CIO:首席信息官

GCC:戰區作戰司令部(地區性聯合司令部,美軍十大司令部中的六個)

INSCOM:情報和安全司令部(陸軍直屬報告單位之一)

JTF-GNO:聯合特遣部隊-全球網絡作戰司令部

NETCOM:陸軍網絡戰爭司令部

RCERT:地區性計算機應急響應分隊

STRATCOM:美軍戰略司令部

TNCC:戰區網絡作戰控制中心

TNOCC:戰區網絡作戰和安全中心

G6:陸軍司令部通信部門

G2陸軍司令部情報部門

Installation Network Provider網絡施設提供商

COMMAND—戰略層面作戰指揮

OPCON:作戰(戰役)指揮

TACON:戰術控制

GS:全球打擊

TECHCON:梯隊

ADCON:管理控制

空軍的網絡作戰指揮控制

空軍選擇了一條不同的組織途徑,把重點從以前的一級司令部網絡作戰和安全中心(MAJCOM NOSCs)轉移到了一體化網絡作戰和安全中心(I-NOSCs:Integrated NetOps and Security Centers)。與陸軍的戰場網絡作戰與安全中心受戰區作戰司令部的管理不同的是,空軍的一體化網絡作戰和安全中心並不隸屬於任何一個戰區作戰司令部,而是只受空軍網絡作戰中心(AFNOC :Air Force NetOps Center)的管理,該中心與陸軍的全球網絡作戰和安全中心性質類似。空軍意識到了戰區作戰司令部必須擁有在其防區直接指揮網絡作戰行動的權力,有必要在空軍網絡作戰中心和戰區作戰司令部之間建立起一般支持的關係,建立兩個部門之間的專用聯絡單元。另外空軍方面還賦予了一級司令部在各自的戰區建立通信控制中心的自主權,這些控制中心可以當作空軍網絡作戰中心與各自戰區作戰司令部相互聯繫的快捷通道。
ACC:空戰中心
AFCHQ:空軍組成司令部

AFNETOPS:空軍網絡作戰司令部

ARSTRAT:空軍戰略司令部戰區網絡作戰控制中心

CIO:首席信息官

I-NOSC:集成網絡作戰和安全中心

GCC:同上,地區性聯合司令部

JFCC-NW:網絡戰聯合職能組成司令部

JTF-GNO:同上,聯合特遣部隊-全球網絡作戰司令部

NCC:網絡控制中心

STRATCOM:同上,戰略司令部

TNOS:同上,戰區網絡作戰與安全中心

海軍的網絡作戰指揮控制

海軍和空軍一樣,不再把戰區當作指揮的單位。為了更好地支持全球作戰,他們用隸屬於海軍全球網絡作戰與安全中心(NAVGNOSC)的兩個戰區網絡戰安全中心(RNOSCs)來協助原有的位於那不勒斯和巴林島的兩個戰區海軍計算機與通信主站(NCTMS:Navy Computer and Telecommunications Master Station)。另外,由於海軍的大多數網絡作戰是在海上進行,所以他們還建立了艦隊網絡作戰中心(FNOCs:Fleet NetOps Centers),與位於美國本土的戰區網絡戰安全中心互為呼應。艦隊網絡作戰中心是艦隊進行網絡作戰的戰術切入點,可以為本防區的艦隊提供音頻、視頻和數據等網絡服務,並且可以在艦隊從一個艦隊網絡作戰中心的轄區駛入另一個轄區的時候提供平滑的信息過渡。多數未分類的網絡都是由美國本土的海軍陸戰隊內聯網(NMCI:Navy Marine Corps Internet)或者美國海外的海外海軍企業網絡(ONENET:Outside of CONUS Navy Enterprise Network)負責承包運營的。為了適應戰場的需求,海軍建立了海外海軍陸戰隊內聯網全球網絡作戰與安全中心來提供全球性的作戰支持,同時也建立了隸屬於戰區網絡作戰與安全中心的戰區網絡戰安全中心對各個具體戰場提供支持。戰區網絡作戰與安全中心與所在戰區的戰區作戰司令部並沒有從屬關係。
Fleet NOC:艦隊網絡作戰中心
GCC:同上,地區性聯合司令部

INSCON:同上,陸軍情報和安全司令部

JTF-GNO:同上,聯合特遣部隊-全球網絡作戰司令部

NAVGNOSC:海軍全球網絡作戰和安全中心

NAVSOC:海軍衛星作戰中心

NCC MHQ:海軍網絡作戰信息作戰和太空戰中心

NMCI GNOC:海軍陸戰隊網全球網絡作戰中心

RNOSC:同上,地區性網絡作戰中心

STRATCOM:同上,戰略司令部

TNCC:同上,戰區網絡作戰控制中心

支持全球海軍作戰的最基本的組織的海軍全球網絡作戰與安全中心(NAVGNOSC)和東西部戰區網絡作戰與安全中心(East and West RNOSCs)。海軍全球網絡作戰與安全中心匯集了來自戰區網絡作戰與安全中心、海外海軍陸戰隊內聯網和海軍衛星作戰中心的信息,為全球網絡行動聯合特遣部隊提供全球性的指揮控制信息。海軍和陸軍不同的是,他們沒有維持一個隸屬於戰區作戰司令部的機構。全球網絡作戰聯合特遣部隊建立的部隊與戰區作戰司令部之間的支持關係並沒有賦予戰區作戰司令部在海軍部負責的全球信息柵格範圍內進行指揮的權力。戰區作戰司令部的所有指揮請求都必須先經過海軍全球網絡作戰與安全中心的批准。

戰區作戰司令部的網絡作戰指揮控制

儘管每個戰區作戰司令部在各自的轄區內針對網絡作戰的組織方式都不盡相同,但是他們卻有一個共同的特點,那就是都建立了一個戰區網絡作戰控制中心和一個隸屬於國防信息系統局(DISA:Defense Information Systems Agency)的戰區網絡作戰中心。各個戰區網絡作戰控制中心的組織結構並不完全相同,美國中央司令部(CENTCOM)將戰區網絡作戰控制中心和國防信息系統局的戰區網絡作戰中心合稱為中央戰區網絡作戰中心(Central Region Theater NetOps Center),而歐洲司令部(EUCOM)則建立了一個戰區通信控制中心(Theater Communication Control Center)。雖然在組織上有些差異,但是所有的戰區網絡作戰控制中心基本上都是被戰區作戰司令部用來對轄區內的全球信息柵格進行指揮控制(轄區內的全球信息柵格也被稱為戰區信息柵格TIG:Theater Information Grid)。

戰區作戰司令部通過戰區網絡作戰控制中心來優化配置和控制全球信息柵格的信息資源,以使它們更好地為戰鬥服務,同時戰區網絡作戰控制中心也是連接國防信息系統局、常規部隊和全球網絡作戰聯合特遣部隊的戰區接口。他們與戰區網絡戰中心、戰區網絡作戰和安全中心合作來監控戰區信息柵格的狀態,對被提議的全球網絡作戰聯合特遣部隊相關行動作出決定,並評估其行動的影響。戰區網絡戰控制中心對作戰行動力度的減小和終止有決定權,並且通過戰區網絡作戰中心和戰區網絡作戰與安全中心來調整作戰的優先級。如果該戰區沒有戰區網絡作戰與安全中心,那麼就由全球網絡作戰與安全中心領帶下的戰區網絡作戰控制中心來負責完成戰區作戰司令部所要求的任務。

美國的北方司令部(NORTHCOM)是一個比較特別的部門,雖然它是一個有著明確防區的戰區作戰司令部,但是其防區內的大部分部隊——包括網絡作戰部隊——都不隸屬於該司令部,而是屬於美國聯合部隊司令部(JFCOM:Join Forces Command)。這樣的部署是為了便於部隊的全球性管理。北方司令部和其他幾個戰區作戰司令部一樣,也設立了戰區網絡作戰控制中心,但是卻沒有建立戰區網絡作戰與安全中心,這就使得北方司令部必須依靠網絡作戰與安全中心等部門為其提供一般支持。在這種情況下,北方司令部所扮演的角色就是需要負責其轄區內的作戰行動,但是又對相應的戰場信息柵格缺乏了解,更沒有直接控制它的權力。

戰略司令部網絡作戰指揮控制

與部隊戰鬥司令部對網絡作戰結構進行調整一樣,國防部的相關部門也在進行著改革。多年以來,國防部一直沒有一個集中控制的網絡作戰部。但是在1997年的時候國防部進行過這方面的嘗試,發現了一些當時網絡的弱點,也得出了“作戰司令部-部隊-國防機構”這種網絡作戰的模式已經不適合現代的戰場情況。那次嘗試促成了國防信息系統局最終組建了一支實體部隊,也就是今天的全球網絡作戰聯合特遣部隊來負責全球信息柵格的操作和防禦。

全球網絡作戰聯合特遣部隊的網絡作戰指揮控制機制同樣也在不斷發展。在現有的聯合司令部計劃(UCP:Unified Command Plan)出現之前,全球網絡作戰聯合特遣部隊的指揮控制都是由戰區作戰司令部負責,但是事實證明這不利於管理網絡中的所有組件,也難以為全球信息柵格提供足夠的事態感知信息。最初版本的網絡作戰的作戰概念比較強調戰區作戰司令部對其防區的網絡作戰的控制,當時對處理戰區問題的描述是這樣的:“作戰司令部有權指揮被指派到其防區的部隊,只要是利於任務的完成,在作戰司令部覺得合適的時候,甚至可以調整全球信息柵格的優先級。所有的這些活動,都應該通過戰區網絡作戰中心來實現。”事實上,即使是全球性的事件,最初版本的網絡作戰概念文件也規定全球網絡作戰聯合特遣部隊需要在戰區作戰司令部的戰區網絡作戰控制中心指揮下進行作戰。
作戰概念的後續版本對這項原則進行了調整。對全球網絡作戰聯合特遣部隊的控制被移到了一個更加全球化的指揮控制架構中,通過這樣的調整,戰略司令部、全球網絡作戰聯合特遣部隊和其他參與網絡作戰的部隊的整體角色都得到了加強。全球網絡作戰聯合特遣部隊的作戰概念被細分成了三個環境作戰概念:全球性的、戰區性的和非全局性的。不同的事件適用何種環境概念取決於事件造成的實際影響和戰區影響。這種形式的指揮控制結構更加適用於目前網絡作戰多樣性特性,針對不同級別的事件,戰區作戰司令部可以採取更加靈活的應對措施,甚至可以同時展開支持性的和輔助性的行動。在這種制度下,有時候處理事件的過程要經過完整的指揮系統鏈,有時候可以跳過一些步驟。

全球性事件

全球性事件是指那些顯而易見會影響整個全球信息柵格的備戰度的活動或事件,這類事件通常需要多個戰區作戰司令部的協同處理才能得到解決。戰略司令部的指揮官必須要具備快速鑑別全球性事件的能力,並要能具體判斷出有哪些戰區作戰司令部或者國防部的其他機構會受到影響。全球性事件包括快速傳播的網絡惡意代碼攻擊、衛星通信攻擊、企業應用攻擊等不僅僅局限於單個戰區的網絡事件。

全球戰略司令部是一個可靠的指揮中心,它對全球網絡作戰聯合特遣部隊和戰區作戰司令部都有命令和指揮權。全球網絡作戰聯合特遣部隊利用自己的資源來執行戰略司令部的指示,作戰命令可以很快地發送到在全球各地的部隊中。值得注意的是,這種命令在傳遞時不經過事件發生地的戰區作戰司令部。

雖然作戰概念的原則賦予了戰略司令部指揮官全球範圍內的指揮權,但是這也並沒有完全否定戰區作戰司令部可以通過分配的聯合司令部計劃來進行指揮的權利。在全球網絡作戰聯合特遣部隊執行戰略司令部的作戰命令的同時,戰區作戰司令部也可以調遣其麾下的部隊進行相應的活動。當然,按照作戰概念的要求,戰區作戰司令部領導下的部隊的行動必須與戰略司令部領導下的全球網絡作戰聯合特遣部隊的行動方針保持一致。事實上,據全球網絡作戰聯合特遣部隊的歷史行動日誌記載,大多數的網絡作戰一開始都是在小範圍戰區開始出現的,戰區作戰司令部總是著手處理這些事件的第一單位,而且如果處理得適當的話,這些戰區級別的事件就不會發展成全球性事件。

戰區性事件

戰區性事件是指那些發生在某個戰場區域,其可預見的影響範圍不會超出該戰區的事件,戰區性事件與全球性事件的最大區別也就在於此。在處理這類事件的時候,戰區作戰司令部起著主導作用,而戰略司令部只承擔輔助的支持作用。全球網絡作戰聯合特遣部隊可以通過其戰區網絡作戰與安全中心對戰區作戰司令部提供支援。如果當地的部隊沒有戰區網絡作戰與安全中心,那也可以通過全球網絡作戰與安全中心為戰區網絡作戰控制中心提供一般支持。戰區作戰司令部對全球網絡作戰聯合特遣部隊的指揮屬於次級指揮,也就是說沒有權利通過全球網絡作戰與安全中心來直接調動全球網絡作戰聯合特遣部隊到其所轄區域進行作戰。

非全局性事件

非全局性事件是指只對職能作戰司令部和特定的國防機構造成影響的事件。由於這類機構沒有明確的防區,所以這些事件既不能被看成全球性的也不能被看成戰區性的。在處理非全局性事件時,戰略司令部扮演輔助指揮的角色,全球網絡作戰聯合特遣部隊對所涉及到的職能作戰司令部提供一般支持。大多數的非全局性事件一般都發生在北方司令部的防區,因為很多相關的職能部門都隸屬於北方司令部。在指揮控制的程序方面,非全局性事件和全球性事件是相同的。

相互矛盾的指揮控制要求

戰術技術的要求

儘管各個部隊的定位不盡相同,但是在網絡作戰中追求高效、合理的作戰方法是他們共同的主題。不同的部隊肩負著不同的職責,他們建立了獨立的作戰網絡、應用設施和輔助工具來滿足自身與全球信息柵格保持聯通的需求。每支部隊都要負責操作一部分全球信息柵格,這在一定程度上需要各部隊間作戰鏈的集中化管理,這樣才能獲得所期待的作戰效率和投入回報率。

關於對全球信息柵格進行集中化控制討論的焦點是網絡作戰的全球性特質。國防部想要實現以網絡為中心的指揮機制、增強部隊的事態感知能力和顯著縮短決策週期的目標的話,唯一的方法就是將網絡和部隊進行橫向的融合,這是一種集中化的控制機制。最新的一份《四年防務評估報告》裡就提到過“要簡化目前的‘煙囪式’系統結構,實現以網絡為中心的指揮機制”。

為了更好地利用緊缺資源,國防部必須從全球性的角度來考慮何時何地調撥何種資源。對衛星傳輸波段、標準戰術入口網絡站點和帶寬等網絡作戰必需資源的分配必須要有明確的任務目標和易於理解的全球性意義。從部隊的角度來看,集中化指揮在某種程度上是對現有部隊機構和作戰、防禦網絡的一次重新洗牌。

由戰區作戰司令部領導的作戰行動將不再嚴格地限於其防區內。地面部隊重新開始利用飛機(包括無人機)例行地在美國本土飛行來支持他們的作戰。隨著快速全球打擊(PGS:Prompt Global Strike)項目的發展,指揮官已經有權力呼叫從戰區以外的武器系統發出常規打擊援助。

在海軍方面,他們指出海上部隊的一個本質性特點就是全球流動性,海軍部隊作戰時會不斷地在各個戰區作戰司令部之間穿插。尤其是像航母戰鬥群這樣的單位,一旦被部署出發,就不可能一直呆在一塊小範圍的戰場。另外,即使是戰區作戰司令部所採取的戰區級別的行動,也有可能產生全球性的影響。網絡防禦姿態的調整可能對互聯網部門帶來巨大的經濟負擔,而且作戰司令部還有可能無法了解到調整行為的具體細節結果。

對國防部的網絡系統來說,所有的攻擊本質上同樣都是全球性的。敵人不可能輕易地從地球的另一端對美國本土的實體目標進行攻擊,但是在計算機網絡科技領域,這樣的事情經常發生。一旦檢測到這種攻擊,關於它的信息必須要在最短的時間內傳遍全球所有的相關部門,以保證從任何地方都能識別出這樣的攻擊方式,從而保護全球信息柵格的安全。每一次網絡入侵——哪怕是看起來無關緊要的失敗的入侵——都有可能給全球信息柵格的內容帶來巨大的潛在危害,因為它們入侵時在系統中留下的後門會在以後的攻擊中發揮作用。病毒的爆發是毫無爭議的全球性事件,如果認識不到這一點的話,我們將會受到更大的損失。

海軍強調沒有任何事件的影響會僅限於某個戰區範圍,所有關於網絡作戰的努力都必須是全球性的。他們的理由是網絡作戰是沒有戰區界限的,國防部的每個戰區作戰司令部所面臨的潛在威脅都是相同的,為了獲得信息上的優勢,國防部必須要充分利用其大覆蓋面的網絡資源,快速地在全球範圍內分享所有的有用信息。

此外,空軍和海軍方面指出,他們的網絡作戰部隊都不是由戰區作戰司令部來負責部署的。在每個戰區作戰司令部的防區內,空軍和海軍都有自己的網絡作戰組織(例如戰區網絡作戰與安全中心),而且空軍和海軍的網絡作戰部隊在戰區內通常是扮演維護者的角色。最後一點,空軍和海軍都認為,根據可供參考的官方文件的描述,戰略司令部通過戰區作戰司令部對全球信息柵格負責。

戰區作戰司令部的要求

對戰區作戰司令部來說,在網絡作戰的指揮控制方面有兩個需要關心的問題。一是需要對戰場信息柵格進行及時的控制,二是需要把網絡變成一個武器系統,讓指揮官們可以像對常規的武器系統一樣共同利用網絡資源,利用網絡全方位的優勢來進行全面的戰鬥。

那些被分配了特定職責的部隊,已經部署好了各自唯一的解決方案,參與到網絡作戰中的每支部隊或者每個機構都相信自己已經擁有了最有效分配緊缺資源的辦法。但是全球信息柵格並不是專屬於某一個部門的,而是一個聯合結構。 “煙囪”式系統和現有的部隊部署方式實際上是降低了戰場信息柵格的利用效率。舉個例子來說,陸軍在國防部的其他部門之前研發出了一套安全的IP電話解決方案,可以進行保密語音的聯絡。出於安全考慮,其他部門通常不會再採用這套方案,而是自己再開發一套功能相同的解決方案。這樣在作戰司令部的防區內就有了兩套獨立的保密IP語音方案,它們相互之間不能進行聯通。戰區作戰司令部只得進行篩選,只保留一套方案,以保證在其防區內所有部門可以進行彼此協作。但是解決方案被淘汰的一方就不能再與該戰區以外的兄弟部隊進行保密聯絡了。

作戰司令部防區內的有些資源可以為多個部隊和公務部門服務。但是也有很多例子是使用者進行重複勞動為各自建立了不能相互聯絡的獨立系統,比如衛星終端和一些技術控制設備。有些時候,要傳遞一個信息的話,需要先把信號發回美國本土,然後再從本土發到距離初始發送者只有兩英里的接收者那裡。各種各樣的光纖一條挨一條地按照相同的路線排列著,但是它們之間的數據卻不能進行直接交換,因為它們分屬於不同的部隊或者公務部門。戰區作戰司令部必須採取措施來解決防區內的部隊或者公務部門之間的互聯性問題。

要解決這個問題,可以採用集中化控制的辦法。對網絡作戰部隊的集中化指揮需要戰區作戰司令部對自身的組織機構進行一定的調整,但是同時又不能影響其在有作戰需要時指揮行動的權力。相關部隊必須接受多個作戰司令部的命令,並且有效地優化和反饋戰場信息。目前,派往前線的部隊獨立性越來越高,通過全球信息柵格的幫助他們可以來回地越過戰區作戰司令部的邊界,戰區作戰司令部對網絡作戰的輔助和對抗作用因此而受到了損害,施行集中化指揮以後,部隊就不能或者說不願意響應戰區作戰司令部的要求了。

在2004年參與印尼海嘯救助工作的時候,太平洋司令部(PACOM:Pacific Command)首次在人道援助行動中採取了“聯合嘗試”的方式。太平洋司令部向被分派有任務的部隊發出指令,讓他們在整個行動計劃的框架之下進行特別的網絡防禦工作。很多海軍部隊和海軍陸戰隊的部隊在海軍全球網絡作戰中心的集中化指揮下,建立了一些相對直接的網絡防禦措施,這些措施超越了太平洋司令部給海軍和海軍陸戰隊分配的任務範圍,這就給太平洋司令部的全球網絡作戰帶來了潛在的危險因素。

作戰司令部很關心總是強調的對全球信息柵格進行集中化控制的思想會降低他們對全球信息柵格的信息掌握度和控制力度。在現有的指揮制度下,一個單位會在其所在部隊的指揮權下進行訓練或者執行其他任務,在戰區作戰司令部的指揮權下參加戰鬥,指揮控制的條理非常清晰。對部隊在信息領域的指揮控制與對其在空中、陸上、海上和空間領域的指揮控制同等重要。對C3S系統(control, communications and computer systems)來說,在其指揮下進行作戰並負責保護它的部隊常常要處於雙重甚至三重的報告鏈中,結果最後分不清到底是誰在負責指揮戰鬥。在全球性或者非全局性事件中,全球網絡作戰聯合特遣部隊經常繞開戰區作戰司令部直接展開行動。儘管聯合網絡作戰的作戰概念專門強調了與戰區作戰司令部進行協調作戰的要求,但是在現代作戰快速變化的環境中,這條要求幾乎成了擺設。信息保障弱點警報系統、計算機任務序列和信息條件調整系統在作戰司令部的轄區之外出現問題就是這條要求失效的典型例子。這些事件直接影響了戰區作戰司令部在戰場上的指揮,當部隊想要直接利用這些機制從管理級上加強自身的控制的時候,他們不能判斷應該在何時、以什麼樣的方式在執行這些操作,也不知道這樣做會對戰區作戰司令部的指揮產生什麼影響,因為在目前的條件下,只有戰區作戰司令部才有能力來進行這些操作。當一個威脅事件需要空軍太空司令部向空軍部隊尋求全球網絡作戰聯合特遣部隊的協同配合的時候,如果不通知或者取得與北方司令部的合作的話,將會給北方司令部的指揮帶來極大的麻煩。

在中央司令部,由於對網絡作戰部隊缺乏足夠的控制,導致指揮官有時候也不能確定網絡資源是否可用。海軍負責操作大量的戰場信息柵格,在作戰區域的海軍網絡作戰部隊並不用對中央司令部的海軍部負責,他們只需要向戰區網絡作戰與安全中心報告。中央司令部的中央戰區戰區網絡作戰中心,其職責是維持和指揮所有戰區作戰司令部的網絡作戰,但是它也不在海軍網絡作戰部隊的報告鏈當中,所以也常常不能獲得所有戰場信息柵格上的事態感知,目前已經有替代辦法來處理這個問題了,不過這還不能說是正式的解決辦法。

對北方司令部來說,因為網絡作戰部隊的控制權的缺乏,他們在2005年“卡特琳娜”颶風的救援工作中遇到了極大的麻煩。在那次行動中,部隊的設備在未經許可的情況下就被運送到了聯合作戰區域。這使得北方司令部無法掌握和引導物資的調動情況,更無法協同各個部隊的行動,這是個多方位的管理和操作問題。

在各個部隊都主張施行在以全球網絡作戰聯合特遣部隊為中心的集中化指揮構架的時候,我們有必要強調一個事實,那就是戰區司令部並不願意看到這樣的變化,他們想保持原有的他們對戰略司令部負責,擁有全球信息柵格的操作權和防禦權的機制。戰略司令部的存在對保持戰區作戰司令部在戰區和全球性事件的作戰行動中的指揮地位以及增強戰區作戰司令部與聯合參謀部的溝通都有很大的幫助。

作戰司令部和部隊方面都想從聯合作戰的層面上對網絡作戰進行集中化指揮,但是其中有幾個問題還需要討論:

1.誰負第一領導責任?

2.網絡作戰進行集中化指揮具體在哪個層面上得到體現,全球層面、戰區層面還是其他什麼層面?

3.這種調整帶來的改變是僅僅體現在戰區作戰司令部的某個部門向全球網絡作戰聯合特遣部隊發出請求時還是戰區作戰司令部獲得戰區內的完全指揮權和優先權?

最後,戰區作戰司令部是最終對總統負責的以完成轄區內的軍事任務為目標的機構,被派遣到戰區作戰司令部的部隊需要在其管轄權之下完成各自的任務。因此在部隊方面主張實施全球性的集中指揮的時候,他們仍然會處於戰略司令部的指揮之下這一點是不容置疑的。但是目前全球信息柵格是影響戰區作戰司令部的指揮控制能力和指揮官對部隊的指導能力的關鍵一環。沒有全球信息柵格的話,飛機不能飛行、地面部隊無法移動、艦艇不能航行,連衛星都不能提供信號。指揮官們需要獲取全球信息柵格的狀態並進行控制,就像他們需要掌握部隊的方位和狀態一樣重要。他們必須要掌握戰場信息柵格的範圍、能力和狀態,必須知道戰區以外的情況會如何影響部隊所在區域的戰場信息柵格,還必須能夠指揮和優化部隊配置以支持作戰。如果我們真的相信被描述得天花亂墜的集中化指揮會有更好的效果,那也不能忽視為戰區作戰司令部保留適當的指揮和控制權。

還有,只要戰區作戰司令部這種結構還保留著,那麼所有的軍事任務,包括那些由職能作戰司令部指揮的作戰,都必然還是會發生在戰區作戰司令部的防區內,因為所有的網絡作戰任務都必定要由一個實體單位來執行。同時,集中化指揮對於實現以網絡為中心的指揮模式以及更加有效地防禦攻擊、傳遞信息都是必要的。這種集中化指揮的概念與戰區作戰司令部要求掌握和優化戰場信息柵格的願望是不互斥的。

前進之路

要想制定出一套可行的網絡作戰指揮控制框架,必須要避免走極端,既要考慮戰區作戰司令部的需要,也要考慮建立對全球信息柵格的集中化控制的需要。在目前聯合網絡作戰的作戰概念的發展過程和網絡作戰部隊的轉型過程中,組織原則需要發揮調整各方利益的槓桿作用。為了達到這樣的目標,國防部應該做到以下幾點:

1.創建一個簡單、明確的網絡作戰指揮鏈,保證戰略司令部可以對所有的網絡作戰行動進行指揮。這就可以解決剛才提到的“誰負第一領導責任”的問題。只有當事件發生在快速變化的環境中的時候,戰區指揮控制機構才開始發揮作用。簡潔的指揮鏈可以保證參加網絡作戰的部隊知道自己應該聽從誰的指揮、應該向誰報告,在這條指揮鏈中,必須包括戰區作戰司令部。

2.可以賦予戰區作戰司令部在其防區內的指揮權:

——修正聯合司令部計劃以明確戰區作戰司令部在其防區內對網絡作戰的職責。

——修正已有的全球信息柵格網絡作戰概念,詳細說明那些處在戰區網絡作戰與安全中心之外的部隊可以從戰區作戰司令部的全球網絡作戰與安全中心獲得直接援助。

——規定全球網絡作戰聯合特遣部隊的所有命令都要通過戰區作戰司令部來執行。

這些調整可以保證戰區中的所有單位都在唯一的一條指揮鏈下行動,那就是通過戰區作戰司令部對戰略司令部負責。這也可以解決北方司令部應該對轄區負責但是又沒有指揮網絡作戰的權力的尷尬境地。

3.在每個戰區作戰司令部建立一個由中央司令部管轄的聯合網絡作戰中心,將戰區作戰司令部的戰區網絡作戰控制中心和全球網絡作戰聯合特遣部隊的戰區網絡作戰中心進行融合。這樣一來,每個戰區作戰司令部都將有一個在計算機空間領域的聯合作戰司令部,就像在海陸空的實體戰場上一樣。任何處在戰區網絡作戰與安全中心之外的部隊都可以從聯合網絡作戰中心的全球網絡作戰與安全中心獲得直接援助。

4.鞏固全球信息柵格的地位,將最高控制權交給戰略司令部。目前集中化指揮的發展偏重於對參與網絡作戰的部隊的指揮,這與以網絡為中心的指揮概念背道而馳。以部隊為中心的“煙囪”式指揮系統不利於信息的傳遞和處理,讓我們離“為所有使用者提供最新、最準確的信息”的目標越來越遠。在之前的《戈德華特·尼科爾斯國防部重構法》報告中已經明確提到,組織管理和指揮控制應該由一個聯合的機構來掌控。

結束語

目前對網絡作戰的集中化指揮是一個迫切的需要。優化網絡作戰指揮機制可以幫助國防部提高效率、節約成本以及更好地分配緊缺資源。更重要的是,這樣可以讓網絡作戰部隊更加快速、準確地為指揮官提供信息,這在大規模的網絡作戰中非常重要。集中化指揮的進程不能影響到網絡作戰指揮控制的效率。這取決於全球信息柵格能否為所有參戰的單位提供足夠的信息以及指揮官是否充分利用戰區信息柵格來幫助指揮作戰。

“我們必須改變對網絡作戰問題的討論和思考模式,我們是在進行網絡“作戰”而不是網絡“管理”,所有的參戰單位必須保證自己每時每刻都準備著開戰,以保證網絡系統這一決定性的武器系統的安全”。網絡作戰是我們國家能夠贏得戰爭的關鍵一環,它可以幫助我們提供指揮和控制、縮短決策週期以及調整各戰區的資源配備。戰略司令部已經在強化網絡作戰概念方面邁出了很大的一步,這些努力還需要繼續進行下去。戰區作戰司令部必須是掌控和防護全球信息柵格的重要一環,以保證我們可以繼續取得網絡作戰的勝利。

Reference URL:  http://www.china.com.cn/military

中國浅析伊拉克战争中美军网络中心战 ~ China Analysis of Analysis of the US Central Command Network War During Iraq War

China Analysis of Analysis of the US Central Command Network War During Iraq War

浅析伊拉克战争中美军网络中心战

 

The network center war was first proposed by the US Navy in 1997, initially reflected in the war in Afghanistan, it is the core of the future of US military joint operations.

As early as 1997, the Navy put forward the concept of network-centric warfare. In 2001, the Pentagon upgraded it into the war form of the information age. In 2002, the Bush administration regarded the network center warfare capability as the focus of the military transformation and the core of the future joint operations. In view of the network center war in the war in Afghanistan in the initial results, the US military in the Iraq war to further test the new concept of combat.

· Construction of the US military network centric warfare architecture

in the Iraq war, the US military stressed that network-centric warfare, and the prominence of the role of information, with an agile and efficient digital network structure information gathering, command and control and communications, firepower three systems integration, Shortened the time from the detection of the target, the formation of operational instructions to combat the destruction of the target. The networked combat structure can improve the level of information sharing, enhance situational awareness, speed up command and decision speed, achieve combat coordination, enhance the lethality, viability and responsiveness, thus greatly improving the combat effectiveness and shorten the war process. Figure 1 and Figure 2 show the network structure of the US military network structure and three-tier network structure diagram.

Full-dimensional detection network to seize the information advantage is to give full play to the network center war the first condition. The US military used almost all high-tech means of detection, the establishment of the days, air, sea and land integration of full-dimensional detection network. In addition to the outer space constitutes a huge satellite surveillance network, the air at the same time there are low altitude, hollow, high altitude three reconnaissance aircraft on the Iraqi military positions to scan, the ground also deployed a large number of sensors. It is with the full-dimensional detection network, the US military captured the asymmetric information advantage, and its conversion into asymmetric firepower advantage, arbitrary implementation of the long-range strike, not only makes the Iraqi air force can not fight, ground forces are not large-scale assembly , In a passive position. <A I = 5> flexible allegations In the Gulf War, the message in the chain after a few hours or days after the transfer, the commander to issue an attack command, so the US military even through the reconnaissance found a mobile missile launcher, can not Timely strike. In this Iraq war, the US military used a flexible allegation network to effectively integrate the allegation system, greatly reducing the combat preparation time. Through the network, the commander can at the same time with the subordinate forces at all levels to contact, while commanding scattered in the regional combat forces, the formation of the overall force.

Efficient combat network At present, the US military services are more than half of the equipment to achieve the information, these information equipment on the battlefield constitutes an interconnected, interoperable network environment, different services, deployed in different spaces of various weapons platforms and fire units Equivalent to a node in the network, you can exchange the battlefield information in a timely manner, indicating the target, in accordance with the unified fire plan to implement precision strike, more effective performance. In this battle, DDG-75 “Aegis” destroyers for the “Patriot” missiles to provide early warning information, the platform through the network to achieve an example of interoperability.

In the Iraq war, the US military with the network structure for the first time to achieve a real sense of the land, sea, air and marines combat operations. Soon after the war, the US military to effectively implement the space cooperation, air force in the use of precision guided weapons to combat the implementation of the enemy at the same time, the ground forces to provide effective close support.   Enhanced one-way transparency and situational awareness Since the war, the US military to use the most advanced and most powerful network technology, access to transparent and sustained battlefield charts. US Joint Operations Center is located in Qatar, is the command of the nerve center of war against Iraq. A variety of information after nearly 700 intelligence officers of the analysis, sent to the highest commander on the screen, six display battlefield information on a few minutes to update. Through the display can watch the battlefield situation, such as the movement of Iraqi tanks, deployed in Baghdad’s commando and in the flight section of the “Tomahawk” cruise missiles. <A I = 10> Realize the battlefield real-time Gulf War, the US air raid from the discovery to attack target takes 3 days, if the temporary target is difficult to adjust the air raid plan. In the Kosovo war, this time is shortened to 2h, making a considerable part of the air raid mission can be re-adjusted after the plane lift. Afghanistan war time to further shorten to 19min, the attack real-time greatly improved. In this war, this time control in 10min. The high-speed digital network system enables the US military to make faster and more responsive responses to the rapid changes in the battlefield, and to command and control the coordination of arms and operations efficiently and efficiently, which greatly improves the ability to respond quickly to changes in operational plans.

Try the effect-based operations and fast decisive combat Unlike the Gulf War, the US war in Iraq warn of information warfare using information-based weapons, not only to ensure victory, but also to achieve rapid decisive combat. To this end, the US military rely on the network of combat structure, the pursuit of effect-based operations, the target to combat more selective and targeted. US military straight to the goal of two: First, Saddam Hussein and other senior officials and the main defenders, “beheading action” from beginning to end throughout the war; the second is the Iraqi capital Baghdad, the US military did not like the traditional city war as the first to seize And occupation of the suburbs, and then step by step, layers of advance, but the first to capture the city’s strategic location.

Quickly hit time sensitive targets When time-sensitive targets appear on the battlefield, the time-sensitive targeting team within the Joint Air Combat Center of the Saudi Air Force Base will be able to identify the target in just a few minutes and determine the best attack. On 20 March, two mobile missile launchers in Iraq launched the “Abubel” -100 missile in Kuwaiti territory, which was discovered by the US airborne reconnaissance plane at a temporary US Air Force Base at 40 km from the launch site To fly the aircraft combat mission, the aircraft took off after the bombing of the missile launch vehicle bombing.

The first test of the digitalization of the United States after the Gulf War put forward the “digital network as the center of the war” concept, and at the end of the last century put forward the “digital battlefield and digital forces” concept. In 2001, the fourth machine division became the world’s first digital division, it can share the location and target information, has a unique battlefield access to tactical Internet capabilities, but has not yet been tested. April 13, the US military step 4 division vanguard arrived in Ticritt, to accept the actual test. <A (FBCB2)

The basic components of the system include the computer hardware / software, GPS receiver and communication interface, the main function is the main function of the system is the core of the war, To the commander, squad and individual show enemy position, send and receive combat command and logistical data, improve the battlefield situational awareness, target recognition. FBCB2 can provide e-mail service, connected with the Army’s high-level tactical communications system, allowing combatants to send a large number of news and digital reconnaissance reports to field commanders.

Tactical Internet Tactics The Internet is made up of three main tactical communications systems, namely, airborne radio systems, enhanced location reporting systems and mobile user equipment, including radio, communications satellites, mobile phones, fiber optic cables and switching facilities. Tactical Internet enables seamless connectivity between tactical users, voice, data, image and real-time video transmission, support for text, network management and security, and e-mail services, delivering fast and accurate information and instructions to each Combat unit.

“Global Command and Control System” (GCCS-J) to support the war against Iraq, the US military pre-war with the latest version of GCCS-J6. 0 The global command and control system enhances the intelligence capabilities so that the data from the common operations map can be better synchronized. GCCS-J combines the command and control systems of all arms and arms and correlates the data of unmanned aerial vehicles, terrestrial and satellite sensors to the integrated image and intelligence system, which can assist the commander in analyzing operational intelligence data, Generate target data and plan tasks.   ”Can be deployed joint command and control system” (DJCCS) In this war, the US military for the first time using the DJCCS. The system is a computer information sharing platform, with a video conference, Internet and send and receive e-mail function, the battlefield commander in the state of movement in an unprecedented way to monitor the progress of action, keep abreast of the arms and operations of the situation, the timely release of combat orders.

JFN is a network-centric combat system for the US Navy, consisting of the TES, the Global Command and Control System (GCCS) and the Joint Operations Image Processing System, (JSIPS) to provide real-time information interaction, sensor control, target generation, mission planning and combat damage assessment capabilities, can identify and attack target time from a few hours to 10nin, to combat time-sensitive targets. TES allows the theater command center to receive target information directly from the wu1 man-machine or U-2 reconnaissance platform, and the pilots of the attack aircraft can receive the target indication data from the theater command center. GCCS provides the commander with a command and control network to issue target attack orders. JSIPS for data processing. In the future, JFN will be able to process intelligence data into targeted data more quickly, to achieve the goal of moving all people in the network, sharing common operational charts and requesting fire support.

“Tactical Input System” (TIS) TIS has been installed on the “Nimitz” aircraft carrier, and is expected to deploy to other US Navy aircraft carrier and the main amphibious ship. The system can receive digital images via terrestrial and sea-based airborne sensor platform radio lines, including optoelectronic, infrared and synthetic aperture radar images. Navy intelligence personnel can click on the interface to analyze the image, get important information, mark the potential target. TIS gives the US Navy a complete, end-to-end electronic image that greatly enhances the ability to collect, identify and target targets throughout the battlefield, reducing sensor-to-shooter time. <A (CEC) system April 7, equipped with CEC system, the US Navy “Nimitz” aircraft carrier into the designated waters, which is the first time the actual deployment of the system. CEC system is mainly composed of data distribution system and collaborative combat processor, is a network center war concept more mature a system, will make the sea air defense combat revolution, it will be aircraft carrier battle group formation in the platform (including ships and early warning aircraft ) The target detection system, the command and control system and the weapon system are organically linked to allow the platform to share all the data acquired by the various detection devices in the formation with a very short delay, so that the combat system breaks through the single ship, Within the realization of integration.

Tactical data information chain In the network center war, the tactical data information chain is one of the important means for the US military and allied forces to realize the information superiority, mainly including Link-16 and Link-11. Link-16 can transmit all kinds of tactical data information between command and control system and aircraft, missile and other weapons system platform and between combat units, effectively connect information source, accusation center and weapon system platform to realize battlefield resource sharing. The tactical data information chain using time division multiple access technology, with relative navigation and anti-jamming capability to relay the way of communication, the working frequency band 960MHz-1215MHz, the data rate of 115.2lkbps-238kbps. Link-11 operates at high frequency / UHF band, data rate is 1.8kbps, can be used for real-time exchange of early warning information, air / ground / underwater target data, control instructions and the status of the unit weapons, and has a certain degree of confidentiality , The entire network under the control of the network control station network communication, the use of master-slave polling, can be over-the-horizon transmission.

The analysis of the characteristics of the US military development network center war shows that the concept of network-centric warfare has gradually become a new form of combat for the US military in the 21st century. In the development and application of network-centric warfare concept, the US military showed the following characteristics:

In the Iraq war, the US military uses a variety of detection and communication means to make the entire battlefield transparent, from beginning to end are information-led. This shows that in the future war who can have the advantage in the detection and communication, to seize the right to information, who will be able to achieve greater battlefield initiative.

Pay attention to the digitalization of weapons and equipment, information construction Digital is the basis of network-based warfare, is expected to US military services in 2010-2020 to achieve full digital. Weapon and equipment information is to achieve the network as the center of the joint operations of the core, the US military will be further in the world to take the lead in the information age of information technology.   To strengthen the network center warfare related equipment R & D The US military effective implementation of the network center war relies on in recent years targeted research and development of various related equipment, such as joint fire network, collaborative combat capability, tactical Internet, tactical input system, global command and control system, Data information chain and so on.

(Source: “National Defense Technology” 2003 the first 18)

Original Mandarin Chinese:

中国日报网站消息:网络中心战最早由美国海军于1997年提出,在阿富汗战争中初步体现出优越性,它是美军未来联合作战的核心。

海军早在1997年就提出网络中心战概念,2001年五角大楼将其提升为信息时代的战争形态,2002年布什政府将网络中心战能力视为军队转型的重点和未来联合作战的核心。鉴于网络中心战在阿富汗战争中初见成效,美军在伊拉克战争中进一步检验了这一全新的作战概念。


·美军构建网络化作战结构

在伊拉克战争中,美军强调网络中心战,突出信息的地位和作用,借助灵敏高效的数字化网络结构将信息收集、指挥控制与通信、火力打击三大系统融为一体,缩短了从侦察发现目标、形成作战指令到打击摧毁目标的时间。网络化的作战结构可提高信息共享水平,增强态势感知能力,加快指挥和决策速度,实现作战协同,增强杀伤力、生存能力和响应能力,从而极大地提高作战效能,缩短战争进程。图1和图2分别显示了美军构建的网络中心战的网络结构原理图和三层网络结构图。

全维的探测网 夺取信息优势是充分发挥网络中心战的首要条件。美军动用了几乎所有高技术探测手段,建立了天、空、海、陆一体化全维探测网。除在外层空间构成庞大的卫星监视网外,空中同时有低空、中空、高空三个层次的各种侦察飞机对伊军阵地进行扫描,地面上也部署了大量传感器。正是借助全维的探测网,美军夺取了不对称的信息优势,并将其转化为不对称的火力优势,随心所欲地实施远程打击,不但使得伊拉克空军无法作战,地面部队也不敢大规模集结,陷于被动境地。

灵活的指控网 在海湾战争中,信息在指控链中需经过数小时或数天的传递后,指挥官才能下达攻击命令,因此美军即使通过侦察发现了机动导弹发射车,也无法及时实施打击。这次伊拉克战争中,美军利用灵活的指控网有效整合了指控系统,大大缩短打击准备时间。通过网络,指挥官可以同时与下属各级部队进行联络,同时指挥分散在各地域的作战部队,形成整体合力。

高效的作战网 目前,美军各军种均有一半以上的装备实现了信息化,这些信息化装备在战场上构成互联、互通的网络环境,不同军种、部署在不同空间的各种武器平台和火力单元相当于网络中的一个节点,可以及时交换战场信息,指示目标,按照统一的火力计划实施精确打击,更有效地发挥效能。在这次作战中,DDG-75“宙斯盾”驱逐舰为“爱国者”导弹提供预警信息,是平台通过网络化途径实现互通的一个例证。

·伊拉克战争中网络中心战的具体应用

检验联合作战的协同性 伊拉克战争中,美军借助网络化结构首次实现了真正意义上的陆、海、空和海军陆战队协同作战。开战不久,美军就有效地实施空地协同,空中力量在使用精确制导武器对敌军实施打击的同时,对地面部队提供有效的近距离支援。

增强单向透明度和态势感知能力 自开战以来,美军运用最先进、最强大的网络技术,获取透明持续的战场态势图。美军联合作战中心位于卡塔尔,是指挥对伊作战的神经中枢。各种信息经过近700名情报人员的分析,传送到最高指挥官的显示屏上,6个显示屏上的战场信息几分钟就更新一次。通过显示屏可观察战场情况,如运动中的伊拉克坦克、部署在巴格达的突击队以及处于飞行段的“战斧”巡航导弹。

实现战场实时化 海湾战争中,美军空袭从发现到攻击目标需要3天,若临时发现目标时很难及时调整空袭计划。在科索沃战争中,这一时间缩短到2h,使得相当一部分空袭任务可以在飞机升空后重新调整。阿富汗战争时这一时间进一步缩短到19min,攻击的实时性大大提高。而在这次战争中,这一时间控制在1Omin内。高速数字化网络系统使美军能对战场瞬息变化作出更快、更灵敏的反应,及时高效地指挥、控制与协调各军兵种的行动,大大提高了临时改变作战计划时的快速反应能力。

尝试基于效果的作战和快速决定性作战 与海湾战争不同,此次伊拉克战争美军提出用信息化武器装备打信息化战争,不仅要求确保胜利,而且要求实现快速决定性作战。为此,美军依靠网络化作战结构,追求基于效果的作战,对目标打击更有选择性和针对性。美军直取的目标有两个:一是萨达姆和其他高官以及主要捍卫者,“斩首行动”由始至终贯穿整个战争;二是伊拉克首都巴格达,美军没有像传统的城市战那样首先夺取和占领市郊,然后步步为营,层层推进,而是首先夺取市内的战略要地。

快速打击时间敏感目标 当战场上出现时间敏感目标时,美军在沙特空军基地的联合空中作战中心内的时间敏感瞄准小组只用几分钟时间就可准确识别目标,决定最佳攻击行动。3月20日,伊拉克两辆机动导弹发射车刚向科威特境内发射“阿巴比尔”-100导弹,即被美国空中侦察机发现,在距发射地点40km的一个美空军基地立即临时调整了几架待飞飞机的作战任务,飞机起飞后投掷炸弹将导弹发射车炸毁。

首次检验数字化师 美国在海湾战争后提出了“以数字化网络为中心的战争”概念,并于上世纪末率先提出了“数字化战场和数字化部队”的构想。2001年,第4机步师成为世界上第一支数字化师,它可以共享位置和目标信息,具有独一无二的战场接入战术因特网的能力,但尚未经过实战检验。4月13日,美军第4机步师先头部队到达提克里特,接受实战检验。

·伊拉克战争中网络中心战的部分装备

“21世纪旅及旅以下作战指挥控制系统”(FBCB2) 该系统的基本组件包括计算机硬/软件、GPS接收机和通信接口,主要功能是向指挥官、小分队和单兵显示敌我位置、收发作战命令和后勤数据、提高战场态势感知能力、进行目标识别等。FBCB2可提供电子邮件服务,与陆军的高层战术通信系统相连接,允许作战人员向战地指挥官发送大量消息和数字化侦察报告。

战术互联网 战术互联网由陆军3个主要的战术通信系统,即机载无线电系统、增强型定位报告系统和移动用户设备互联而成,包括无线电、通信卫星、移动电话、光缆和交换设施。战术互联网能够实现战术级用户间的无缝连接,提供语音、数据、图像和实时视频传输,支持文电、网络管理和安全以及电子邮件业务,可快速、准确地将战地情报和指示传递给每个作战单元。

“全球指挥与控制系统”(GCCS -J) 为支持对伊作战,美军战前采用了最新版本的GCCS-J6.0全球指挥和控制系统,提高了情报能力,使通用作战图传来的数据可以更好地同步。 GCCS-J联合了所有军兵种的指挥与控制系统,并使无人机、地面和卫星传感器的数据相互关联并传递到图像与情报综合系统,后者能够帮助指挥官分析作战情报数据、管理和生成目标数据以及规划任务。

“可部署的联合指挥与控制系统”(DJCCS) 在这次战争中,美军首次实战使用了DJCCS。该系统是一个计算机信息共享平台,具有召开电视会议、上网和收发邮件功能,可使战场指挥官在运动状态下以前所未有的方式监控行动进展,随时了解各军兵种作战情况,及时下达作战命令。

“联合火力网”(JFN) JFN是美海军的一个以网络为中心的作战系统,由“战术利用系统”(TES)、“全球指挥与控制系统”(GCCS)和“联合作战图像处理系统”(JSIPS)组成,能够提供实时信息交互、传感器控制、目标产生、任务计划制定以及作战毁伤评估功能,可将识别和攻击目标的时间从数小时减少到10nin,打击时间敏感目标。TES可使战区指挥中心直接从wu1人机或U -2等侦察平台接收目标信息,攻击机的飞行员能从战区指挥中心接收目标指示数据。GCCS为指挥官提供下达目标攻击指令的指挥控制网络。JSIPS进行数据处理。未来,JFN将能更快地把情报数据处理成瞄准数据,用于打击移动目标,最终实现使所有人员都置身于网络中,共享通用作战态势图和请求火力支援。

“战术输入系统”(TIS) TIS已安装在“尼米兹”号航母上,并有望部署到美海军其他航母和主要两栖舰上。该系统可通过陆基和海基机载传感器平台的无线电线路接收数字式图像,包括光电、红外及合成孔径雷达图像。海军情报人员可通过点击界面分析图像,获得重要信息,标记潜在目标。TIS使美海军拥有了完整的、端对端的电子图像,极大地提高在整个战场上搜集、识别和打击目标的能力,减少传感器到射手的时间。

“协同作战能力”(CEC)系统 4月7日,装有CEC系统的美海军“尼米兹”号航母进入指定海域,这是该系统首次实战部署。 CEC系统主要由数据分发系统和协同作战处理器组成,是网络中心战概念比较成熟的一个系统,将使海上防空作战发生革命性变化,它将航母战斗群编队中各平台(包括舰艇和预警机等)所装载的目标探测系统、指挥控制系统和武器系统有机联系起来,允许各平台以极短的延时共享编队内各种探测设备获取的所有数据,使作战系统突破单舰的限制,在编队内实现集成。

战术数据信息链 在网络中心战中,战术数据信息链是美军及盟军实现信息优势的重要手段之一,主要包括Link-16和Link -11。Link-16可在指挥控制系统与飞机、导弹等武器系统平台之间以及在各作战单元之间传输各种战术数据信息,有效连接信息源、指控中心与武器系统平台,实现战场资源共享。该战术数据信息链采用时分多址技术,具有相对导航和抗干扰能力,以中继方式进行通信,工作频段为960MHz-1215MHz,数据速率为115.2lkbps-238kbps。Link-11在高频/特高频频段工作,数据速率为1.8kbps,可用于实时交换预警信息、空中/地面/水下目标数据、控制指令以及各单元武器状况信息,并具有一定的保密能力,整个网络在网络控制站的管制下组网通信,采用主从式轮询,可进行超视距传输。

·美军发展网络中心战的特点

分析表明,网络中心战概念已逐渐成为美军面向21世纪的新型作战形式。在发展和应用网络中心战概念上,美军表现出以下特点:

建立全维的探测网,夺取制信息权 伊拉克战争中,美军运用多种探测和通信手段使整个战场透明化,从始至终都以信息为主导。这说明在未来战争中谁能够在探测和通信上占有优势,夺取制信息权,谁就能够取得更大的战场主动权。

注重武器装备的数字化、信息化建设 数字化是网络中心战的基础,预计美国各军种将在2010-2020年间全面实现数字化。武器装备的信息化是实现以网络为中心的联合作战的核心,美军将进一步在世界上率先建成信息时代的信息化军队。

加强网络中心战相关装备研发 此次美军有效实施网络中心战依赖于近年有针对性地研发各种相关装备,如联合火力网、协同作战能力、战术互联网、战术输入系统、全球指挥与控制系统、数据信息链等。(来源:《国防科技》2003年第18期)

 

美國陸軍網空作戰力量演變與歷史 – US Army cyberspace combat force evolution & history

美國陸軍網空作戰力量演變與歷史 –

US Army cyberspace combat force evolution & history

With the rapid development of the global information grid system of the US military, the conceptual research based on the information technology system is becoming more and more thorough. Finally, the American combat theory establishes the cyberspace as a combat domain with land, sea, air and sky. In this context, the US Army will be the construction of cyberspace as a key factor in promoting the process of modernization of the army, determined to follow the formal militarization of the organization’s standards and structure of high-quality network combat forces. Since the establishment of the Army Network Command in 2010, the US Army has established a comprehensive network of operational forces based on the goal of combating the military forces of cyberspace through new means such as new construction, adjustment, transformation and integration.

The basic organizational structure under the guidance of the concept of network operations

From the 90s of the 20th century, in order to ensure the US military information grid system in the army part of the efficient and safe operation, the US Army under the guidance of the joint army, around the concept of network operations carried out a series of organizational restructuring, the dissolution of the information system commander And has set up the Army Signal Command and the network enterprise technology command and other institutions, and gradually formed based on technology, defense, focusing on the basic network of emergency operations organizational structure.

In 2005, the US Strategic Command issued the “Global Information Grid Collaborative Combat Concept”, which elaborated on the organizational structure of the US Army’s cyberspace forces during this period, dividing the Army’s network operations system into three Level: At the first level, under the command of the Army Space and Missile Defense Command / Army Strategic Command, the Army’s Global Network Operations and Security Center is responsible for situational awareness and command coordination as the only governing body for Army operations, In the US Army Joint Force Network Power System, the agency functions as a global network of operations and security centers. At the second level, the Theater Network Operations and Security Center is the supporting element of the operational headquarters, which is responsible for “guiding network operations, managing and defending the global information grid elements that are part of the Army’s jurisdiction.” The regional network operations and security centers in the theater constitute the third dimension of the Army’s network operations system. In addition, the Army Computer Emergency Response Unit is the disposal of the network emergency response, in the emergency can accept the global network operations task force tactical control, each theater network operations and security center also established a computer emergency response unit.

New Universal Military

Global military clean sweep, do in the public micro-signal “new global military”

Long press the next two-dimensional code can be concerned about

Set up Army Network Command

With the US military for the degree of dependence on cyberspace, control and weaken the threat of the Internet has continued to become the focus of US military tasks, the establishment of an independent network of space operations command of the voice of the growing US military. In 2008, “Yankee deer bomb action” directly under the impetus, the US military decided to end the unit of independent decentralization of the development of network combat capability of the situation, through the withdrawal, transfer, change and other measures to reorganize the relevant institutions, the establishment of a comprehensive network Space operations of the joint command agencies, the US Army network power organization construction has entered a stage of rapid development.

Through the global deployment of decentralized development of the formation of cyberspace combat organization of the backbone. As the awareness of the network operations will have a far-reaching impact on the military field, the US Army in the combat force level into a lot of resources, and gradually establish the backbone of the network operations. For example, the Army launched its first cyber warfare in July 2008, which provides tactical support, brigade combatant support, and strategic support to other service units, joint forces and even cross-agency partners; the Army also operates on cyber operations The upper-level command system to implement the adjustment, so that the relevant action to be appropriate authority to monitor. During this period, the Army’s future network combat forces were integrated in the form of units in the military and joint forces within the combat unit, including from the Defense Information Systems Agency, the global network operations joint contingent, the National Security Agency to the brigade combat team and other Level of strategic and tactical institutions.
The new core coordination agencies, straighten out the headquarters to the unit level of the command relationship. In June 2009, the US Department of Defense announced the establishment of the US Internet Command in the form of a memorandum to consolidate and promote the construction of cyberspace military forces through a dedicated subordinate joint command. At the same time, as a transitional measure for the formation of the Army Force Network Command in the future, the Army decided to retain the organizational structure of the Army Space and Missile Defense Command / Army Strategic Command and rename it as Army Force Network Command. February 2010, the US Army announced on this basis, the formal formation of the Army Network Force Command, its formation and initial construction phase of the work mainly around the three tasks: to achieve cyber space military forces combat, increase the Army network combat power Capacity and scale, the development of the Army network space professionals team. As the previous command system was disrupted, the newly established Army Network Space Operations and Integration Center under the Cyber ​​Command actually played a central role in command control and coordinated synchronization. The agency is similar to the previous Army Global Network Operations and Security Center, but in addition to “providing clear, concise and timely guidance in the implementation of full spectrum cyberspace operations,” the organization is also responsible for “with the Army’s other headquarters, Other units in the same type of institutions, the United States cyberspace joint operations center to share information. ” At the beginning of the establishment of the organization, some members of the cyberspace operations and integration center also joined the US Department of Network Command staff to better promote the unity of command and operation of the joint force and service units.

US Army Network Space Force Organizational Structure, 2005

The transformation of combat forces functions, to promote the traditional ability to network space combat capability development. At the level of the combat force construction, the field signal force as the main body of the network Enterprise Technology Command / 9 signal command to the Army Network Force Command, the Army Intelligence and Security Command of the cyberspace combat forces combat command by the army Network command. Through this organizational adjustment, the Army Network Command for the first time mastered the forefront of the deployment of combat forces, to form a global presence and have the expedition, you can combat commander to provide more comprehensive combat support capabilities. It is noteworthy that the network enterprise technology command and the intelligence and security commander in the Army Network Command as deputy commander, respectively, responsible for different types of network operations mission, the basic formation of the original signal forces in charge of network defense, the original military Intelligence forces in charge of the network attack mode, which will be previously discrete deployment, loosely combined network space related organizations into a complete army network strength. In addition, the Army Network Command in 2011 was also given the task of carrying out information operations, master the first information combat command of the operational command, intelligence and security headquarters under the 780 military intelligence brigade will also be transformed into Army Network Command Direct command of the network brigade.

Continuously optimize the Army cyberspace forces

After the establishment of the Army Network Command, cyber space military forces combat is always the center of its work, which in the Army Network Power Organization continue to optimize the integration process has been highlighted. For the current network operations have been formed, electronic warfare, information operations, military intelligence and even space combat capability, the US Army in the network of military organizational structure design also reflects the integration of a variety of capacity trends. The US Army is also actively promoting the overall military model in the construction of network forces, highlighting the development of the national guards and reserve forces. After years of construction, the US Army network power organization has been basically formed.
Army Network Combat Force Organizational Structure, 2011

Optimize the combat strength of the organizational structure, to adapt to operational support needs. At the headquarters level, in order to further improve the command and implementation of cyberspace operations, the Army approved the Network Command in March 2014 as the headquarters of the Army Force, and designated the 2nd Army as its immediate unit, and the network enterprise technology Command to become the second army direct command of the network combat troops, network enterprise technology command commander of the second group army deputy commander. And the previous year, the network command has been under the guidance of the US Internet Command and Army headquarters began to form a joint force network headquarters, which will be the implementation of the network space combat command command, and have direct support to the combat command of the network combat capability The At the combat forces and theater levels, the network command is trying to improve the global network defense situation through regional network centers. Based on the strength of the original Theater Network Operations and Security Center and Regional Computer Emergency Response Center, these regional cybersecurity centers streamline the operational plan of the network operations, and can play a strong planning, coordination and synchronization function to more effectively support geography Operation of the Combat Command.

To determine the development of the responsible institutions, improve the network to build military theory guidance. As the US Army Network Command merged with the original network operations, information operations and the strength of the signal forces, a large number of signal forces combat theory urgent need to be revised and translated into the network combat theory, in order to achieve a unified operational capability development model, to avoid the concept of guidance On the chaos. In March 2014, the US Training and Command Command, on the basis of the Center for Excellence, integrated other relevant professional elements to form the Army Network Center of Excellence, with the goal of providing guidance, network and signal The full ability of training. The cyberspace promotion office under the Cyber ​​Command is also incorporated into the Network Excellence Center to further enhance the advantages of the Network Excellence Center in summing up lessons learned from the construction of network forces. Through the implementation of the Ordinance to publish the project, the Network Excellence Center tried to merge the original signal and electronic warfare forces regulations, according to the Army “2015 order system” related requirements to develop new cyberspace operations, electronic warfare and signal forces regulations. At present, the Army has completed the revision of the field command FM6-02 “signal force support operations” to guide the signal forces to the network forces for functional transformation; the first release of the field order FM3-38 “network electromagnetic action”, clear “Army in the unified ground action to integrate the overall principles of network electromagnetic activity, tactics and procedures”; as the Army network army building a basic guidance document, field command FM3-12 “cyberspace combat” also basically completed the final approval process, Officially distributed within the Army in 2015. With the above documents as the main body, the Network Excellence Center will continue to improve the publication of dozens of related military ordinances publications, build a complete Army cyber space combat technology, tactics and procedures for the Army network forces to provide comprehensive theoretical guidance.
Army Network Combat Force Organizational Structure, 2015

Integration of cyberspace education and training strength, and promote the regular development of network forces. The US Army will promote the development of formal training as a fundamental way to improve the level of network operations and combat readiness. In the Army Network Center of excellence at the same time, the Army Network School as its affiliated institutions in the original electronic warfare school set up on the basis of the Army Signal School is also under the network center of excellence will continue to be retained, the Army on the regularization of the construction of cyberspace “Regulations – Organization – Training – Resources – Leadership and Education – Personnel – Facilities” model has been further refined. With the establishment of the Army Network Arsenal (“17-Series” Career Management), the Army requested new staff members to enter the network career field to complete the school’s school training program, from signal, intelligence and information operations forces and other units to the Corresponding to a large number of network operations staff also need to carry out new vocational education and training, the two schools will jointly set up the new Army network arms units officers, warrant officers and noncommissioned officers for individual personnel skills training. For example, the Army Leadership Foundation Training Program was officially launched at the online school in August 2015, and the 14-week Senior Officer Training Program was implemented in May 2016. For the first batch of network combatants recruited by the Army in October 2015, the senior personal training program that must be attended by the Army began in February 2016. As the cyberspace operations essentially have the characteristics of joint operations, the first phase of the 22-week training program will be the Naval Joint Network Analyst Course, the second phase of training for the same 22 weeks, training venues from the Navy The facility is transferred to the Army Network School.

Attention to the National Guard and reserve network strength, highlighting the support and coordination functions. In view of the development of the network combat force, the Army believes that the reserve department can assist the active forces to share some of the tasks and be able to provide reinforcements with high levels of training as quickly as necessary. Because of its unique dual legal position, the Army National Guard can play the role of state and federal government agencies, civil and military organizations, private and public sector convergence, “with the development of cyberspace capabilities of the natural advantages.” Therefore, the Army in the development of network combat forces also pay attention to the construction of the relevant reserve organizations. For example, the First Information Operations Command also includes four reserve forces theater information operations brigade, which has the ability to provide information operations and cyberspace planning, analysis and technical support. According to a memorandum signed by the Army National Guard in June 2014 with the Army Network Command, the Army National Guard transferred one of its network defenses in the previous year to the Army Network Command / 2nd Army. The cyber force, known as the 1636th Network Defense Unit, will be in Service No. 10 of the United States Code, which is a full-time service and will receive the same standard training with other active forces of the Army Network Command and jointly All types of tasks.

This article from the “Military Digest” December Editor: Zhang Chuanliang

Original Mandarin Chinese:

伴隨著美軍全球信息柵格系統的高速發展,基於信息技術系統作戰的概念研究不斷走向深入,最終美軍作戰理論將網絡空間確立為一種與陸、海、空、天並列的作戰域。在這種背景下,美國陸軍將網絡空間力量建設作為推進陸軍現代化進程的關鍵因素,決心按照正規軍事化組織的標準和結構高質量建設網絡作戰部隊。自陸軍網絡司令部於2010年成立以來,美國陸軍圍繞網絡空間軍事力量作戰化的目標,通過新建、調整、轉型和融合等手段逐步建立起完善的網絡作戰力量組織結構。

網絡作戰概念指導下的基本組織結構

從20世紀90年代開始,為確保美軍全球信息柵格系統中的陸軍部分高效安全運行,美國陸軍在聯合軍隊的指導下,圍繞網絡作戰行動概念進行了一系列組織結構調整,解散了信息系統司令部,並先後組建了陸軍信號司令部以及網絡企業技術司令部等機構,逐步形成基於技術、防禦為主、重在應急的網絡作戰基本組織架構。

2005年,美國戰略司令部發布了《全球信息柵格網絡作戰聯合作戰概念》,對這一時期美國陸軍網絡空間力量建設的組織結構進行了詳細說明,將陸軍網絡作戰體系組織架構劃分為三個層次:在第一個層面,在陸軍太空和導彈防禦司令部/陸軍戰略司令部的指揮下,作為陸軍網絡作戰行動唯一的領導機構,陸軍全球網絡行動和安全中心負責態勢感知和指揮協調工作,在美軍聯合部隊網絡力量體系中,該機構發揮軍種全球網絡作戰與安全中心的功能。在第二個層面,戰區網絡行動和安全中心是各作戰司令部的支持元素,負責“指導網絡作戰行動,管理和防禦屬於陸軍管轄的全球信息柵格元素”。戰區內各地區網絡行動和安全中心構成了陸軍網絡作戰體系的第三個層面。此外,陸軍計算機應急響應分隊是應對網絡突發事件的處置力量,在緊急情況下可以接受全球網絡作戰特遣部隊的戰術控制,每個戰區網絡行動和安全中心也都建立了計算機應急響應分隊。

新環球軍事

全球軍事一網打盡,盡在公眾微信號“新環球軍事”

長按下方二維碼即可關注

成立陸軍網絡司令部

隨著美軍對於網絡空間依賴程度的加深,控制和削弱網絡威脅持續成為美軍關注的重點任務,組建獨立負責網絡空間作戰指揮機構的呼聲在美軍內部日益高漲。在2008年“揚基鹿彈行動”的直接推動下,美軍決定結束軍種單位獨立分散發展網絡作戰能力的局面,通過並、撤、轉、改等措施對相關機構進行結構重組,成立全面負責網絡空間作戰的聯合指揮機構,美國陸軍網絡力量組織建設也進入快速發展階段。

通過全球部署分散發展的方式形成網絡空間作戰組織的基幹力量。由於意識到網絡作戰行動將對軍事領域產生更加深遠的影響,美國陸軍在作戰部隊層面投入大量資源,逐步建立起網絡作戰行動的基幹力量。例如,陸軍在2008年7月啟動了第一支網絡戰營,其能夠提供戰術支持、旅戰鬥隊支援以及向其他軍種單位、聯合部隊甚至跨機構夥伴提供戰略支援;陸軍還對網絡作戰行動的上層指揮體系實施調整,從而使相關行動得到適度權限的監管。在這個時期,陸軍未來網絡作戰力量都以分隊形式整合在軍種和聯合部隊架構下作戰單位的內部,包括從國防信息系統局、全球網絡作戰聯合特遣隊、國家安全局到旅戰鬥隊等各個級別的戰略和戰術機構。
新建核心協調機構,理順總部到分隊層面的指揮關係。 2009年6月,美國國防部通過發表備忘錄的形式宣佈建立美國網絡司令部,旨在通過一個專門的次級聯合司令部集中統籌和推進網絡空間軍事力量建設。與此同時,作為日後組建陸軍部隊網絡司令部的過渡性措施,陸軍決定保留陸軍太空和導彈防禦司令部/陸軍戰略司令部的組織架構,並將其重新命名為陸軍部隊網絡司令部。 2010年2月,美國陸軍宣佈在此基礎上正式組建陸軍網絡部隊司令部,其在組建和初始建設階段的工作主要圍繞三項任務展開:實現網絡空間軍事力量作戰化、增加陸軍網絡作戰力量的能力和規模、發展陸軍網絡空間專業人才隊伍。由於以往的指揮體係被打亂,網絡司令部下新成立的陸軍網絡空間作戰與整合中心實際上發揮了指揮控制和協調同步的核心作用。該機構與此前的陸軍全球網絡行動和安全中心功能類似,但是除了“在執行全譜網絡空間作戰行動過程中提供清晰、簡潔、及時的指導”以外,該組織還負責“與陸軍其他司令部、其他軍種單位中的同類機構、美國網絡空間聯合作戰中心共享信息”。在機構建立之初,網絡空間作戰與整合中心的部分人員還直接加入美國網絡司令部參謀機構,從而更好地促進實現聯合部隊與軍種單位網絡作戰行動的指揮統一。

美國陸軍網絡空間力量組織結構,2005年

轉型作戰部隊職能,促進傳統能力向網絡空間作戰能力發展。在作戰部隊建設層面,以野戰信號部隊為主體的網絡企業技術司令部/第9信號司令部轉隸陸軍網絡部隊司令部,陸軍情報和安全司令部所屬網絡空間作戰部隊的作戰指揮權也由陸軍網絡司令部掌握。通過這種組織調整,陸軍網絡司令部第一次掌握了前沿部署作戰力量,能夠形成全球存在態勢並具備遠征能力,可以向作戰指揮官提供更加全面的戰鬥支援能力。值得注意的是,網絡企業技術司令部以及情報和安全司令部指揮官都在陸軍網絡司令部擔任副司令,分別負責不同類型的網絡作戰行動任務,基本形成了原信號部隊主管網絡防禦、原軍事情報部隊主管網絡進攻的模式,從而將此前離散部署、鬆散聯合的網絡空間相關組織整合為一支完備的陸軍網絡力量。此外,陸軍網絡司令部在2011年還被賦予執行信息作戰的任務,掌握第1信息作戰司令部的作戰指揮權,情報和安全司令部下屬的第780軍事情報旅也將轉型為陸軍網絡司令部直接指揮的網絡旅。

持續優化陸軍網絡空間部隊

陸軍網絡司令部成立後,網絡空間軍事力量作戰化始終是其中心工作,這一點在陸軍網絡力量組織不斷優化整合的過程中得到突出體現。對於當前已經形成的網絡作戰、電子戰、信息作戰、軍事情報甚至太空作戰能力,美軍陸軍在進行網絡軍隊組織結構設計時也體現出融合多種能力的趨勢。美國陸軍還在網絡部隊建設中積極推進整體型軍隊模式,突出國民警衛隊和預備役網絡力量的發展。經過多年建設,美國陸軍網絡力量組織結構已經基本形成。
陸軍網絡作戰力量組織結構,2011年

優化戰鬥力量組織結構,適應作戰行動支援需求。在總部機構層面,為了進一步完善網絡空間作戰行動的指揮程序並實現意圖統一,陸軍在2014年3月批准網絡司令部為陸軍部隊組成總部,同時指定第2集團軍為其直屬單位,而網絡企業技術司令部成為第2集團軍直接指揮的網絡作戰部隊,網絡企業技術司令部指揮官兼任第2集團軍副軍長。而且在前一年,網絡司令部已經在美國網絡司令部和陸軍總部的指導下開始組建聯合部隊網絡總部,其將對網絡空間作戰部隊實施任務指揮,並且具備直接支持作戰司令部的網絡作戰能力。在作戰部隊和戰區層面,網絡司令部試圖通過地區網絡中心改善全球網絡防禦態勢。在原有戰區網絡作戰和安全中心、地區計算機應急響應中心力量基礎上,這些地區網絡安全中心對網絡作戰行動指揮程序進行精簡,能夠發揮較強的計劃、協調和同步功能,從而更加高效地支援地理作戰司令部的行動。

確定條令開發負責機構,完善網絡建軍理論指導。由於美國陸軍網絡司令部合併了原網絡作戰、信息作戰和信號部隊的力量,信號部隊的大量作戰理論迫切需要修訂並轉化為網絡作戰理論,從而實現協調統一的作戰能力發展模式,避免出現概念指導上的混亂。 2014年3月,美國訓練和條令司令部在原信號卓越中心的基礎上,整合其他相關專業力量元素,組建了陸軍網絡卓越中心,目標在2015年10月使其具備指導網絡、信號和電子戰部隊訓練的全面能力。網絡司令部下屬的網絡空間促進辦公室也被合併入網絡卓越中心,從而進一步增強網絡卓越中心在總結網絡部隊建設經驗教訓方面的優勢。通過實施條令出版項目,網絡卓越中心試圖合併原有的信號和電子戰部隊條令,根據陸軍“2015條令體系”的相關要求開發全新的網絡空間作戰、電子戰以及信號部隊條令。目前,陸軍已經完成了對野戰條令FM6-02《信號部隊支持作戰行動》的修訂,指導信號部隊向網絡部隊進行職能轉型;第一次發布了野戰條令FM3-38《網絡電磁行動》,明確了“陸軍在統一地面行動中整合網絡電磁活動的總體原則、戰術和規程”;作為陸軍網絡軍隊建設的根本性指導文件,野戰條令FM3-12《網絡空間作戰》也基本完成了最後的批准程序,於2015年正式在陸軍內部發行。以上述條令文件為主體,網絡卓越中心將繼續完善數十種相關陸軍條令出版物的編撰發布工作,構建完整的陸軍網絡空間作戰技術、戰術和規程體系,為陸軍網絡部隊建設提供全面理論指導。
陸軍網絡作戰力量組織結構,2015年

整合網絡空間教育訓練力量,促進網絡部隊正規化發展。美國陸軍將推進網絡訓練正規化發展視為提高網絡作戰和戰備水平的根本途徑。在陸軍網絡卓越中心組建的同時,陸軍網絡學校作為其下屬機構在原電子戰學校的基礎上成立,而且陸軍信號學校也在網絡卓越中心的建制下繼續得以保留,陸軍關於網絡空間力量正規化建設的“條令-組織-訓練-資源-領導力和教育-人員-設施”模型得到進一步完善。隨著陸軍網絡兵種(“17-系列”職業管理領域)的設立,陸軍要求進入網絡職業領域的新任職人員必須完成網絡學校的駐校訓練項目,從信號、情報和信息作戰部隊等單位調動到相應網絡作戰崗位的大量人員也需要進行新的職業教育訓練,上述兩所學校將共同對新成立的陸軍網絡兵種單位的軍官、準尉和士官進行單個人員技能訓練。例如,軍官領導力基礎訓練課程於2015年8月在網絡學校正式啟動,為期14週的準尉軍官高級訓練項目則在2016年5月開始實施。對於陸軍在2015年10月徵募的第一批網絡作戰士兵,其必須參加的高級個人訓練項目則在2016年2月開始。由於網絡空間作戰行動本質上具有聯合作戰的屬性,高級個人訓練項目為期22週的第一階段訓練內容將是海軍聯合網絡分析師課程,第二階段訓練同樣持續22週,訓練場地也會從海軍設施轉移到陸軍網絡學校。

重視國民警衛隊和預備役網絡力量,突出支援和協調功能。針對網絡作戰力量的發展問題,陸軍認為預備役部門可以協助現役部隊分擔部分任務,能夠在必要時迅速提供具備較高訓練水平的增援力量。因其獨特的雙重法律定位,陸軍國民警衛隊可以發揮各州與聯邦政府機構、民事與軍事組織、私營與公共部門之間的銜接作用,“具備發展網絡空間能力的天然優勢”。因此,陸軍在網絡作戰力量發展過程中也注重相關預備役組織的建設。例如,第1信息作戰司令部還包含4支預備役部隊戰區信息作戰大隊,其都具備提供信息作戰和網絡空間計劃、分析、技術支持能力。根據陸軍國民警衛隊2014年6月與陸軍網絡司令部簽署的一份備忘錄,陸軍國民警衛隊將其在此前一年組建的1支網絡防禦分隊轉隸於陸軍網絡司令部/第2集團軍。這支被稱為第1636網絡防禦分隊的網絡部隊將處於《美國法典》第10卷服役狀態,即全時服役狀態,將與陸軍網絡司令部其他現役部隊共同接受同等標準的訓練,並共同執行所有類型的任務。

本文轉自《軍事文摘》12月刊 責任編輯:張傳良

中國軍隊戰略層面的網絡空間特種作戰 China’s Strategic Level of Cyberspace Special Operations

战略层面的网络空间特种作战 –

China’s Strategic level of Cyberspace Special Operations

Editor’s Note: US Army Lieutenant Colonel Patrick Mitchell Dugen at the US Army War College during the fourth quarter of 2015, “Joint Force Quarterly” published “strategic level of cyberspace special operations,” a paper, the article was Chairman of the Association of the United Nations in 2008 Strategic Papers Competition Strategy Research Award.

In this paper, by reviewing the cyberspace special operations cases, this paper analyzes the potential power of using network tools in asymmetric conflicts, and points out that cyberspace special operations have become an effective strategic tool to achieve national goals. Become a regional power to avoid the US military dominance and to ensure that their strategic interests of the unconventional path. The author proposes three new options for integrating emerging technologies and special operations: “cloud-driven” foreign defense, network counter-insurgency and unconventional cyber warfare advance team. Designed to maintain the US network technology advantages, and to build an important partnership, shaping the full spectrum of the conflict environment has a revolutionary impact. Iran and Russia and other regional forces of cyberspace special combat readiness why more than the United States? How does Iran and Russia strengthen its power at the tactical level while the United States has assembled its network and network capabilities at the strategic level? The United States in more than 20 years ago issued a network of special operations related documents, but why the network of special operations policies, departments and regulations are still not mature enough? For the US military, the most basic question is: how will the United States build a strategic level of network special combat capability?

As early as 1993, Internet technology theorists John Achilla and David Lennfield in his book “cyber war is coming” a book has predicted the recent Iran and Russia to implement the cyberspace special operations. “A large number of scattered small groups around the use of the latest communications technology coordinated” control network, to obtain the decisive advantage of the opponent. In reality this scene has been staged again and again. “We are using the information and the more information we have, and the less demand for traditional weapons,” says Achilla and Lunfield. US military executives have also realized that with asymmetric network tools, unconventional tactics and a large number of false information armed, a small amount of special combatants can form a certain strategic impact. There is news that both Iran and Russia have succeeded in using cyberspace special operations as a strategic tool to achieve their national goals. Both countries have an integrated network of special operations forces that know how to exploit the potential power of network tools in asymmetric conflicts. The asymmetric approach of the two countries has become a strong and unconventional path for regional powers to circumvent US military superiority and to ensure their strategic interests. Low price Of the network of high-tech allows potential rivals can develop a strong network warfare capabilities. Therefore, the United States urgently need to make strategic choices, the development of cyberspace special operations, as a tool for the protection and projection of national interests.

Low-cost network of high-tech technology allows potential rivals to develop a strong network warfare capabilities In February 2013, the Russian chief of staff Grazimov in the Russian “military messenger” magazine published “science in the forecast value” article. In the paper, Gracimov predicted a new generation of war that could “change the rules of the game”, whose strategic value would exceed “the effectiveness of weapon forces.” He called for universal asymmetric action to counter the enemy’s strengths and create a permanent frontier in the territory of the enemy through “special forces and internal confrontation and continuous improvement of information operations, equipment and means.” In the spring of 2014, Western media reported that in the eastern part of Ukraine, a casual special operations squad from Russia through the Ukrainian border, occupation of government buildings and arsenal and transferred to the separatist armed. At the same time, the Ukrainian authorities claim that their digital, telephone and cyber communications are cut off, interfered or attacked. The Ukrainian government attributed the cyber attacks on information and logistics infrastructure, including Internet servers and railroad control systems, to the destruction of Russia, and argued that the implementation of information fraud in Russia was costly in important social media, blogs, and News website published 50 pro-Russian comments every day, inside and outside Ukraine to form a large number of false information flow, on the one hand to cover up its non-traditional military operations in cyberspace, on the other hand to create a political illusion. “Russia is not doing the usual information warfare about false information, lies, leaks or cyber sabotage, it reshapes reality, creates public illusions, and then translates them into political action,” said senior government officials. To this end, in September 2014 at the NATO security summit, the NATO Allied Supreme Commander, US Air Force Admiral Philip Bride Leaf pointed out that Russia in East Ukraine to implement the “mixed” non-traditional operations on behalf of the war The most amazing information in history is Blitzkrieg. Bride Leaf urges the Allies to immediately develop the ability to counter the Russian non-traditional warfare, propaganda and cyber attacks. Russia’s use of the “non-traditional Western as a war” non-traditional means to achieve its political purpose, which makes the Western and NATO countries by surprise. Russia is not a fragmented way to use special forces, information operations or network capabilities.

On the contrary, as General Glashimov said, “the war does not need to be publicly announced, when the special forces with advanced technology and a lot of information for the traditional forces in the maintenance of peace and crisis under the cover of strategic objectives to create good conditions, the war on “Cybercrime deception and cyber attacks are special forces in” war and peace ”

Network information spoofing and cyber attack action for special combat forces in the “war and peace” between the implementation of non-traditional warfare to win the time and space lessons learned from the Russian case can draw four major experience, for the United States special operations Action and network capacity integration to provide a viable theoretical framework. First, there are tactical and strategic differences in the offensive network tools used by the Russian Special Forces, targeting tactical “closed networks”, such as local communications, social media, regional networks and logistics infrastructure, while retaining Its more advanced open network tools as a backup. Second, the network special operations are primarily an agent behavior, emphasizing the minimization of the source tracking. As Gracimov described, “the long-distance, non-contact action against the enemy is becoming the primary means of the tactical battle.” Network special operations usually avoid direct contact with people, but in peace and war in the gray area to start action. Third, information and communication technology, network attacks and information operations in the network to form a non-conventional warfare play an important role. As long as the appropriate implementation, the traditional special operations can go far beyond its original function, “which involves the comprehensive application of a wide range of capabilities to achieve policy objectives.” To be effective, it must also be integrated to synchronize other areas of expertise. Fourth, the network special operations can both deter the conflict, can also be used to deal with the whole spectrum of conflict, because “it is suitable for all stages of action, from shaping the environment to the intense war to post-war reconstruction.” Although the network war to destroy the original intention, but also has a constructive side. The widespread dissemination of low-cost information and communication technologies is conducive to strengthening the security of partner countries and thus helping to prevent the occurrence of conflicts.

“‘Foreign help defense’ (FID) under ‘cloud drive’ is both a concept of cloud computing and a metaphorical description of partnering and trust through virtual means. “The concept of” cloud-driven “FID” has not yet been clearly defined, but it can be integrated into an interdisciplinary field to better understand people, geography and virtual worlds and to act together on related goals. Technically, the “cloud-driven” FID “strengthens the partnership, consolidates data through the federated facilities, enhances automation, and disseminates the analysis process. “Cloud-driven” is flexible and can be developed in private, public, community, or mixed form, using different software, platforms, and infrastructure. Security personnel use intelligent technology to drive confidential mobile applications, analyze tools and share data through “cloud-driven” FIDs. Although the data associated with the virtual cloud, but its real value is to make the timely dissemination of information to the hands of tactics. “The cloud-driven” FID “can also be likened to a persistent, active partnership, the data never stops, the network has been busy. Technology is only a tool to drive deeper, extensive socio-cultural, political and historical factors that are often prone to conflict. “Cloud-driven” FID “can build more sustainable competencies and trust with partner countries. “The cloud-driven” FID “lay a virtual foundation for the future establishment of various institutions, centers and laboratories to bridge the benefits of inter-agency across the United States. From the strategic point of view of the US government, “cloud-driven” FID “is a pragmatic” partnership-centered approach designed to target the core interests of partner countries rather than to Way to change the partner country “. “The cloud-driven” FID “is also a prudent strategic move to” prevent the US partner countries from becoming a public relations crisis due to domestic political problems. ” “The cloud drive ‘FID’ also offers other opportunities. The technology and networks it forms can react quickly to emergencies, such as humanitarian relief or relief operations, prevent mass killings, or evacuate personnel from non-combatants. This saves time, money and manpower by providing information for the decision-making process. For the construction of the partnership, the cloud-driven FID can store local non-US social media information, rich social network analysis, social network maps, and behavioral and opinion trends analysis. Most importantly, the “cloud drive ‘FID” builds trust in an innovative and extremely powerful way to build lasting influence on allies and partners.

Today’s global environment drives the United States to use cyber special operations as a strategic tool network for national military strategies Anti-riot counterintelligence network Anti-riot operations (CNCOIN) aims to use social media networks to achieve the purpose of rebellion. To break the asymmetric information superiority of the enemy, CNCOIN uses non-technical means to combat the relevant crowd and control its perception, behavior and action. It adds a military color to the cyber space’s ubiquitous anti-social network. Although these means are not clearly defined, this article believes that it actually refers to the manipulation of social media, cover up the true identity, to achieve ulterior motives. While social media provides a wide range of opportunities for anti-social networks, such as malicious use, intentional misconduct, but from the military point of view, social media provides a wealth of information resources to affect the psychological vulnerability, but also an ideal attack platform. There are several technologies that contribute to its implementation in each functional category. The scope of action includes, but is not limited to, cyber-pseudo operation and cyber-herding operation. Network fraud is a classic counter-insurgency strategy, “government forces and technical staff will pretend to be insurgents, into the enemy network after the use of advanced intelligence technology in the network within the implementation of the destruction.” Internet expulsion means that “individuals, groups, or organizations deport other individuals, groups, or organizations to the default network area.” The magic of the two technologies is the expulsion of insurgents in the virtual network by exploiting the inherent flaws of the communication technology and communication platform. The two tactics are aimed at rebel activist online communities, manipulating or disrupting them, and ultimately providing more opportunities for cyberbullying. The virtual world magnifies the environmental factors, because the characters in the network are more difficult to determine their authenticity. Planning command control, communication frequency and equipment platform and other elements will become the key to the implementation of network fraud or network expulsion operations to manipulate, mislead or expel the target group to the desired results. The scope of information includes, but is not limited to, Crowdsourcing and Social Networking Analysis, SNA). Crowdsourcing is the use of large-scale knowledge base, provided by the participants voluntarily, to solve the problem to provide new ideas, services or observation, you can quickly expand the organizers of the field of vision. Social network analysis depicts and measures the relationships, strengths, and cores of social links in a visual way to illustrate the social network structure. Social network visualization or social networking maps can provide a unique window for assessing, depicting and even predicting the intensity, time, space, and relationship dimensions of relationship events. In September 2013, during the crisis in the Philippines, the anti-government armed Moro National Liberation Front (hereinafter referred to as “the dismount”) was dissatisfied with the situation of national reconciliation, hijacked more than 200 civilians as hostages, attacked commercial shops and burned urban buildings. Throughout the crisis, crowdsourcing and social network analysis are very successful non-traditional tactical means. The Philippine security forces use crowdsourcing tactics to encourage Zamboang residents to discover and report on the “melodic” members of the hiding place. FEI security forces, together with crowdsourcing information and intelligence analysis, provide information for security operations and humanitarian operations. The use of social network analysis to assess the “Mobility” of the public support, and in the social media against the “interpretation” declaration, to ban the violation of social media user agreement propaganda site, but also the use of crowds of information blockade ” Troops, attacking their temporary command post. The Philippine security forces used solid media to track the key information and lead the use of social media, and then use the solid forces to defeat the “interpretation” of the asymmetric advantage. The information warfare category includes but is not limited to cyber intrusion (cyber Aggression, forum vest (sock-puppeting), astro-turfing and so on. Three tactics are anonymous use of social media to implement misleading, false information to manipulate behavior, public opinion and action. The cyber-invasion is proposed by Teanna Felmyr, which refers to “an electronic or online act that is intended to cause psychological harm to others or damage its reputation by using e-mail, instant messaging, cell phones, digital information, chat rooms

As well as social media, video, game sites, etc. “. It is much broader than the range of ordinary cyber-aggressive behavior. Its anonymity may cause substantial psychological harm and negative consequences, as the relevant information will be repeatedly sent to the target or published in the social media. Its value to CNCOIN is that it can use sensitive digital information to humiliate, defame or hurt the target, causing psychological barriers. This powerful cyber-invading action can reduce the credibility, influence and power of the target, and ultimately lose the power of the target or other insurgents. The other two tactics, the forum vest and the fake are all fictitious online propaganda tools used to spread distorted views to create a wider range of support or opposition to the illusion. In fact, with the forum vest is the same concept, but more complex, more organized, larger. Both tactics use virtual characters to distribute false information in cyberspace, with the aim of initiating group reactions or actions. Combining massive amounts of text, images, and video with a planned misleading network activity will significantly enhance the effectiveness of CNCOIN’s action. The third way to advance the US network’s special operations is the unconventional cyber warfare team (cyber-UW Pilot Team, using social media networks to shape the physical environment, the establishment of regional mechanisms, in the implementation of non – conventional war before the regional connectivity. The core of the unconventional network warfare team is the special forces, with a number of professional organizations to provide technical support, its task is in the field of network security for the preparation of unconventional operations. The penetration of the traditional advance team is the target of enemy territory, military facilities and other entities, rather than the conventional advance team is through the virtual means of infiltration, and then into the sensitive, hostile or refused to area. Through the virtual means, can reduce the United States and partner countries armed forces in time, risk, equipment and other aspects of the loss and risk. Conceptually, unconventional cyber warfare teams use web tools and advanced technology to build people, entities, intelligence, and information infrastructures on social media. While deepening understanding of the local human terrain, the team can strengthen its local language and cultural skills, as well as identify resistance leaders, assess motivation and resistance, and overall support for US government goals, while at the same time understanding Informal hierarchical distribution, psychology and behavior. In addition, you can also incorporate the Internet’s white noise into the social media network to “improve the cultural understanding of potential collaborators in the United States and the local situation before action.” While the US national security strategy has long recognized the strategy of cyber warfare Role, but this understanding is not fully translated into a clear strategic level of thinking and combat capability. For example, the US Department of Defense cyberspace action strategy did not give much solution or specific measures, only from five aspects of the previous repeated network ideas. Lack of clear ideas lead to our network strategy is flawed, making the United States advanced network technology advantages to hand over to the potential rival risk. In contrast, Iran and Russia’s asymmetric innovation modeled other regions and global forces, trying to circumvent the US military advantage by unconventional means to ensure their strategic interests. Cyberspace special operations are a must to fill the strategic level of the blank. Obviously, the United States must actively seek a tactical level of unconventional combat into the cyber space operations in the form of special operations. Rand’s recent study of special operations concluded that “the United States needs to use a more advanced form of special operations to ensure national interests, taking into account the recent US and its interests facing the security threat situation, special operations

Become the most appropriate form of ensuring national interests “. In an increasingly interconnected global environment, the physical infrastructure is quickly allocated Internet protocol addresses, accessory networking. By 2020, there will be 50 billion “machine-to-machine” equipment (currently 1 3 billion units) will be through the “embedded computer, sensor and Internet capabilities” access to network space. Cyberspace special operations Unicom virtual and reality, through the modern information network and with the traditional face-to-face combination of special operations partnership. Today’s global environment has prompted the United States to use cyber special operations as a strategic tool for national military strategies. Potential rivals combine offensive network capabilities with unconventional tactics to set a terrible example for other enemies in the United States, and they will follow suit quickly. This paper presents three new options for integrating emerging technologies and special operations: foreign-assisted defense under “cloud-driven”, anti-riot operations in the network, and non-conventional cyber warfare advance teams. Full play of these three tactics will not only maintain the advantages of the US network technology, but also to build an important partnership, shaping the whole spectrum of combat environment have a revolutionary impact. If successful implementation, network special operations will become the United States a strong new strategic options

Original Mandarin Chinese:

编者按:美国陆军中校帕特里克·米歇尔·杜根在美陆军战争学院就读期间,于2015年第4季度《联合部队季刊》发表《战略层面的网络空间特种作战》一文,该文曾获得2015年度参联会主席战略论文竞赛战略研究类奖。本文通过回顾网络空间特种作战案例,分析了在非对称性冲突中利用网络工具的潜在力量,指出网络空间特种作战已经成为达成国家目标的有效战略工具。成为地区强国用以规避美国军事主导权以及确保本国战略利益的非常规性路径。作者提出了融合新兴技术与特种作战的三种新选项:“云驱动”下的国外协助防御,网络反暴乱平叛行动与非常规网络战先遣队。旨在维持美国的网络技术优势,并对构建重要伙伴关系、塑造全频谱冲突环境产生革命性影响。伊朗和俄罗斯等地区力量的网络空间特种作战战备为何比美国更为充分?

美国在战略层面集结其网络部门和网络能力的同时,伊朗和俄罗斯又是如何在战术层面强化其力量的呢?美国在20多年前就发布了网络特种作战的相关文件,但为何其网络特种作战的政策、部门和条令仍然不够成熟呢?对于美军而言,最基本的问题是:美国将如何打造战略层面的网络特种作战能力?早在1993年,互联网技术理论家约翰·阿奇拉和大卫·伦菲尔德在其著作《网络战争即将来临》一书中就已经预言了最近伊朗和俄罗斯所实施的网络空间特种作战行动。“大量分散各地的小规模团体利用最新的通信技术协调一致”控制网络,取得对对手的决定性优势。现实中这一情景一再上演。阿奇拉和伦菲尔德认为,“战争中我们投向敌人的不再是质量和能量;如今我们使用的是信息,掌握的信息越多,对传统武器的需求就越少”。

美军高层也已经意识到,有了非对称性网络工具、非常规战术以及大量虚假信息的武装,少量的特种作战人员就可以形成一定的战略影响。目前有消息表明,伊朗和俄罗斯均已成功地将网络空间特种作战作为一种战略工具来达成其国家目标。两国都拥有一体化的网络特种作战部队,知道如何在非对称性冲突中利用网络工具的潜在力量。两国的非对称性手段成为地区强国用以规避美国军事优势以及确保本国战略利益的强大非常规性路径。价格低廉的网络高新技术使得潜在对手可以发展出强大的网络战能力。因此,美国亟需做出战略选择,发展网络空间特种作战,作为保护和投射国家利益的工具。

价格低廉的网络高新技术使得潜在对手可以发展出强大的网络战能力2013年2月,俄罗斯总参谋长格拉西莫夫在俄《军工信使》杂志发表了《科学在预测中的价值》一文。文中,格拉西莫夫预测了能够“改变游戏规则”的新一代战争,其战略价值将超过“武器力量的效能”。他号召普遍开展非对称性行动,以抵消敌方的优势,通过“特种作战力量和内部对抗以及不断完善的信息行动、装备和手段,在敌国的领土中创造一个永久活动的前线”。2014年春,有西方媒体报道,在乌克兰东部的乱局中,一支便装的特种作战小分队从俄罗斯境内穿越乌克兰边界,占领政府建筑和武器库并转交给分裂主义武装。与此同时,乌克兰当局声称,其全境的数字、电话及网络通信均遭到切断、干扰或攻击活动。乌克兰政府将信息和物流基础设施(包括互联网服务器和铁路控制系统)遭受的网络攻击归因于俄方的破坏,同时还认为,俄罗斯实施信息欺骗行动,花费巨资在重要的社交媒体、博客以及新闻网站每天发布50条亲俄评论,在乌克兰内外形成大量的虚假信息流,一方面掩盖其在网络空间的非传统军事行动,另一方面制造了政治假象。乌政府高级官员表示,“俄罗斯所做的并不是通常的信息作战所涉及的虚假信息、谎言、泄漏机密或网络破坏活动,它重新塑造现实,造成大众幻象,然后将之转化为政治行动”。为此,在2014年9月召开的北约安全峰会上,北约盟军最高司令、美国空军上将菲利普·布里德莱弗指出,俄罗斯在东乌克兰实施的“混合型”非传统作战代表了战争史上最惊人的信息闪电战。布里德莱弗敦促盟军立即发展相应的能力以反制俄罗斯的非传统战、宣传战及网络攻击行动。俄罗斯使用“根本不被西方视为战争的”非传统手段达成其政治目的,这使得西方及北约国家措手不及。俄罗斯并不是以碎片化的方式来使用特种力量、信息作战或网络能力。相反,正如格拉西莫夫将军所言,“发动战争不再需要公开宣布,当配备先进技术和大量信息的特种力量为传统部队在维持和平与危机的掩护下达成战略目标创造好条件,战争就发生了。”言外之意,网络信息欺骗和网络攻击行动为特种作战力量在“战争与和平之间”实施非传统战赢得了时间和空间。俄罗斯的网络赋能非传统战极为成功,不仅是其网络特种力量的混成,而且还成功地侵入欧盟成员国,甚至没有引起西方有效的军事反应。

网络信息欺骗和网络攻击行动为特种作战力量在“战争与和平之间”实施非传统战赢得了时间和空间 经验教训从俄罗斯的案例中可以得出四个方面的主要经验,可为美国特种作战行动与网络能力整合提供一个可行的理论框架。第一,俄罗斯特种部队所使用的进攻性网络工具存在战术和战略层面的差别,主要以战术层面的“封闭网络”为目标,如本地通讯、社交媒体、区域网络和后勤基础设施等,同时保留其更为先进的开放网络工具作为备用。第二,网络特种作战主要是一种代理人行为,强调最小化的来源跟踪。正如格拉西莫夫所描述的那样,“对敌方的远距离、无接触行动正在成为战术战役目标的主要手段”。网络特种作战通常避免人员的直接接触,而是在和平与战争的灰色地带展开行动。第三,信息与通信技术、网络攻击及信息作战等在网络赋能的非常规战中发挥着重要作用。只要恰当的实施,传统的特种作战可以远远超出其原有的功能,“这涉及到对广泛能力的综合运用,以达成政策目标”。要发挥效能,还必须整合同步其他领域的专门知识。第四,网络特种作战既可以慑止冲突,也可用于应对全频谱冲突,因为“它适合行动的各个阶段,从塑造环境到剧烈战争再到战后重建等”。虽然网络战以破坏为初衷,但也具有建设性的一面。低成本的信息和通信技术的广泛传播有利于强化伙伴国安全,从而有助于阻止冲突的发生。

网络空间特种作战是一种必须填补的战略层面的能力空白,美国必须积极寻求一种在战术层面的非常规作战中融入网络空间作战的特种作战形式 “‘云驱动’下的‘国外协助防御’(FID)”既是一种云计算概念,也是通过虚拟手段增强伙伴能力和信任的一种比喻性描述。“‘云驱动’FID”概念虽然还未经明确界定,但是它却可以联接整合跨学科领域,以更好地理解人员、地理及虚拟世界,并对相关目标展开共同行动。从技术上而言,“‘云驱动’FID”可以强化伙伴关系,通过联合设施,实时共享数据,增强自动化,传播分析过程。“云驱动”是灵活多变的,能够以私人、公共、社区或混合形式出现,各自使用不同的软件、平台和基础设施等。安全人员通过“‘云驱动’FID”使用智能技术驱动保密的移动应用软件、分析工具和共享数据。虽然数据与虚拟云相联,但其真正价值在于使信息及时传播到战术人员手中。“‘云驱动’FID”也可比喻为一种持续的、活跃的伙伴关系,数据永不停止,网络一直忙碌。技术仅仅是一种工具,用以驱动更深入、广泛的社会文化、政治和历史因素的理解,这些往往是容易造成冲突的因素。“‘云驱动’FID”可以与伙伴国构建更具持续性的能力和信任。“‘云驱动’FID”为未来建立各种机构、中心和实验室弥合美国各跨机构间的利益打下一个虚拟的基础。从美国政府的战略视角而言,“‘云驱动’FID”是一种实用主义的“以伙伴国为中心的方式,旨在围绕伙伴国的核心利益设计行动,而不是寄希望于以短视的方式来改变伙伴国”。“‘云驱动’FID”还是一种审慎的战略举措,“以防美国的伙伴国由于国内政治问题出现公共关系危机”。“‘云驱动’FID”也提供了其他的机会。它所形成的技术和关系网络可以迅速对紧急事件做出反应,如人道主义救援或救灾行动、阻止大规模屠杀,或者非战斗人员撤离任务等。这样可以通过为决策过程提供信息而节约时间、金钱和人力等。对于伙伴关系的构建而言,“‘云驱动’FID”可以存储当地的非美国社交媒体信息、丰富的社交网络分析、社会网络地图以及行为和舆论趋势分析等信息。最为重要的是,“‘云驱动’FID”以富有创新性和极为有力的方式构建信任,打造对盟友及伙伴国的持久影响力。

当今的全球环境促使美国采用网络特种作战作为国家军事战略的战略性工具 网络反暴乱平叛行动网络反暴乱平叛行动(CNCOIN)旨在利用社交媒体网络达成平叛的目的。为打破敌人的非对称性信息优势,CNCOIN使用非技术手段打击相关人群,控制其感知、行为和行动。它为网络空间无处不在的反社交网络手段增添了军事色彩。虽然这些手段没有明确界定,本文认为,它实际上就是指操纵社交媒体,掩盖真实身份,达成不可告人的目的。虽然社交媒体为反社交网络提供了广泛的机会,如恶意利用、有意误导等,但从军事角度而言,社交媒体提供了丰富的信息资源以影响心理脆弱性,也是一个理想的攻击平台。每种功能性范畴中都有几种有助于其实施的技术。行动范畴包括但不局限于网络欺骗行动(cyber-pseudo operation)和网络驱逐行动(cyber-herding operation)。网络欺骗行动是一种经典的平叛策略,“政府军和技术人员将自己假扮为叛乱分子,渗入敌方网络后使用先进的谍报技术在该网络内部实施破坏”。网络驱逐行动就是指,“个人、团体或组织把其他的个人、团体或组织驱逐到预设的网络区域”。两种技术的奇妙之处在于,通过利用通信技术与通信平台的内在缺陷来驱逐虚拟网络中的叛乱分子。两种战术以叛乱分子活跃的网络社群为目标,对其进行操控或者瓦解,最终为网络平叛提供更多的机会。虚拟世界放大了环境因素,因为网络中的人物更难确定其真实性。规划指挥控制、通信频率以及设备平台等要素将成为网络欺骗行动或网络驱逐行动实施的关键点,用以操纵、误导或者驱逐目标群走向预想的结果。情报范畴包括但不局限于众包(Crowdsourcing)和社交网络分析技术(Social Networking Analysis, SNA)。众包就是利用大规模的知识库,由参与者自愿提供的,为解决问题提供新思路、服务或观察,可以迅速扩展组织者的视野。社交网络分析以可视的方式描绘和测量社交链接的关系、强度及核心性以说明社会网络结构。社交网络可视化或者社网图可以提供独特的窗口用以评估、描绘甚至预测关系事件的强度、时间、空间和关系维度。2013年9月,菲律宾三宝颜危机期间,反政府武装摩洛民族解放阵线(以下简称“摩解”)对民族和解状况感到不满,挟持200多名平民为人质,袭击商业店铺,烧毁城市建筑。整个危机期间,众包和社交网络分析都是非常成功的非传统战术手段。菲律宾安全部队使用众包战术鼓励三宝颜居民发现并报告“摩解”成员的藏身地点。菲安全部队结合众包信息和情报分析,为安全行动和人道主义行动提供信息。使用社交网络分析来评估“摩解”的民众支持度,并在社交媒体上反制“摩解”宣言,封禁违反社交媒体用户协议的宣传网站,还使用众包信息封锁“摩解”小股部队,攻击其临时指挥哨所。菲安全部队通过使用社交媒体跟踪关键信息和领导节点,随后使用实体部队挫败了“摩解”的非对称性优势。信息作战范畴包括但不局限于网络入侵(cyber aggression)、论坛马甲(袜子手偶sock-puppeting)、以假乱真(Astro-turfing)等。三种战术都是匿名利用社交媒体实施误导、假信息等来操纵行为、舆论及行动。网络入侵是由蒂安娜·菲尔姆利提出,是指“一种电子或在线行为,旨在对他人实施心理伤害或损毁其名誉,通过使用电子邮件、即时信息、手机、数字信息、聊天室以及社交媒体、视频、游戏网站等”。它比普通的网络攻击性行为的范围要广泛得多。它的匿名性可能会引起实质性的心理伤害和负面后果,因为相关信息会被重复发送给目标或者在社交媒体发布。它对CNCOIN的价值在于,可以利用敏感的数字信息来羞辱、诽谤或伤害目标,造成心理障碍行为。这种强大的网络入侵行动可以降低目标的可信度、影响力和权力,最终使目标或其它叛乱分子丧失实力。其它两种战术,论坛马甲和以假乱真都是虚构的在线宣传工具,用来散布扭曲的观点,以制造更广范围的支持或者反对的假象。以假乱真实际上跟论坛马甲是同一个概念,只不过更为复杂、更有组织、规模更大。两种战术都使用虚拟人物在网络空间散布虚假信息,目的是引发群体反应或行动。以假乱真的网络信息作战行动包含海量文字、图片和视频,与有计划的误导性网络活动相结合,将显著增强CNCOIN行动的效果。 非常规网络战先遣队推进美国网络特种作战的第三种方式是非常规网络战先遣队(cyber-UW Pilot Team),利用社交媒体网络塑造实体环境,建立区域机制,在实施非常规战之前将各区域联通起来。非常规网络战先遣队的核心是特种部队,拥有多个专业机构提供的技术支持,其任务是在网络安全领域进行非常规作战的准备。传统先遣队的渗透目标是敌方领土、军事设施等实体目标,而非常规先遣队则是通过虚拟手段进行渗透,再潜入敏感、敌对或拒止区域。通过虚拟手段,可以减少美国及伙伴国武装力量在时间、风险、装备等方面的损失和风险。从概念上讲,非常规网络战先遣队利用网络工具和先进技术在社交媒体上打造人员、实体、情报以及信息基础设施。在加深对当地人文地形理解的同时,小组可以强化其本地语言和文化技能,还可识别抵抗活动领导者、评估动机和抵抗能力以及对美国政府目标的总体支持度,与此同时,还可以了解非正式的层级分布、心理及行为等。此外,还可以通过接入社交媒体网络混入互联网白噪音,以“提高美国对潜在合作者的文化理解以及在采取行动之前的当地形势。”虽然美国国家安全战略中早就承认了网络作战的战略作用,但是这种认识并没有完全转化成明晰的战略层面的思维和作战能力。例如,美国《国防部网络空间行动战略》中并没有给出多少解决方案或具体措施,仅仅从五个方面重复了先前的网络思路。缺乏明确的思路导致我们的网络战略存在缺陷,使得美国先进的网络技术优势有拱手让给潜在对手的风险。对比之下,伊朗和俄罗斯的非对称性创新为其他地区和全球力量树立了模仿的样板,都试图以非常规手段规避美国的军事优势,确保各自的战略利益。网络空间特种作战是一种必须填补的战略层面的能力空白。很显然,美国必须积极寻求一种在战术层面的非常规作战中融入网络空间作战的特种作战形式。兰德公司最近的一份研究特种作战的报告得出结论,称“美国需要运用一种更为先进的特种作战形式来确保国家利益,考虑到近来美国及其利益面临的安全威胁形势,特种作战成为确保国家利益的最合适的形式”。在一个日益互联的全球环境中,实体性基础设施快速被分配互联网协议地址,接入物联网。到2020年,将有500亿台“机器对机器”设备(目前为130亿台)会通过“嵌入计算机、传感器和互联网能力”接入网络空间。网络空间特种作战联通了虚拟与现实,通过现代的信息网络并与传统的面对面的特种作战伙伴关系相结合。当今的全球环境促使美国采用网络特种作战作为国家军事战略的战略性工具。潜在对手将进攻性网络能力与非常规战术相结合为美国的其他敌人树立了可怕的榜样,他们必将快速跟进。本文提出了融合新兴技术与特种作战的三种新选项:“云驱动”下的国外协助防御、网络反暴乱平叛行动以及非常规网络战先遣队。充分发挥这三种战术将不仅仅能维持美国的网络技术优势,还可对构建重要伙伴关系、塑造全频谱作战环境产生革命性影响。如果能成功实施,网络特种作战必将成为美国强有力的新战略选项。

 

2016-08-22 17:42现代军事

中國軍隊信息戰裝備的作戰運用 – Chinese Military Operation of Information Warfare Equipment

中國軍隊信息戰裝備的作戰運用

Chinese Military Operation of Information Warfare Equipment

Information warfare is the C4ISR system and C4ISR system of confrontation, is the advantage of information contention, the main purpose is to ensure that their own information system to run properly, from the enemy use, paralysis and destruction; the same time, trying to use, paralyzed and destroy the enemy’s information system, So that in a paralyzed, confused state. Information warfare includes two parts: strategic information warfare and battlefield information warfare.

Strategic information warfare and information warfare battlefield

strategic information warfare is mainly characterized by a wide range of sectors covering all key political, economic, technological, and military and other special areas; special way, relates to psychological warfare, media warfare, deception warfare, media warfare and other special Means that the target is special, mainly through the decadence war, psychological warfare, information deterrence attack the enemy’s understanding system and thinking system; great harm, can make the whole country’s economic, political or military paralyzed, and even make it happen alternately; Personnel special, the war is not necessarily military personnel, computer experts, international criminal groups, ulterior motives of hackers or terrorist organizations and so may become war personnel.

Battlefield information warfare is the information warfare in the battle space, refers to the preparation and conduct of a campaign, the integrated use of information technology and a variety of information technology weapons, information combat platform and C4ISR system, in reconnaissance detection and early warning, information processing and Transmission, weapons control and guidance, operational command and control, camouflage deception and interference, as well as military strategy and other aspects of the comprehensive confrontation and struggle. Battlefield information warfare is through the interference or disrupting the enemy decision-making process, so that the enemy can not effectively take concerted action. Therefore, we must first affect the enemy decision-making, and then affect its actions, that is, to win the air electromagnetic advantage, and then made the air superiority, and finally the use of conventional forces to take combat operations. To seize the right to information system, to seize the initiative to fight the space, but also for the fight for land rights, air supremacy, sea power and the system of the right to lay a good foundation and necessary conditions.

A The basic combat forces and means are digital forces and information weapons equipment, the main contents include combat confidentiality, military deception, electronic warfare, psychological warfare and fire destroyed, the core purpose is to compete for the battle space information access , Control and use rights. Battlefield information warfare is the confrontation of the information system, it directly affects the entire battle space, the whole process of war and success or failure. Battlefield information warfare The main combat style is the electronic warfare and cyber warfare. Electronic warfare is an important part of the battlefield information warfare, mainly for the enemy communications, radar and other electromagnetic radiation source for the lure, interference, destruction and destruction activities. In the Gulf War, the electronic warfare was not only for the first time on a large scale, but also as a campaign stage and a specific campaign in war. In the Kosovo war, NATO used a lot of electronic warfare equipment, and the first use of electromagnetic pulse bombs and the first time a network war. Network warfare is a cyber-confrontational activity in computer cyberspace, using the Internet, and is being used for the first time in the Kosovo war. NATO network warfare measures include: network advertising; hacker attacks; attacks on financial networks. The main feature of the network war in the Southern Alliance is the people’s war mode, fans, computer fans and computer enthusiasts spontaneously carried out a large number of network operations, such as online publicity, attack NATO website, the use of network transmission of information.

Information warfare equipment in war equipment electronic warfare equipment the trend of electronic warfare equipment increasingly integrated and universal, under the conditions of information technology in the local war, the battlefield of the electromagnetic environment is increasingly complex, the past that the separation of each other, a single function of electronic warfare equipment is far from Adapt to combat needs. Integration and generalization has become the focus of the development of electronic warfare equipment and future electronic warfare equipment overall development direction. In order to deal more effectively with the complex and volatile electromagnetic threat in the information warfare, the future of the new generation of electronic warfare equipment, will be widely used advanced computer technology, greatly improve the automation of the entire system to have better real-time capabilities, since Adaptability and full power management capability. Electronic warfare equipment, work areas continue to widen, increasing the transmission power, millimeter-wave technology and the development of optical technology, the modern electronic warfare equipment, the frequency of continuous development to a wider band. On the whole, the future range of electronic warfare equipment will be extended to the entire electromagnetic spectrum. GPS interference and anti-interference will be concerned about the practice of war has shown that if the loss of GPS support, it will greatly weaken the information advantage, so that command, control, reconnaissance, combat, military and other military aspects are facing severe tests, Combat effectiveness. Focusing on the development of anti-radiation and new electronic warfare jets, attention to the development of new, special electronic warfare technology and equipment, such as anti-satellite laser weapons, high-energy particle beam weapons, and meteor communication, neutrino communication and so on.

Computer virus weapon <a In the military information system, the battlefield information acquisition, transmission, processing and other functions need to complete the computer and network, computer network is the basis and pioneer of information warfare. The use of software-driven sniffers and hardware magnetic sniffers and other sniffing network is an important way to attack the network. These sniffing tools were originally a test device used to diagnose and assist in repairing the network, so it was a powerful tool for network management personnel to manage the network, but it was a terrible computer virus weapon in information warfare. It can make the network “service denied”, “information tampering”, information “halfway steal” and so on. In addition, will also focus on design “portal trap”. “Portal trap”, also known as “back door”, is a computer system designer in the system in advance of a structure, in the application appears or operating system, the programmer to insert some debugging agencies. System programmers in order to achieve the purpose of the attack system, deliberately left a small number of portal traps for familiar with the system staff to go beyond the normal system protection and sneak into the system. Network is an important infrastructure for information warfare, network-based warfare is mainly based on the network and the network is reliable to determine the outcome of the war. Therefore, to strengthen the network of offensive and defensive combat research, to win the future of information war is essential.   Electromagnetic pulse bombs

Iraq war, the US military used a lot of electronic warfare equipment, and the use of electromagnetic pulse bombs attacked the Iraqi radio and television system and the Iraqi military various types of electronic radiation source. Electromagnetic pulse bomb, also known as microwave pulse bomb, is through the micro-beam into electromagnetic energy, damage to each other’s electronic facilities and personnel of a new directional energy weapons. Its working principle is: high-power microwave through the antenna gathered into a very narrow, very strong electromagnetic waves fired at each other, relying on this beam of electromagnetic waves generated by high temperature, ionization, radiation and other integrated effects in the target internal electronic circuit to produce fatal voltage And the current, breakdown or burn the sensitive components, damage to the computer stored in the data, so that the other side of the weapons and command system paralyzed, loss of combat effectiveness. According to the test, a briefcase size of the microwave bomb, can produce power of 300 million watts of pulse waves. Will be more than one connection, it can become an adjustable radiation source, resulting in more than 2 billion watts of pulse waves. This pulse wave is somewhat similar to the nuclear pulse generated when the nuclear explosion can easily from the power and communication pipes into the underground bunker, which rely on radio, radar, computers, power grids and telephone modern weapons systems, chemical and biological arsenal and its production The shop was paralyzed in an instant.

GPS interference device <a I = 13> Iraq war, the Iraqi military use of GPS interferometer on the Tomahawk cruise missiles for effective interference, which is the first time in combat in the GPS guidance system interference. GPS signal is very weak, very easy to interfere. A Russian company offers a 4-watt power handheld GPS jammers that can be bought for less than $ 4,000. If you buy parts from a retail e-store, spend $ 400 to create a GPS jammer with a radius of 16 km or more. Before the war in Iraq, the United States had expected the Iraqi side to interfere with GPS signals. The United States has already been equipped with anti-jamming technology for its GPS bombs and missiles so that these GPS-guided weapons can continue to use GPS signals in the event of interference; even if the GPS signal is lost, these weapons can also use their own other guidance system Such as inertial navigation, laser guidance, etc., so that they reach the target. Nevertheless, the early Iraq war, the US military more than a dozen Tomahawk cruise missiles or because of interference from the scheduled route, falling in Turkey, Syria and Iran. Small GPS jitter problem alerted the US government, Powell personally come forward to investigate the source of Iraqi GPS jammers, Russia and other countries imposed no small pressure.

Gulf War, GPS navigator as a trial for the first time issued to the use of desert combat personnel, the effect is obvious. At that time, including cruise missiles, including all the weapons are not using GPS navigation device. During the war in Iraq, we saw almost all of the combat platforms, and every soldier, almost all of the missiles and bombs used this kind of navigation device, so that the tanks, planes, ships were more mobile so that the missiles and bombs were The probability error is reduced to 1-3 m, within a maximum of 10 m. <A I = 15> everything has a disadvantage. GPS navigation defects and information technology weapons and equipment of the drawbacks is the same, that is, electronic interference. From the perspective of the development of weapons and equipment, the purchase of a cruise missile needs more than 100 million dollars, and manufacturing a GPS jammers only a few hundred dollars, as a strategic defense side, if a large number of development and development of GPS jammers, not only for US missiles And bombs are a threat to their tanks, planes, ships and personnel navigation and positioning will also have a huge impact. Of course, you should also see the US military fight, further, after the end of the war in Iraq will be based on the lessons of the war to improve the GPS system. Is expected to be improved in three areas: First, GPS satellites, mainly to enhance the satellite launch signal, and as much as possible to launch GPS satellites; Second, improve the guidance system, mainly to increase the composite guidance device, after the GPS guidance is disturbed, Automatic recovery or transfer to inertia and other navigation methods to ensure the normal operation of the platform and weapons; Third, GPS anti-interference, mainly to improve the GPS receiver anti-jamming capability, the development of new GPS receiver, Machine and jamming machine for electronic suppression and interference.

 

Original Mandarin Chinese:

信息戰是C4ISR系統與C4ISR系統的對抗,是信息優勢的爭奪,主要目的是確保己方信息系統正常運行,免遭敵方利用、癱瘓和破壞﹔同時,設法利用、癱瘓和破壞敵人的信息系統,使之處於癱瘓、迷茫狀態。信息戰包括戰略信息戰和戰場信息戰兩大部分。

戰略信息戰和戰場信息戰

戰略信息戰主要特征是范圍廣泛,涉及國家政治、經濟、科技、軍事等各個要害部門和特殊領域﹔方式特殊,涉及心理戰、輿論戰、欺騙戰、媒體戰等特殊手段﹔目標特殊,主要是通過誘騙戰、心理戰、信息威懾等攻擊敵人的認識體系和思維體系﹔危害巨大,能使整個國家的經濟、政治或軍事陷入癱瘓,甚至能使其發生政權交替﹔人員特殊,參戰人員不一定軍人,計算機專家、國際犯罪集團、別有用心的黑客或恐怖組織等都可能成為參戰人員。

戰場信息戰是發生在戰斗空間內的信息戰,是指為准備和進行一場戰役,綜合運用信息技術手段和各種信息化武器、信息化作戰平台和C4ISR系統,在偵察探測及預警、信息處理與傳遞、武器控制和制導、作戰指揮與控制、偽裝欺騙與干擾以及軍事謀略等方面展開的全面對抗和斗爭。戰場信息戰是通過干擾或打亂敵方決策程序,使敵方無法有效採取協調一致的行動。因此,要先影響敵人決策,然后再影響其行動,即先贏得空中電磁優勢,再取得空中優勢,最后使用常規部隊採取作戰行動。奪取了制信息權,就奪取了戰斗空間的主動權,而且為爭奪制陸權、制空權、制海權和制天權奠定一個良好基礎和必要條件。

戰場信息戰的基本作戰力量和手段是數字化部隊及信息化武器裝備,主要內容包括作戰保密、軍事欺騙、電子戰、心理戰和火力摧毀,核心目的是爭奪戰斗空間的信息獲取權、控制權和使用權。戰場信息戰是信息體系的對抗,它直接影響到整個戰斗空間、整場戰爭的進程和成敗。戰場信息戰的主要作戰樣式是電子戰和網絡戰。電子戰是戰場信息戰的一個重要組成部分,主要是針對敵人通信、雷達等電磁輻射源進行的誘騙、干擾、破壞和摧毀活動。海灣戰爭中,電子戰不僅首次大規模使用,而且正式作為戰爭中的一個戰役階段和特定戰役行動。科索沃戰爭中,北約使用了大量電子戰裝備,並首次使用了電磁脈沖炸彈並首次進行了網絡戰。網絡戰是在計算機網絡空間,利用因特網進行的一種網絡對抗活動,並在科索沃戰爭中首次使用。北約網絡戰的措施包括:網絡宣傳﹔黑客攻擊﹔襲擊金融網絡等。南聯盟網絡戰的主要特征是人民戰爭模式,網迷、電腦迷和計算機愛好者自發地進行了大量網絡作戰行動,如開展網上宣傳、攻擊北約網站、利用網絡傳遞情報等。

戰爭中的信息戰裝備

電子戰裝備

電子戰裝備的發展趨勢日趨一體化和通用化,信息化條件下的局部戰爭中,戰場上的電磁環境日益復雜,以往那種彼此分立、功能單一的電子戰裝備已遠遠不能適應作戰需要了。一體化和通用化已成為當前電子戰裝備發展的重點和未來電子戰裝備總的發展方向。為了更有效地對付信息化戰爭中復雜多變的電磁威脅,未來新一代的電子對抗裝備,將廣泛採用先進的計算機技術,大幅度提高整個系統的自動化程度,以具備更好的實時能力、自適應能力和全功率管理能力。電子戰裝備的工作頻段不斷拓寬,發射功率不斷增大,毫米波技術和光電技術的發展,使現代電子戰裝備的工作頻率不斷向更寬的頻段發展。從整體上看,未來電子戰裝備的工作范圍必將擴展到整個電磁波頻譜。GPS干擾與反干擾將受到關注,戰爭實踐已經表明,如果失去GPS的支持,就會極大地削弱信息優勢,使指揮、控制、偵察、打擊、部隊機動等各個軍事環節都面臨嚴峻考驗,嚴重降低戰斗力。重點發展反輻射和新型電子戰干擾機,重視發展新型、特殊的電子戰技術裝備,如用於反衛星的激光武器、高能粒子束武器,以及流星余跡通信、中微子通信等等。

計算機病毒武器

在軍事信息系統中,戰場信息的獲取、傳遞、處理等功能需要計算機及網絡來完成,計算機網絡是進行信息戰的基礎和先鋒。利用軟件驅動嗅探器和硬件磁感應嗅探器等對網絡進行嗅探是進攻網絡的重要方法。這些嗅探工具原本是一種測試設備,用來診斷和協助修理網絡,因此它是網管人員管理網絡的一種得力工具,但在信息戰中卻是一種可怕的計算機病毒武器。它能使網絡“服務否認”、“信息篡改”、信息“中途竊取”等。另外,也將重視設計“門戶陷阱”。“門戶陷阱”又稱“后門”,是計算機系統設計者預先在系統中構造的一種機構,在應用出現或操作系統期間,程序員插入一些調試機構。系統程序員為了達到攻擊系統的目的,特意留下少數門戶陷阱,供熟悉系統的人員用以超越對方正常的系統保護而潛入系統。網絡是信息化戰爭的重要基礎設施,網絡中心戰主要是基於網絡而進行的,網絡是否可靠決定戰爭的勝負。因此,加強網絡攻防作戰的研究,對於贏得未來信息化戰爭至關重要。

電磁脈沖炸彈

伊拉克戰爭中,美軍使用了大量電子戰裝備,並使用電磁脈沖炸彈襲擊了伊拉克廣播電視系統及伊軍各類電子輻射源。電磁脈沖炸彈也稱微波脈沖炸彈,是通過把微波束轉化為電磁能,毀傷對方電子設施和人員的一種新型定向能武器。其工作原理是:高功率微波經過天線聚集成一束很窄、很強的電磁波射向對方,依靠這束電磁波產生的高溫、電離、輻射等綜合效應,在目標內部的電子線路中產生致命的電壓和電流,擊穿或燒毀其中的敏感元器件,毀損電腦中存貯的數據,從而使對方的武器和指揮系統陷於癱瘓,喪失戰斗力。據測試,一枚公文包大小的微波炸彈,可產生功率達3億瓦的脈沖波。將其多個聯接后,則能成為可調整的輻射源,產生20億瓦以上的脈沖波。這種脈沖波有點類似核爆炸時產生的電磁脈沖,可以輕易地從電力和通訊管道進入地下掩體,使其中依賴無線電、雷達、計算機、電網和電話等的現代化武器系統、生化武器庫及其生產車間在瞬間癱瘓。

GPS干擾設備

伊拉克戰爭中,伊軍利用GPS干擾儀對戰斧巡航導彈進行了有效的干擾,這是第一次在實戰中對GPS制導系統進行干擾。GPS信號很弱,很易於干擾。一家俄羅斯公司提供的一種4瓦功率的手持GPS干擾機,不到4000美元就能買到。如果從零售電子商店購買部件組裝,花400美元就可以制造一個干擾半徑16公裡以上的GPS干擾機。伊拉克戰爭開戰之前,美國就已經預料到伊拉克方面會干擾GPS信號。美國其實早已經給其GPS炸彈和導彈裝載了抗干擾技術,使這些GPS導引的武器能夠在干擾的情況下繼續使用GPS信號﹔即使GPS信號丟失,這些武器還可以使用自身的其他導引系統如慣性導航、激光制導等,使自己到達目標。盡管如此,伊拉克戰爭初期,美軍十幾枚戰斧式巡航導彈還是因受干擾偏離預定航線,落在土耳其、敘利亞和伊朗境內。小小的GPS干擾機問題驚動了美國朝野,鮑威爾親自出面調查伊拉克GPS干擾機的來源,對俄羅斯等國施加了不小的壓力。

海灣戰爭中,GPS導航儀作為試用品首次發放給沙漠作戰人員使用,效果明顯。當時,包括巡航導彈在內的所有武器都沒有採用GPS導航裝置。伊拉克戰爭中,我們看到幾乎所有的作戰平台,每一個單兵,幾乎全部的導彈和炸彈都採用了這種導航裝置,從而使坦克、飛機、艦艇的機動更加精確,使導彈和炸彈的原概率誤差縮小到1—3米,最大10米范圍之內。

凡事有一利必有一弊。GPS導航的弊端與信息化武器裝備的弊端是一樣的,就是電子干擾問題。從武器裝備發展角度來看,購買一枚巡航導彈需要100多萬美元,而制造一部GPS干擾機才幾百美元,作為戰略防御一方,如果能夠大量發展和研制GPS干擾機,不僅對於美軍導彈和炸彈是一種威脅,對其坦克、飛機、艦艇和人員的導航定位也將產生巨大影響。當然,也應看到美軍打一仗、進一步,伊拉克戰爭結束后必將根據戰爭中的教訓,改進GPS系統。預計將在三個方面進行改進:一是GPS衛星,主要是增強衛星發射信號,並盡可能多的發射GPS衛星﹔二是改進制導系統,主要是增加復合制導裝置,在GPS指導受到干擾之后,自動恢復或轉入慣性等其他導航方式,以保証平台和武器的正常運行﹔三是GPS反干擾,主要是提高GPS接收機抗干擾能力,研制新型GPS接收機,在戰區對地方軍民用GPS接收機和干擾機進行電子壓制和干擾等。

China Military Interpretation of information warfare, cyber warfare, cyber – centric warfare 中國軍隊解读信息战、网络战、网络中心战

中國軍隊解读信息战、网络战、网络中心战

China Military Interpretation of information warfare, cyber warfare, cyber – centric warfare

With the rapid development of information technology and its extensive application in the military field, some new operational concepts and operational styles came into being. Such as information warfare, cyber warfare, cyber-centric warfare, in recent days local war has demonstrated a powerful power, has become the topic of the current officers and men to explore. Then this new “war” in the end what is the difference and contact? How do you understand it? I have the following views.

The so-called information warfare, refers to the hostile parties in the field of information struggle and confrontation activities. Specifically, it is based on the digital forces as the basic strength to compete, control and use of information as the main content of a variety of information weapons and equipment as the main means of confrontation and struggle, with a transparent battlefield, real-time action, The overall coordination and the higher degree of intelligence. From the point of view of combat, information warfare is to control the “energy flow” and “material flow” with “information flow”, gain the advantage of decision-making and the advantage of action, and then end confrontation or reduce confrontation and realize ” Soldiers “. From the content and form of combat, information warfare is different from information warfare and information warfare. Information operations are specific actions of information warfare, can be divided into electronic warfare, intelligence warfare and network warfare. The information war is relative to the mechanized war, refers to a form of war. Information warfare is the main battlefield and core of information war.

The so-called network warfare refers to the information and network environment which the enemy and the enemy can use for the war, and surrounds the “system of information right” to compete, through the computer network to ensure that their own information and network system security at the same time, disrupt, destroy and threaten each other’s information and Network Systems. In essence, cyber warfare is a special form of information warfare, a kind of combat action carried out in cyberspace. Compared with the traditional war, the network war has a sudden, hidden, asymmetric and low cost, strong participation and so on. Network-centric warfare, whose English name is “NetworkCentricWarfare”, is a new concept of warfare relative to the traditional platform-centric warfare. The so-called platform center warfare, refers to the platform mainly rely on their own detectors and weapons to combat, its main feature is the platform between the information sharing is very limited. The network center war is through the network of the combat unit, the information advantage into the combat action advantage, so that the scattered configuration of the common sense of the battlefield situation, so as to coordinate their own actions to play the largest overall combat effectiveness of the combat style, it So that the focus of combat from the past platform to the network. It goes without saying that cyber-centric warfare can help combat forces create and exploit information superiority and dramatically improve combat effectiveness. It has the battlefield situation full-dimensional perception ability, the combat power integration, the combat action real-time, the army coordination synchronism and so on the characteristic.

In short, information warfare is the core of information war. Network warfare is a special form of information warfare, belonging to the category of information warfare. Network-centric warfare is the product of the transition from mechanized war form to informational warfare because the development of the network is the regeneration of the operational form of the mechanized forces of the industrial age. Therefore, whether it is information warfare or network warfare and network-centric warfare, are inseparable from the rapid development of information technology, but also inseparable from the application and popularization of network technology.

中國軍隊解读信息战、网络战、网络中心战

隨著信息技術的迅速發展及其在軍事領域的廣泛應用,一些新的作戰理念和作戰樣式應運而生。如信息戰、網絡戰、網絡中心戰,在近幾場局部戰爭已彰顯出強大威力,也成為當前官兵廣為探討的話題。那麼這新的“戰”到底有何區別和聯繫?怎樣理解把握才對呢?筆者有如下看法。
所謂信息戰,是指敵對雙方在信息領域的鬥爭和對抗活動。具體說來,是以數字化部隊為基本力量,以爭奪、控制和使用信息為主要內容,以各種信息武器和裝備為主要手段而進行的對抗和鬥爭,具有戰場透明、行動實時、打擊精確、整體協調和智能化程度高等特徵。從作戰目的上看,信息戰是以“信息流”控制“能量流”和“物質流”,以信息優勢獲得決策優勢和行動優勢,進而結束對抗或減少對抗,實現“不戰而屈人之兵”。從作戰內容與形式來看,信息戰不同於信息作戰和信息化戰爭。信息作戰是信息戰的具體行動,可分為電子戰、情報戰和網絡戰等。而信息化戰爭是相對於機械化戰爭而言,指一種戰爭形態。信息戰是信息化戰爭的主戰場和核心。
所謂網絡戰,是指敵對雙方針對戰爭可利用的信息和網絡環境,圍繞“制信息權”的爭奪,通過計算機網絡在保證己方信息和網絡系統安全的同時,擾亂、破壞與威脅對方的信息和網絡系統。從本質上講,網絡戰是信息戰的一種特殊形式,是在網絡空間上進行的一種作戰行動。與傳統戰爭相比,網絡戰具有突然性、隱蔽性、不對稱性和代價低、參與性強等特點。網絡中心戰,其英文名稱為“ NetworkCentricWarfare”,是相對於傳統的平台中心戰而提出的一種新作戰概念。所謂平台中心戰,是指各平台主要依靠自身探測器和武器進行作戰,其主要特點是平台之間的信息共享非常有限。而網絡中心戰是通過各作戰單元的網絡化,把信息優勢變為作戰行動優勢,使各分散配置的部隊共同感知戰場態勢,從而自主地協調行動,發揮出最大整體作戰效能的作戰樣式,它使作戰重心由過去的平台轉向網絡。不言而喻,網絡中心戰能夠幫助作戰部隊創造和利用信息優勢並大幅度提高戰鬥力。它具有戰場態勢全維感知能力,作戰力量一體化,作戰行動實時性,部隊協調同步性等特點。
總之,信息戰是信息化戰爭的核心。網絡戰是信息戰的特殊形式,屬於信息戰範疇。網絡中心戰是機械化戰爭形態向信息化戰爭形態過渡的產物,是因為網絡的發展為工業時代機械化部隊注入活力而帶來作戰形態的更新。因此,無論是信息戰還是網絡戰和網絡中心戰,都離不開信息技術的迅速發展,也離不開網絡技術的應用與普及。
《中國國防報》

Chinese Cyber Conflict Discussions, Information & Reasearch