All posts by admin

Strategic Thinking on Ensuring Ideological & Political Security of Chinese Army // 中國軍媒:確保我軍網上意識形態安全的戰略思考

Strategic Thinking on Ensuring Ideological & Political Security of Chinese Army //

中國軍媒:確保我軍網上意識形態安全的戰略思考

 

Network era, the information exchange to break the official and civil, military and local boundaries, our army should continue to play the advantages of mobilization, open our army ideological work a new situation. The people are the most extensive and powerful forces involved in the ideological struggle. Our army strives for the dominance of the online ideological struggle. It can not rely solely on the power of propagating and defending the departments. We must also make the people’s faction and stir up the people’s war of online ideological struggle. Our army should play a good mobilization advantage, attract the participation of the masses, and guide the direction of public opinion.

The United States “how to influence China’s national strategy and military strategy,” the report said, “the Internet is our main battle with the Chinese Communist Party.” Western military power has long been the online public opinion struggle into the military strategy, is committed to creating a new network of combat forces.

Military Army: Strategic Thinking on Ensuring the Ideological and Political Security of Our Army

The United States since 2003 in the war in Iraq for the first time to implement the strategic psychological warfare, have made a network war theory update and actual inspection of the record; recently, the US Defense Secretary Ashton Carter announced the Department of Defense new network action strategy report, For example, the United States and Russia have been able to use the information warfare forces to form a “civil army”, demonize the “invading country” regime, from the “invading country” internal disintegration of its national will, To achieve their own strategic objectives. At present, the United States with the Internet technology and cultural hegemony to develop Internet rules, selling political system and cultural ideas, leading the direction of ideological struggle; our military in the key information infrastructure construction, network impact in a weak, facing control, Shaped, interpreted, tagged dilemma, cyberspace security coping overall is still hovering at the tactical level non-strategic level. In the era of media, cyberspace has become the second “living space” of mankind. Our army should be in danger and know ourselves, and attach great importance to the study of cyber ideology struggle strategy and compete for the initiative of online ideological struggle.

1, take the initiative to force the Sword, to seize the high ground of ideological struggle

 

The Internet is the main battlefield of ideological struggle. The main battlefield failed to master the initiative, decided in the field of ideology in the passive situation. In recent years, including the United States, including Google, Apple, “the eight King Kong” all-round penetration into the network space in China through the opening of the “back door” for the US government to provide information, and pervasive way to push me Western values; , Support the “elite” voice, so that with the help of the Internet openly for the Western head; continuous technological innovation, by virtue of “shadow Internet” and other means to circumvent me

Network control system to support Hong Kong “accounted for” and other subversive separatist activities; leading issues set for China’s military development has been intensive throw “China’s military threat theory”, “China’s spy activities,” “Sino-US military conflict theory” and “South China Sea navigation freedom” and other issues, from the academic, public opinion on me completely suppressed.

In contrast to our military, there are still used in the theoretical study of fried rice, in the propaganda work instilled the preaching, stereotyped in the discourse system, often in the subject matter when the aphasia, weak and weak in the supervision of the phenomenon, not only cause my mainstream ideology Spread the dilemma, but also for the hostile forces to attack my ideological position left a gap. Network ideological struggle, such as against the current sailing,

In the face of the aggressive challenges of the United States and the West, the attack is more advantageous than the defense. Our army must recognize the seriousness of the threat of online ideology and face the above-mentioned deficiencies. Through the all-round change of the thinking idea and working mode, initiative.

The first stage to try to reverse our army passively cope with the situation, lay the online ideological struggle “fighter war”. China is currently the most important strategic opponents of cyber space in the United States, the United States will undoubtedly be its core technology, hegemony and other positions to prevent clinging, want to catch up with its core technology in the short term is not feasible. Our army should not only have the courage to fight the Sword, but also learn to “dance with the wolf”, on the one hand should focus on the matter, in the face of Western issues when the attack in a timely manner to respond, one said, change the traditional conservative ideology work concept, , To avoid the main network-like attitude, or another way to transfer is not conducive to our military wave of public opinion, beware of the Chinese story was misinterpreted, misreading; on the other hand can identify the opponent’s weaknesses, pain hard, propaganda interpretation of the Western scandal, Democratic system malpractice, judging the plight of capitalist development. Learn from the opponents of the struggle, give full play to the role of capitalist countries, in the foreign media, business operations, cooperation and cultural exchanges in the promotion.

The second stage is based on my main counterattack, lay the ideological struggle of the Internet “position war.” The use of the first stage of the development of technology development opportunities, and vigorously promote technological innovation, can bypass the United States and other Western countries accounted for overwhelming advantages of the technical barriers to achieve such as quantum communications technology monopoly, relying on the new platform to implement the ideological strategy to counter; To maintain national ideological security from the traditional security field to the field of cyberspace extension, and actively establish a network space cooperation with other countries, based on Chinese cultural traditions, value system and military practice, to build beyond the West, in line with China’s actual discourse system for the international community Innovative discourse, for our army modernization, national defense policy and the military system name.

2, to support the legislation, to the superiority of the people to achieve the mainstream ideology of soft conquest

 

Hard power is the fundamental support of soft power, Western ideology has been able to prevail in the world, the key lies in the capitalist countries generally developed economy, people’s living standards are higher, and the key to the upsurge in the Soviet Union is the national economy almost collapse, political Cleaning loss of people, social contradictions continue to intensify. Revolutionary war years, our army suffered inside and outside the attack, but resist the West “peaceful evolution”, the fundamental reason is that when our ideological work to do the “inner saints outside the king.” Reflection of the current, part of the unit and the individual army is not strict, improper words and deeds, misconduct, weakened the army combat effectiveness, discredited the image of the army, for those who have ulterior motives attacked my system, leaving the relationship between the party and the party left a mess, as hostile forces To achieve its political purpose to provide a convenient space.

In addition, the value orientation and behavior of the composition of the officers and men are undergoing profound changes. Once the loss of their trust is caused by the corruption of the military, it is easy to cause the ideal and the landslide, which opens the gap for the infiltration of the West. For a period of time, our army dealing with the behavior of anomorphosis often lost in the wide, lost in the soft, especially Guo Boxiong, Xu Caihou case hit the officers and men “three view”, while the United States to intensify the push of the bourgeoisie to build the military concept, To carry out the deterrence, attack our army unique advantages, which makes our ideological work into a double dilemma. Network era information cohabitation, the face of hostile forces deliberately slander more need “their own hard”.

Our army should play a good way to put forward the traditional advantages of truth, first put the facts, and then tell the truth, to an open and inclusive attitude to the Internet users to monitor the military and the Internet to achieve good interaction, and as a driving force to improve the style Adhere to the line of words and deeds; adhere to the network space management and the reality of space norms both hands, the military’s own problems, neither whitewash short and not allowed to make rumors, eliminate negative thoughts, the root causes of public opinion, to our military good image against Western attack penetration, Enhance the mainstream ideology of inspiration.

3, to network network, to enhance our ideological struggle of the network thinking

 

The development of the Internet has spawned all-round changes in social structure, way of thinking and behavior. In the face of online ideological struggle, our army must accurately grasp the changes in the mechanism of competition. The network originated in the West, grew up in the West, the West not only has a comparative advantage in technology, but also highly compatible with the Internet culture, cloud computing, large data, artificial intelligence and other technologies are the first breakthrough in the West, the network center war and other Internet operations concept by the US military The first proposed, the Internet “rules of conduct” is also dominated by the West, the United States is the world’s major sources of information. And our army in the online ideological struggle is still at a disadvantage, such as can not keep up with the Internet age changes, will fall into a completely passive situation.

At present, our army has a strong desire and motive to make a good “network gateway”, and the problem of planning breakthroughs in online ideological struggle is basically clear, but it still lacks the organic integration of “Internet + ideological struggle” and can not really grasp the struggle The right to speak. In the face of the grim situation of online ideological struggle, our army needs an Internet “brainstorming”, and comprehensively enhance the ability of online ideological security. To break the core technology monopoly as the main focus, breaking the United States to contain my “life door”, the construction of its own information transmission system and network security protection system, and strive to lead the innovation and technology around the world, lay the ideological “backhand” But also the Internet communication requires creative thinking, the first machine awareness, platform operation and action ability, but also to promote the development of the Internet, but also to promote the development of the Internet, The barracks should follow the trend, as soon as possible to develop a variety of network broadcast and other media, try to mainstream cultural communication embedded in creative industries.

4, close the rule of law cage, remove the online ideological position “noise”

 

The development of new media technology to open the “everyone has a microphone,” the law of the times of transmission changes, public opinion, more difficult to control, thinking more and more intense competition, but according to the law of the network network did not follow the footsteps.

The current urgent problem is: the phenomenon of my ideological security is widespread, part of the hostile forces openly clamoring, the Western hostile forces not only in my territory to cultivate “well known” “big V”, the purchase of network water army, organization of cults, Extreme forces and other extreme anti-communist elements into the network of public opinion, resulting in a variety of hazards to national and military security information is full of network information platform.

At present, the army information construction in full swing, our army for the new media management legislation process is lagging behind, the network regulation system is not perfect, the lack of norms of online ideological struggle, part of the behavior of the ideological security is illegal, how to deal with the language is not detailed.

On the one hand, the normal ideological control is often misinterpreted as restricting freedom of speech. Once used by hostile forces, it may cause the military officers and soldiers to fluctuate, leading to further deterioration of the situation. On the other hand, due to the lack of relevant norms, Or even often for a small number of wrong acts “pay”, resulting in ideological murmur is not cleared, over time, the ideological institutions of the credibility of a serious decline in the military and the state may also fall into the “Tacitus trap.”

Online ideological struggle from the value of the political system of confrontation, but may be expressed as “to ideology” of public opinion and popular culture. Information in the cyberspace “fission” propagation. The process does not rule out the ulterior motives of the individual groups add oil and vinegar, fueled. Therefore, to win the ideological struggle on the Internet, our army should maintain the ideological security issues in accordance with the law into a strategic position, consolidate the military environment, improve domestic legislation, and resolutely combat the behavior of moral hazard, and create a good online public opinion ecology.

First, the height of the overall national security to promote the legislative amendment, focusing on the norms of cultural transmission in the field of “rent-seeking” phenomenon, management loopholes, powers and responsibilities unclear, poor supervision and other issues to ensure that the work of law, There must be law.

Second, according to the law, the frequent dissemination of bad information on the implementation of accurate monitoring of the site, according to the law should be ordered to rectify the deadline for the threat of ideological security, the negative information according to the law to remove. Third, strict enforcement of law enforcement, illegal research, to endanger our ideological and ideological security of the implementation of full-time monitoring, the spread of negative public opinion of the organization, individuals and the performance of poor supervision departments, resolutely according to law, Outside the earth, the formation of the rule of law deterrence.

5, pay attention to the integration of military and civilian, launched the ideological struggle of the people of the war

 

Historically, our army in combat and the implementation of military missions before the fighting to mobilize, to boost morale to stimulate morale, while fighting for a wide range of mass support. Whether it is mobilization speech, news propaganda or brief loud fighting slogans, lively forms of literature and art, have played an indelible role, so that our army justice, civilization, the image of mighty people, for our army to integrate military resources, The people’s war laid a good foundation.

Network era, the information exchange to break the official and civil, military and local boundaries, our army should continue to play the advantages of mobilization, open our army ideological work a new situation. The people are the most extensive and powerful forces involved in the ideological struggle. Our army strives for the dominance of the online ideological struggle. It can not rely solely on the power of propagating and defending the departments. We must also make the people’s faction and stir up the people’s war of online ideological struggle. Our army should play a good mobilization advantage, attract the participation of the masses, and guide the direction of public opinion.

At the same time, we should use a good network platform, the use of good hidden in the people of the huge energy, the patriotic enthusiasm of the Internet users to the positive grooming, the formation of the mainstream ideology of the sea, so that our army fortress indestructible, so that hostile forces abroad quit. The integration of military and civilian people can effectively break the problem of insufficient strength of our army in the ideological struggle of the Internet. First of all, lack of platform construction led to the voice of our army can not pass, the situation can not open. In recent years, our army in the dissemination of platform construction is still inadequate. Our military is currently more influential several news sites updated slowly, the news content is still biased towards the traditional propaganda, preaching, the emerging military-related information is also due to the existence of the above problems, so that “lack of capacity” and our army in New media, the use of new platforms often “half a beat”.

We should strengthen cooperation and cooperation with local government media and private media. At the same time, from the media University, well-known enterprises, network celebrities invited experienced people, regular exchange training, absorption of media construction advanced experience, accelerate the improvement of network-related military guidance platform, to create a group of audiences wide visible High-quality brand media. Second, the network crisis on the lack of capacity led to our army often aphasia. At present, the construction of our military space space is limited, staffing is insufficient, leading to information monitoring, filtering capacity is limited, the negative information of the army once fermented for public opinion, relying on the existing technical means and human resources will be difficult to effectively deal with, will make me The military is caught in the unfavorable situation of online ideological struggle.

Therefore, our military should strengthen cooperation with local functional departments to strengthen military and field network engineers to develop information monitoring software and filtering system, so that malicious spread of the rhetoric difficult to spread. At the same time, a wide range of local talent for the use of our military, while absorbing veterans into the local ideological work team, jointly cultivate a group of political excellent, new thinking, technical fine, skilled public opinion analysis, public opinion, network supervision Authoritarian network administrator team, the formation of the people’s war indestructible trend.

Original Mandarin Chinese:

網絡時代,信息交互打破了官方和民間、軍隊和地方的界限 ,我軍應繼續發揮動員優勢,打開我軍意識形態工作新局面。人民群眾是參與意識形態鬥爭最廣泛、最強勁的力量,我軍爭取網上意識形態鬥爭主導權,不能只依靠宣傳保衛部門的力量,還必須做好軍民融合,打響網上意識形態鬥爭的人民戰爭。我軍要發揮好動員優勢,吸引群眾參與,引導輿論走​​向。
美國《如何影響中國的國家戰略和軍事戰略》報告稱,“互聯網是我們與中共交鋒的主戰場”。西方軍事強國早已將網上輿論鬥爭納入軍事戰略,致力於打造網絡新型作戰力量。

軍媒:確保我軍網上意識形態安全的戰略思考

美國自2003年在伊拉克戰爭中首度實施戰略心理戰始,相繼取得了網絡戰理論更新和實戰檢驗的豐碩戰績;近期,美國國防部長阿什頓·卡特公佈了國防部新版網絡行動戰略報告,首次將威懾作為網絡戰略的關鍵部分;在混合戰爭中,美俄軍隊已能熟練運用信息戰力量組建“公民大軍”,妖魔化“侵略國”政權,從“侵略國”內部瓦解其國家意志,實現自身戰略目的。當前,美西方借助網絡技術和文化霸權制定國際互聯網規則,兜售政治制度和文化理念,主導意識形態鬥爭的方向;我軍則在關鍵信息基礎設施建設,網絡影響方面處於弱勢,面臨被把控、被塑造、被闡釋、被標籤化的困境,網絡空間安全應對總體仍盤旋於戰術層面非戰略層面。全媒體時代,網絡空間已成為人類“第二生存空間”,我軍須居安思危、知己知彼,高度重視研究網上意識形態鬥爭應對策略,爭奪網上意識形態鬥爭主動權。

 

1、主動爭鋒亮劍,搶占網上意識形態鬥爭制高點

 

互聯網是意識形態鬥爭主戰場。主戰場上未能掌握主導權,決定了我國在意識形態領域處於被動接招的態勢。近年來,包含谷歌、蘋果在內的美“八大金剛”全方位滲透到我國網絡空間,通過開“後門”為美國政府提供情報,並無孔不入地向我推送西方價值理念;培養“第五縱隊” 、扶植“精英”發聲,使之借助互聯網影響力公然為西方張目;持續技術創新,憑藉“影子互聯網”等手段規避我

網絡防控體系,支持香港“佔中”等顛覆分裂政權活動;主導議題設置,針對中國軍力發展先後密集拋出“中國軍事威脅論”“中國諜報活動猖獗論”“中美軍事衝突論”以及“南海航行自由”等議題,從學術上,輿論上全面對我壓制。

反觀我軍,仍存在在理論研究上習慣炒冷飯、在宣傳工作中灌輸說教、在話語體系上刻板陳舊、在議題應對時屢屢失語、在監管打擊時疲軟乏力等現象,不僅造成我主流意識形態的傳播困境,也為敵對勢力攻擊我意識形態陣地留下缺口。網絡意識形態鬥爭如逆水行舟,不進則退。

面對美西方咄咄逼人的挑戰,進攻比防禦更具優勢,我軍必須認清網上意識形態威脅的嚴峻性,正視上述不足,通過思維理念和工作方式的全方位變革,贏得網絡先機,爭取戰略主動。

第一階段要竭力扭轉我軍被動應付局面,打好網上意識形態鬥爭“殲擊戰”。中國是目前美國在網絡空間最主要的戰略對手,美無疑會對其核心技術、霸權地位等嚴防死守,想要短期內赶超其核心技術並不可行。我軍不僅要勇於爭鋒亮劍,也要學會“與狼共舞”,一方面應著力於就事論事,面對西方議題攻擊時及時回應、有一說一,改變傳統保守的意識形態工作理念,扭轉以遮掩、迴避為主的涉網態度,或另闢蹊徑轉移不利於我軍的輿論潮,謹防中國故事被曲解、誤讀;另一方面可找准對手弱點、打痛打狠,宣傳解讀西方醜聞,揭​​露西方式民主制度弊端,評判資本主義發展困境。借鑒對手鬥爭手法,充分發揮資本主義國家的作用,在境外媒體、商業運作、合作交流中進行文化推廣。

第二階段是以我為主展開反擊,打好網上意識形態鬥爭“陣地戰”。利用第一階段製造的技術發展機遇期,大力推動技術創新,可繞過美國等西方國家佔壓倒性優勢的技術關卡,實現諸如量子通信領域的技術壟斷,依托新平台實施意識形態戰略反擊;把維護國家意識形態安全由傳統安全領域向網絡空間領域延伸,積極與他國建立網絡空間合作關係,立足中國文化傳統、價值體系和軍事實踐,構建超越西方、符合我國實際的話語體系,為國際社會提供創新性話語,為我軍現代化建設、國防政策和各項軍事制度正名。

 

2、力行支撐立言,以人民軍隊優越性實現主流意識形態軟征服

 

硬實力是軟實力的根本支撐,西方意識形態之所以能在全球佔據上風,關鍵在於資本主義國家經濟普遍發達、人民生活水平較高,而蘇東劇變的關鍵則在於國民經濟幾近崩潰、政治清洗喪失民心、社會矛盾不斷激化。革命戰爭年代,我軍遭遇內外夾擊,卻抵禦了西方“和平演變”,根本原因就在於當年我軍的意識形態工作做到了“內聖外王”。反思當前,部分單位和個人治軍不嚴、言行不當、行為不端,削弱了軍隊戰鬥力,抹黑了軍隊形象,為別有用心之人抨擊我制度、離間黨群關係留下了把柄口實,為敵對勢力實現其兵不血刃的政治目的提供了便利空間。

此外,官兵成分結構價值取向和行為方式正在發生深刻改變,一旦因軍內風氣敗壞導致他們信任的喪失,便容易造成理想信念滑坡,等於為西方滲透打開了缺口。相當一段時期內,我軍處置行為失範事件時往往失之於寬、失之於軟,尤其是郭伯雄、徐才厚案件重創官兵“三觀”,同時美西方加緊推送資產階級建軍理念、展示軍事實力進行震懾、攻擊我軍特有優勢,這使我軍意識形態工作陷入雙重困境。網絡時代信息魚龍混雜,面對敵對勢力的蓄意詆毀更需要“自身硬”。

我軍應發揮好擅長擺事實講道理的傳統優勢,先擺好事實,再講清道理,以開放、包容的態度正視網民對軍隊的監督實現與網民的良好性互動,並以此為動力改進作風、規範言行;堅持網絡空間治理與現實空間規範兩手抓,對軍隊自身問題,既不粉飾護短又不允許造謠抹黑,消除負面思潮、輿論產生的根源,以我軍良好的形象抵制西方攻擊滲透,增強主流意識形態感召力。

 

3、以網治網,提升我軍意識形態鬥爭的網絡思維

 

互聯網的發展催生了社會結構、思維方式、行為方式的全方位改變,面對網上意識形態鬥爭,我軍必須準確把握人心爭奪機理的變化。網絡發源於西方、成長於西方,西方不僅在技術上有比較優勢,而且與互聯網文化高度契合,雲計算、大數據、人工智能等技術都由西方率先突破,網絡中心戰等互聯網作戰概念由美軍率先提出,互聯網“行為規則”也由西方主導,美國是全球主要信息源。而我軍在網上意識形態鬥爭中仍處於劣勢,如不能跟上網絡時代變化,將會陷入徹底被動的局面。

當前,我軍對過好“網絡關”的願望和動機日趨強烈,籌劃網上意識形態鬥爭須重點突破的問題也基本清晰,但仍缺乏“互聯網+意識形態鬥爭”的有機融合,難以真正掌握鬥爭話語權、主動權。面對網上意識形態鬥爭的嚴峻態勢,我軍需要一場互聯網“頭腦風暴”,全面提升網上意識形態安全應對能力。要以打破核心技術壟斷為主要著力點,突破美國遏制我的“命門”,建設自有信息傳輸系統和網絡安全防護系統等,爭取以創新技術領跑全球,打好意識形態“反手仗”,以創新驅動取代亦步亦趨,以技高一籌破除西方霸權;要增強我軍網上意識形態工作創意思維,我軍一向強調穩紮穩打、步步為營,然而互聯網傳播要求創意思維、先機意識、平台運作和行動能力,軍營應緊跟潮流,盡快發展網絡直播等多種傳播媒介,嘗試將主流文化傳播嵌入創意產業。

 

4、關緊法治籠子,清除網上意識形態陣地“雜音”

 

新媒體技術的發展開啟了“人人都有麥克風”的時代傳播規律發生變化,輿情監管難度加大,思維爭鋒愈加激烈,但依法管網治網的腳步卻未跟緊。

當前一個緊迫的問題就是:危害我意識形態安全的現象普遍存在,部分敵對勢力公然叫囂,西方敵對勢力不僅在我境內大力栽培“公知”“大V”,收買網絡水軍,組織邪教、民運宗教極端勢力等極端反共分子進入網絡輿論場,致使各種危害國家和軍隊安全的信息大量充斥於網絡信息平台。

當前,軍隊信息化建設如火如荼,我軍針對新媒體管理的立法進程卻相對滯後,涉網法規制度不健全,網上意識形態鬥爭缺乏規範,對部分危害意識形態安全的行為是否違法、如何處理語焉不詳。

一方面,正常的意識形態管控往往被曲解為限制言論自由,一旦為敵對勢力所利用則可能引起我軍官兵思想波動,導致事態進一步惡化;另一方面,由於缺乏相關規範,對涉事個人群體的處理往往不了了之,甚至經常為少數錯誤行徑“買單”,致使意識形態雜音得不到清除,久而久之,意識形態工作機構公信力嚴重下降,軍隊和國家也可能陷入“塔西佗陷阱”。

網上意識形態鬥爭起於價值理念、政治制度的對抗,卻可能表現為“去意識形態化”的公共輿情和大眾文化。信息在網絡空間內“裂變式”傳播。過程中不排除別有用心的個人群體添油加醋、推波助瀾。因此,打贏網上意識形態鬥爭,我軍應把依法維護意識形態安全問題擺到戰略位置,整肅涉軍網絡環境,完善國內立法,堅決打擊危害意識形態安全的行為,創造良好網上輿論生態。

一是站在總體國家安全的高度推動立法修法,重點規範文化傳播領域目前存在的“尋租”現象、管理漏洞、權責分割不清、監管不力等問題,確保各項工作有法可依、有法必依。

二是依法監管,對經常散播不良信息的網站實施精準監測,依法責令限時整改,對於涉嫌威脅意識形態安全的負面信息依法屏蔽刪除。三是執法從嚴、違法必究,對危害我軍意識形態安全的信息實行全維全時監測,對惡意散佈負面輿論的組織、個人和履行監管職責不力的部門,堅決依法處理,不留法外之地,形成法治震懾。

 

5、注重軍民融合,打響網上意識形態鬥爭的人民戰爭

 

歷史上,我軍在作戰和執行軍事任務前都要進行戰鬥動員,以鼓舞士氣激發鬥志,同時爭取廣泛的群眾支持。不論是動員講話、新聞宣傳還是簡短響亮的戰斗口號、生動活潑的文藝形式,都發揮了不可磨滅的作用,使我軍正義、文明、威武的形象深入人心,為我軍整合軍地資源、發動人民戰爭奠定了良好基礎。

網絡時代,信息交互打破了官方和民間、軍隊和地方的界限,我軍應繼續發揮動員優勢,打開我軍意識形態工作新局面。人民群眾是參與意識形態鬥爭最廣泛、最強勁的力量,我軍爭取網上意識形態鬥爭主導權,不能只依靠宣傳保衛部門的力量,還必須做好軍民融合,打響網上意識形態鬥爭的人民戰爭。我軍要發揮好動員優勢,吸引群眾參與,引導輿論走​​向。

同時,要運用好網絡平台,運用好潛藏於民的巨大能量,把網民愛國熱情向正面疏導,在民間形成主流意識形態汪洋大海,使我軍內部堡壘堅不可摧,使境外敵對勢力知難而退。軍民融合還能有效破解我軍在網上意識形態鬥爭中力量陣地不足的問題。首先,平台建設不足導致我軍聲音傳不出、局面打不開。近年來,我軍在傳播平台建設上仍存在不足。我軍目前較有影響力的幾家新聞網站更新緩慢,新聞內容依然偏向傳統的宣傳、說教,新興的涉軍微信公眾號也因存在上述問題,以致“吸粉”能力不足,並且我軍在新媒體、新平台的使用方面常常“慢半拍”。

應加強與地方官媒、民營媒體的交流合作,合作建設。同時,從傳媒大學、知名企業、網絡名人中邀請經驗豐富的人士,定期組織交流培訓,吸收媒介建設先進經驗,加速改進網絡涉軍輿論引導平台,爭取打造一批受眾廣泛可看性強、可信度高的品牌媒體。其次,網絡危機對能力不足導致我軍屢屢失語。目前,我軍網絡空間力量建設有限、人員配備不足,導致信息監測、過濾能力受限,涉軍負面信息一旦發酵為輿情,單靠現有的技術手段和人力資源將難以有效處理,將使我軍陷入網上意識形態鬥爭的不利境地。

因此,我軍應加強與地方職能部門合作,加強軍地網絡工程師合作研發信息監測軟件和過濾系統,使惡意散佈的不實言論難以擴散。同時,一面廣泛吸收地方人才為我軍所用,一面吸納退役軍人進入地方意識形態工作隊伍,聯合培養一批政治過硬、思維過新、技術過精,能熟練進行輿情分析、輿論引導、網絡監管的專製網絡管理員隊伍,形成人民戰爭堅不可摧之勢。

Author: 作者:王明哲 軍事科學院軍隊政治工作研究中心

Chinese Internet Security Report 2017 (a) // 中華人民共和國2017年上半年互聯網安全報告

Chinese Internet Security Report 2017 (a) //

中華人民共和國2017年上半年互聯網安全報告

1 Internet security situation is grim, to develop network security is imperative

At the same time, the Internet security has become more and more important. In 2014, the central network security and information leading group was formally established, Xi Jinping personally as head of the country and the government’s attention to the degree of network security is evident. In the central network security and information leading group at the first meeting, Xi Jinping first proposed “network power” strategy, “no network security is no national security”, network security is a relationship between national security and sovereignty, social stability, national culture The important issue of inheritance and development. Its importance, with the pace of global information to accelerate and become more and more significant. “Home is the door”, security issues without delay.

In China, the network has entered the tens of thousands of households, the number of Internet users in the world, China has become a network power. The Internet has been deeply involved in all aspects of people’s lives. According to a survey on the information of the public, students and white-collar groups of Internet usage has been close to 100%, more than Jiucheng college students and white-collar groups the most important information access channel for the Internet. Internet users on the Internet to conduct the main news, learning, real-time communication, social networking and all kinds of leisure and entertainment. In the era of universal networking, Internet users how to ensure network security? How does an enterprise network effectively defend against cyber attacks? These have become important issues that countries, governments and the security industry are facing and need to address as soon as possible.

From the domestic “dark cloud Ⅲ” virus, to sweeping the global “WannaCry” extortion virus, and then to “Petya” malignant devastating virus, all that the current network security situation is grim, corporate security vulnerable, vigorously develop the network Security is imperative.

2 to strengthen the network security construction, lack of talent need to improve the current situation

Although China has become a big country network, but there is distance from the network power. Trojans and botnets, mobile Internet malicious programs, denial of service attacks, security vulnerabilities, phishing, web tampering and other network security incidents have occurred, the basic network equipment, domain name systems, industrial Internet and other basic infrastructure and critical infrastructure is still facing Greater security risks, strengthen the network security construction is imminent.

At the same time, the shortage of network security personnel in China is in urgent need of improvement. As a network power, China in addition to research and development of computer equipment to enhance the speed of network transmission, but also should step up the cultivation of computer information security personnel, so that China from the network power into a network power, which is to enhance China’s information security important basis.

Network security has risen to the national strategy, the state is also vigorously invested to promote the construction of network security. But do a good job of network security is not an organization, a department of things, but the need for the participation of the whole society. From the city of Wuhan issued “on the support of national network security personnel and innovation base development policy measures” invested 4.5 billion construction funds, to June 1, 2017 formally implemented the “People’s Republic of China Network Security Law”, are for network security Healthy, steady development and make efforts. We also call for the social responsibility as a safe enterprise, institutions, individuals actively into the network security building, for the country, the national network security protection contribute a force.

3 Tencent to promote the establishment of China’s first strongest Internet security matrix

Tencent security has 17 years of capacity accumulation and 800 million users of large data operating experience, is China’s leading Internet security products, security services provider. In the spirit of “open, joint, shared” concept, will accumulate years of ability and data sharing to partners, is committed to the Internet security and open platform construction, enhance the security of the Internet security industry chain, enhance user safety awareness, and jointly promote China’s Internet security Environmental construction.

At present, Tencent has promoted the establishment of China’s first Internet security matrix, covering the basic security of the laboratory matrix, security product matrix, security, large data platform matrix, and Internet security open platform matrix, committed to China’s Internet security new ecological construction, open core competencies And data for China’s Internet security and ecological construction unremitting efforts.

First, the overall status of network security scan

1.1 affect the world’s six major network security incidents, the cumulative impact of the world

1.1.1 WikiLeaks CIA top secret file leak event

March 7, 2017, WiKiLeaks announced thousands of documents and revealed the CIA on the hacker hacking technology, Mobile phones and smart TVs, but also can invade attacks on Windows, Mac and Linux operating systems, and even control smart cars to launch assassination activities. Outside the name of the leak event named Vault 7, Vault 7 published confidential documents recorded by the United States Central Intelligence Agency (CIA) conducted by the global hacker attacks.

Vault7 contains 8761 confidential documents and documents, which documents the CIA for Android and Apple smart phones developed by the intrusion crack technology details, some of which can also get the complete control of the target device. WikiLeaks founder A Sangqi said the document shows the “CIA network attack the overall ability”, and WikiLeaks in the release of these documents claimed that “CIA network armory has been out of control.”

1.1.2 Shadow Broker Public NSA (US National Security Agency) Hacker Arsenal

On April 14, 2017, Shadow Brokers published a large number of very destructive hacking tools used by the Equation Group in the NSA (National Security Agency) on steemit.com, including You can remotely break the global about 70% of the Windows machine vulnerability exploit tools. Anyone can use NSA’s hacker weapons to attack someone else’s computer. Among them, there are ten tools most likely to affect Windows personal users, including eternal blue, eternal king, eternal romance, eternal collaboration, emerald fiber, eccentric hamster, Eskimo volume, elegant scholar, eclipse wings and respect review. Hackers do not need any operation, as long as the network can invade the computer, like shock waves, Sasser and other famous worms can instantly blood wash the Internet.

1.1.3 “WannaCry” extortion virus broke out in the world on May 12th

May 12, 2017, “WannaCry” (want to cry) bitbell blackmail virus in the global outbreak, the event affected more than 150 countries and regions, more than 10 million organizations and institutions and more than 30 million Internet users, the total loss Up to more than 500 billion yuan. Including hospitals, educational institutions and government departments, without exception, suffered an attack. Blackmail virus worms in conjunction with the way the spread of the attack is a large-scale outbreak of the important reasons.

User’s most obvious symptoms after poisoning is the computer desktop background is modified, many files are encrypted lock, the virus pops up prompted the user to the relevant bit coin address transfer $ 300 in order to unlock the file. At present, security companies have found ways to restore encrypted files.

1.1.4 FireBall Fireball virus infected more than 250 million computers

June 1, 2017, foreign security agency Check Point reported that the outbreak of a “FireBall” virus abroad, and claimed that more than 250 million computers worldwide are infected, the most affected countries are India (10.1%) and Brazil (9.6%). The United States has 5.5 million computers in the move, accounting for 2.2%. In the infected business network, India and Brazil accounted for 43% and 38% respectively, compared with 10.7% in the US.

This malware will force the browser home page to its own website and search engine, and redirect the search results to Google or Yahoo. These forged search engines track user data and secretly collect user information. The author of this virus for the production of China’s Rafotech company, the company’s Web site has been unable to visit.

1.1.5 “dark cloud” series virus upgrade to “dark cloud III” again struck

June 9, 2017, Tencent computer housekeeper detected, as early as 2015 was first discovered and intercepted killing the “dark cloud” virus resurgence, upgrade to “dark cloud Ⅲ”, through the download station large-scale transmission, at the same time through Infected disk MBR boot boot, the number of infected users has reached millions.

After the upgrade of the “dark cloud Ⅲ” will be the main code stored in the cloud, real-time dynamic updates, and its function is currently downloaded to promote malicious Trojans, lock the browser home page, tampering to promote navigation page id. Once the user in the move, the computer will become a “broiler” to form a “botnet”, and the use of DDoS attacks built on a cloud service provider platform chess class site, resulting in the site access becomes abnormal card slow.

1.1.6 new round of extortion virus “Petya” struck, more destructive

June 27, 2017, a new round of extortion virus “Petya” attacked a number of countries in Europe, including Ukraine, Russia, India, Spain, France, Britain, Denmark and other countries have been attacked, the governments of these countries, Banks, enterprises, power systems, communications systems and airports are affected by different procedures.

This virus is more destructive than “WannaCry”, the virus on the computer’s hard disk MFT encryption, and modify the MBR, so that the operating system can not enter. According to the relevant analysis, said the information on the boot interface even if the information provided to the hackers is no way to decrypt, therefore, had to doubt the “Petya” the real purpose of the virus. “Petya” is more like a purposeful attack, the target can not repair the devastating attack, rather than extortion for the purpose.

1.2 “People’s Republic of China Network Security Law” formally implemented

June 1, China’s first comprehensive standard of cyberspace security management of the basic law – “People’s Republic of China Network Security Law,” the formal implementation of a total of seven chapters seventy-nine, the content is very rich, with six outstanding highlights. One is clear the principle of cyberspace sovereignty; the second is clear the network products and service providers of security obligations; third is clear the network operator’s security obligations; four is to further improve the personal information protection rules; five is the establishment of the key Information infrastructure security protection system; six is ​​to establish a key information infrastructure important data cross-border transmission rules.

At the same time the new law also pointed out that should take a variety of ways to train network security personnel, and promote network security personnel exchanges. The implementation of the new law marks the network security of China from the law, cyber space management, network information dissemination order norms, cybercrime punishment and so forth will open a new page, to protect China’s network security, safeguarding the overall security of the country has far-reaching and significant The meaning of.

1.3 The size of Internet users in China is equivalent to the total population of Europe, the safety gap of up to 95%

1.3.1 Chinese Internet users reached 731 million, equivalent to the total population of Europe

As of December 2016, the scale of Internet users in China reached 731 million, the penetration rate reached 53.2%, more than the global average of 3.1 percentage points, more than the Asian average of 7.6 percentage points. A total of 42.99 million new Internet users, the growth rate of 6.2%. The size of Chinese Internet users has been equivalent to the total population of Europe.

1.3.2 mobile users continue to grow, the proportion of mobile phone users accounted for 95.1%

As of December 2016, China’s mobile phone users reached 695 million scale, the growth rate of more than 10% for three consecutive years. Desktop computers, notebook computers are using the decline in the number of mobile phones continue to squeeze the use of other personal Internet devices.

1.3.3 security talent gap is huge, up to 95%

Although the number of Internet users in China has been ranked first in the world, but China’s information security industry in the very few people, security personnel and its lack. According to relevant information, in recent years, China’s education and training of information security professionals only 3 million people, and the total demand for network security personnel is more than 700,000 people, the gap up to 95%. 710 million Internet users in China network security issues, has become the industry and the country to solve the problem.

Beijing Institute of Electronic Science and Technology, vice president of the Ministry of Education of Higher Education Information Teaching Committee of the Secretary-General Fenghua pointed out that the current important information systems and information infrastructure in China need all kinds of network information security personnel will be 15,000 per year The rate of increase, by 2020 the relevant talent needs will grow to 1.4 million. But at present, only 126 colleges and universities in China have set up 143 network security related professionals, accounting for only 10% of the 1200 science and engineering institutions.

Analysis on the situation of network virus threat in the first half of 2017

2.1 Tencent security anti-virus laboratory PC-side virus interception over 1 billion, the chain by 30%

2.1.1 Trojan horse intercepts an average of nearly 170 million times per month

In the first half of 2017, Tencent security anti-virus laboratory statistics show that PC-side total has blocked the virus 1 billion times, the overall number of viruses compared to the second half of 2016 Tencent security anti-virus laboratory to intercept the number of viruses increased by 30% Interception Trojan virus nearly 170 million times. April, June to intercept the peak of the virus, interceptions are 180 million times.

2017 Q2 quarter compared to 2016 Q2 quarter, Tencent security anti-virus laboratory virus blocking an increase of 23.7%. From 2014 to 2017 Q2 season, the amount of virus blocking the number of malicious programs increased year by year.

2.1.2 PC users in Guangdong, the highest number of poisoning, poisoning peak for the morning 9-11 points

2.1.2.1 found a total of 230 million times in the first half of the user machine Trojan virus 

The first half of 2017 Tencent security anti-virus laboratory found a total of 230 million times the user machine Trojan virus, compared to the second half of 2016 down 0.5%, an average of 38.8 million poisoning machines per month for virus killing. 2017 Q2 quarter compared to Q1 quarter, a slight increase in the number of poisoning machines.

In the second quarter of 2017, the number of users in the second quarter of 2016 increased by 3% compared with the same period in the second quarter of 2016. From 2015 to 2017 Q2 season, the number of poisoning machine growth trend is obvious, was increasing year by year state.

2.1.2.2 PC end user poisoning peak for the morning 9:00 to 11:00

According to statistics, the peak time of daily poisoning for the morning 10 am – 11 am, in line with business and ordinary users 9 am – 11 am to open the computer processing work of the law. This time the user poisoning virus type is more use of e-mail, sharing, etc. spread Office document macro virus, indicating that the office security situation is still grim.

2.1.2.3 PC end poisoning user provinces up to Guangdong, which ranks first in Shenzhen

According to Tencent security anti-virus laboratory to monitor the number of poisoning PC statistics, from the urban distribution point of view, the Internet is more developed city users poisoning situation is heavy, the country ranked the first city to intercept the virus in Shenzhen City, accounting for 3.76% , The second for the Chengdu City, accounting for 3.57% of all interceptions, the third for the Guangzhou City, accounting for 3.39% of all interceptions.

From the provincial geographical distribution, the largest number of PC poisoning in Guangdong Province, accounting for 13.29% of the total intercept, the second in Jiangsu Province, accounting for 7.75% of all interceptions, the third in Shandong Province, accounting for all Intercept the amount of 7.12%.

2.1.3 The largest virus category accounted for 53.8% of the Trojan virus, blackmail virus added 13.39%

2.1.3.1 PC-side of the first major virus is still Trojans, PE-infected virus type, but the spread of large

According to Tencent security anti-virus laboratory 2017 Q2 season to obtain the virus sample analysis, from the virus type, Trojans accounted for 53.80% of the total number, is still the first major virus. Adware class (adware, forced installation, user privacy, spam, etc.) for the second largest virus category, accounting for 39.02% of the total number. Backdoor category for the third largest virus category, accounting for 5.13% of the total number. Compared to the 2017 Q1 quarter, the virus type did not change much.

The number of virus samples from the top of the division, ranked first and second is still the Trojans and Adware class, but ranked third in the PE infection, accounting for 25.07% of the total number.

There are not many types of infectious samples, which is difficult to produce infectious virus, hackers and other programmers need to master the technology, high cost, long development time and other factors. At the same time, the transmission of infectious virus is very large, the survival time is relatively long, therefore, less species of PE infection type in the sample transmission level accounted for a certain proportion, which is due to infection with a wide range of viruses, Fast propagation characteristics.

2.1.3.2 extortion virus sample number Q2 added 13.39%, the first is not WannaCry

The extortion of the virus is the purpose of extortion money for the purpose of making the Trojan horse infected computer user system specified data files are malicious encryption, resulting in user data loss. At present, most of the domestic extortion of the virus by the need to pay the rupiah to be able to decrypt. As the bit currency completely anonymous circulation, the current technical means can not track behind the extortion behind the virus operator, which also makes the extortion virus from 2013 after the explosive growth.

The amount of extortion

According to Tencent security anti-virus laboratory to detect the extortion virus, 2017 in the first half of the total has been found in the number of extortion virus samples in about 300 million, the average monthly detection of the number of extortion virus nearly 500,000, Q2 quarterly extortion virus samples The number increased by 13.39% over Q1 quarter. May, June to intercept the peak of the virus, respectively, 57 million, 530,000.

Extortion virus type

According to the relevant data analysis shows that the May 12 outbreak of the WannaCry extortion virus is the most active in this quarter, the greatest impact on the virus. The virus and other viruses in the way of transmission is significantly different, due to the use of the windows system vulnerabilities, making the virus can spread around the world, as the quarter of the hot safety events. On June 27, a new type of extortion virus called Petya began spreading around the world, and its extortion was similar to WannaCry, but more destructive, directly encrypting the MFT of the user’s hard drive and modifying the MBR, causing the user to fail to windows system.

Although the impact of the virus is large, but from the sample size point of view, the largest or with the spread of infection PolyRansom virus. This virus will be infected, encrypted users of the file to extortion, but because there is no use like WannaCry virus key encryption, but the use of a simple encryption algorithm, and the algorithm is reversible, anti-virus software can help users to restore files, So although the number of samples in the first, but the impact is not great. This type of extortion virus accounted for 78.84% of all extortion virus, we can see the spread of infectious virus strong.

From the sample size point of view, in addition to infectious extortion virus, the first is Blocker, accounting for 36.82% of all extortion virus, the second category is Zerber, accounting for 23.63% of all extortion virus, the third category Is the most affected this quarter, WannaCry extortion virus, accounting for all extortion virus 12.06%. WannaCry virus volume quickly rose to the third position, because the means of communication using the spread of vulnerability.

The current extortion virus mainly uses the following kinds of transmission:

Document infection spread

File infection is the use of infectious virus transmission characteristics, such as PolyRansom virus is the use of infectious virus characteristics, encrypted users all the documents and then pop-up information. Because the PE class file is infected with the ability to infect other files, so if the file is carried by the user (U disk, network upload, etc.) to run on other computers, it will make the computer’s files are all infected with encryption.

Site hanging horse spread

Web site is through the site or the site server to obtain some or all of the authority, in the web page file to insert a malicious code, these malicious code, including IE and other browser vulnerabilities use code. When a user accesses a linked page, a malicious code is executed if the system does not update the exploit patch used in the malicious code.

The virus can also use known software vulnerabilities to attack, such as the use of Flash, PDF software vulnerabilities, to the site with malicious code to add the file, the user with a loopholes in the software to open the file will be executed after the malicious code, download virus.

Using system vulnerabilities

May outbreak of WannaCry is the use of Windows system vulnerabilities to spread, the use of system vulnerabilities is characterized by passive poisoning, that is, users do not have to visit a malicious site, not open the unknown file will be poisoned. This virus will scan with the network vulnerabilities in other PC host, as long as the host is not marked with a patch, it will be attacked.

Tencent anti-virus laboratory to remind you, timely updates third-party software patches, timely update the operating system patches to prevent known vulnerabilities attack.

Mail attachment spread

The extortion virus that spreads through e-mail attachments usually disguises documents that users need to view, such as credit card spending lists, product orders, and so on. The attachment will hide the malicious code, when the user opens the malicious code will begin to perform, release the virus. This type of camouflage virus is usually sent to enterprises, universities, hospitals and other units, these units in the computer usually save the more important documents, once malicious encryption, the possibility of payment of ransom far more than ordinary individual users.

Network share file spread

Some small-scale spread of extortion virus will be spread through the way the file spread, the virus will upload the virus to the network sharing space, cloud disk, QQ group, BBS forums and other places to share the way to send a specific crowd to trick the download and install The

Tencent anti-virus laboratory to remind users to download the software go to the official formal channel download and install, do not download the unknown program, such as the need to use the unknown source of the program can be installed in advance Tencent computer housekeeper for security scanning.

2.2 mobile side killing a total of 693 million Android virus, mobile phone users over 100 million

2.2.1 mobile side of the virus package growth trend slowed down, but the total is still 899 million

In the first half of 2017, Tencent mobile phone housekeeper intercepted Android new virus package totaled 8990000, compared with 2016 in the first half of a small decline, but the total is still very large.

2.2.2 Guangdong mobile users poisoning the most, the number of mobile phone users decreased by 45.67%

2.2.2.1 Tencent mobile phone housekeeper in the first half were killing Android virus 693 million times

In the case of a large number of virus infection users in the case, the first half of 2017 Tencent mobile phone housekeeper killing the virus has reached 693 million times, an increase of 124.24%, the total number of more than double the first half of 2016 more than doubled. Malicious programs and Trojans to reduce the cost of production, virus transmission channel diversification is an important factor in this phenomenon.

In addition to June, the first half of 2017 killing more than 100 million times a month, of which the number of mosquitoes in January up to 136 million times, almost the first half of 2014, 140 million in the killing of the same level.

2.2.2.2 2017 in the first half of the number of mobile phone users over 100 million 

In the first half of 2017, the number of virus infected users was 109 million, down 45.67% year on year, compared with 2015, the first half of 2016 compared to all declined.

January 2017 single month infected users reached 21.66 million, the highest for the first half, then the number of infected users began to slow down.

2.2.2.3 the number of mobile users poisoning Guangdong ranks first

In the infected mobile phone users geographical distribution, Guangdong ranked first, accounting for up to 11.41%.

2.2.3 hooliganism and resources accounted for more than 80%, two-dimensional code is most easy to poison

2.2.3.1 mobile-side virus in the hooliganism and tariff consumption accounted for more than 80%

In the first half of 2017, the proportion of mobile phone viruses, rogue behavior and tariff consumption accounted for the highest, to 44.59% and 44.44% ratio of one or two. Ranked third of the same access to privacy accounted for 5.85%, lodging fraud, malicious deductions, remote control, system damage and malicious spread accounted for 1.94%, 1.55%, 0.80%, 0.74% and 0.08%.

Hooliganism refers to the malicious behavior of a virus that has a rogue attribute. Such as the recent WannaCry virus and once again concerned about the mobile phone lock screen Serbia virus with rogue behavior. This type of virus through the forum paste it and other means to spread, the drug will usually use plug-in, free, brush drill, red envelopes and other words on the Trojan virus packaging, induction users download and install. After the installation of the virus will be forced to lock the phone screen, forcing the victim had to contact the drug maker in order to make the equipment back to normal.

Whether the computer or mobile phone, with rogue behavior of the extortion virus to the user losses are difficult to estimate, if accidentally poisoning, not only will cause property damage, will also lead to loss of important information, so users should be careful to guard.

Tariff is also a common type of mobile phone virus, such a virus usually in the user without the knowledge or unauthorized circumstances, by sending text messages, frequent connections to the network, etc., resulting in user tariff losses. Part of the malicious promotion of the virus to help third-party advertisers to increase traffic for the purpose of the user to download and install the virus, access to mobile portal privileges, the implementation of the download malicious advertising software. These software will continue to push a variety of pop advertising, affecting the user’s mobile phone experience, and even those who will disclose user privacy information, stolen online banking accounts, resulting in serious personal and property safety.

Infected with the world’s ultra-36 million Andrews device malicious ad click software “Judy” is a tariff consumption of mobile phone viruses. The malware is hidden in a Korean tour. After completing the download and install, the infected device will send the information to the target page and automatically download the malicious code in the background and access the advertising link, theft of user traffic, to the user Consumption.

2.2.3.2 two-dimensional code, software bundles are the main source of mobile virus source

Mobile virus channel sources are mainly seven categories, namely, two-dimensional code, software bundles, electronic market, network disk communication, mobile phone resource station, ROM built-in and mobile forum. The diversification and diversification of the entrance of the virus channel also further increases the risk and risk of the user’s exposure.

In the first half of 2017, two-dimensional code became the source of mainstream virus channels, accounting for up to 20.80%. Two-dimensional code in the various areas of the popularity of more and more users to develop a habit of sweeping the random, the drug maker also increased for the two-dimensional code channel virus package delivery ratio. Part of the virus is embedded in the two-dimensional code, as long as swept away will automatically download the malicious virus, ranging from mobile phone poisoning, while the personal privacy information is caused by leakage, resulting in property losses.

Third, anti-harassment fraud effect is remarkable, but the user loss situation is grim

3.1 the first half of the number of spam messages over 566 million, illegal loans over 50%

3.1.1 In the first half of 2017, the total number of spam messages continued to grow close to 600 million

Low spread costs and the existence of a huge chain of interests, resulting in spam messages have been difficult to be effectively remediation, the number of users is also increasing the number of reports. In the first half of 2017, Tencent mobile phone housekeeper received a total of 586 million copies of spam messages reported by users, an increase of 40.69%, more than 2 times in the first half of 2014.

3.1.2 users to report spam messages up to the provinces of Guangdong, the largest city for Shenzhen

In the geographical distribution of spam messages, the top three provinces that reported spam messages were Guangdong, Jiangsu and Shandong, accounting for 12.91%, 6.98% and 5.70% respectively. In addition, Henan, Zhejiang, Sichuan, Hebei, Beijing, Hunan and Shanghai also ranked the top ten. These provinces or municipalities are generally distributed in the eastern coastal and central regions, and densely populated and economically developed are their greatest common ground, which creates favorable conditions for fraudulent bulk spam messages and profiteering.

City, the first half of 2017 users in Shenzhen reported a total of 23.34 million spam messages (accounting for 3.98%), Chengdu, Guangzhou and Suzhou, two to four, the number of spam messages are 10 million level.

3.1.3 2017 first half of the common types of fraud SMS

Although the overall amount of fraud SMS reported a downward trend, but its means of diversification and secrecy makes the dangers of fraud has always been high. According to Tencent mobile phone housekeeper to monitor the 28.57 million fraud messages show that illegal loans, online shopping, viral Web site, malicious Web site and pseudo-base station is the highest proportion of several fraudulent SMS type.

One of the illegal loan fraud messages a dominant, accounting for more than 50%. In the modern “room full of things” and rely on home buyers to seek a sense of security in the context of the community, the loan to buy a house has become a major social needs. Liar also keep up with this social pain points, a large number of illegal loans to send text messages, to profit.

3.2 harassing telephone users labeled up to 235 million times, down 27.12%

3.2.1 2017 users in the first half of the total number of harassment calls 235 million times down 27.12%

After the first half of 2015, after the explosive growth in the first half of 2015, the number of harassing telephone marks began to decline year by year in the first half of 2016, and the total number of harassing telephone marks in the first half of 2017 was 235 million, down from the first half of 2016 %.

3.2.2 In the first half of 2017, more than 50% of harassing calls were sounded

User-tagged harassing phone types are divided into five categories. Among them, the sound ranked first, accounting for more than 50%. This kind of harassing phone will not cause serious harm to the user, but will still affect the use of mobile phones, interference users. Phishing calls accounted for 15.14%, ranked second, in addition to advertising sales, real estate intermediary and insurance management also occupy a certain percentage.

3.2.3 harassing telephone calls for the highest proportion of verification code

According to Tencent mobile phone housekeeper users take the initiative to report the harassment of telephone malicious clues show that asking for verification code, fake leadership, transfer, online shopping and offense is the most common keywords. Which requires the highest proportion of verification code, nearly 24.74% of the harassing phone, the liar will be through various means to ask for verification code, and verification code as an important private information, once leaked, it is easy to cause property damage.

3.2.4 fraud telephone mark down 59.68% year on year, Beijing up

In the user has been marked 235 million harassing phone, scams like telephone ratio is far less than loud, but its substantial harm caused by the largest. Based on Tencent mobile phone housekeeper user fraud phone tag data show that in the first half of 2017 defraud telephone mark down 59.68%, a total of 35.59 million.

These frauds are targeted at the target area is more clear to the eastern coastal economically developed areas and inland central provinces. On the urban side, Beijing is the largest number of cities with the largest number of fraudulent calls, up to 1.826 million. Shenzhen and Guangzhou, respectively, to 141.8 million and 1.257 million mark the number followed. Shanghai, Xi’an, Changsha, Chengdu, Hangzhou, Chongqing and Wuhan are ranked fourth to ten.

3.3 malicious Web site to intercept up to 47.8 billion, pornographic fraud head of the site

3.3.1 The number of malicious web sites detected in the first half of 2017 exceeded 1.83 billion

In the first half of 2017, Tencent security in the PC and mobile side detected a total of more than 183 million malicious web site, the overall trend of rising volatility. Which in June detected 35.75 million malicious Web site, the highest for the first half, the lowest in April, the number of 25.53 million detection.

3.3.2 Pornography The website is still the main means of committing malicious web sites

In the effective detection of malicious Web site at the same time, the first half of 2017 Tencent security in the PC and mobile side to intercept malicious sites up to 47.8 billion times, equivalent to 265 million times a day intercept. This huge data also further illustrates the grim situation of Internet security.

In Tencent’s securely intercepted malicious Web site, pornographic websites, gambling sites, information scams, malicious files, fake ads and phishing scams are the most widely distributed six categories of malicious Web sites. Which accounted for half of the site of pornography, accounting for 51.98%, pornographic fraud sites will be embedded fraudulent advertising or trick users to pay online. Malicious Web site will also be embedded in the fraud message to spread, to increase the confusion, so users see the text in the URL, should consciously raise vigilance, remember not to click.

3.4 iOS harassment and fraud phone calls fell by about 35%, calendar ads into new harassment

3.4.1 iOS harassment calls and phishing calls appear more substantial decline

In September 2016, Tencent mobile phone housekeeper and Apple introduced a new version of iOS10, the first increase in interception harassment and fraud phone features, effectively alleviate the troubled iPhone users troubled phone problems. Data show that the first half of 2017 iOS users were marked a total of 14.492 million harassing telephone, fraud, telephone 2.196 million times.

From the overall trend point of view, the first half of the iOS harassment phone signs showed a downward trend in the number of signs in January the highest number of 3.195 million times, only 2.0 million in April, the first half of the lowest peak. In contrast, the overall trend of fraudulent phone is more stable. From the above data can be seen, the first half of 2017 harassing telephone and phishing calls have emerged a more substantial decline, which is inseparable from the relevant departments, mobile operators and mobile phone users to work together.

3-4 calendar ads into the third largest harassment of Apple phones

Spam, harassing the phone, calendar advertising has become the main source of iPhone users harassment. Among them, the calendar advertising harassment problem is increasingly serious. 61.1% of users have experienced calendar ads, including gambling ads, real estate advertising, taxi software advertising top three.

3.5 Tencent Kirin system to combat pseudo-base station protection 150 million people

3.5.1 Tencent Kirin system to intercept 230 million fraud messages to protect 150 million people

In the first half of 2017, Tencent Kirin pseudo-base station real-time positioning system for the national users to intercept 230 million pseudo-base station fraud messages, the total impact of the number of 150 million people.

3.5.2 pseudo-base station regional characteristics: Sichuan, Shaanxi, Hubei, Hubei and Hubei provinces up

From the geographical point of view, Tencent Kirin for Sichuan, Shaanxi, Beijing, Hubei, Hunan users to intercept the largest number of fraudulent SMS, the five provincial administrative departments to intercept the number of fraud messages more than 50% of the total.

From the city point of view, the number of intercepting the number of fraud messages Top 10 cities such as Beijing, Chengdu, Xi’an, etc. are almost capital cities or economically developed cities, due to densely populated, urban residents income is higher, by pseudo-base station fraud gang included in the key attack Object.

3.5.3 pseudo-base station crime time characteristics: the most frequent working hours

From the time of committing the crime point of view, pseudo-base station fraud messages sent between 9 am to 19 pm, which in 10 am to 12 pm, 15 pm to 18 pm for the two peaks. It is easy to see that the peak of fraudulent SMS coincides with the daily working hours.

3.5.4 Content characteristics: Industrial and Commercial Bank of China, China Mobile most “lying gun”

Pseudo-base station SMS type, the points exchange, account abnormalities and bank credit card mention category accounted for close to 90%. These three categories often associated with operators, banks, often points to clear, credit card to mention the amount, account real name, abnormal and other reasons to fraud.

Tencent Kirin intercepted pseudo-base station counterfeit port, counterfeit industrial and commercial bank fraud SMS up to (up to 52%), Top 5 counterfeit port in addition to middle peasants construction of four major banks, as well as operators China Mobile. It is not difficult to see that these “lying gun” business because the user community is huge, business mode, short message is particularly important, so become a pseudo-base station fraud group to simulate the main object to send.

Fake base station SMS reach the user’s operator distribution, China Mobile accounted for 74%, followed by China Telecom (16%), China Unicom (10%).

Fourth, the first half of 2017 safety personnel development progress and results

4.1 “Network Security Law” to promote the comprehensive training of talent

June 1, 2017 from the implementation of the “Internet Security Law” for the first time in the form of legal provisions of the network space security field of personnel requirements, not only reflects the country’s attention to the network of talent, but also for the State Council and the local network The rules of safety personnel training provide the highest level of legal basis.

“Network Security Law” provides that: state support enterprises and institutions of higher learning, vocational schools and other education and training institutions to carry out network security-related education and training, to take a variety of ways to train network security personnel, and promote network security personnel exchanges. Network security personnel not only include technical talent, but also management talent. The current network security is not only the technical contest, it is the idea, the rules of the contest, familiar with international rules, power relations network security personnel in the future of cyberspace competition can play a greater role. Therefore, the training of network security personnel not only to cultivate traditional talents, but also based on the domestic, look at the world, cultivate a comprehensive understanding of network diplomacy talent.

At the same time, the provisions of the provisions of the “network of security personnel exchanges”, reflects the training mechanism for China’s open innovation and innovative ideas. Talent training is inseparable from the advanced countries of academic research and technical exchanges, the business organizations should attract foreign high-end technical personnel, while speeding up the training of our top talent.

4.2 security personnel training “Tencent mode”: to create talent closed-loop

As an advocate of Internet security open platform, Tencent has been “network security” as an important part of the enterprise design and strategic project. In the process of continuous attention and support of safe personnel selection and training, Tencent has gradually recruited a set of safety personnel selection system in the aspects of campus recruitment, social recruitment, promotion of internal talents, salary and welfare, etc .; at the same time, Security events and promote personnel training program, Tencent has gradually formed a mature, perfect, and for social reference to the safety of personnel training system.

Tencent in 2017, the parties launched the Tencent Information Security Competition (TCTF), through the internationalization of the system to explore talent, through high-quality counseling mechanism and professional mentor team training personnel and through the construction of enterprises and universities bridge transport personnel. At the same time, Tencent through the creation of “Hundred Talents Program” to build the Internet security personnel training closed-loop, through the TCTF contest layers of competition examinations, selected the most potential of 100 security personnel, and through continuous follow-up training to build the Internet security complex, Leading talent.

Tencent hopes to TCTF as a professional security personnel training platform between enterprises and universities to build a bridge between the formation of selection, training, transportation in one of the closed-loop talent for the Chinese new forces to provide a multi-dimensional growth environment, and further promote the development of China’s network security The

4.3 Tencent security joint laboratory set up the first anniversary: ​​escort six key areas of the Internet

July 2016, Tencent security integration of its laboratory resources, the establishment of the first domestic Internet laboratory matrix – Tencent security joint laboratory, which covers Cohen Laboratory, basaltic laboratory, Zhan Lu laboratory, cloud tripod laboratory, Anti-virus laboratory, anti-fraud laboratory, mobile security laboratory, including seven laboratories. Laboratory focus on security technology research and security attack and defense system structures, security and security coverage covers the connection, systems, applications, information, equipment and cloud, touch the six key areas of the Internet.

2016, Tencent security joint laboratory for Google, Microsoft, Apple, adobe and other international manufacturers to dig a total of 269 loopholes, ranking first in the country. In addition, by virtue of “the world’s first long-range non-physical contact with the invasion of Tesla car” research results, Tencent security joint laboratory Cohen laboratory selected “Tesla security researcher Hall of Fame”, and Tesla CEO Maske’s personal thanks The

In the field of anti-fraud in the country concerned, the anti-fraud laboratory in Tencent Security Joint Laboratory has formed a set of new standards for anti-fraud evaluation based on AI innovation + ability and openness in the field of anti-fraud research. Stop mode. In the AI ​​innovation and the ability to open the two-wheel drive, the laboratory has launched Hawkeye anti-telephone fraud system, Kirin pseudo-base station real-time positioning system, God anti-phishing system, God investigation funds flow control system, God sheep intelligence analysis platform Five systems, and through the Tencent cloud SaaS services open to the need for government units, enterprises, etc., to help users prevent Internet fraud.

Five, safe hot event inventory

5.1 outbreak of Serbian virus and virus outbreak

5.1.1 WannaCry extortion virus broke out globally on 12 May

Event Background:

On May 12th, WannaCry (wanna cry) bitbell blackmail virus broke out on a global scale. According to Tencent security anti-virus laboratory security researchers found that the extortion event compared with the past, the biggest difference is that the extortion virus combined with the way worms to spread. Due to the leak in the NSA file, WannaCry spread vulnerability code is called “EternalBlue”, so some reports that the attack is “eternal blue”.

Virus Detailed Explanation:

The outbreak of blackmail virus in the past two years is largely related to the increasing perfection of encryption algorithms. The continuous updating of cryptography and algorithms ensures the security of data transmission and preservation in our daily network. Unfortunately, the author of the extortion virus also used this feature, so that although we know the Trojan algorithm, but do not know the author to use the key, there is no way to restore the file is maliciously encrypted.

Encryption algorithms are usually divided into symmetric encryption algorithm and asymmetric encryption algorithm two categories. These two types of algorithms are used in the blackmail virus.

The encryption and decryption of the symmetric encryption algorithm uses exactly the same key, which is characterized by a faster operation, but when using such an algorithm alone, the key must be exchanged with the server using a method that is recorded in the process And the risk of leakage. The symmetric encryption algorithms commonly used for blackmail viruses include AES and RC4.

Asymmetric encryption algorithm is also known as public key encryption algorithm, which can use the public key to encrypt the information, and only the owner of the private key can be decrypted, so as long as the public key and save the private key, you can guarantee The encrypted data is not cracked. The asymmetric encryption algorithm is usually slower than symmetric encryption. The asymmetric encryption algorithms commonly used by blackmail viruses include RSA algorithms and ECC algorithms.

Usually, the blackmail virus will combine these two categories of encryption algorithms, both can quickly complete the entire computer a large number of documents encryption, but also to ensure that the author’s private key is not leaked.

5.1.2 new round of extortion virus “Petya” struck, more destructive

Event Background: 

June 27 A new round of extortion virus Petya attacked several European countries. This virus is more damaging than WannaCry. The virus encrypts the computer’s hard disk MFT and modifies the MBR so that the operating system can not enter. Compared to the previous, Petya more like a purpose of the attack, rather than a simple extortion. Tencent Hubble analysis system has been able to identify the virus and determine the high risk, the use of Tencent computer housekeeper can kill the virus.

Virus Detailed Explanation:

Petya Serbia virus virus poisoning will scan the network after the machine, through the eternal blue loopholes since the spread, to achieve the purpose of rapid propagation. Foreign security researchers believe that Petya extortion virus variants will be spread through the mailbox attachment, using the vulnerability to carry the DOC document to attack. After poisoning, the virus will modify the system MBR boot sector, when the computer restart, the virus code in the Windows operating system before taking over the computer, the implementation of encryption and other malicious operations. After the computer restarts, it will display a disguised interface, this interface is actually a virus display, the interface is suspected of being a disk scan, in fact, the disk data encryption operation.

5.1.3 Laurent virus Tencent security response program

For the outbreak of extortion virus, Tencent security emergency response program, for the advance prevention, in the virus cleanup and after the file recovery three cases, to the majority of users to deal with recommendations:

Pre-prevention

1. Use the computer housekeeper’s extortion virus immune tools, automated installation system patches and port shielding, or manually download and install.

2. Back up the data, install the security software, turn on the protection.

a) the relevant important documents using offline backup (that is, the use of U disk, etc.), such as backup;

b) the use of some computers with the system restore function, without attack before setting the system restore point, after the attack can restore the system, defense file encryption;

c) install Tencent computer housekeeper, open real-time protection, to avoid attack;

d) the use of computer housekeeper’s document guardian of the file backup, protection.

3. To establish an inactivated domain name for immunization.

According to the existing sample analysis, there is a trigger mechanism for extortion software, if you can successfully access the specified link, the computer will be in the extortion of the virus directly after the exit, it will not file encryption.

a) Ordinary users can be connected to the site, to ensure access to the site, you can avoid the attack to avoid being encrypted (only known to extortion virus);

b) enterprise users can build Web Server through the intranet, and then through the way DNS DNS domain name resolution to Web Server IP way to achieve immunity; through the domain name of the visit can also monitor the situation of intranet virus infection.

Things in the virus clean up

1. Unplug the cable and other ways to isolate the computer has been attacked to avoid infection with other machines.

2. Use the computer steward’s antivirus function to directly check out the blackmail software, scan clean up directly (isolated machines can be downloaded through the U disk, etc. to install the offline package).

3. Back up the relevant data directly after the system reload.

After the file is restored

1. Blackmail software with the ability to restore part of the encrypted file, you can directly through the extrapolated software to restore part of the file; or directly click on the blackmail interface, “Decrypt” pop-up recovery window to restore the list of files.

2. You can use third-party data recovery tool to try data recovery, cloud users can contact Tencent security cloud tripod laboratory to help deal with.

5.2 DDOS attacks continue, dark clouds variants frequently struck

Event Background:

June 9, a 2017 years since the largest DDoS network attack activities swept the country, Tencent security cloud tripod laboratory released traceability analysis report, through the attack source machine analysis, engineers found in the machine dark cloud Ⅲ variants. Through the flow, memory DUMP data and other content analysis, Tencent cloud tripod laboratory to determine the large-scale DDoS attacks by the “dark cloud” hacker gang initiated. After the upgrade, “Dark Cloud III” will be the main code stored in the cloud, real-time dynamic updates.

Virus Detailed Explanation:

“Dark cloud” series Trojan from the beginning of 2015 by Tencent anti-virus laboratory for the first time to capture and killing, has been more than two years. In the past two years, the Trojan constantly updated iteration, continue to fight against the upgrade.

From the beginning of April this year, the Trojans comeback again, the outbreak of the outbreak of the dark horse than the previous version of the more obvious promotion features, so we named it dark clouds Ⅲ. Dark clouds Ⅲ compared with the previous version has the following characteristics and differences:

First, more subtle, dark cloud Ⅲ is still no file without a registry, compared with the dark cloud II, cancel the number of kernel hooks, cancel the object hijacking, become more hidden, even professionals, it is difficult to find traces The

Second, the compatibility, because the Trojan mainly through the hook disk drive StartIO to achieve the protection and protection of the virus MBR, such a hook is located in the bottom of the kernel, different types of brand hard drive need hook point is not the same, this version of the Trojan increased More judgment code, able to infect the vast majority of the market and hard disk.

Third, targeted against security software, security vendors, “first aid kit” type of tool to do a special confrontation, through the device name of the way to try to prevent the pit of some tools to load the run.

5.3 in the first half of the focus of fraud cases inventory

5.3.1 Xu Yuyu telegraphic case

August 2016, just by the Nanjing University of Posts and Telecommunications Xu Yuyu, received a fraudulent phone, the other scholarship in the name of cheating Xu Yuyu University of the cost of 9900 yuan. After the report of Xu Yuyu emotional abnormalities, leading to sudden cardiac death, unfortunately died, triggering social concern about the unprecedented fraud. The case was publicly declared on July 19, 2017, the principal Chen Wenhui was sentenced to life imprisonment, confiscation of all personal property. The other six defendants were sentenced to 15 to 3 years imprisonment and fined. This verdict, to the community to pass the court in accordance with the law severely punished the telecommunications network fraud crime clear attitude.

Proposed: Xu Yuyu tragedy enough to cause public vigilance. Internet era, each person’s information flow are online through different channels of circulation, to the lawless elements can take advantage of the machine. Faced with such an environment, we should be on the strange phone and SMS alert. Even if the other can speak personal accurate information, can not be trusted, any event needs to be verified by reliable channels to protect their own security.

5.3.2 Henan large telecommunications fraud: lied to sell college entrance examination answers cheat nearly 100 million students

June 2017, Henan HebiCity police cracked the big telecommunications fraud, arrested two suspects, seized more than 70 copies of bank cards. These suspects under the guise of selling college entrance examination questions answer the way, through the network of college entrance examination candidates to implement fraud. According to the police preliminary investigation, fraud victims accumulated more than 3,500 people, involving more than 3 million yuan.

Prevention recommendations: the annual admission of college entrance examination, college entrance examination fraud is a high period of time. Candidates and parents need to beware of all the so-called “internal indicators”, false check the site, false search results such as college entrance examination in the name of all kinds of fraud means, do not have luck, deceived.

5.3.3 Wuhan female teachers suffered a series of telecommunications fraud 7 months to cheat 2.53 million

Wuhan, a secondary school teacher Chen, master’s degree, 2017 May to the police alarm fraud. It is understood that in November 2016, Chen received a strange call, said its social security card was stolen brush, and directly to the phone to the “Hunan Provincial Public Security Department.” Answer the phone “police” said Ms. Chen involved a fraudulent money laundering case, as “washing charges”, Ms. Chen half a year to the other side of the transfer of 2.53 million, the debt owed more than 300 million. The case is still in the investigation.

Precautionary advice: people need to be alert to unfamiliar calls and text messages. When receiving a suspected fraud or SMS, pay attention to verify the identity of the other party, especially the other party to the designated account remittance, do not easily remittance, should be the first time to inform the family to discuss or consult the public security organs; The public security department can not provide a security account, but will not guide you transfer, set a password.

Six, security experts advice

In the computer use, set the security factor high password. Using a password that is not easily guessed by violent attacks is an effective way to improve your security. Violent attack is an attacker using an automated system to guess the password. Avoid using words that can be found in the dictionary, do not use pure digital passwords; use special characters and spaces, and use uppercase and lowercase letters. This password is harder to crack than use your mother’s name or birthday as a password. In addition, the password length for each additional one, the combination of the composition of the password characters will increase in multiple, so the long password will be more secure.

Regularly upgrade the software, update the security patch. In many cases, it is important to patch the system before installing and deploying the production application software. The final security patch must be installed on the PC’s system. If not for a long time without a security upgrade, may lead to the computer is very easy to become an unethical hacker attack target. Therefore, do not install the software on a computer that does not have a security patch update for a long time.

Protect your data by backing up important documents. Back up your data, which is one of the important ways you can protect yourself from minimizing the loss in the face of a disaster. If the amount of data is huge, the data can be saved to the hard disk. But more convenient way, you can use Tencent computer steward class of security software, at any time to automatically restore the data to the local, you can also store to the cloud, maximize the data to ensure security.

Do not easily trust the external network, open network risk is huge. In an open wireless network, such as in a wireless network with a coffee shop, the network risk will multiply, this concept is very important. This does not mean that in some untrusted external network can not use the wireless network, but to always keep the security and caution of security. The key is that the user must be through their own systems to ensure safety, do not believe that the external network and its own private network as safe.

Improve the unfamiliar telephone, SMS alertness, do not believe in which the content. Fraudulent forms of SMS diversification, a variety of new SMS Trojans flooding through the temptation of the SMS comes with the virus link to pay the class, privacy stealth virus rapid growth. For the “college entrance examination”, “school notice”, “test report card”, “household registration management”, “mobile phone real name system”, “video video” and “traffic violation” and other text messages embedded in the URL link should be vigilant, Do not click anywhere. For unfamiliar calls, SMS should be vigilant and wary, do not believe what the other side of the content, if necessary, to verify their identity information.

Protect personal privacy information, do not easily disclose personal information to others. Personal account, password, ID card information and other key personal privacy information, it is absolutely free to any unfamiliar SMS, the phone revealed. Receive a strange message, the phone asked personal privacy, be sure to be vigilant. When publishing a message on a social platform, beware of important privacy information in the form of photos, screenshots, etc. Do not arbitrarily discard tickets, tickets or courier documents containing personal information to prevent personal information from being stolen.

Mobile phone users should develop good habits to use security software to protect the safety of mobile phones. Mobile phone users can download and install such as Tencent mobile phone housekeeper a class of mobile phone security software, regular mobile phone physical examination and virus killing, and timely update the virus database. For the latest popular and difficult to remove the virus or vulnerability, you can download the killing tool in time to kill or repair. At the same time open Tencent mobile phone housekeeper harassment intercept function, which can effectively intercept fraud phone, SMS, enhance mobile phone security.

Original Mandarin Chinese:

1 互联网安全形势严峻,大力发展网络安全防护势在必行

在互联网高速发展,已经成为社会发展动力的同时,互联网安全也变得越来越重要。2014年,中央网络安全与信息化领导小组正式成立,习近平亲自担任组长,国家和政府对网络安全的重视程度可见一斑。在中央网络安全和信息化领导小组第一次会议上,习近平首次提出“网络强国”战略,“没有网络安全就没有国家安全”,网络安全是一个关系国家安全和主权、社会的稳定、民族文化的继承和发扬的重要问题。其重要性,正随着全球信息化步伐的加快而变到越来越显著。“家门就是国门”,安全问题刻不容缓。

在中国,网络已走入千家万户,网民数量世界第一,我国已成为网络大国。互联网已经深度介入民众生活的方方面面。根据一份关于民众信息的调查报告显示,大学生和白领群体的互联网使用率已经接近100%,九成以上大学生和白领群体最主要的信息获取渠道为互联网。网民在互联网上进行的行为主要有获取新闻资讯、学习工作、即时沟通、网络社交及各类休闲娱乐。在全民联网的时代,网民的网络安全如何保证?企业网络在面对网络攻击时如何进行有效的防御?这些都已经成为国家、政府和安全行业正在面临和需要尽快解决的重要问题。

从国内的“暗云Ⅲ”病毒,到席卷全球的“WannaCry”敲诈勒索病毒,再到“Petya”恶性破坏性病毒,无一不说明目前的网络安全形势严峻,企业安全防护脆弱,大力发展网络安全防护势在必行。

2大力加强网络安全建设,人才匮乏现状急需改善

我国虽然已成网络大国,但离网络强国还有距离。木马和僵尸网络、移动互联网恶意程序、拒绝服务攻击、安全漏洞、网页钓鱼、网页篡改等网络安全事件多有发生,基础网络设备、域名系统、工业互联网等我国基础网络和关键基础设施依然面临着较大的安全风险,加强网络安全建设迫在眉睫。

同时,我国网络安全人才匮乏的现状急需改善。作为一个网络大国,中国除研究开发计算机设备,提升网络传输速度以外,还应加紧计算机信息安全人才的培育工作,让中国从网络大国变为网络强国,这是提升我国信息安全保障的重要基础。

网络安全已经上升至国家战略,国家也在大力投入、推动网络安全建设。但做好网络安全工作不是某个机构、某个部门的事,而是需要全社会的参与。从武汉市地方出台《关于支持国家网络安全人才与创新基地发展的政策措施》投入45亿建设资金,到2017年6月1日正式施行的《中华人民共和国网络安全法》,都是为了网络安全健康、稳健的发展而做出的努力。我们也呼吁作为有社会责任的安全企业、机构、个人积极投入到网络安全建设中来,为国家、国民的网络安全防护贡献一份力量。

3腾讯推动建立中国首个最强互联网安全矩阵

腾讯安全拥有17年能力积累及8亿用户海量大数据运营经验,是中国最为领先的互联网安全产品、安全服务提供者。本着“开放、联合、共享”的理念,将多年积累的能力和数据共享给合作伙伴,致力于互联网安全开放平台建设,提升互联网安全产业链安全能力,提升用户安全意识,共同推进中国互联网安全环境的建设。

目前,腾讯已推动建立中国首个互联网安全矩阵,涵盖基础安全的实验室矩阵、安全产品矩阵、安全大数据平台矩阵,以及互联网安全开放平台矩阵,致力于中国互联网安全新生态建设,开放核心能力和数据,为中国互联网安全生态建设不懈努力。

一、网络安全整体现状扫描

1.1 影响全球的六大网络安全事件,累计影响遍及全球

1.1.1维基解密CIA绝密文件泄露事件

2017年3月7日,维基解密(WiKiLeaks)公布了数千份文档并揭秘了美国中央情报局关于黑客入侵技术的最高机密,根据泄密文档中记录的内容,该组织不仅能够入侵iPhone手机、Android手机和智能电视,而且还可以入侵攻击Windows、Mac和Linux操作系统,甚至可以控制智能汽车发起暗杀活动。外界将此次泄漏事件取名为Vault 7,Vault 7公布的机密文件记录的是美国中央情报局(CIA)所进行的全球性黑客攻击活动。

Vault7包含8761份机密文档及文件,这些文件记录了CIA针对Android以及苹果智能手机所研发的入侵破解技术细节,其中有些技术还可以拿到目标设备的完整控制权。维基解密创始人阿桑奇表示,文件显示出“CIA网络攻击的整体能力”,而维基解密在发布这些文件时声称“CIA的网络军械库已失控”。

1.1.2影子经纪人公开NSA(美国国家安全局)黑客武器库

2017年4月14日,影子经纪人(Shadow Brokers)在steemit.com上公开了一大批NSA(美国国家安全局)“方程式组织” (Equation Group)使用的极具破坏力的黑客工具,其中包括可以远程攻破全球约70%Windows机器的漏洞利用工具。任何人都可以使用NSA的黑客武器攻击别人电脑。其中,有十款工具最容易影响Windows个人用户,包括永恒之蓝、永恒王者、永恒浪漫、永恒协作、翡翠纤维、古怪地鼠、爱斯基摩卷、文雅学者、日食之翼和尊重审查。黑客无需任何操作,只要联网就可以入侵电脑,就像冲击波、震荡波等著名蠕虫一样可以瞬间血洗互联网。

1.1.3 “WannaCry”敲诈勒索病毒5月12日在全球爆发

2017年5月12日,“WannaCry”(想哭)比特币勒索病毒在全球范围内爆发,本次事件波及150多个国家和地区、10多万的组织和机构以及30多万网民,损失总计高达500多亿人民币。包括医院、教育机构以及政府部门,都无一例外的遭受到了攻击。勒索病毒结合蠕虫的方式进行传播,是此次攻击事件大规模爆发的重要原因。

用户中毒后最明显的症状就是电脑桌面背景被修改,许多文件被加密锁死,病毒弹出提示,要求用户向相关比特币地址转账300美元以便解锁文件。目前安全公司已经找到恢复加密文件的相关办法。

1.1.4 FireBall火球病毒感染超过2.5亿电脑

2017年6月1日,国外安全机构Check Point发报告称在国外爆发了“FireBall”病毒,并声称全球有超过2.5亿台电脑受到感染,其中受影响最大的国家分别是印度(10.1%)和巴西(9.6%)。美国有550万台电脑中招,占2.2%。受感染的企业网络中,印度和巴西分别占到43%和38%,美国则为10.7%。

此恶意软件强行将浏览器主页改为自家网站和搜索引擎,并将搜索结果重定向到谷歌或雅虎。这些伪造的搜索引擎跟踪用户数据,暗中搜集用户信息。而制作此病毒的作者为中国的Rafotech公司,目前该公司网站已无法访问。

1.1.5“暗云”系列病毒升级为“暗云III”再度来袭

2017年6月9日,腾讯电脑管家检测到,早在2015年就被首次发现并拦截查杀的“暗云”病毒死灰复燃,升级为“暗云Ⅲ”,通过下载站大规模传播,同时通过感染磁盘MBR实现开机启动,感染用户数量已达数百万。

升级过后的“暗云Ⅲ”将主要代码存储在云端,可实时动态更新,其功能目前主要有下载推广恶意木马、锁定浏览器主页、篡改推广导航页id等。用户一旦中招,电脑便会沦为“肉鸡”形成“僵尸网络”,并利用DDoS攻击影响搭建在某云服务商平台上的棋牌类网站,导致该网站访问变得异常卡慢。

1.1.6新一轮勒索病毒“Petya”来袭,更具破坏性

2017年6月27日,新一轮勒索病毒“Petya”袭击了欧洲多个国家,包括乌克兰、俄罗斯、印度、西班牙、法国、英国、丹麦等国在内都遭受了攻击,这些国家的政府、银行、企业、电力系统、通讯系统及机场等都受到了不同程序的影响。

此病毒相比“WannaCry”更具破坏性,病毒对电脑的硬盘MFT进行了加密,并修改了MBR,让操作系统无法进入。而根据相关的分析表示,开机界面上留下来的信息即使提供给黑客也是没有办法进行解密的,因此,不得不怀疑此次“Petya”病毒的真正目的。“Petya”更像是在做有目的性的攻击,对目标进行无法修复的破坏性攻击,而并非以敲诈勒索为目的。

1.2《中华人民共和国网络安全法》正式施行

6月1日,我国第一部全面规范网络空间安全管理的基础性法律——《中华人民共和国网络安全法》正式施行,共有七章七十九条,内容十分丰富,具有六大突出亮点。一是明确了网络空间主权的原则;二是明确了网络产品和服务提供者的安全义务;三是明确了网络运营者的安全义务;四是进一步完善了个人信息保护规则;五是建立了关键信息基础设施安全保护制度;六是确立了关键信息基础设施重要数据跨境传输的规则。

同时新法还指出应采取多种方式培养网络安全人才,促进网络安全人才交流。新法的施行标志着我国网络安全从此有法可依,网络空间治理、网络信息传播秩序规范、网络犯罪惩治等即将翻开崭新的一页,对保障我国网络安全、维护国家总体安全具有深远而重大的意义。

1.3中国网民规模相当于欧洲人口总量,安全人才缺口高达95%

1.3.1中国网民规模达7.31亿,相当于欧洲人口总量

截至2016年12月,我国网民规模达7.31亿,普及率达到53.2%,超过全球平均水平3.1个百分点,超过亚洲平均水平7.6个百分点。全年共计新增网民4299万人,增长率为6.2%。中国网民规模已经相当于欧洲人口总量。

1.3.2移动端网民规模持续增长,手机网民占比达95.1%

截至2016年12月,我国手机网民规模达6.95亿,增长率连续三年超过10%。台式电脑、笔记本电脑的使用率均出现下降,手机不断挤占其他个人上网设备的使用。

1.3.3安全人才缺口巨大,高达95%

虽然我国网民数量已居全球首位,但我国从事信息安全行业的人非常少,安全人才及其匮乏。据相关资料显示,近年我国高校教育培养的信息安全专业人才仅3万余人,而网络安全人才总需求量则超过70万人,缺口高达95%。7.1亿中国网民的网络安全问题,已成为行业乃至国家亟待解决的问题。

北京电子科技学院副院长、教育部高等学校信息安全专业教学指导委员会秘书长封化民指出,当前中国重要行业信息系统和信息基础设施需要各类网络信息安全人才还将以每年1.5万人的速度递增,到2020年相关人才需求将增长到140万。但是目前,我国只有126所高校设立了143个网络安全相关专业,仅占1200所理工院校的10%。

二、2017上半年网络病毒威胁形势分析

2.1腾讯安全反病毒实验室PC端病毒拦截超10亿,环比增30%

2.1.1 木马病毒拦截量平均每月近1.7亿次

2017年上半年腾讯安全反病毒实验室统计数据显示,PC端总计已拦截病毒10亿次,病毒总体数量相比2016年下半年腾讯安全反病毒实验室拦截的病毒数增长30%;平均每月拦截木马病毒近1.7亿次。4月、6月为拦截病毒的高峰,拦截量均为1.8亿次。

2017年Q2季度相较于2016年Q2季度,腾讯安全反病毒实验室病毒拦截量同比增长了23.7%。从2014年到2017年Q2季度病毒拦截量来看,恶意程序数量逐年攀升。

2.1.2 PC端广东用户中毒最多,中毒高峰期为上午9-11点

2.1.2.1 上半年共发现2.3亿次用户机器中木马病毒 

2017年上半年腾讯安全反病毒实验室共发现2.3亿次用户机器中木马病毒,相比2016年下半年下降0.5%,平均每月为3,880万中毒机器进行病毒查杀。2017年Q2季度相比Q1季度中毒机器数略有增长。

2017年Q2季度相较于2016年Q2季度报毒用户量同比增长3%。从2015年到2017年Q2季度中毒机器数增长趋势明显,呈逐年递增状态。

2.1.2.2 PC端用户中毒高峰期为上午9点到11点

根据统计,每天中毒高峰时间为上午10点-上午11点,符合企业及普通用户上午9点-上午11点开启电脑处理工作的规律。这段时间用户中毒的病毒类型较多为利用邮件、共享等方式传播的Office文档类宏病毒,说明企业办公安全防护形势依旧严峻。

2.1.2.3 PC端中毒用户省份最多为广东,其中深圳市居首

根据腾讯安全反病毒实验室监测到的中毒PC数量统计,从城市分布来看,互联网较为发达的城市用户中毒情况较重,全国拦截病毒排名第一城市为深圳市,占全部拦截量的3.76%,第二名为成都市,占全部拦截量的3.57%,第三名为广州市,占全部拦截量的3.39%。

从省级地域分布来看,全国PC中毒数量最多的是广东省,占全部拦截量的13.29%,第二名为江苏省,占全部拦截量的7.75%,第三名为山东省,占全部拦截量的7.12%。

2.1.3第一大病毒种类为占比53.8%的木马病毒,勒索病毒新增13.39%

2.1.3.1 PC端第一大种类病毒依然是木马,PE感染型病毒种类少但传播性大

根据腾讯安全反病毒实验室2017年Q2季度获取到的病毒样本分析,从病毒种类上,木马类占总体数量的53.80%,依然是第一大种类病毒。Adware类(广告软件、强制安装、收集用户隐私、弹垃圾信息等)为第二大病毒类,占总体数量的39.02%。后门类为第三大病毒类,占总体数量的5.13%。相比2017年Q1季度,病毒种类并没有太大变化。

从病毒样本的数量上来划分,排在第一位和第二位的仍然是木马类和Adware类,但排在第三位的变成了PE感染型,占总体数量的25.07%。

感染型样本的种类并不多,这与感染型病毒制作难度大、黑客等编程人员需要掌握的技术多、成本高、开发时间久等因素有关。同时,感染型病毒的传播性很大,存活时间相对也比较久,因此,种类少的PE感染型种类在样本传播量级上占了一定的比例,这也是由于感染型病毒具有大范围感染、快速传播的特性。

2.1.3.2敲诈勒索病毒样本数量Q2新增13.39%,第一并不是WannaCry

敲诈勒索病毒是以敲诈勒索钱财为目的,使得感染该木马的计算机用户系统中的指定数据文件被恶意加密,造成用户数据丢失。目前,由国外传进国内的敲诈勒索病毒大多需要支付比特币赎金才能进行解密。由于比特币完全匿名流通,目前技术手段无法追踪敲诈勒索病毒背后的幕后操纵者,这也使得敲诈勒索病毒从2013年后呈现爆发式增长。

敲诈勒索病毒查杀量

根据腾讯安全反病毒实验室检测到的敲诈勒索病毒显示,2017上半年总计已发现敲诈勒索病毒样本数量在300万左右,平均每月检测到敲诈勒索病毒数量近50万个,Q2季度勒索病毒样本数量较Q1季度新增13.39%。5月、6月为拦截病毒的高峰,分别为57万个、53万个。

敲诈勒索病毒种类

根据相关数据分析显示,5月12日爆发的WannaCry敲诈勒索病毒是本季度最活跃、影响最大的病毒。该病毒与其他病毒在传播方式上有显著差异,由于使用了windows系统漏洞,使得该病毒能够在全球范围内传播,成为本季度的热点安全事件。在6月27号一种名为Petya的新型勒索病毒开始在世界各地传播,其敲诈手段与WannaCry相似,但更具有破坏性,直接加密了用户硬盘的MFT并修改了MBR,导致用户无法进入到windows系统。

以上病毒影响虽大,但从样本量上来看,最大的还是带有感染传播方式的PolyRansom病毒。此病毒会感染、加密用户的文件进行敲诈,但由于并没有使用像WannaCry病毒之类的密钥加密方式,而是使用了简单的加密算法,并且算法可逆,杀毒软件可以帮助用户正常恢复文件,因此虽然在样本量上排名第一,但影响并不是很大。此类敲诈病毒占了所有敲诈类病毒的78.84%,由此可见感染型病毒的传播能力之强。

从样本量上来看,除感染型敲诈病毒外,排在第一的是Blocker,占全部敲诈类病毒的36.82%,第二大类是Zerber,占全部敲诈类病毒的23.63%,第三大类才是本季度影响最大的WannaCry敲诈病毒,占全部敲诈类病毒的12.06%。WannaCry病毒量之所以快速上升到了第三的位置,是因为传播手段使用了漏洞传播。

目前的敲诈勒索病毒主要采用以下几种传播方式:

文件感染传播

文件感染传播是利用感染型病毒的特点进行传播,如PolyRansom病毒就是利用感染型病毒的特点,加密用户所有文档后再弹出勒索信息。由于PE类文件被感染后具有了感染其他文件的能力,因此如果此文件被用户携带(U盘、网络上传等)到其他电脑上后运行,就会使得该电脑的文件也被全部感染加密。

网站挂马传播

网站挂马通过是在获取网站或者网站服务器的部分或全部权限后,在网页文件中插入一段恶意代码,这些恶意代码主要包括IE等浏览器漏洞利用代码。用户访问被挂马的页面时,如果系统没有更新恶意代码中利用的漏洞补丁,则会执行恶意代码。

该类病毒也可以利用已知的软件漏洞进行攻击,例如利用Flash、PDF软件漏洞,向网站中加入带有恶意代码的文件,用户使用带有漏洞的软件打开文件后便会执行恶意代码,下载病毒。

利用系统漏洞传播

5月爆发的WannaCry就是利用Windows系统漏洞进行传播,利用系统漏洞传播的特点是被动式中毒,即用户没有去访问恶意站点,没有打开未知文件也会中毒。此种病毒会扫描同网络中存在漏洞的其他PC主机,只要主机没有打上补丁,就会被攻击。

腾讯反病毒实验室提醒大家,及时更新第三方软件补丁,及时更新操作系统补丁,以防被已知漏洞攻击。

邮件附件传播

通过邮件附件进行传播的敲诈勒索病毒通常会伪装成用户需要查看的文档,如信用卡消费清单、产品订单等。附件中会隐藏恶意代码,当用户打开后恶意代码便会开始执行,释放病毒。这类伪装病毒通常会批量发送给企业、高校、医院机构等单位,这些单位中的电脑中通常保存较重要的文件,一旦被恶意加密,支付赎金的可能性远远超过普通个人用户。

网络共享文件传播

一些小范围传播的敲诈勒索病毒会通过共享文件的方式进行传播,病毒作者会将病毒上传到网络共享空间、云盘、QQ群、BBS论坛等地方,以分享的方式发送给特定人群诱骗下载安装。

腾讯反病毒实验室提醒用户,下载软件请到官方正规渠道下载安装,切勿下载未知程序,如需要使用未知来源的程序,可提前安装腾讯电脑管家进行安全扫描。

2.2 移动端共查杀Android病毒6.93亿次,手机染毒用户数超1亿

2.2.1移动端病毒包增长趋势减缓,但总数仍有899万

2017年上半年腾讯手机管家截获Android新增病毒包总数达899万,相较2016年上半年有小幅度下降,但总数仍十分巨大。

2.2.2 移动端广东用户中毒最多,染毒手机用户数同比减少45.67%

2.2.2.1上半年腾讯手机管家共查杀Android病毒6.93亿次

在病毒感染用户数大幅下降的情况下,2017年上半年腾讯手机管家查杀病毒次数却达到6.93亿次,同比增长124.24%,总数是2016年上半年的一倍有余。恶意程序和木马病毒的制作成本降低、病毒传播渠道多样化是造成这一现象的重要因素。

除6月以外,2017年上半年每月查杀病毒次数均超过1亿次,其中1月份查杀次数更高达1.36亿次,几乎与2014年上半年1.4亿的查杀次数持平。

2.2.2.2 2017年上半年染毒手机用户数超1亿 

2017年上半年病毒感染用户数为1.09亿,同比减少45.67%,与2015年、2016年上半年相比皆有所下降。

2017年1月单月感染用户数达到2166万,为上半年最高纪录,此后感染用户数开始缓慢下降。

2.2.2.3 移动端中毒用户数量广东居首

在感染手机病毒的用户地域分布方面,广东排名第一,占比高达11.41%。

2.2.3流氓行为和资源占比超80%,二维码最易中毒

2.2.3.1移动端病毒中流氓行为和资费消耗占比超80%

2017年上半年手机病毒类型比例中,流氓行为和资费消耗占比最高,以44.59%和44.44%的比例分列一、二位。排名第三的隐私获取同样占据了5.85%,诱骗欺诈、恶意扣费、远程控制、系统破坏和恶意传播占比分别为1.94%、1.55%、0.80%、0.74%和0.08%。

流氓行为是指病毒私自执行具有流氓属性的恶意行为。如近期因WannaCry病毒而再次引起关注的手机锁屏勒索病毒就带有流氓行为。这类病毒主要通过论坛贴吧等途径进行扩散,制毒者通常会利用外挂、免费、刷钻、红包等字眼对木马病毒进行包装,诱导用户下载安装。病毒完成安装后就会强制锁定手机屏幕,迫使受害者不得不联系制毒者付款,才能使设备恢复正常。

不管是电脑还是手机,带有流氓行为的勒索病毒给用户带来的损失都是难以估量的,如果不慎中毒,不仅会造成财产损失,还将导致重要资料丢失,因此用户应谨慎防范。

资费消耗也是常见的手机病毒类型,此类病毒通常在用户不知情或未授权的情况下,通过发送短信、频繁连接网络等方式,导致用户资费损失。部分恶意推广病毒以帮助第三方广告商提高点击量为目的,通过诱导用户下载安装病毒,获取手机Root权限,执行下载恶意广告软件。这些软件会不断推送各种弹窗广告,影响用户手机体验,更甚者还会泄露用户隐私信息、盗走网银账户等,造成严重的人身及财产安全。

感染了全球超3600万安卓设备的恶意广告点击软件“Judy”就属于资费消耗类手机病毒。该恶意软件暗藏于一款韩国手游中,在完成下载安装后,会将感染设备的信息发送到目标页面,并在后台自动下载恶意代码并访问广告链接,盗刷用户流量,给用户造成资费消耗。

2.2.3.2 二维码、软件捆绑是移动病毒主要渠道来源

手机病毒渠道来源主要有七大类,分别是二维码、软件捆绑、电子市场、网盘传播、手机资源站、ROM内置和手机论坛。病毒渠道入口的分散化与多元化,也进一步增加了用户染毒的几率与风险。

2017年上半年,二维码成为了主流病毒渠道来源,占比高达20.80%。二维码在各大领域的普及让越来越多的用户养成了随手扫码的习惯,制毒者也因此加大针对二维码渠道的病毒包投放比例。部分被嵌入病毒的二维码,只要一扫就会自动下载恶意病毒,轻则造成手机中毒,重则导致个人隐私信息泄露,造成财产损失等。

三、反骚扰诈骗效果显著,但用户损失形势严峻

3.1上半年垃圾短信数超5.86亿条,非法贷款类超50%

3.1.1 2017年上半年垃圾短信持续增长 总数接近6亿

较低的传播成本及其背后存在的巨大利益链,导致垃圾短信一直难以得到有效整治,用户举报数也是有增无减。2017年上半年,腾讯手机管家共收到用户举报垃圾短信数5.86亿条,同比增长40.69%,是2014年上半年的2倍有余。

3.1.2用户举报垃圾短信最多的省份为广东,最多的城市为深圳

在垃圾短信的地域省份分布方面,用户举报垃圾短信最多的前三省份分别为广东、江苏和山东,占比分别为12.91%、6.98%和5.70%。此外河南、浙江、四川、河北、北京、湖南和上海同样位列前十。这些省份或直辖市普遍分布在东部沿海和中部地区,人口密集和经济发达是它们最大的共同点,这也为诈骗分子批量发送垃圾短信并牟取利益创造了有利条件。

城市方面,2017年上半年深圳用户共举报垃圾短信2334万条(占比3.98%),成都、广州和苏州分列二至四位,垃圾短信举报数均为千万级别。

3.1.3 2017年上半年常见的诈骗短信类型

虽然诈骗短信举报量整体呈现下降趋势,但其手段的多样化和隐秘性却让诈骗短信的危害性始终高居不下。据腾讯手机管家监测到的2857万条诈骗短信显示,非法贷款、网购、病毒网址、恶意网址和伪基站是占比最高的几大诈骗短信类型。

其中非法贷款类诈骗短信一家独大,占比超过50%。在现代人“有房万事足”和依靠买房寻求安全感的社会大背景下,贷款买房成为了一大社会需求。骗子也紧跟这一社会痛点,大量发送非法贷款短信,借此牟利。

3.2骚扰电话用户标记量达2.35亿次,同比下降27.12%

3.2.1 2017年上半年用户共标记骚扰电话2.35亿次 同比下降27.12%

在经历了2015年上半年的爆发式增长后,2016年上半年开始,骚扰电话标记数呈现逐年下降趋势,2017年上半年骚扰电话标记总数为2.35亿次,相较2016年上半年同比下降27.12%。

3.2.2 2017年上半年骚扰电话超过50%为响一声

用户标记的骚扰电话类型主要分为5大类。其中,响一声排名第一,占比超过50%。这类骚扰电话虽然不会对用户造成实质性危害,但仍会影响手机使用,干扰用户。诈骗电话占比15.14%,排名第二,此外广告推销、房产中介和保险理财等也占据了一定比例。

3.2.3 骚扰电话中索要验证码占比最高

据腾讯手机管家用户主动上报的骚扰电话恶意线索情况显示,索要验证码、假冒领导、转账、网购和犯法是最常见的关键词。其中索要验证码占比最高,将近24.74%的骚扰电话中,骗子会通过各种手段索要验证码,而验证码作为重要的隐私信息,一旦泄露,很容易会造成财产损失。

3.2.4 诈骗电话标记数同比下降59.68%,北京最多

在用户已标记的2.35亿次骚扰电话中,诈骗类电话占比虽远不及响一声多,但其造成的实质性危害却最大。基于腾讯手机管家用户诈骗电话标记相关数据显示,2017年上半年诈骗电话标记数同比下降59.68%,总数为3559万。

这些诈骗电话针对的目标地域较为明确,以东部沿海经济发达地区与内陆中心省份为主。城市方面,北京是诈骗电话标记数最多的城市,总数达182.6万。深圳和广州分别以141.8万和125.7万的标记数紧随其后。上海、西安、长沙、成都、杭州、重庆和武汉则分列第四至十位。

3.3 恶意网址拦截次数高达478亿,色情欺诈网站居首

3.3.1 2017年上半年检出恶意网址数量超1.83亿

2017年上半年,腾讯安全在PC和移动端共计检测出恶意网址数量超过1.83亿,整体呈现波动上升趋势。其中6月份检测出3575万个恶意网址,为上半年最高纪录,4月份则最低,检测数量为2553万。

3.3.2色情欺诈网站仍是恶意网址主要作案手段

在有效检测恶意网址的同时,2017年上半年腾讯安全在PC和移动端共拦截恶意网址高达478亿次,相当于每天拦截2.65亿次。这一庞大数据也进一步说明了互联网安全的严峻形势。

在腾讯安全拦截的恶意网址中,色情欺诈网站、博彩网站、信息诈骗、恶意文件、虚假广告和钓鱼欺诈网站是传播最广泛的六大类恶意网址。其中色情欺诈网站占据半壁江山,占比为51.98%,色情欺诈网站会内嵌欺诈广告或诱骗用户进行在线支付。恶意网址也会内嵌在诈骗短信中进行传播,以增加迷惑性,因此用户在看到短信中的网址时,应自觉提高警惕性,切记不要随便点击。

3.4 iOS骚扰及诈骗电话降幅约35%,日历广告成新的骚扰

3.4.1 iOS骚扰电话和诈骗电话出现较大幅度下降

2016年9月,腾讯手机管家携手苹果公司推出iOS10全新版本,首次增加拦截骚扰和诈骗电话功能,有效缓解了iOS用户倍受困扰的骚扰电话难题。数据显示,2017年上半年iOS用户共标记骚扰电话1449.2万次,诈骗电话219.6万次。

从整体趋势上看,上半年iOS骚扰电话标记数呈现波动下降趋势,1月标记数最高,为319.5万次,4月则只有202万次,为上半年最低峰。相较而言,诈骗电话整体趋势则更加稳定。从以上各项数据可以看出,2017年上半年骚扰电话和诈骗电话都出现了较大幅度的下降,这离不开相关部门、手机运营商和手机用户的共同努力。

3.4.2日历广告成苹果手机的第三大骚扰

垃圾信息、骚扰电话、日历广告逐渐成为iPhone用户的主要骚扰源头。其中,日历广告骚扰问题日益严重。61.1%的用户遭遇过日历广告,其中博彩广告、房地产广告、打车软件广告居前三。

3.5 腾讯麒麟系统打击伪基站保护1.5亿人次

3.5.1腾讯麒麟系统共拦截2.3亿条诈骗短信,保护1.5亿人次

2017年上半年度,腾讯麒麟伪基站实时定位系统为全国用户拦截2.3亿条伪基站诈骗短信,总计影响人数达1.5亿人次。

3.5.2伪基站地域特征:川陕京鄂湘五省最多

从地域上看,腾讯麒麟为四川、陕西、北京、湖北、湖南用户拦截的诈骗短信数量最多,这5个省级行政区拦截的诈骗短信数量超过全国总量50%以上。

从城市来看,拦截诈骗短信数量Top 10的城市如北京、成都、西安等几乎均为省会城市或经济较发达城市,由于人口密集、城市居民收入较高,被伪基站诈骗团伙列入重点攻击对象。

3.5.3 伪基站作案时间特征:工作时间最频繁

从作案时间来看,伪基站诈骗短信发送之间集中在上午9时至下午19时,其中又以上午10时至12时、下午15时至18时为两个高峰。不难看出,诈骗短信高峰期与每日工作时段相合。

3.5.4内容特征:工商银行、中国移动最“躺枪”

伪基站短信类型中,积分兑换、账户异常和银行信用卡提额类则占比接近90%。这三类常与运营商、银行有关,常以积分到期清零、信用卡提额、账户实名、异常等理由进行诈骗。

腾讯麒麟拦截的伪基站仿冒端口中,仿冒工商银行的诈骗短信最多(高达52%),Top 5仿冒端口除中农工建四大银行,还有运营商中国移动。不难看出,这些“躺枪”的企业是因为用户群体巨大,业务模式中短信息又尤为重要,所以成为伪基站诈骗团伙主要模拟的发送对象。

伪基站短信触达用户的运营商分布中,中国移动占比74%,位居其后是中国电信(16%)、中国联通(10%)。

四、2017年上半年安全人才建设进展及成果

4.1《网络安全法》促进对人才的综合性培养

2017年6月1日起施行的《网络安全法》首次以法律条款的形式对网络空间安全领域的人才问题进行规定,不仅体现出国家对网络人才的重视,更是为国务院以及各地方出台网络安全人才培养的细则提供了最高位阶的法律依据。

《网络安全法》规定:国家支持企业和高等学校、职业学校等教育培训机构开展网络安全相关教育与培训,采取多种方式培养网络安全人才,促进网络安全人才交流。网络安全人才不仅包括技术人才,也包括管理人才。当前网络安全不仅是技术的较量,更是理念、规则的较量,熟悉国际规则、大国关系的网络安全人才在未来的网络空间竞争中能够发挥更大的作用。因此,网络安全人才的培养不仅要培养传统型人才,更要立足国内,放眼全球,培养懂得网络外交的综合性人才。

同时,条款中规定的“网络安全人才的交流”,体现了我国对于人才培养机制的开放创新理念。人才的培养离不开与先进国家的学术研讨和技术交流,各企业机构应当吸引国外的高端技术人才,同时加快我国顶尖人才的培养。

4.2 安全人才培养“腾讯模式”:打造人才闭环

作为互联网安全开放平台的倡导者,腾讯一直将“网络安全”当作企业顶层设计的重要组成部分和战略性工程。在持续关注和支持安全人才选拔和培养的过程中,腾讯目前已经逐渐在校园招聘、社会招聘、内部人才的培训晋升、薪酬福利等方面摸索出一套安全人才选拔制度;同时,通过持续打造顶级安全赛事和推动人才培养计划,腾讯已经逐渐形成一套成熟、完善,并可供社会借鉴的安全人才培养体系。

腾讯在2017年联合各方发起了腾讯信息安全争霸赛(TCTF),通过国际化的赛制发掘人才、通过优质辅导机制和专业的导师队伍培养人才以及通过搭建企业与高校的桥梁输送人才。同时,腾讯通过打造“百人计划”,构建互联网安全人才培养的闭环,通过TCTF大赛的层层比赛考试,选拔出最具潜力的百名安全人才,并通过后续持续培养,打造互联网安全领域复合型、领军型人才。

腾讯希望以TCTF作为专业安全人才培养平台在企业与高校间搭建起桥梁,形成集选拔、培养、输送于一体的人才闭环,为中国安全新生力量提供多维的成长环境,进一步推动我国网络安全事业发展。

4.3腾讯安全联合实验室成立一周年:护航六大互联网关键领域

2016年7月,腾讯安全整合旗下实验室资源,成立国内首个互联网实验室矩阵——腾讯安全联合实验室,旗下涵盖包括科恩实验室、玄武实验室、湛泸实验室、云鼎实验室、反病毒实验室、反诈骗实验室、移动安全实验室在内的七大实验室。实验室专注安全技术研究及安全攻防体系搭建,安全防范和保障范围覆盖了连接、系统、应用、信息、设备及云,触达六大互联网关键领域。

2016年,腾讯安全联合实验室为谷歌、微软、苹果、adobe等国际厂商共计挖掘269个漏洞,位居国内第一。另外,凭借“全球首次远程无物理接触方式入侵特斯拉汽车”研究成果,腾讯安全联合实验室科恩实验室入选“特斯拉安全研究员名人堂”,并获特斯拉CEO马斯克的亲笔致谢。

在举国关注的反诈骗领域,腾讯安全联合实验室中的反诈骗实验室基于多年来在反诈骗领域的深耕研究,已经形成一整套基于AI创新+能力开放的反欺诈评价新标准,形成有效的止损模式。在AI创新和能力开放的双轮驱动下,实验室目前已推出鹰眼反电话诈骗系统、麒麟伪基站实时定位系统、神荼反钓鱼系统、神侦资金流查控系统、神羊情报分析平台五大系统,并通过腾讯云的SaaS服务开放给有需要的政府单位、企业等,帮助用户防范互联网诈骗。

五、安全热点事件盘点

5.1 勒索病毒集中爆发及病毒详解

5.1.1 WannaCry敲诈勒索病毒5月12日在全球爆发

事件背景:

5月12日,WannaCry(想哭)比特币勒索病毒让在全球范围内爆发。据腾讯安全反病毒实验室安全研究人员分析发现,此次勒索事件与以往相比最大的区别在于,勒索病毒结合了蠕虫的方式进行传播。由于在NSA泄漏的文件中,WannaCry传播方式的漏洞利用代码被称为“EternalBlue”,所以也有的报道称此次攻击为“永恒之蓝”。

病毒详解:

勒索病毒近两年的爆发,很大程度上与加密算法的日益完善有关。密码学及算法的不断更新保证了我们日常网络中数据传输和保存的安全性。遗憾的是,勒索病毒的作者也利用了这个特性,使得我们虽然知道了木马的算法,但由于不知道作者使用的密钥,也就没有办法恢复被恶意加密的文件。

加密算法通常分为对称加密算法和非对称加密算法两大类。这两类算法在勒索病毒中都被使用过。

对称加密算法的加密和解密使用的是完全相同的密钥,特点是运算速度较快,但是单独使用此类算法时,密钥必须使用某种方法与服务器进行交换,在这个过程中存在被记录和泄漏的风险。勒索病毒常用的对称加密算法包括AES算法和RC4算法。

非对称加密算法也被称为公钥加密算法,它可以使用公开的密钥对信息进行加密,而只有私钥的所有者才可以解密,因此只要分发公钥并保存好私钥,就可以保证加密后的数据不被破解。与对称加密相比,非对称加密算法的运算速度通常较慢。勒索病毒常用的非对称加密算法包括RSA算法和ECC算法。

通常,勒索病毒会将这两大类加密算法结合起来使用,既可以迅速完成对整个电脑大量文件的加密,又能保证作者手中的私钥不被泄漏。

5.1.2 新一轮勒索病毒“Petya”来袭,更具破坏性

事件背景: 

6月27日新一轮勒索病毒Petya袭击了欧洲多个国家。此病毒相比WannaCry更具破坏性。病毒对电脑的硬盘MFT进行了加密,并修改了MBR,让操作系统无法进入。相比此前,Petya更像是有目的性的攻击,而并非简单的敲诈勒索。腾讯哈勃分析系统已经能够识别此病毒并判定为高度风险,利用腾讯电脑管家可查杀该病毒。

病毒详解:

Petya勒索病毒变种中毒后会扫描内网的机器,通过永恒之蓝漏洞自传播,达到快速传播的目的。有国外安全研究人员认为,Petya勒索病毒变种会通过邮箱附件传播,利用携带漏洞的DOC文档进行攻击。中毒后,病毒会修改系统的MBR引导扇区,当电脑重启时,病毒代码会在Windows操作系统之前接管电脑,执行加密等恶意操作。电脑重启后,会显示一个伪装的界面,此界面实际上是病毒显示的,界面上假称正在进行磁盘扫描,实际上正在对磁盘数据进行加密操作。

5.1.3勒索病毒腾讯安全应对方案

针对勒索病毒集中爆发,腾讯安全紧急发布应对方案,针对事前防范、事中病毒清理和事后文件恢复三种情形,向广大用户提出处理建议:

事前预防

1.利用电脑管家的勒索病毒免疫工具,自动化安装系统补丁和端口屏蔽,或手动下载、安装。

2.备份数据,安装安全软件,开启防护。

a)对相关重要文件采用离线备份(即使用U盘等方式)等方式进行备份;

b)利用部分电脑带有的系统还原功能,在未遭受攻击之前设置系统还原点,遭受攻击之后可以还原系统,防御文件加密;

c)安装腾讯电脑管家,开启实时防护,避免遭受攻击;

d)采用电脑管家的文档守护者进行文件的备份、防护。

3.建立灭活域名实现免疫。

根据对已有样本分析,勒索软件存在触发机制,如果可以成功访问指定链接,电脑便会在中了勒索病毒后直接退出,便不会进行文件加密。

a)普通用户在可以联网状态下,保证对该网址的可访问,则可以避免在遭受攻击后避免被加密(仅限于已知勒索病毒);

b)企业用户可以通过在内网搭建Web Server,然后通过内网DNS的方式将域名解析到Web Server IP的方式来实现免疫;通过该域名的访问情况也可以监控内网病毒感染的情况。

事中病毒清理

1.拔掉网线等方式隔离已遭受攻击电脑,避免感染其他机器。

2.利用电脑管家的杀毒功能直接查杀勒索软件,直接进行扫描清理(已隔离的机器可以通过U盘等方式下载离线包安装)。

3.备份相关数据后直接进行系统重装。

事后文件恢复

1.勒索软件带有恢复部分加密文件的功能,可以直接通过勒索软件恢复部分文件;或直接点击勒索软件界面上的”Decrypt”可弹出恢复窗口,恢复列表中文件。

2.可以使用第三方数据恢复工具尝试数据恢复,云上用户可直接联系腾讯安全云鼎实验室协助处理。

5.2 DDOS攻击不断,暗云变种频繁来袭

事件背景:

6月9日,一场2017年以来最大规模的DDoS网络攻击活动席卷全国,腾讯安全云鼎实验室发布溯源分析报告,通过对攻击源机器进行分析,工程师在机器中发现暗云Ⅲ的变种。通过对流量、内存DUMP数据等内容进行分析,腾讯云鼎实验室确定本次超大规模DDoS攻击由“暗云”黑客团伙发起。升级过后的“暗云III”将主要代码存储在云端,可实时动态更新。

病毒详解:

“暗云”系列木马自2015年初被腾讯反病毒实验室首次捕获并查杀,至今已有两年多。在这两年多时间里,该木马不断更新迭代,持续对抗升级。

从今年4月开始,该木马卷土重来,再次爆发,本次爆发的暗云木马相比之前的版本有比较明显的晋级特征,因此我们将其命名为暗云Ⅲ。暗云Ⅲ与之前版本相比有以下特点和区别:

第一、更加隐蔽,暗云Ⅲ依旧是无文件无注册表,与暗云Ⅱ相比,取消了多个内核钩子,取消了对象劫持,变得更加隐蔽,即使专业人员,也难以发现其踪迹。

第二、兼容性,由于该木马主要通过挂钩磁盘驱动器的StartIO来实现隐藏和保护病毒MBR,此类钩子位于内核很底层,不同类型、品牌的硬盘所需要的 hook点不一样,此版本木马增加了更多判断代码,能够感染市面上的绝大多数系统和硬盘。

第三、针对性对抗安全软件,对安全厂商的“急救箱”类工具做专门对抗,通过设备名占坑的方式试图阻止某些工具的加载运行。

5.3上半年重点诈骗类案件盘点

5.3.1 8.19徐玉玉电信诈骗案宣判

2016年8月,刚刚被南京邮电大学的徐玉玉,接到了一通诈骗电话,对方以奖学金的名义,骗走徐玉玉上大学的费用9900元。报案后的徐玉玉情绪异常,导致心源性猝死,不幸离世,引发社会对电信诈骗的空前关注。此案于2017年7月19日公开宣判,主犯陈文辉被判处无期徒刑,没收个人全部财产。其他六名被告人被判15年到3年不等的有期徒刑并处罚金。这一判决,向社会传递了法院依法从严惩处电信网络诈骗犯罪的鲜明态度。

防范建议:徐玉玉的惨剧足够引起公众的警惕。互联网时代,每个人的信息流转都在线上通过不同的渠道流转,给了不法分子可乘之机。面对如此环境,我们更应该对陌生电话和短信保持警觉。哪怕对方能说出个人精确的信息,都不能亲信,任何事件都需要经由可靠渠道多方验证,以保护自身安全。

5.3.2河南特大电信诈骗案:谎称卖高考答案骗近百考生300万元

2017年6月,河南鹤壁市警方破获了这起特大电信诈骗案,抓获犯罪嫌疑人两人,缴获作案用银行卡70余张。这些犯罪嫌疑人假借售卖高考试题答案的方式,通过网络对高考考生实施诈骗。据警方初步调查,诈骗受害人累计超过3500余人,涉案金额超过300万元。

防范建议:每年高考录取期间,都是高考诈骗案件高发的时间段。考生和家长需要谨防一切所谓“内部指标”、虚假查分网址、虚假查询录取结果等以高考招生为名的各种诈骗手段,切勿抱有侥幸心理,上当受骗。

5.3.3武汉女教师遭遇连环电信诈骗 7个月被骗253万

武汉某中学教师陈女士,名校硕士学历,2017年5月向警方报警遭遇诈骗。据了解,2016年11月,陈老师接到一陌生来电,称其社保卡被盗刷,并直接将电话转至“湖南省公安厅”。接电话的“民警“称陈女士牵涉到一桩诈骗洗钱案,为“洗刷罪名”,陈女士半年时间累计向对方转账253万,为此欠下债务达300多万。目前案件仍在侦办中。

防范建议:民众需要警惕陌生电话和短信。当接到疑似诈骗电话或短信时,要注意核实对方身份,尤其是对方要求向指定账户汇款时,不要轻易汇款,应第一时间告知家属商量解决或咨询公安机关;。公安部门不可能提供安全账户,更不会指导您转账、设密码。

六、安全防范专家建议

在电脑使用中,设置安全系数高的密码。使用不会被暴力攻击轻易猜到的密码,是提高安全性的有效办法。暴力攻击是攻击者使用自动化系统来猜测密码。避免使用从字典中能找到的单词,不要使用纯数字密码;使用包含特殊字符和空格,同时使用大小写字母,这种密码破解起来比使用母亲的名字或生日作为密码要困难的多。另外,密码长度每增加一位,密码字符构成的组合就会成倍数增加,因此长密码会更加安全。

定期升级软件,更新安全补丁。很多情况下,在安装部署生产性应用软件之前,对系统进行补丁测试工作是至关重要的,最终安全补丁必须安装到个人电脑的系统中。如果很长时间没有进行安全升级,可能会导致计算机非常容易成为不道德黑客的攻击目标。因此,不要把软件安装在长期没有进行安全补丁更新的计算机上。

通过备份重要文档,保护你的数据安全。备份你的数据,这是你可以保护自己在面对灾难的时候把损失降到最低的重要方法之一。如果数据量巨大,日常可以将数据保存至硬盘上。但更便捷的方式,可以利用腾讯电脑管家一类的安全防护软件,随时将数据自动化备份至本地,也可以存储至云端,最大化保证了数据安全。

不要轻易信任外部网络,开放性网络风险巨大。在一个开放的无线网络中,例如在具有无线网络的咖啡店中,网络风险会成倍增长,这个理念是非常重要的。这并非意味着在一些非信任的外部网络中不能使用无线网络,而是要时刻保持对用网安全的谨慎和警惕。关键是,用户必须通过自己的系统来确保安全,不要相信外部网络和自己的私有网络一样安全。

提高对陌生电话、短信的警惕性,勿轻信其中内容。诈骗短信形式多样化,各种新型短信木马泛滥使得通过诱惑性的短信自带病毒链接的支付类、隐私窃取类病毒迅速增长。对于“高考查分”、“开学通知”、“考试成绩单”、“户籍管理”、“手机实名制”、“录像视频”和“交通违章”等短信中内嵌的网址链接,应时刻提高警惕,切勿随意点击。对于陌生电话、短信应该提高警惕性和戒心,不要轻信对方所说的任何内容,必要时要对其身份信息进行核实。

保护个人隐私信息,不轻易向他人透露个人信息。个人账号、密码、身份证信息等属于关键个人隐私信息,因此绝对不能随意在任何陌生短信、电话进行透露。收到陌生短信、电话询问个人隐私时,请务必提高警惕。在社交平台发布消息时,谨防通过照片、截图等形式泄露重要隐私信息。不随意丢弃含有个人信息的机票、车票或快递单据,以防个人信息被窃取。

手机用户应养成使用安全软件来保护手机安全的良好习惯。手机用户可下载安装如腾讯手机管家一类的手机安全软件,定期给手机进行体检和病毒查杀,并及时更新病毒库。针对最新流行且难以清除的病毒或者漏洞,可下载专杀工具及时查杀或修复。同时开启腾讯手机管家骚扰拦截功能,可有效拦截诈骗电话、短信,提升手机安全。

Referring URL:

https://guanjia.qq.com/news/n1/2039.html

Comparative Analysis of Military Command Structures : China. DPRK, Russia, US // 中,美,苏,俄罗斯,朝鲜武装力量指挥体系

Comparative Analysis of Military Command Structures :China. DPRK, Russia, US //

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

 

China ‘s Armed Forces Command System

China, the United States, the Soviet Union, Russia, North Korea armed forces command system

Overview of China ‘s Armed Forces

China, the United States, the Soviet Union, Russia, North Korea armed forces command system

 

China, the United States, the Soviet Union, Russia, North Korea armed forces command system

 

China, the United States, the Soviet Union, Russia, North Korea armed forces command system

Description: blue font for the deputy military units. Xinjiang Military Region is the only deputy deputy military district, under the Lanzhou Military Region.

American military command system

China, the United States, the Soviet Union, Russia, North Korea armed forces command system

US military command system description
  

The president of the United States is the commander in chief of the armed forces and the supreme commander of the armed forces. The president, through the Ministry of Defense leadership and command of the army, emergency can be leapfrog command. The strategic nuclear forces are controlled by the president at all times.
  

The National Security Council is the supreme defense decision-making advisory body. Its legal members include the President, Vice President, Secretary of State, Defense Minister. The Chairman of the Joint Chiefs of Staff is the statutory military adviser to the National Security Council. The Director of the CIA is the National Security Council’s statutory intelligence adviser. The daily work of the National Security Council is the responsibility of the President’s National Security Adviser (Consultant).
  

The Ministry of Defense is the supreme military organ that leads and directs the US Armed Forces, is responsible for the defense policy, the formulation and implementation of the plan, and the management of the defense affairs, and through the joint meeting of the Chief of Staff to carry out operational command. It consists of the Ministry of Defense headquarters system, the military system and operational command system composed of three parts.
  

Department of Defense Department of the system is mainly responsible for the policy, finance, military and other military affairs, as well as the coordination between the military. Under the policy, procurement and technical, personnel and combat readiness, auditing and finance, directing communication control and intelligence, legislation, logistics affairs, intelligence supervision, administration, public affairs, supervision, combat test and evaluation departments, respectively, by the Deputy Defense Minister , Assistant defense minister, director, director or department head and other supervisors.
  

The military system consists of the Ministry of War, the Air Force Department and the Department of the Navy three military (military department). The military departments are responsible for the administration of the service, education and training, weapons and equipment development and procurement and logistical support and other duties, and the responsibility to warfare to the joint operations headquarters to provide combat troops and the corresponding service and logistical support, but no combat Command. The military minister is a civilian officer, under which he is the chief of staff (Navy for the combat minister). The chief of staff (naval combat minister) is the highest military officer of the service.
  

The operational command system refers to the Joint Chiefs of Staff and the Joint Command and Special Command affiliated to it. The Joint Chiefs of Staff is both the President, the Minister of Defense, the Military Advisory Body of the National Security Council, and the Military Commander of the President and the Minister of Defense to issue operational orders to the Joint Command and Special Command. In a sense, the Department of Defense is the military and government departments of the President, and the Joint Chiefs of Staff is the President’s military order.

The former Soviet Union military command system

China, the United States, the Soviet Union, Russia, North Korea armed forces command system

Russian military command system

China, the United States, the Soviet Union, Russia, North Korea armed forces command system

North Korea ‘s Military Command System

China, the United States, the Soviet Union, Russia, North Korea armed forces command system

Original Mandarin Chinese:

中国武装力量指挥体系

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

中国武装力量总览

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

 

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

 

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

说明:兰色字体为副大军区单位。新疆军区是唯一一个副大军区编制,隶属兰州军区。

美国军事指挥体系

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

美国军事指挥系统说明
  

美国总统是武装部队总司令,全军最高统帅。总统通过国防部领导和指挥全军,紧急情况下可越级指挥。战略核力量不论何时都由总统指挥控制。
  

国家安全委员会是最高防务决策咨询机构。其法定成员包括总统、副总统、国务卿、国防部长。参谋长联席会议主席是国家安全委员会法定军事顾问,中央情报局局长是国家安全委员会法定情报顾问。国家安全委员会日常工作由总统国家安全事务助理(顾问)负责。
  

国防部是总统领导与指挥美国武装力量的最高军事机关,负责防务政策、计划的制定和实施,以及国防事务管理,并通过参谋长联席会议对全军实施作战指挥。它由国防部本部系统、军事部系统和作战指挥系统三部分组成。
  

国防部本部系统主要负责政策、财政、军务等全军性事务,以及各军事部间的协调。下设政策、采购与技术、人事与战备、审计与财务、指挥通信控制与情报、立法、后勤事务、情报监督、行政管理、公共事务、监察、作战试验与评估等部门,分别由副国防部长、助理国防部长、主任、局长或部门长等主管。
  

军事部系统包括陆军部、空军部和海军部3个军事部(军种部)。各军事部负责本军种的行政管理、教育训练、武器装备研制和采购及后勤保障等事务,并有责任在战时向各联合作战司令部提供作战部队及相应的勤务和后勤支援,但无作战指挥权。军事部长为文官,在其下设军种参谋长(海军为作战部长)。军种参谋长(海军作战部长)是本军种最高军事长官。
  

作战指挥系统指参谋长联席会议及隶属于它的各联合司令部、特种司令部。参谋长联席会议既是总统、国防部长、国家安全委员会的军事咨询机构,也是总统和国防部长向联合司令部和特种司令部发布作战命令的军事指挥机关。从某种意义上讲,国防部是总统的军政部门,而参谋长联席会议是总统的军令部门。

前苏联军事指挥体系

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

俄罗斯军事指挥体系

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

朝鲜军事指挥体系

中,美,苏,俄罗斯,朝鲜武装力量指挥体系

Communist China Giving Priority to Development of Military Network Strategy // 中共優先發展網絡戰略力量

Communist China Giving Priority to Development of Military Network Strategy

中共優先發展網絡戰略力量

Cyberspace has become the national comprehensive security of the door. Network warfare reality, the network battlefield globalization, network confrontation normalization, network attack heart white hot, the network to build the army of the general trend, no one can block. Give priority to the development of network strategy, and actively seize the commanding heights of network strategy, for my army building is of great significance.

  The main features of network strategy

Network strategic strength refers to the ability to achieve the desired results through cyberspace. From the current development and possible future trends, mainly with the following characteristics.

Composed of multiple. In recent years, the major network events in the world have shown that the strategic power of the military network is the main force of cyberspace competition. The strategic power of the government departments and the private sector is an important part of the cyberspace competition. The “cyber warrior” An important addition.

Strong professionalism. Network strategy strength has a strong latent and difficult to predict, and the speed of light, instantaneous effect, monitoring and early warning is difficult; once the action is effective, damage effect superimposed amplification or non-linear step, with a typical “butterfly effect.” In 2010, the “shock net” virus attacked the centrifuges of the Iranian Bushehr nuclear power plant and the Natanz uranium enrichment plant, resulting in nearly a thousand centrifuge scrapped, forcing Iran’s nuclear capacity building to delay 2 to 3 years, opened the network attack soft means Destroy the country’s hard facilities.

Destructive. The strategic power of the network is no less than the weapons of mass destruction. Russia and Georgia in 2008, “the five-day war”, the Russian military to Georgia’s television media, government websites and transportation systems as the goal, to carry out a comprehensive “bee group” type network paralysis attacks, leading to grid government agencies operating chaos, Logistics and communication system collapse, much-needed war materials can not be delivered in a timely manner, the potential of the war has been seriously weakened, a direct impact on the grid of social order, operational command and troop scheduling. The Russian military doctrine has identified cybercrime as a weapon of mass destruction and has retained the right to use weapons of mass destruction or nuclear weapons to counterattack.

Advanced technology and phase. Network strategy strength development speed, replacement fast, technical materialization for the equipment cycle is short. At present, the speed of the microprocessor doubles every 18 months, the backbone bandwidth doubled every six months, a variety of new electronic information equipment after another, all kinds of application software dizzying. Cyber ​​space confrontation is the field of information in the field of offensive and defensive struggle, the use of network strategy forces in the confrontation of the phase with grams, constantly renovated. The development of the firewall and the information monitoring technology makes the software of the anti-wall software upgrade continuously. The development of the firewall and the information monitoring technology is the development of the firewall and the information monitoring technology. , Can be described as “a foot high, magic high ten feet.”

  The Developing Trend of Network Strategic

From the subordinate force to the development of key forces. In the past, the network strategic power is mainly for other forces to provide information security, in a subordinate position; with the development of network information technology, network system control of other rights, network strategic forces from the subordinate status to the dominant position to accelerate into the maintenance of national The key to safety. There is no network security there is no sovereign security, “no net” to become a new law of war, the world’s major countries around the network space development rights, dominance and control of a new round of competition, especially the United States and Russia adhere to the practice In the use and continue to develop.

From the maintenance of force to the development of specialized forces. In the past, the network strategy is mainly to maintain the network information system and all kinds of network transmission system, network attack and defense attributes are not clear. At present, all areas of the network space in depth, the world’s major countries are hard to build cyberspace offensive and defensive capabilities, the main military power of the network strategy has become a network of reconnaissance, network attacks, network defense and other clear division of labor, professional regular military forces. The United States has so far built the world’s most complete and powerful network of the army, and held a series of “network storm” series of exercises. The new “cyberspace strategy” in the United States, the first public to cyberspace combat as one of the tactical options for future military conflict, clearly proposed to improve the US military in the cyberspace of deterrence and offensive capability. In order to adapt to the new strategy, the US Department of Defense proposed 2018 to build a offensive and defensive, flexible form, with full combat capability of the network forces construction goals.

From the military to the integration of military and civilian development. The development of the strategic power of the military network started relatively late compared with the civil field, and because of the confidentiality of military confrontation and the specificity of the operational objectives, it is often developed independently. With the development of network technology, the military’s own network strategic strength is difficult to meet the needs of diversified tasks, we must learn from local folk technical means, integrate local network resources, realize the integration of military and civilian development. Network space capacity building on the talent, intelligence, experience and other software environment is extremely high, coupled with the local convergence of a wealth of network resources, military and civilian forces to promote the development of cyberspace capabilities become the strong tone of the times.

From a single model to the “network integration” development. At present, the network includes both the computer IP system network and the non-computer IP system network including a large number of complex early warning detection network, satellite communication network and tactical data link. The traditional single network confrontation model is difficult to meet the challenge of cyberspace. With the development of information technology, especially the Internet of Things technology, the relationship between the network and the power of the battlefield network more and more closely, which for the “network integration” in the technical means to provide the possibility. The use of electronic warfare and network warfare means, for different systems around the open bow, broken chain broken network, to achieve complementary advantages, system damage, as the latest guidance on the construction of network space. Data show that the US military typical network of integrated attack equipment “Shu special” system has been from the “Shu-1” to the current development of “Shu-5”. According to reports, “Shute” system through the enemy radar antenna, microwave relay station, network processing nodes to invade the enemy air defense network system, real-time monitoring of enemy radar detection results, even as a system administrator to take over the enemy network, Control of the sensor.

From non-state actors to state actors. At present, the network attack has developed from a single hacker behavior for the national, political, military confrontation, the attack object has been developed from the personal website to the country, the army’s important information system, attack “unit” has grown from stand-alone to tens of thousands Hundreds of thousands of terminals, and can instantly release the amazing attack energy. Although many of the intentions of malicious acts of non-State actors are non-state, the consequences are national, whether they are espionage, political opinions, or personal discontent, or terrorist activities , Have a direct impact on social stability, disrupt the economic order, endanger the stability of state power. Once the relevant reaction is made, the subject of the act must be the state and the army, and not the non-state actors themselves.

  The Construction of Network Strategic Strength

Strengthen strategic planning. Cyberspace competition is the first strategic battle of the contest. From the national level, the network strategy of the power of the main function is to reduce the risk of cyberspace, maintaining the normal operation of the country. We must understand the extreme importance and realistic urgency of cyberspace security from the perspective of national security, raise the focus of cyberspace capacity building to the strategic level, and try to solve the problem of how to make good use of cyberspace while trying to reduce the national cyberspace security Risk, so that cyberspace security has become an important support for national prosperity and security. From the military level, the network strategy is mainly to seize the system of network power. We must expand the military vision, the cyberspace as an important area of ​​action, to seize the system as the core, change the military ideas and ideas, adjust the structure and composition of armed forces, the development of weapons and equipment and take a new tactics.

Speed ​​up the construction of the power system. Maintain cyberspace security in the final analysis depends on the strength. We must base ourselves on the characteristics and laws of cyberspace capacity building, focus on the core elements of network capability system and the overall layout of network strategy strength, and systematically design the system structure which conforms to the law and characteristics of cyberspace confrontation in our country, and perfect the system of leadership and command Functional tasks, straighten out the relationship between command and management. We should take the network strategic power as an important new combat force, from the organization construction, personnel training, equipment development, elements of training and other aspects, to take extraordinary measures to give priority construction, focus on protection. To normalize the national network of offensive and defensive exercises, test theory, tactics, equipment and technology effectiveness, and comprehensively enhance the comprehensive prevention of cyberspace capabilities.

Promote technological innovation. The essence of cyberspace confrontation is the competition of core technology, and it is necessary to accelerate the independent innovation of network information technology. We should focus on improving the capability of independent innovation as a strategic basis, relying on the national innovation system as the basic support, concentrating on breaking the frontier technology of network development and the key core technology with international competitiveness, ahead of deployment and focusing on the development of information technology and information industry. To speed up the process of localization of key core technologies, strengthen the construction of safety testing and active early warning means, and gradually improve the equipment system of cyberspace in China, and comprehensively improve our network space capability. To follow the basic laws of cyberspace confrontation, in accordance with the “asymmetric checks and balances” strategy, increase the quantum technology, Internet of things and cloud computing and other new technology research and development efforts to create unique combat capability, master the initiative of cyberspace security development The

Promote the integration of military and civilian development. The integration of military and spatial ability of military and civilian development is not only the overall situation of national security and development strategy, but also the objective fact that cyberspace security can not be avoided by the overall planning of national defense and economic and social development. We must actively promote the deep integration of military and civilian development, to promote China’s network space capacity supporting the construction. It is necessary to formulate top-level planning in the form of policies and regulations, clarify the objectives and tasks, methods, organizational division and basic requirements of the deepening development of cyberspace in the form of policies and regulations, and make the integration of military and civilian development into law enforcement and organizational behavior; To establish a sound military coordination, demand docking, resource sharing mechanism, through a unified leadership management organization and coordination of military needs and major work, to achieve risk sharing, resource sharing, and common development of the new situation. We should pay attention to the distinction between the boundaries of military and civilian integration, clear the concept of development-oriented people and the main idea of ​​the army-based, and actively explore the military and the people, the advantages of complementary channels.

 

Original Communist Mandarin Chinese 🙂

網絡空間成為國家綜合安全的命門。網絡戰爭現實化、網絡戰場全球化、網絡對抗常態化、網絡攻心白熱化、網絡建軍正規化的大勢,無人可擋。優先發展網絡戰略力量,積極搶占網絡戰略制高點,對於我軍隊建設具有重要意義。

網絡戰略力量的主要特點

網絡戰略力量,是指通過網絡空間來實現預期結果的能力。從當前發展及未來可能的走勢看,主要有以下特點。

組成多元。近年來發生在全球範圍內的重大網絡事件表明,軍隊網絡戰略力量是網絡空間競爭的主力軍,政府部門、私營機構網絡戰略力量是網絡空間競爭的重要部分,民間“網絡戰士”是網絡空間競爭的重要補充。

專業性強。網絡戰略力量具有極強的潛伏性和難預測性,且以光速進行、瞬時產生效果,監測預警難度大;一旦行動奏效,損害效果疊加放大或非線性階躍,具有典型的“蝴蝶效應”。 2010年,“震網”病毒攻擊了伊朗布什爾核電站和納坦茲鈾濃縮廠的離心機,造成近千台離心機報廢,迫使伊朗核能力建設延遲2至3年,開啟了網絡攻擊軟手段摧毀國家硬設施的先河。

破壞性大。網絡戰略力量破壞力不亞於大規模殺傷性武器。 2008年俄國與格魯吉亞“五日戰爭”中,俄軍以格方的電視媒體、政府網站和交通系統等為目標,開展全面的“蜂群”式網絡阻癱攻擊,導致格政府機構運作混亂,物流和通信系統崩潰,急需的戰爭物資無法及時投送,戰爭潛力受到嚴重削弱,直接影響了格的社會秩序、作戰指揮和部隊調度。俄羅斯軍事學說已將網絡攻擊手段定性為大規模毀滅性武器,並保留了運用大規模毀滅性武器或核武器反擊的權利。

技術先進且相生相剋。網絡戰略力量發展速度快、更新換代快,技術物化為裝備的周期短。當前,微處理器的速度每18個月翻一番,主幹網帶寬每6個月增加一倍,各種新型電子信息設備層出不窮,各種應用軟件目不暇接。網絡空間對抗是信息領域的攻防鬥爭,網絡戰略力量使用的手段在對抗中相生相剋、不斷翻新。常規通信受干擾催生了跳、擴頻通信體制,跳、擴頻通信的出現又催生了頻率跟踪干擾、相關信號干擾等新型電子乾擾手段;防火牆、信息監控技術的發展,使翻牆軟件不斷升級,可謂“道高一尺,魔高一丈”。

網絡戰略力量的發展趨勢

由從屬性力量向關鍵性力量發展。以往網絡戰略力量主要是為其他力量提供信息保障,處於從屬地位;隨著網絡信息技術的發展,製網權統攬其他制權,網絡戰略力量由從屬地位向主導地位加速轉進,成為維護國家安全的關鍵。沒有網絡安全就沒有主權安全,“無網不勝”成為戰爭的新定律,世界各主要國家圍繞網絡空間的發展權、主導權和控制權展開了新一輪的角逐,特別是美俄堅持在實踐中運用並不斷發展。

由維護型力量向專業化力量發展。以往網絡戰略力量主要是維護網絡化信息系統和各類網絡傳輸系統,網絡攻擊和防禦屬性均不鮮明。當下各領域對網絡空間深度依賴,世界主要國家無不竭力打造網絡空間攻防能力,主要軍事強國的網絡戰略力量業已成為集網絡偵察、網絡攻擊、網絡防禦等分工明確、專業化的正規軍事力量。美國迄今已建成全球編制最齊全、力量最龐大的網軍,並多次舉行“網絡風暴”系列演習。美國新版《網絡空間戰略》,首次公開把網絡空間作戰作為今後軍事衝突的戰術選項之一,明確提出要提高美軍在網絡空間的威懾和進攻能力。為適應新戰略,美國防部提出2018年建成一支攻防兼備、形式靈活,具備全面作戰能力的網絡部隊的建設目標。

由軍地自主向軍民融合發展。軍隊網絡戰略力量的發展相對於民用領域起步較晚,且由於軍事對抗的保密性和作戰目標的特定性,往往自主發展。隨著網絡技術的發展,軍隊自身的網絡戰略力量難滿足多樣化任務的需要,必須學習借鑒地方民間技術手段,整合地方網絡資源,實現軍民融合發展。網絡空間能力建設對人才、智力、經驗等軟件環境要求極高,加上地方匯聚了豐富的網絡資源,軍民聯手推進網絡空間能力發展成為時代的強音。

由單一模式向“網電一體”發展。現階段,網絡既包括計算機IP體製網絡,更包含大量複雜的預警探測網、衛星通信網、戰術數據鍊等非計算機IP體製網絡,傳統的單一網絡對抗模式難以應對網絡空間的挑戰。隨著信息技術特別是物聯網技術的發展,戰場網中網與電的關係越來越緊密,這為“網電一體”在技術手段上提供了可能。綜合運用電子戰與網絡戰手段,針對不同體制的網絡左右開弓、斷鍊破網,實現優勢互補、體系破擊,成為網絡空間能力建設的最新指導。有資料顯示,美軍典型網電一體攻擊裝備“舒特”系統已從“舒特-1”發展到目前的“舒特-5”。據報導,“舒特”系統可通過敵方雷達天線、微波中繼站、網絡處理節點入侵敵方防空網絡系統,能夠實時監視敵方雷達的探測結果,甚至以系統管理員身份接管敵方網絡,實現對傳感器的控制。

由非國家行為體向國家行為體發展。目前,網絡攻擊已從單個的黑客行為發展為國家、政治、軍事上的對抗行為,攻擊對像已從個人網站發展到國家、軍隊的重要信息系統,攻擊“單元”已從單機發展到數万乃至數十萬台終端,且能在瞬時釋放驚人的攻擊能量。儘管非國家行為體的惡意網絡行為目的許多是非國家的,但由此所造成的後果卻是國家的,無論是進行間諜活動,還是發表政治主張,或是發洩個人不滿情緒,或是進行恐怖活動,都直接影響社會穩定、擾亂經濟秩序、危及國家政權穩固。一旦因之作出相關反應,其行為主體一定是國家和軍隊,而不再是非國家行為體本身。

網絡戰略力量的建設指向

加強戰略統籌謀劃。網絡空間競爭首先是戰略運籌的較量。從國家層面看,網絡戰略力量的職能主要是降低網絡空間的風險,維護國家正常運轉。必須從國家安全的視角認清網絡空間安全的極端重要性和現實緊迫性,將網絡空間能力建設的著眼點上升到戰略層面,在著力解決如何利用好網絡空間的同時,努力降低國家網絡空間安全風險,使網絡空間安全成為國家繁榮與安全的重要支撐。從軍隊層面看,網絡戰略力量主要是奪取製網權。必須拓展軍事視野,把網絡空間作為製權行動的一個重要領域,以奪取製網權為核心,變革軍事思想和觀念,調整武裝力量結構與構成,發展武器裝備並採取新的戰法。

加快力量體系構建。維護網絡空間安全說到底要靠實力。必須立足於網絡空間能力建設的特點、規律,圍繞我國網絡能力體系核心要素和網絡戰略力量建設總體佈局,以系統思維設計符合我國網絡空間對抗規律和特點的體系架構,健全領導指揮體制機制,明確職能任務,理順指揮管理關係。要把網絡戰略力量作為重要的新型作戰力量突出出來,從組織建設、人才培養、裝備發展、要素演訓等各方面,採取超常舉措,給予重點建設、重點保障。要常態化開展國家級網絡攻防演練,檢驗理論、戰法、裝備及技術的有效性,全面提升網絡空間綜合防範能力。

推進技術自主創新。網絡空間對抗的實質是核心技術的比拼,必須加快推進網絡信息技術自主創新。要把提高自主創新能力作為戰略基點,以國家創新體係為基本依托,集中力量突破網絡發展的前沿技術和具有國際競爭力的關鍵核心技術,超前部署和重點發展信息技術和信息產業。要加速關鍵核心技術的國產化進程,加強安全測試和主動預警手段的建設,逐步完善我國網絡空間的裝備體系,全面提高我國網絡空間能力。要遵循網絡空間對抗的基本規律,按照“非對稱制衡”方略,加大對量子科技、物聯網和雲計算等新技術的研發力度,以獨創技術塑造實戰能力,掌握網絡空間安全發展的主動權。

推動軍民融合發展。網絡空間能力的軍民融合式發展,既是站在國家安全與發展的戰略全局,對國防和經濟社會發展統籌謀劃,也是網絡空間安全不能迴避的客觀事實。必須積極推動軍民深度融合發展,全力推進我國網絡空間能力配套建設。要綜合軍民需求制定頂層規劃,以政策法規的形式明確網絡空間軍民融合深度發展的目標任務、方法路徑、組織分工和基本要求等關係全局的重大問題,變軍民融合發展為執法行為、組織行為;要建立健全軍地協調、需求對接、資源共享機制,通過統一的領導管理機構組織協調軍地的各類需求和重大工作,達成風險共擔、資源共享、共同發展的新局面。要注重軍民融合的界限區分,明確以民為主的發展理念和以軍為主的作戰理念,積極探索軍民一體、優勢互補的可行性渠道。

Referring URL:

http://theory.people.com.cn/n1/2016/1226/c40531-28977153.html

Chinese Military Applications & Use of Bitcoin in Future Wars // 中國軍事應用與比特幣在未來戰爭中的應用

Chinese Military Applications & Use of Bitcoin in Future Wars //

中國軍事應用與比特幣在未來戰爭中的應用

Can you imagine that Bitcoin can show up in military applications? Recently, Estonia and NATO are trying to use block-chain technology to develop next-generation systems to modernize NATO’s network defense platform. In order to collect effective information against terrorists, the US military is trying to “reward” the bit as a reward for intelligence providers. Such as “brain hole open” block chain technology military applications, gradually “Starfire can start a prairie fire” trend. In the future, the block chain technology can not only be used for intelligence personnel performance performance incentives, but also for weapons and equipment life tracking, military human resources management, military supplies procurement, intelligent military logistics and many other aspects. Block chain of this future war “alternative dancers”, most likely quietly subvert the future war. Detailed explanation Please pay attention to today’s published “Liberation Army Daily”

How does the block chain create “currency” for the world?

If you want to read the block chain in the future battlefield on the “unique dance”, have to start from the bit currency. The name of the bit as much as the earliest in 2009, once launched quickly set off the Internet platform investment and trading boom, and thus become the most typical block block technology applications.

Despite the fact that people are mixed, but the block chain technology behind it has shown great interest. Block-chain technology is a decentralized digital book system that contains a complete transaction record for Bitcoin since the start-up of the bitcoin system. It is based on the new de-centricization of the block chain. People can safely store or trade bitmaps. The relevant information can not be forged or tampered with. It can automatically execute smart contracts without any central agency.

The birth of block chain technology, derived from the name of “Byzantine General” computer science problem solving. In layman’s terms, it is a question of how to achieve a credible consensus in a network of nodes that lack trust. By introducing the dynamic cycle of “competition-verification-synchronization-competition” to solve the problem, the block chain technology eventually becomes a new technology platform that allows individuals to carry out effective and credible cooperation without third party certification.

In the Bitcoin system, the generation and trading of “money” is closely related to the block chain. The dynamic process of the block chain is the process of generating and circulating the new currency, which is the basis for the safe, orderly and credible operation of the whole bitcover system. Need to constantly update and maintain the block chain, such as “Mint”, you can package the latest transaction records loaded into the end of the chain, and then the formation of new blocks.

Block chain technology is the technical support behind Bitcoin, which itself consists of multiple connected blocks, each of which is like a page in the book, records the relevant transactions for a period of time, and through different areas Block before and after the point of the relationship between all the blocks are connected in order to form a block chain. At present, the block chain technology uses P2P technology, such as P2P data transmission, file sharing, asymmetric encryption and distributed storage technology, which is accelerating the development of technology bottlenecks and application popularization.

你能想象到比特币可以在军事应用上大显身手吗?日前,爱沙尼亚和北约正尝试使用区块链技术开发下一代系统,以实现北约网络防御平台的现代化。美军为了收集打击恐怖分子的有效情报,正尝试向情报提供者“打赏”比特币作为酬劳。诸如此类“脑洞大开”的区块链技术军事应用,渐有“星星之火可以燎原”之势。未来,区块链技术不仅可用于情报人员工作绩效激励,还可用于武器装备全寿命跟踪、军事人力资源管理、军用物资采购、智能军事物流等诸多方面。区块链这个未来战争的“另类舞者”,极有可能悄无声息地颠覆未来战争。详细解读请关注今日出版的《解放军报》——

石破天惊——

区块链如何为世界“造货币”

若想读懂区块链在未来战场上的“独特舞姿”,得先从比特币开始。名噪一时的比特币最早于2009年提出,一经推出便迅速掀起了互联网平台投资和交易热潮,也因此成为区块链技术当下最为典型的应用。

尽管人们对比特币褒贬不一,但对其背后的区块链技术却表现出极大兴趣。区块链技术是一个去中心化的数字账簿系统,包含了比特币系统开始运行以来比特币的完整交易记录。正是基于区块链这种新型去中心化协议,人们才能安全地存储或交易比特币,相关信息不可伪造和篡改,可自动执行智能合约,无需任何中心化机构的审核。

区块链技术的诞生,源自对名为“拜占庭将军”的计算机科学问题的求解。通俗地讲,就是在一个由相互缺乏信任的节点组成的网络中,各节点如何达成可信共识的问题。通过引入“竞争-验证-同步-竞争”的动态循环解决该问题,区块链技术最终成为允许个体不经过第三方认证而开展有效可信合作的新型技术平台。

在比特币系统中,“货币”的产生和交易与区块链紧密相关。区块链的动态变化过程就是新币生成和流转的过程,是支撑整个比特币系统安全、有序和可信运行的基础。需要不断更新和维护的区块链,好比“造币机”,可以将最新的交易记录打包加载到链的末端,进而形成新的区块。

区块链技术正是比特币背后的技术支撑,它本身由多个相连的区块构成,每个区块好比“账本”中的一页,记录了一段时间内相关交易情况,并通过不同区块之间的前后指向关系,将所有区块按序相连构成区块链。目前,区块链技术综合运用了P2P数据传输、文件共享、非对称加密和分布式存储等技术,正向着技术底层化和应用普及化方向加速发展。

Of course, the block-chain technology, which has long been implemented on the algorithm, is somewhat difficult to understand because of its abstraction. In fact, the block chain is similar to a “trust manufacturing machine”, it is the emergence of mutual understanding for both sides to create trust. Block-chain technology can generate a set of record time, can not be tampered with a trusted database, through this technology, even if there is no neutral third-party institutions, between the nodes can also achieve cooperation. At present, the block chain technology has been from a single digital currency, and gradually extended to the intelligent contract, Internet of things, authentication, e-commerce, social communications, file storage and other fields.

Among them, the international financial giants have begun to try to use the block chain technology to deal with complex accounting business, IBM and other companies claim that the block chain is to solve the Internet of things information security, data storage, interactive processing of the core technology. Block chain technology is designed to achieve cross-network distribution, which makes it an ideal choice for cross-organizational business networks. Block chain to trust the characteristics of its bring scalability, data encryption standards to ensure that the content can not be tampered with the decentralization of data processing to further enhance the security of the data. In addition, the block chain can also encourage people to get out of the firewall protection circle, sharing data. It is the block chain technology “maverick” characteristics, it makes it seem so different.

The successful use of Bitcoin, fully demonstrated the block chain technology open and transparent, safe and trustworthy, distributed sharing and other excellent features. Inspired by the fact that dozens of international technology giants are jointly developing the “super books” project, trying to create a transparent, open, decentralized distributed books, so that more applications can be more easily built in the block Chain technology. In the future, “trust manufacturing machine” will also bring us, including basic applications, upgrade applications and extended applications and many other “surprise.”

The basic application mainly relies on the existing bit coin system, with the exchange of money for the intermediary, as the value of the carrier between the users to pass. Including shopping, payment, transfer, liquidation and other network transactions can take the block chain technology “ride” to further enhance the safety of financial life. The upgrade application is the transplantation, upgrading and transformation of the block chain technology, and then fully exploits the technical advantages of the block chain to realize the secure storage of the data. The future, personal electronic file management, charitable donation registration, data permanent curing and disaster recovery can see the block chain technology figure. Expanded application is the innovation, generalization and popularization of the block chain technology. The “trust manufacturing machine” will reconstruct the existing network rules, establish a perfect network credit system, and then in the future world of things to show their talents.

Of course, the block chain technology, although the prospects are broad, but still need to address information security and confidentiality, network construction and regulatory control and many other issues. Although you can use asymmetric encryption technology to obtain a strong information security, but does not mean that the security of the block chain technology on the “impregnable”. How to build a decentralized peer-to-peer network, how to achieve effective monitoring of user information is an urgent need to solve the problem.

犹抱琵琶——

“信任制造机”原来如此与众不同

当然,早已在算法上实现的区块链技术由于过于抽象,理解起来有些困难。其实,区块链类似一台“信任制造机”,它的出现就是为互不相识的双方制造信任。区块链技术可以生成一套记录时间先后、不可篡改的可信任数据库,通过这项技术,即便是没有中立的第三方机构,各节点之间也能实现合作。目前,区块链技术已经从单一的数字货币,逐步延伸到智能合约、物联网、身份验证、电子商务、社交通讯、文件存储等各个领域。

其中,国际金融巨头已经开始尝试使用区块链技术处理繁杂的记账业务,IBM等公司宣称区块链是解决物联网信息安全、数据存储、交互处理的核心技术。区块链技术的设计初衷就是实现跨网络分布,这就让它成为了跨组织业务网络的理想选择。区块链去信任化的特点为其带来了可扩展性,数据加密标准确保了不可实现内容篡改,对数据的分散化处理进一步提升了数据的安全性。此外,区块链还能鼓励人们走出防火墙的保护圈,共享数据。正是区块链技术“特立独行”的特征,才让它显得如此与众不同。

比特币的成功使用,充分展示了区块链技术公开透明、安全可信、分布共享等优良特性。受此启发,目前已有数十家国际科技巨头正在联合开发“超级账本”项目,试图打造一个透明、公开、去中心化的分布式账本,让更多的应用能更容易地建立在区块链技术之上。未来,“信任制造机”还将为我们带来包括基础应用、升级应用和扩展应用等诸多“惊喜”。

基础应用主要依托现有的比特币系统,以有价币为交换中介,作为价值载体在用户之间进行传递。包括购物、支付、转账、清算等网络交易都可搭上区块链技术的“顺风车”,进一步增强金融生活的安全性。升级应用是对区块链技术的移植、升级和改造,进而充分发掘区块链的技术优势,实现数据的安全可信存储。未来,个人电子档案管理、慈善捐赠登记、数据永久固化和容灾备份等都可见到区块链技术的身影。扩展应用是对区块链技术的革新、泛化和推广,“信任制造机”将重构现有网络规则,建立起完善的网络信用体系,进而在未来的物联网世界中大显身手。

当然,区块链技术虽然前景广阔,但依旧需要解决信息安全保密、网络构建和监管控制等诸多问题。尽管可以使用非对称加密技术获得较强的信息安全保障,但并不意味着区块链技术的安全性就“固若金汤”。如何构建去中心化的对等网络,如何实现用户信息的有效监管都是亟须解决的难题。

In the field of military applications, “natural” with information integrity and many other features of the block chain technology, from the beginning to achieve the data storage and data encryption of the organic combination, will be in the military field flex its muscles.

Battlefield information protection. No matter how the war form changes, information integrity and confidential information protection are the key to determine the outcome of the war. Although the modern military system has established a number of verification, separate preservation, multiplayer operation and a series of security initiatives, but directly break the existing system issued a fake command is not impossible. With the block chain technology, to a certain extent, to enhance the security of battlefield information protection. At present, the US Department of Defense Advanced Research Projects Agency is through the block chain technology to create a secure information platform to study the block chain can protect the highly sensitive data to help and study its military satellites, nuclear weapons and other scenes Of the potential of the application, the future is likely to be used to support the forces of combat.

Weapon and Equipment Management. Weapons and equipment from the project demonstration, development and production, delivery service to retirement retirement, the need for the entire life cycle, including design, test results, technical status and other large data records for the record. The current use of paper and electronic media security is difficult to protect, transfer transfer difficulties, the lack of effective supervision and other security risks. Through the introduction of block chain technology, can form a party can participate in the preservation of the distributed, supervised file registration network, to further improve the safety of weapons and equipment management, convenience and credibility. Similarly, in the process of military human resources management, but also through the block chain records of each soldier’s resume, the formation of electronic files can not be tampered with, technically completely solve the problem of archives management system.

Intelligent military logistics. Modern military logistics is moving towards the intelligent era, intelligent warehousing, intelligent packaging, intelligent transportation and intelligent distribution and other intelligent network will cover the whole process of military logistics. The use of block chain technology can effectively solve the intelligent military logistics network communication, data preservation and system maintenance and other problems, to further improve the viability of the logistics system to achieve free exchange of information to ensure the orderly and efficient operation of the system. With the block chain technology, it will realize the qualitative change from free transmission to free notarization, which is very likely to become the “subversive” technology of the future network infrastructure agreement and credit paradigm.

Information hidden incentive. In recent years, the US military fully excavated the block chain in the record of the anonymous characteristics of the transaction, and its application to the field of intelligence gathering, to achieve information to provide incentives for the incentive to pay gold. As we all know, intelligence providers or “informants” need a secret identity and whereabouts, the traditional transfer, cash and other payment methods can easily be tracked locked. Through Bitcoin as a payment intermediary, you can cleverly break the payment channel, so that information flow is difficult to trace, and thus effectively protect the security of intelligence personnel. Among them, the bit currency trading platform in the entire payment process plays a “black box” role, to achieve the hidden information between the two sides of the transaction hidden.

在军事领域应用前景广阔

在军事应用领域,“天生”拥有信息完整性等诸多特性的区块链技术,从一开始就实现了数据存储和数据加密的有机结合,将在军事领域大展拳脚。

战场信息保护。不论战争形态如何改变,信息完整性和机要信息保护都是决定战争胜败的关键。虽说现代军事体系中已建立了多重验证、分开保存、多人操作等一系列安全举措,但直接突破现有体系下达假命令并不是没有可能。借助区块链技术,能在一定程度上提升战场信息保护的安全性。目前,美国国防部高级研究计划局正通过区块链技术创造一个安全的信息平台,研究区块链能否在保护高度敏感数据上提供帮助,并研究其在军用卫星、核武器等数个场景中的应用潜力,未来极有可能用来支持部队作战。

武器装备管理。武器装备从立项论证、研制生产、交付服役到退役报废,需要对全寿命周期内包括设计方案、试验结果、技术状态等大量数据资料进行记录备案。目前采用的纸质和电子媒介存在安全难以保障、转移交接困难、缺乏有效监管等安全隐患。通过引入区块链技术,可以形成一个各方均可参与保存的分布式、受监督的档案登记网络,进一步提高武器装备管理的安全性、便利性和可信度。同样,在军事人力资源管理过程中,也可通过区块链记录每名军人的任职履历,形成无法篡改的个人电子档案,从技术上彻底解决档案管理系统存在的问题。

智能军用物流。现代军用物流正向智能时代迈进,智能仓储、智能包装、智能运输和智能配送等智能化物联网络将涵盖军事物流全过程。利用区块链技术可有效解决智能化军用物流面临的组网通信、数据保存和系统维护等难题,进一步提高物流系统的生存能力,实现信息自由交互,保证了系统的有序高效运转。借助区块链技术,将实现信息从自由传输到自由公证的质变,极有可能成为未来网络基础协议和信用范式的“颠覆性”技术。

情报隐蔽激励。近年来,美军充分挖掘区块链在记录交易时的匿名性特征,并将其应用到情报收集领域,实现情报提供激励金的隐蔽定向支付。众所周知,情报提供者或“线人”需要隐秘的身份和行踪,传统的转账、现金等支付方式极易被跟踪锁定。通过比特币作为支付中介,就可巧妙断裂支付通路,让情报资金流转难以追溯,进而有效保护情报人员的安全。这其中,比特币交易平台在整个支付流程中扮演了“黑箱”的角色,实现了交易双方关键信息的隐藏。

The concept of Bitcoin was originally proposed by Nakamoto in 2009, according to the idea of ​​the open source of the open source software and the construction of its P2P network. Bitcoin is a digital currency in the form of P2P. Point-to-point transmission means a decentralized payment system.

Unlike most currencies, Bitcoin does not rely on a specific currency institution, which is generated by a large number of calculations based on a particular algorithm. The bit currency economy uses a distributed database of many nodes in the entire P2P network to confirm and record all transactions, And the use of cryptographic design to ensure that all aspects of currency circulation security. P2P de-centricity and the algorithm itself can ensure that the currency can not be manipulated by a large number of manufacturing bits. A cryptographic-based design allows a bit currency to be transferred or paid only by the real owner. This also ensures that the ownership of money and the anonymity of circulation transactions. Bitcoin is the biggest difference from other virtual currencies, and its total quantity is very limited and has a strong scarcity. The monetary system has had no more than 10.5 million in four years, and the total number will be permanently limited to 21 million.

Bitcoin can be used to cash, can be converted into the currency of most countries. Users can use some coins to buy some virtual items, such as online games among the clothes, hats, equipment, etc., as long as someone accepts, you can also use the bitcover to buy real life items.

比特币的概念最初由中本聪在2009年提出,根据中本聪的思路设计发布的开源软件以及建构其上的P2P网络。比特币是一种P2P形式的数字货币。点对点的传输意味着一个去中心化的支付系统。

与大多数货币不同,比特币不依靠特定货币机构发行,它依据特定算法,通过大量的计算产生,比特币经济使用整个P2P网络中众多节点构成的分布式数据库来确认并记录所有的交易行为,并使用密码学的设计来确保货币流通各个环节安全性。P2P的去中心化特性与算法本身可以确保无法通过大量制造比特币来人为操控币值。基于密码学的设计可以使比特币只能被真实的拥有者转移或支付。这同样确保了货币所有权与流通交易的匿名性。比特币与其他虚拟货币最大的不同,是其总数量非常有限,具有极强的稀缺性。该货币系统曾在4年内只有不超过1050万个,之后的总数量将被永久限制在2100万个。

比特币可以用来兑现,可以兑换成大多数国家的货币。使用者可以用比特币购买一些虚拟物品,比如网络游戏当中的衣服、帽子、装备等,只要有人接受,也可以使用比特币购买现实生活当中的物品。

Block chain technology, also known as distributed book technology, is an Internet database technology, which is characterized by decentralized, open and transparent, so that everyone can participate in database records.

Interpretation

The earliest is the basic technology of Bitcoin, the world is in the study, can be widely used in various fields such as finance.

Fundamental

The basic principles of block chains are not difficult to understand. The basic concepts include:

A transaction that causes a change in the state of the book, such as the addition of a record;

Block: record a period of time transactions and status of the results of the current state of the book is a consensus;

Chain: by a block in the order of occurrence in series, is the state changes in the log records.

If the block chain is used as a state machine, each transaction is an attempt to change the state once, and each time the consensus is generated, the participant confirms the result of the change in the status of all the transactions in the block.

区块链技术,也被称之为分布式账本技术,是一种互联网数据库技术,其特点是去中心化、公开透明,让每个人均可参与数据库记录。

释义

最早是比特币的基础技术,目前世界各地均在研究,可广泛应用于金融等各领域。

基本原理

区块链的基本原理理解起来并不难。基本概念包括:

交易:一次操作,导致账本状态的一次改变,如添加一条记录;

区块:记录一段时间内发生的交易和状态结果,是对当前账本状态的一次共识;

链:由一个个区块按照发生顺序串联而成,是整个状态变化的日志记录。

如果把区块链作为一个状态机,则每次交易就是试图改变一次状态,而每次共识生成的区块,就是参与者对于区块中所有交易内容导致状态改变的结果进行确认。

Original referring URL: http://www.81.cn/jmywyl/2017-06/02

China’s Military Taking Action to Defend Nation’s Network // 中國軍事行動維護國家網絡

China’s Military Taking Action to Defend Nation’s Network //

中國軍事行動維護國家網絡

網絡營門”走向守衛“網絡國門

Original title: from the guard “network camp” to guard the “network country”

Original: “National Defense Reference” 2017 No. 3

Cyber ​​space was born in the military field, such as the first computer, Apache and GPS navigation systems are all derived from the military, today, cyberspace security has been closely related with national security, the military has once again become the maintenance of national cyberspace security , Whether it is the face of normalized network penetration, or large-scale network attacks, are an urgent need for the military from the guard “network camp” to guard the “network country”, breaking the traditional mission of the military mission, breaking the traditional battle preparation mode, To a new network of national defense thinking, casting the network era of the firm.

From the “network camp” to “network country”, a new era of military mission to bring new trends

Internet space is not only related to the maintenance of national strategic interests, a direct impact on political, economic, cultural security and social development, has become a modern battlefield joint war blood and ties. The Chinese army can not be limited to maintaining the internal security of the barracks, but also take the initiative to adapt to the trend of the times, the courage to take the “network of countries,” the country to play. Network strength is an important part of the network power construction, from the “network gate” to “network country” is the information age situation at home and abroad the inevitable trend of development.

Guarding the “network country” is the cyberspace security situation forced. China as the first network power, the security situation is not optimistic, the strategic opponent has never stopped preparing for my network operations. The United States, Britain, France and other countries actively preparing for cyberspace, through the cyberspace security legislation to give the military functions, the development of network warfare forces, research and development of network warfare weapons equipment, the war will advance to the human “fifth space”, especially in China increasingly strong In the process of rising history, the western countries under the auspices of the Cold War mentality and containment subversion strategy, the use of network technology and means of communication to implement uninterrupted harassment, subversion and cyber attacks, seriously affecting my country’s security and social development, China has become Network security threats to the hardest hit, the virus attack the test field, the penetration of awareness of the destination, the national security is facing a huge risk.

In the coming period, China, as a big emerging country, will intensify its conflicts of interest, strengthen the network defense strategy and strengthen the cyberspace war preparation. It is an inevitable way to actively strive for the dominance and discourse of cyberspace. The only way to go. As the main force of national security and stability, the army must meet the requirements of cyberspace characteristics and become the backbone and main force against cyber invasion, network subversion and safeguard national security and social stability.

Winning the network war is the new military change in the information age. As one of the most advanced productive forces in the information age, network technology has made cyber space combat become the dominant factor to guide the evolution of modern warfare, which affects the whole situation of war. In recent years, from the Iranian “earthquake network” attack, Russia and Georgia conflict network warfare, the Ukrainian power grid was a large number of paralysis and the US military on the IS network attacks, cyberspace in combat show a huge role in the emergence of a sign that the network Has become an important model for future joint operations.

The US military attaches great importance to the construction of cyberspace armaments, the establishment of cyberspace headquarters, the introduction of cyberspace joint operations, a substantial expansion of network warfare forces, and strive to maintain its cyberspace hegemony, the control of cyberspace as a “third offset strategy “Absolute advantage of the most important content of competition.

The world has followed up the country, the military space militarization trend is obvious. Severe cyberspace The situation of military struggle requires the Chinese army to focus on the network battlefield space changes, to meet the requirements of the era of information warfare, to achieve in the cyberspace can fight, win the battle of the strong military goals.

Effective network of deterrence is to speed up the construction of the network power inherent. In China by the network power to the network power development process, can not do without a strong network space military power as a guarantee. The international competition of cyberspace is a comprehensive game of national comprehensive strength. Among them, the network military capability construction is directly related to the national security and stability, and the whole body is the core factor of the whole national security field.

At present, the interests of the world in the cyberspace mutual penetration, there “you have me, I have you, mutual cooperation and common development” situation. But this common development is not equal, the United States and Western powers to use cyberspace dominance, has made a certain degree of network deterrence, so that my network development and interests subject to others. How the army in the construction of the network to complete the mission of reorganization of the mission, the premise is to be able to contain the crisis, deter opponents of the network offensive and defensive ability to ensure the peaceful development of the network environment.

Therefore, the army needs to establish a deterrent strategic goal of effective deterrence, form a strategic balance with the enemy “destroy each other”, so as to enhance the strategic competitiveness, deter cyber space aggression and ensure the smooth development of the network power strategy.

From the “defensive responsibility” to “protect the network defenders”, the new situation requires the army to undertake new tasks

The army is to defend the national security of the main and pillars, cyberspace is no exception. The National Security Act of July 1, 2015 stipulates that “citizens of the People’s Republic of China, all state organs and armed forces, political parties and people’s organizations, enterprises and other organizations and other social organizations have the responsibility to safeguard national security And obligations. “The Network Security Act promulgated in November 2016 emphasized the need to maintain cyberspace sovereignty and national security.

On the basis of the laws of the two countries, the National Cyberspace Security Strategy (hereinafter referred to as the “Strategy”) was formally introduced on December 27, 2016, providing overall guidance for creating a new model of network power at a new starting point. Basically follow, clearly put forward nine strategic tasks, and further reflects the army in the process of building a network of power in the mission task.

Full of network of national mission, the army to defend the sovereignty of cyberspace strong pillars. “Strategy” listed in the nine strategic task is the first “firmly defend cyberspace sovereignty,” made it clear that “including economic, administrative, scientific and technological, legal, diplomatic, military and all other measures, unswervingly maintain our network Space sovereignty “. It can be seen that the military must assume the national mission of using the physical means of the physical space to defend the sovereign security and interests of the virtual cyberspace.

Internet space sovereignty is the core interests of the country, is an important component of national sovereignty, that the state in the cyberspace owned by the independent, equal rights, self-defense and management rights. Once the hostile forces have violated my cyberspace sovereignty, it is equivalent to violating the sovereignty of the landspace and other physical space, China will have the right to take all measures, including military means to give a strong fight back.

At the international level, the United States has long proposed a cyberspace deterrence strategy, declared the attack on the US network information facilities is equivalent to the war, the United States will take military strike measures to retaliate. Military means is the fundamental means of safeguarding national sovereignty, and plays a vital role in safeguarding national cyberspace security. Therefore, the historical forces of land, sea and air, should be given the historical mission of protecting the sovereignty of cyberspace, must rely on the powerful physical space to defend the national interests of cyberspace, a powerful deterrent to the hostile forces of the network destruction attempt.

According to the era of network security to play, the army to do to defend the national security of the ballast. The second focus of the “strategy” task emphasizes the need to resolutely safeguard national security, prevent, stop and punish any act of using the Internet for treason, secession, incitement to rebellion, subversion or incitement to subvert the people’s democratic dictatorship.

In the era of information network, the world’s military has become an important participant in cyberspace. The level of cyberspace capability has become one of the main indexes to evaluate the modernization degree of a country’s army. It is one of the main responsibilities of the information security army to carry out the task of network space mission.

From the historical process of China’s development, it is necessary to be highly vigilant about the national security strategy needs of the successful completion of the well-off society. It is necessary to be highly vigilant about the risk of being invaded, subversive and divided by cyberspace. The development of the overall situation of the danger of being destroyed, a high degree of vigilance of the development process of socialism with Chinese characteristics is disturbed, the risk of destruction.

Take preventive measures, requiring the state must have the means to deal with and deal with these dangerous measures, with the prevention, suppression and punishment of cyberspace according to the law of the powerful forces of destruction. The defense of the country has always been an unshirkable historical responsibility of the army. The inherent mission task determines that the Chinese army must take on the various measures taken in cyberspace to maintain national politics, economy, cultural security and social stability.

Offensive and defensive both strategic tasks, the army to enhance the ability to enhance the network space strong backing. The third and eighth of the nine major tasks in the Strategy make it clear that all necessary measures should be taken to protect critical information infrastructures and their important data from attack and destruction, and that both technology and management should be adhered to both protection and deterrence. Construction and international status commensurate with the network power to adapt to the network space protection, and vigorously develop the network security and defense means to detect and resist the network invasion, casting and maintenance of national network security strong backing. In all the state’s political, diplomatic, military, scientific and technological capacity to maintain security, military power has always been the foundation and support of all abilities. It is the fundamental guarantee of all ability and the ultimate guarantee of national security.

Therefore, the army must assume the strategic task of strengthening the national network space protection ability strong backing. In the real world, the army is the reassurance of safeguarding national security. In cyberspace, it should also become the safe dependency and guarantee of the people. As an important part of the national network space protection ability, the army must be both offensive and defensive, and have the ability to firmly safeguard the interests and security of the country and the people in the cyberspace, and can effectively eliminate the various crises and ideological turbulence caused by the network security threat So that people can truly feel the production and life to be effectively protected, as the people of the country’s network protection capacity of confidence in the emboldened.

The global responsibility of the joint defense, the military to do to maintain the important support of global network security. The final mandate of the Strategy explicitly proposes to strengthen international cooperation in cyberspace and to support the United Nations in its leading role in promoting the development of international rules for cyberspace, international cyberspace international counter-terrorism conventions that are universally accepted, and a sound mechanism for combating cybercrime Policy and law, technological innovation, standards, emergency response, key information infrastructure protection and other areas of international cooperation.

Cybercrime and cybercrime are the new forms of global threat catalyzed by information network fermentation, posing a great threat to the political, economic, military and cultural security of all countries in the world. It is not enough to rely solely on the power of government and civil society. And other Western countries have given the military the responsibility to protect the network security and the right to combat cyber terrorism. Maintaining global cyberspace security and stability is in line with the fundamental interests of China and the rest of the world. The army should be an important defender of cyberspace security and become an important force in combating global cybercrime and cybercrime.

The globalization and unboundedness of the network determines the international demand for combating cyber-terrorism and transnational cybercrime. The army should promote inter-State network governance and military cooperation within the framework of the UN Security Council, and use the strategy and technology of the Internet age to establish a joint defense Mechanism, and effectively safeguard the national and world cyberspace security.

From the “battlefield training” to “network preparation”, the new areas need to prepare for the military new initiatives

In the new historical situation, the cyberspace put forward new requirements to the military training mode, should adapt to the new features of the cyberspace and the new mission of the army to innovate and reform the traditional model, aim at the goal of strengthening the country and strengthening the macro- Focus on cyberspace military action legal needs, closely linked to cyberspace “military and civilian one” of the natural properties, the construction of “peace and war” network security attack and defense system, to create “military dual-use” network defense force.

Legislative empowerment, for the military to carry out functional mission to provide legal basis. Countries in the world, especially the Western developed countries in the network security legislation attaches great importance to network defense issues. The United States has promulgated the “National Security No. 16 Presidential Decree” “cyberspace action strategy” and a series of policies and regulations on how to protect the national network security in the field of national network security has been deepening norms.

At present, it is necessary to clarify the duties of the cyberspace army from the legal level. It should be based on the “National Security Law” and “Network Security Law”, and introduce the network defense law and relevant cyberspace military warfare regulations for network defense construction and military Action to provide regulatory support and action programs, so that the military in cyberspace responsibilities and mission more specific and specific.

First, through the network of national defense legislation to further define the network sovereignty and network frontier, clear the scope of the military duties.

Second, through the construction of network operations laws and regulations, clear the military to defend the national network space security action authority, to distinguish between network intrusion, network damage and other military means of behavior. Third, through the international cooperation policy of cyberspace, clear military cooperation with other countries, civil forces and other international networks to combat terrorism, cybercrime function tasks.

Military and civilian integration, for the construction of network power to provide innovative power. The integration of military and civilian integration is the main practice of enhancing the competitiveness of cyberspace in the world. For the construction of China’s network power, it is necessary to construct military and civilian defense and defense system, and to develop military and national defense information infrastructure. Source.

First, the co-ordination of national, military and all levels of government and other military and civilian integration functional departments, set up a special command and coordination agencies, mobilize all national network power, building “military and civilian” “peace and war” network security attack and defense system.

Second, as soon as possible the introduction of network security integration of civil and military development of the guiding ideology, and gradually expand the integration of basic legal research and demonstration, to guide the long-term integration of military and civilian development.

Third, relying on the country’s existing public mobile communication network, optical fiber communication network and satellite system, the military and the people to build a nationwide information infrastructure, to achieve military and civilian unity, in charge of sharing.

The fourth is to establish a joint emergency response mechanism for military and civilian personnel, to increase the capacity of the training departments to control the situation, to strengthen the expertise of experts and emergency professionals to enhance the ability to quickly restore damaged networks or information systems.

Military and civilian training, for the cyberspace military capabilities to provide a realistic environment. The common characteristics of military and civilian space in the network space make the military and civilian training become an important way of military military training in cyberspace all over the world. The United States and NATO and other countries of the network space military and civilian joint exercises have been a series of “network storm” “network guards” and other training activities to attract the government, enterprises, research institutions and even private hackers extensive participation. Our military cyberspace military strength training also requires extensive participation in civil forces.

First, do a good job of military and political cooperation, the establishment of military and civilian joint attack and defense exercise mechanism, learn from the United States and other developed countries in the network warfare exercises in the red and blue confrontation training methods, and actively build the “national network shooting range”, planning the government, civil society series of joint exercises to enhance military and civilian , Officials and one network of offensive and defensive level.

Second, do a good job in military and military cooperation, relying on the Internet to set up a network of enterprises to improve the training area, to promote military and civilian ability to run between the offensive and defensive, and jointly improve the ability to prevent unknown risks.

Third, the organization of civil network security companies and hackers talent, to carry out network security competition and other activities, mutual confirmation, and jointly improve the level of network security technology and tactics.

Network reserve, to build a strong network of troops to provide the source of strength. Reserve as a reserve force of national defense, both military and civilian dual characteristics, is to achieve cyberspace economic development and national defense construction of organic unity of the powerful initiatives.

First, the national security sector as the leading, according to the national interests of the overall planning, the introduction of the network defense reserve is conducive to the construction of a series of laws and regulations, from the top to solve the network defense reserve construction in the construction of the main division of labor, promotion strategy, problem.

Second, innovative reserve organization and leadership system and comprehensive coordination mechanism, there are plans to reserve construction into the national network of information development at all levels and various fields.

Third, focus on the military and local management reform of the two models to the provincial and municipal governments, military and local enterprises and institutions under the management mechanism to establish a network of national defense reserve personnel to jointly use the mechanism, improve the national emergency mobilization mechanism, the establishment of national network defense professionals Database, the network militia and reserve forces into the scope of the people’s armed mobilization, usually in accordance with the provisions of the militia emergency unit into the training, the urgent selection of elite personnel with the team to participate in the task of non-war military operations, wartime, So that the national defense potential into national defense strength. (An Weiping, deputy chief of staff of the northern theater)

Original Mandarin Chinese:

原題:從守衛“網絡營門”走向守衛“網絡國門”

原載:《國防參考》2017年第3期

網絡空間誕生於軍事領域,如首台計算機、阿帕網和GPS導航系統等都源於軍方,時至今日,網絡空間安全已與國家安全息息相關,軍隊又再次成為維護國家網絡空間安全的主角,無論是面對常態化的網絡滲透,還是大規模的網絡攻擊,都迫切需要軍隊從守衛“網絡營門”走向守衛“網絡國門”,突破傳統的軍隊使命任務,突破傳統的應戰備戰模式,以全新的網絡國防思維,鑄造網絡時代國之堅盾。

從“網絡營門”到“網絡國門”,新時代帶來軍隊使命新趨勢

網絡空間不僅事關國家戰略利益維護,直接影響政治、經濟、文化安全和社會發展,也成為現代戰場聯合作戰的血脈和紐帶。中國軍隊不能局限於維護軍營內部網絡安全,更要主動適應時代趨勢,勇於承擔把守“網絡國門”的國家擔當。網絡強軍是網絡強國建設的重要一環,從“網絡營門”走向“網絡國門”是信息時代國內外形勢發展的必然趨勢。

守衛“網絡國門”是網絡空間安全形勢所迫。中國作為第一網絡大國,安全狀況不容樂觀,戰略對手從未停止對我網絡作戰准備。美、英、法等國積極備戰網絡空間,通過網絡空間安全立法賦予軍隊職能,發展網絡戰部隊,研發網絡戰武器裝備,將戰爭推進到了人類的“第五空間”,特別是在中國日益強大崛起的歷史進程中,西方國家在冷戰思維和遏制顛覆戰略的主導下,利用網絡技術手段和傳播方式實施不間斷的騷擾、顛覆和網絡攻擊行動,嚴重影響我國家安全與社會發展,中國逐漸成為網絡安全威脅的重災區、病毒攻擊的試驗場、意識滲透的目的地,國家安全面臨著巨大風險。

未來一段時期內,中國作為新興大國,與各方利益沖突還將加劇,堅定推進網絡國防戰略,加強網絡空間的作戰准備,是積極爭取網絡空間的主導權和話語權的必然途徑,也是中國崛起的必由之路。軍隊作為國家安全穩定的主要力量,必須適應網絡空間特點要求,成為抗擊網絡入侵、網絡顛覆的中堅和主力,維護國家安全和社會穩定。

打贏網絡戰爭是信息時代新軍事變革所趨。網絡技術作為信息時代最先進生產力之一,使得網絡空間作戰成為引導現代戰爭形態演變的主導因素,影響著戰爭全局。近年來,從伊朗“震網”攻擊、俄格沖突網絡戰、烏克蘭電網遭大規模阻癱以及美軍對IS的網絡攻擊,網絡空間在實戰中所展現出的巨大作用逐漸顯現,預示著網絡作戰已成為未來聯合作戰重要樣式。

美軍高度重視網絡空間軍備建設,成立網絡空間司令部,推出網絡空間聯合作戰條令,大幅度擴編網絡戰部隊,極力維護其在網絡空間霸權,把對網絡空間控制能力作為形成“第三次抵消戰略”絕對優勢最重要的競爭內容。

世界多國紛紛跟進,網絡空間軍事化趨勢明顯。嚴峻的網絡空間軍事斗爭形勢要求中國軍隊著眼網絡戰場空間變化,適應信息化戰爭時代要求,實現在網絡空間能打仗、打勝仗的強軍目標。

有效網絡懾戰是加速網絡強國建設內在所需。在中國由網絡大國向網絡強國發展過程中,離不開強大的網絡空間軍事力量作為保障。網絡空間國際競爭表現為國家綜合實力的全面博弈,其中,網絡軍事能力建設的好壞,直接關系到國家安全與穩定,牽一發而動全身,是整個國家安全領域的核心要素。

當前,世界各國在網絡空間的利益互相滲透,出現“你中有我、我中有你,互相合作,共同發展”的局面。但是這種共同發展是不對等的,美國及西方強國利用網絡空間主導權,已經取得了一定的網絡懾戰優勢,使我網絡發展及利益受制於人。軍隊如何在網絡強國建設中完成守土有責的使命重托,前提就是要形成能夠遏制危機、懾控對手的網絡攻防能力,確保和平發展的網絡環境。

因此,軍隊需要確立有效懾戰的威懾戰略目標,形成能與敵“相互摧毀”的戰略制衡能力,從而增強戰略競爭力,懾止網絡空間侵略,保障網絡強國戰略順利推進。

從“守土有責”到“護網衛國”,新形勢要求軍隊承擔新任務

軍隊是保衛國家安全的主力和柱石,網絡空間也不例外。2015年7月1日施行的《國家安全法》規定:“中華人民共和國公民、一切國家機關和武裝力量、各政黨和各人民團體、企業事業組織和其他社會組織,都有維護國家安全的責任和義務。”2016年11月頒布的《網絡安全法》強調了要維護網絡空間主權和國家安全。

在這兩個國家法律的基礎上,2016年12月27日,《國家網絡空間安全戰略》(下文簡稱《戰略》)正式出台,為在新的起點上開創網絡強國新格局提供了總體指導和基本遵循,明確提出了九大戰略任務,進一步體現了軍隊在建設網絡強國進程中的使命任務。

全力護網的國家使命,軍隊要做捍衛網絡空間主權的堅強柱石。《戰略》中列出的九大戰略任務首項就是“堅定捍衛網絡空間主權”,明確提出要“採取包括經濟、行政、科技、法律、外交、軍事等一切措施,堅定不移地維護我國網絡空間主權”。可見,軍隊須承擔起運用實體空間的軍事手段,保衛虛擬網絡空間主權安全和利益的國家使命。

網絡空間主權是國家的核心利益,是國家主權的重要組成,表明國家在網絡空間所擁有的獨立權、平等權、自衛權和管理權。一旦敵對勢力侵犯了我網絡空間主權,就等同於侵犯了我陸海空等實體空間的國家主權,中國將有權利採取包括軍事手段在內的一切措施給予堅決回擊。

在國際上,美國早就提出網絡空間威懾戰略,宣告對美國網絡信息設施的攻擊等同於戰爭行為,美國會採取軍事打擊措施進行報復。軍事手段是維護國家主權的保底手段,在維護國家網絡空間安全中發揮著至關重要的作用。因此,陸海空天軍事力量理所應當地被賦予了保護網絡空間主權的歷史使命,必須憑借強大的實體空間武力保衛網絡空間的國家利益,有力震懾敵對勢力的網絡破壞企圖。

依網衛國的時代擔當,軍隊要做保衛國家安全的壓艙石。《戰略》任務的第二項著力強調要堅決維護國家安全,防范、制止和依法懲治任何利用網絡進行叛國、分裂國家、煽動叛亂、顛覆或者煽動顛覆人民民主專政政權的行為。

信息網絡時代,世界各國軍隊都已經成為網絡空間重要參與者,網絡空間能力水平成為評估一個國家軍隊現代化程度的主要指標,遂行網絡空間使命任務、維護國家安全成為信息化軍隊的主要職責之一。

從中國發展所處的歷史進程來看,要適應全面建成小康社會決勝階段的國家安全戰略需求,必須高度警惕國家在網絡空間被侵略、被顛覆、被分裂的危險,高度警惕由網絡空間引發改革發展大局被破壞的危險,高度警惕中國特色社會主義發展進程被干擾、破壞的危險。

防患於未然,要求國家必須具有應對和處置這些危險的手段措施,具有防范、制止和依法懲治網絡空間違法破壞行為的強大力量。保衛國家歷來是軍隊不可推卸的歷史責任,固有的使命任務決定了中國軍隊必須承擔起在網絡空間採取各種措施,維護國家政治、經濟、文化安全和社會穩定的時代擔當。

攻防兼備的戰略任務,軍隊要做提升網絡空間防護能力的堅強后盾。《戰略》中九大任務的第三項和第八項明確提出,要採取一切必要措施保護關鍵信息基礎設施及其重要數據不受攻擊破壞,要堅持技術和管理並重、保護和震懾並舉;要建設與我國國際地位相稱、與網絡強國相適應的網絡空間防護力量,大力發展網絡安全防御手段,及時發現和抵御網絡入侵,鑄造維護國家網絡安全的堅強后盾。在國家所有維護安全的政治、外交、軍事、科技能力中,軍事力量歷來是所有能力的基礎和支撐,是所有能力的根本保障,是國家安全的最終依托。

因此,軍隊必須承擔起提升國家網絡空間防護能力堅強后盾的戰略任務。現實社會中,軍隊是維護國家安全的定心丸,在網絡空間也同樣應成為人民群眾的安全依賴和保障。軍隊作為國家網絡空間防護能力生成的重要一環,必須做到攻防兼備、懾戰一體,有能力堅決維護國家和人民在網絡空間的利益和安全,能夠有效消除網絡安全威脅造成的各種危機和思想動蕩,使人民能夠切實感受到生產生活得到有效保護,成為全國人民對國家網絡防護能力充滿信心的底氣所在。

聯防聯治的全球責任,軍隊要做維護全球網絡安全的重要支撐。《戰略》任務最后一項明確提出要強化網絡空間國際合作,支持聯合國發揮主導作用,推動制定各方普遍接受的網絡空間國際規則、網絡空間國際反恐公約,健全打擊網絡犯罪司法協助機制,深化在政策法律、技術創新、標准規范、應急響應、關鍵信息基礎設施保護等領域的國際合作。

網絡恐怖主義和網絡犯罪是經過信息網絡發酵催化出的全球威脅新形態,對世界上所有國家的政治、經濟、軍事、文化安全都構成巨大威脅,僅僅依靠政府和民間的力量是不夠的,美國等西方國家紛紛賦予軍隊保護網絡安全的職責和打擊網絡恐怖主義的權限。維護全球網絡空間安全與穩定符合中國以及世界各國的根本利益,軍隊應成為全球網絡空間安全的重要維護者,成為打擊全球網絡恐怖主義和網絡犯罪的重要力量。

網絡的全球化、無界性決定了打擊網絡恐怖主義和跨國網絡犯罪的國際需求,軍隊應在聯合國安理會的框架下,推進國家間網絡治理軍事合作,利用網絡時代的戰略和技術,建立聯防聯治機制,切實維護國家和世界網絡空間安全。

從“沙場練兵”到“網絡備戰”,新領域需要軍隊備戰新舉措

在新的歷史形勢下,網絡空間對軍隊練兵備戰模式提出了全新的要求,應適應網絡空間新特點和軍隊新使命對傳統模式進行創新改革,以強國強軍目標為統攬,加強宏觀統籌,著眼網絡空間軍事行動的法理需求,緊扣網絡空間“軍民一體”的天然屬性,建設“平戰結合”的網絡安全攻防體系,打造“軍地兩用”的網絡國防力量。

立法賦權,為軍隊遂行職能使命提供法理依據。世界各國尤其是西方發達國家在網絡安全立法上高度重視網絡國防問題。美國先后出台了《國家安全第16號總統令》《網絡空間行動戰略》等一系列政策法規,對如何在網絡國防領域保護國家網絡安全進行了不斷的深化規范。

當前,從法律層面厘清網絡空間軍隊的職責任務非常必要,應以《國家安全法》《網絡安全法》為依據,出台網絡國防法和有關網絡空間軍事作戰條令法規,為網絡國防領域建設和軍事行動提供法規支撐和行動綱領,使軍隊在網絡空間的職責和使命更加明確具體。

一是通過網絡國防立法進一步界定網絡主權和網絡邊疆,清晰軍隊的職責范圍。

二是通過網絡作戰法規建設,明確軍隊遂行保衛國家網絡空間安全的行動權限,區分應對網絡入侵、網絡破壞等行為的軍事手段。三是通過網絡空間國際合作政策,明確軍隊協同他國、民間力量等打擊國際網絡恐怖主義、網絡犯罪的職能任務。

軍民融合,為網絡強國建設提供創新動力。軍民融合是世界強國提升網絡空間競爭力的主要做法,對於中國網絡強國建設來說,構建軍民融合網絡安全攻防體系,開發軍地兩用的國防信息基礎設施,是激發軍隊網絡空間作戰能力創新的源泉。

一是統籌國家、軍隊和各級政府等軍民融合職能部門,設置專門的指揮協調機構,調動一切國家網絡力量,建設“軍民一體”“平戰結合”的網絡安全攻防體系。

二是盡快出台網絡安全軍民融合深度發展指導性意見,逐步展開軍民融合基本法律研究論証,指導中長期軍民融合發展。

三是依托國家現有公共移動通信網、光纖通信網及衛星系統,軍民共建覆蓋全國全軍的信息基礎設施,實現軍民統建、分管共享。

四是建立軍民聯合的應急響應機制,加大培訓軍地主管部門控制事態的能力,加強專家和應急專業力量,提升快速恢復受損網絡或信息系統的能力。

軍民聯訓,為網絡空間軍事能力生成提供實戰化環境。網絡空間的軍民共用特性使得軍民聯訓成為世界各國網絡空間軍事演訓的重要方式。美國及北約等國家的網絡空間軍民聯合演習已經形成系列化,“網絡風暴”“網絡衛士”等演練活動吸引了政府、企業、研究機構甚至民間黑客的廣泛參與。我軍網絡空間軍事力量訓練也需要廣泛吸引民間力量參與。

一是搞好軍政合作,建立軍民聯合攻防演練機制,借鑒美國等發達國家網絡戰演練中的紅藍對抗訓練方法,積極建設“國家網絡靶場”,策劃政府、民間機構系列聯合演習,提升軍民一體、官民一體的網絡攻防水平。

二是搞好軍企協作,在互聯網上依靠網信企業設置演練場區,促進軍民之間攻防能力磨合,共同提高防范未知風險能力。

三是組織民間網絡安全公司和黑客人才,開展網絡安全競賽等活動,互相印証,共同提高網絡安全防護技戰術水平。

網絡預備役,為建設強大網軍提供力量源泉。預備役作為國防力量的后備補充,兼有軍事和民用雙重特點,是實現網絡空間經濟發展與國防建設有機統一的有力舉措。

一是以國家安全部門為主導,依據國家利益進行統籌規劃,出台有利於網絡國防預備役建設的系列法規政策,從頂層上解決網絡國防預備役建設中軍民共建的主體分工、推進策略、利益協調等問題。

二是創新預備役組織領導體制和綜合協調機制,有計劃地把預備役建設融入國家網絡信息化發展的各個層面和各個領域。

三是著眼軍隊和地方兩頭管理模式改革,以各省市政府、軍隊和地方企事業單位的管理機制為依托,建立網絡國防預備役人才聯合培養使用機制,完善國家應急動員機制,建立國家網絡防御專用人才數據庫,將網絡民兵和預備役部隊建設納入人民武裝動員的范圍,平時按規定編入民兵應急分隊進行訓練,急時挑選精干人員隨隊參加遂行非戰爭軍事行動任務,戰時按需要成建制征召使用,使國防潛力轉變為國防實力。

 

Referring URL:

http://military.people.com.cn/BIG5/n1/2017/0417/c1011-29215670.html

中國政府要求公開評論保護中國關鍵基礎設施 // Chinese Government Requests Public Comment on Securing China Critical Infrastructure

中國政府要求公開評論保護中國關鍵基礎設施

Chinese Government Requests Public Comment on Securing China Critical Infrastructure

Notice of the National Internet Information Office on the Public Opinion on the Protection of Key Information Infrastructure Security Regulations (Draft for Soliciting Opinions)

    In order to ensure the security of key information infrastructure, according to the “Internet Security Law of the People’s Republic of China”, we will draft the “Key Information Infrastructure Safety Protection Regulations (draft)” with the relevant departments. The relevant units and people of all walks of life may submit their views by August 10, 2017 by:

First, by mail to the views sent to: Xicheng District, Beijing Chegongzhuang Street on the 11th National Internet Information Office Network Security Coordination Bureau, Zip code 100044, and in the envelope marked “comments”.

Second, by e-mail to: security@cac.gov.cn.

 

Annex: Key information infrastructure security regulations (draft)

 

National Internet Information Office

 July 10, 2017

Key information infrastructure security regulations

(Draft)

Chapter 1 General Provisions

    Article 1 These Regulations are enacted in accordance with the Network Security Law of the People’s Republic of China in order to ensure the safety of key information infrastructures.

Article 2 These Regulations shall apply to the planning, construction, operation, maintenance and use of key information infrastructures within the territory of the People’s Republic of China and the protection of key information infrastructures.

Article 3 The key information infrastructure security protection adhere to the top design, overall protection, coordination, division of labor is responsible for the principle, give full play to the role of the main operation, the active participation of all parties to jointly protect the key information infrastructure security.

Article 4 The competent department of national industry or the supervisory department shall be responsible for guiding and supervising the protection of key information infrastructure in the industry and in the field in accordance with the division of responsibilities stipulated by the State Council.

State network letter department is responsible for coordinating the key information infrastructure security protection and related supervision and management work. The State Council public security, national security, state secrecy administration, national password management and other departments within their respective responsibilities are responsible for the relevant network security protection and supervision and management work.

The relevant departments of the local people’s governments at or above the county level shall carry out the key information infrastructure safety protection work in accordance with the relevant provisions of the State.

Article 5 The operator of the key information infrastructure (hereinafter referred to as the operator) shall bear the responsibility for the security of the key information infrastructure of the unit, perform the obligation of network security protection, accept the government and social supervision, and bear social responsibility.

The country encourages network operators outside key information infrastructures to participate voluntarily in critical information infrastructure protection systems.

Article 6 Key information infrastructure In the network security level protection system, based on the implementation of key protection.

Article 7 Any person or organization who discovers the safety of the infrastructure of the critical information infrastructure shall have the right to report to the department of the letter, telecommunications, public security and industry supervisors or supervisors.

The department that receives the report shall handle it in a timely manner and if it does not belong to the duties of the department, it shall promptly transfer the department to be handled.

The relevant departments shall keep the relevant information of the whistleblower and protect the legitimate rights and interests of the whistleblower.

 

Chapter II Support and Safeguard

    Article 8 The State shall take measures to monitor, defend and dispose of network security risks and threats arising from the territory of the People ‘s Republic of China, protect the critical information infrastructure from attack, intrusion, interference and destruction, and punish the criminal activities of the Internet according to law.

Article 9 The State shall formulate policies such as industry, finance, taxation, finance and personnel, support the innovation of key information infrastructure related technologies, products and services, promote safe and reliable network products and services, train and select network security personnel, and improve key information The level of safety of the infrastructure.

Article 10 The State shall establish and improve the network security standard system and use standard guidance to standardize the work of key information infrastructure security protection.

Article 11 The people ‘s governments at or above the municipal level shall incorporate the key information infrastructure security protection into the overall planning of the economic and social development of the district, increase the investment and carry out the evaluation and evaluation of the work performance.

Article 12 The State encourages government departments, operators, scientific research institutions, network security services, industry organizations, network products and service providers to carry out key information infrastructure security cooperation.

Article 13 The competent department of industry or the supervisory department of the State shall set up or clarify the institutions and personnel who are responsible for the protection of key information infrastructure in the industry and in this field, and compile and organize the implementation of the industry, the network security planning in the field, and establish a sound work Funding protection mechanism and supervise the implementation.

Article 14 Energy, telecommunications, transportation and other industries shall provide key support and support for power supply, network communication, transportation and other aspects of emergency management and network function restoration of key information infrastructure network security incidents.

Article 15 Public security organs and other departments shall, according to law, investigate and punish illegal and criminal activities against and use key information infrastructures.

Article 16 Any individual or organization shall not engage in any of the following activities and actions that endanger the critical information infrastructure:

(I) attacks, intrusion, interference, and destruction of critical information infrastructures;

(B) illegally obtaining, selling or unauthorized access to information such as technical information that may be used exclusively for the safety of critical information infrastructures;

(Iii) unauthorized penetration of critical information infrastructures, aggressive scanning detection;

(D) knowing that others are engaged in activities that endanger the security of key information infrastructure and still provide assistance such as Internet access, server hosting, network storage, communication transmission, advertising promotion, payment settlement and so on;

(E) other activities and actions that endanger the critical information infrastructure.

Article 17 The State shall safeguard the network security based on the open environment and actively carry out international exchanges and cooperation in the field of key information infrastructure security.

 

Chapter 3 Key Information Infrastructure Scope

    Article 18 The network facilities and information systems operated and managed by the following units shall be included in the scope of protection of key information infrastructures in the event of damage, loss of function or data leakage, which may seriously endanger the national security, the people’s livelihood and the public interest.

(A) government agencies and energy, finance, transportation, water conservancy, health care, education, social security, environmental protection, public utilities and other sectors of the unit;

(B) telecommunications networks, radio and television networks, the Internet and other information networks, and provide cloud computing, large data and other large public information network services units;

(3) scientific research and production units in the fields of national defense science and technology, large-scale equipment, chemical industry, food and medicine industry;

(4) news units such as radio stations, television stations and news malls;

(5) other key units.

Article 19 The State Network Letter Department shall, in conjunction with the competent departments of telecommunications under the State Council and the public security departments, formulate guidelines for the identification of key information infrastructure.

National industry supervisors or regulators organize identification of the industry and key information infrastructures in the field in accordance with the key information infrastructure identification guidelines and submit the identification results according to the procedures.

Key information infrastructure identification process, should give full play to the role of experts, improve the identification of key information infrastructure identification accuracy, rationality and scientific.

Article 20 If a major change in the key information infrastructure or key information infrastructure has occurred, the operator shall promptly report the relevant situation to the national competent or supervisory department.

The national industry supervisor or the supervisory department shall promptly carry out the identification and adjustment according to the situation reported by the operator and submit the adjustment according to the procedure.

 

Chapter IV Operator Safety Protection

    Article 21 The construction of a key information infrastructure shall ensure that it has the performance of supporting the stable and continuous operation of the business and ensures that the safety and technical measures are synchronized, synchronized and synchronized.

Article 22 The principal responsible person of the operator is the first person responsible for the safety protection work of the key information infrastructure of the unit. It is responsible for establishing and perfecting the network security responsibility system and organizing the implementation, and is fully responsible for the security protection of the key information infrastructure of the unit.

Article 23 The operator shall, in accordance with the requirements of the network security level protection system, perform the following security protection obligations to protect the critical information infrastructure from interference, damage or unauthorized access to prevent the leakage or theft of the network data:

(1) to formulate internal safety management systems and operating procedures, strict identity authentication and rights management;

(B) to take technical measures to prevent computer viruses and network attacks, network intrusion and other hazards to network security behavior;

(3) to take technical measures to monitor and record the operation status of the network and the network security incident, and keep the relevant network log in accordance with the regulations for not less than six months;

(D) to take data classification, important data backup and encryption authentication and other measures.

Article 24 In addition to Article 23 of these Regulations, the operator shall perform the following safety and protection obligations in accordance with the requirements of national laws and regulations and the mandatory requirements of the relevant national standards:

(A) set up a dedicated network security management and network security management, and the person in charge and key positions for security background review;

(2) regularly carry out network security education, technical training and skills assessment for employees;

(C) of the important systems and databases for disaster recovery, in time for system vulnerabilities and other security risks to take remedial measures;

(D) the development of network security incident contingency plans and regular exercise;

(5) other obligations stipulated by laws and administrative regulations.

Article 25 The person in charge of network security management of the operator shall perform the following duties:

(1) to formulate network security rules and regulations, operational procedures and supervise the implementation;

(2) organizing the skills assessment of key positions;

(3) to formulate and implement the network safety education and training program of the unit;

(4) to organize network security checks and emergency drills to deal with the handling of network security incidents;

(5) to report to the relevant departments of the country on network security important matters, events.

Article twenty-sixth operators of network security key positions of professional and technical personnel to implement the system of certificates.

The specific provisions of the promulgation of posts by the State Council human resources and social security departments in conjunction with the State Network letter and other departments to develop.

Article 27 Operators shall organize the training of network safety education for employees. Each year, the training time shall not be less than one working day, and the number of professional and technical personnel in key positions shall not be less than 3 working days per year.

Article 28 The operator shall establish and improve the safety assessment and evaluation system for the key information infrastructure, and carry out the safety inspection and evaluation when the key information infrastructure is on or after the major changes.

The operator shall, at its own expense, entrust the network security service organization to carry out at least one annual inspection and evaluation of the safety and possible risk of the key information infrastructure, rectify the problems found in time and report the relevant situation to the national industry supervisor or the supervisory department The

Article 29 Personal information and important data collected and produced by the operator in the operation of the People’s Republic of China shall be stored in the territory. For business needs, it is necessary to provide overseas, should be in accordance with personal information and important data outbound security assessment methods to assess; laws, administrative regulations otherwise provided, in accordance with its provisions.

 

Chapter 5 Product and Service Security

    Article 30 The key equipment and network security special products purchased and used by the operators shall comply with the requirements of laws and administrative regulations and the mandatory requirements of relevant national standards.

Article 31 Where an operator purchases a network product and service that may affect the security of the State, it shall, through the network security review, sign a security confidentiality agreement with the provider in accordance with the requirements of the safety inspection method of the network product and service.

Article 32 Operators shall carry out safety testing on the system, software, and donated network products that have been developed for outsourcing.

Article 33 Where an operator finds that there is a risk of security defects or loopholes in the use of the network products and services, it shall promptly take measures to eliminate the risks and involve significant risks in reporting to the relevant departments.

Article 34 The operation and maintenance of key information infrastructures shall be implemented in the territory. Due to business needs, do need to remote maintenance, should be reported to the national industry executives or regulatory authorities and the State Council public security departments.

Article 35 Institutions that carry out safety assessment and evaluation, publish security threats such as system vulnerabilities, computer viruses, and network attacks for key information infrastructures, provide services such as cloud computing and information technology outsourcing, shall meet the relevant requirements.

The specific requirements by the State Network letter department in conjunction with the relevant departments of the State Council to develop.

 

Chapter 6 Monitoring, Early Warning, Emergency Handling and Testing

    Article 36 The national network communication department shall co-ordinate the establishment of the key information infrastructure network security monitoring and early warning system and the information communication system, organize and guide the relevant agencies to carry out the network security information summary, analyze and judge the report, and publish the network security monitoring and early warning information according to the regulations The

Article 37 The competent department of industry or the supervisory department of the State shall establish and improve the network security monitoring and early warning and information reporting system of the key information infrastructure in this industry, and keep abreast of the industry, the operation status of the key information infrastructure in the field and the security risks, Inform the operator about safety risks and related work information.

The national industry supervisor or the supervisory department shall organize the judgment of the safety monitoring information, and if it is necessary to take immediate preventive measures, it shall promptly issue the early warning information and emergency preventive measures to the relevant operators and, in accordance with the requirements of the national network security incident contingency plan, Relevant departments report.

Article 38 The national network communication department shall coordinate the relevant departments, operators and relevant research institutions and network security service agencies to establish a network information sharing mechanism for key information infrastructure and promote the sharing of network security information.

Article 39 In accordance with the requirements of the national network security incident contingency plan , the State Network shall, in accordance with the requirements of the national network security incident contingency plan, coordinate the relevant departments to establish and perfect the key information infrastructure network security emergency coordination mechanism, strengthen the network security emergency power construction, and coordinate the relevant departments to organize cross- Regional network security emergency drills.

National industry supervisors or regulators should organize the development of the industry, the field of network security incident contingency plans, and regularly organize exercises to enhance the network security incident response and disaster recovery capabilities. After major network security incidents or early warning information received by the network letter department, should immediately start the contingency plan to respond, and timely report on the situation.

Article 40 The competent department of national industry or the regulatory department shall regularly organize the inspection and inspection of the safety risks of the industry and the key information infrastructure in the field and the performance of the operators’ performance of safety protection, and propose measures to improve the supervision and supervision of the operators in time The problems found in the assessment.

State network letter department co-ordinate the relevant departments to carry out the spot checks to prevent cross-testing and evaluation.

Article 41 The relevant departments shall organize the assessment and evaluation of the key information infrastructure safety, and shall adhere to the principle of objectivity, impartiality, efficiency and transparency, adopt a scientific evaluation and evaluation method, standardize the inspection and evaluation process and control the risk of testing and evaluation.

Operators should be carried out by the relevant departments to implement the assessment and assessment to the assessment of the problems found in time for rectification.

Article 42 The relevant departments may organize the following measures to carry out the safety inspection and evaluation of key information infrastructure:

(1) requiring the relevant personnel of the operator to make a statement on the examination and evaluation;

(B) access to, retrieval, reproduction and safety protection related documents, records;

(C) to view the network security management system development, implementation and network security technical measures planning, construction, operation;

(4) to use the testing tools or commissioned by the network security services for technical testing;

(5) other necessary means agreed by the operator.

Article 43 The information obtained by the relevant departments and the network security service organizations in the assessment of key information infrastructure safety inspection and evaluation can only be used for the maintenance of network security and shall not be used for other purposes.

Article 44 The relevant departments shall organize the assessment of the security of the key information infrastructure, and shall not charge the units to be tested and tested, and shall not require the persons to be tested and appraised to purchase the designated brand or the products and services of the designated production and sales units.

 

Chapter VII Legal Liability

    Article 45 An operator shall fail to perform the provisions of Article 20, Paragraph 1, Article 21, Article 23, Article 24, Article 26, Article 27, and Article 2 Article 18, Article 30, Article 32, Article 33, Article 34 of the network security protection obligations, by the relevant authorities in accordance with their duties ordered to correct, give a warning; refused to correct or Resulting in damage to the network security and other consequences, at a fine of more than 100,000 yuan a million yuan, the person in charge directly responsible for more than 10,000 yuan more than 100,000 yuan fine.

Article 46 Where an operator violates the provisions of Article 29 of these Regulations, he or she shall, in accordance with his / her duties, make corrections, give a warning, confiscate the illegal income, And shall be ordered to suspend the relevant business, suspend business for rectification, close the website, revoke the relevant business license; the person directly in charge and other directly responsible persons shall be fined not less than 10,000 yuan but not more than 100,000 yuan The

Article 47 Where an operator violates the provisions of Article 31 of these Regulations and uses the network products or services that have not passed the security examination or security examination, the relevant competent department of the State shall order it to cease to use and double the purchase amount More than ten times the fine; the person in charge directly responsible and other directly responsible persons at a fine of not less than 10,000 yuan but not more than 100,000 yuan.

Article 48 Where an individual violates the provisions of Article 16 of these Regulations and does not constitute a crime, the public security organ shall confiscate the illegal gains and shall be detained for less than five days and shall be fined not less than 50,000 yuan but not more than 500,000 yuan; Shall be imposed a fine of not less than 100,000 yuan but not more than one million yuan; if the case constitutes a crime, the criminal responsibility shall be investigated according to law.

If the unit has any of the acts mentioned in the preceding paragraph, the public security organ shall confiscate the illegal gains and impose a fine of not less than 100,000 yuan but not more than one million yuan and impose penalties on the directly responsible person in charge and other directly responsible persons in accordance with the provisions of the preceding paragraph.

Violation of the provisions of Article XVI of the Ordinance, the criminal punishment of personnel, life shall not be engaged in key information infrastructure security management and network operations key positions in the work.

Article 49 Where the operator of a key information infrastructure of a state organ fails to perform the obligations of the network security protection provided for in these Regulations, the superior organ or the relevant organ shall order it to make corrections; and the person directly in charge and other directly responsible persons shall be punished according to law.

Article 50 Where any of the following departments and their staff members commits any of the following acts, the directly responsible person in charge and other directly responsible persons shall be punished according to law; if a crime is constituted, criminal responsibility shall be investigated according to law:

(A) in the work of the use of authority to obtain, accept bribes;

(B) neglect of duty, abuse of authority;

(Iii) unauthorized disclosure of relevant information, information and data files of key information infrastructures;

(4) other acts that violate statutory duties.

 Article 51 Where a major cyber security incident occurs in a critical information infrastructure, the responsibility for the investigation shall be identified, and the responsibility for the relevant network security service and relevant departments shall be identified in addition to the investigation of the responsibility of the operating unit and the investigation , For dereliction of duty, dereliction of duty and other violations, shall be held accountable.

Article 52 If the organs, organizations and individuals engaged in attack, intrusion, interference, or damage to the key information infrastructure of the People’s Republic of China cause serious consequences, they shall be investigated for legal responsibility according to law; the public security department of the State Council and the State security organ And the relevant departments and may decide to impose a frozen property or other necessary sanctions on the institution, organization or individual.

 

Chapter VIII Supplementary Provisions

    Article 53 The security protection of key information infrastructures involved in the storage and handling of information concerning state secrets shall also be subject to the provisions of confidentiality laws and administrative regulations.

Critical information infrastructure in the use and management of passwords, should also comply with the password laws and administrative regulations.

 Article 54 The security protection of military key information infrastructures shall be separately stipulated by the Central Military Commission.

Article 55 These Regulations shall enter into force on the date of ****.

Original Mandarin Chinese:

關鍵信息基礎設施安全保護條例
(徵求意見稿)

第一章 總則
第一條 為了保障關鍵信息基礎設施安全,根據《中華人民共和國網絡安全法》,制定本條例。
第二條 在中華人民共和國境內規劃、建設、運營、維護、使用關鍵信息基礎設施,以及開展關鍵信息基礎設施的安全保護,適用本條例。
第三條 關鍵信息基礎設施安全保護堅持頂層設計、整體防護,統籌協調、分工負責的原則,充分發揮運營主體作用,社會各方積極參與,共同保護關鍵信息基礎設施安全。
第四條 國家行業主管或監管部門按照國務院規定的職責分工,負責指導和監督本行業、本領域的關鍵信息基礎設施安全保護工作。
國家網信部門負責統籌協調關鍵信息基礎設施安全保護工作和相關監督管理工作。國務院公安、國家安全、國家保密行政管理、國家密碼管理等部門在各自職責範圍內負責相關網絡安全保護和監督管理工作。
縣級以上地方人民政府有關部門按照國家有關規定開展關鍵信息基礎設施安全保護工作。
第五條 關鍵信息基礎設施的運營者(以下稱運營者)對本單位關鍵信息基礎設施安全負主體責任,履行網絡安全保護義務,接受政府和社會監督,承擔社會責任。
國家鼓勵關鍵信息基礎設施以外的網絡運營者自願參與關鍵信息基礎設施保護體系。
第六條 關鍵信息基礎設施在網絡安全等級保護製度基礎上,實行重點保護。
第七條 任何個人和組織發現危害關鍵信息基礎設施安全的行為,有權向網信、電信、公安等部門以及行業主管或監管部門舉報。
收到舉報的部門應當及時依法作出處理;不屬於本部門職責的,應當及時移送有權處理的部門。
有關部門應當對舉報人的相關信息予以保密,保護舉報人的合法權益。

第二章 支持與保障
第八條 國家採取措施,監測、防禦、處置來源於中華人民共和國境內外的網絡安全風險和威脅,保護關鍵信息基礎設施免受攻擊、侵入、干擾和破壞,依法懲治網絡違法犯罪活動。
第九條國家製定產業、財稅、金融、人才等政策,支持關鍵信息基礎設施安全相關的技術、產品、服務創新,推廣安全可信的網絡產品和服務,培養和選拔網絡安全人才,提高關鍵信息基礎設施的安全水平。
第十條 國家建立和完善網絡安全標準體系,利用標準指導、規範關鍵信息基礎設施安全保護工作。
第十一條 地市級以上人民政府應當將關鍵信息基礎設施安全保護工作納入地區經濟社會發展總體規劃,加大投入,開展工作績效考核評價。
第十二條 國家鼓勵政府部門、運營者、科研機構、網絡安全服務機構、行業組織、網絡產品和服務提供者開展關鍵信息基礎設施安全合作。
第十三條國家行業主管或監管部門應當設立或明確專門負責本行業、本領域關鍵信息基礎設施安全保護工作的機構和人員,編制並組織實施本行業、本領域的網絡安全規劃,建立健全工作經費保障機制並督促落實。
第十四條 能源、電信、交通等行業應當為關鍵信息基礎設施網絡安全事件應急處置與網絡功能恢復提供電力供應、網絡通信、交通運輸等方面的重點保障和支持。
第十五條 公安機關等部門依法偵查打擊針對和利用關鍵信息基礎設施實施的違法犯罪活動。
第十六條 任何個人和組織不得從事下列危害關鍵信息基礎設施的活動和行為:
(一)攻擊、侵入、干擾、破壞關鍵信息基礎設施;
(二)非法獲取、出售或者未經授權向他人提供可能被專門用於危害關鍵信息基礎設施安全的技術資料等信息;
(三)未經授權對關鍵信息基礎設施開展滲透性、攻擊性掃描探測;
(四)明知他人從事危害關鍵信息基礎設施安全的活動,仍然為其提供互聯網接入、服務器託管、網絡存儲、通訊傳輸、廣告推廣、支付結算等幫助;
(五)其他危害關鍵信息基礎設施的活動和行為。
第十七條 國家立足開放環境維護網絡安全,積極開展關鍵信息基礎設施安全領域的國際交流與合作。

第三章 關鍵信息基礎設施範圍
第十八條 下列單位運行、管理的網絡設施和信息系統,一旦遭到破壞、喪失功能或者數據洩露,可能嚴重危害國家安全、國計民生、公共利益的,應當納入關鍵信息基礎設施保護範圍:
(一)政府機關和能源、金融、交通、水利、衛生醫療、教育、社保、環境保護、公用事業等行業領域的單位;
(二)電信網、廣播電視網、互聯網等信息網絡,以及提供雲計算、大數據和其他大型公共信息網絡服務的單位;
(三)國防科工、大型裝備、化工、食品藥品等行業領域科研生產單位;
(四)廣播電台、電視台、通訊社等新聞單位;
(五)其他重點單位。
第十九條 國家網信部門會同國務院電信主管部門、公安部門等部門製定關鍵信息基礎設施識別指南。
國家行業主管或監管部門按照關鍵信息基礎設施識別指南,組織識別本行業、本領域的關鍵信息基礎設施,並按程序報送識別結果。
關鍵信息基礎設施識別認定過程中,應當充分發揮有關專家作用,提高關鍵信息基礎設施識別認定的準確性、合理性和科學性。
第二十條 新建、停運關鍵信息基礎設施,或關鍵信息基礎設施發生重大變化的,運營者應當及時將相關情況報告國家行業主管或監管部門。
國家行業主管或監管部門應當根據運營者報告的情況及時進行識別調整,並按程序報送調整情況。

第四章 運營者安全保護
第二十一條 建設關鍵信息基礎設施應當確保其具有支持業務穩定、持續運行的性能,並保證安全技術措施同步規劃、同步建設、同步使用。
第二十二條 運營者主要負責人是本單位關鍵信息基礎設施安全保護工作第一責任人,負責建立健全網絡安全責任制並組織落實,對本單位關鍵信息基礎設施安全保護工作全面負責。
第二十三條 運營者應當按照網絡安全等級保護製度的要求,履行下列安全保護義務,保障關鍵信息基礎設施免受干擾、破壞或者未經授權的訪問,防止網絡數據洩漏或者被竊取、篡改:
(一)制定內部安全管理制度和操作規程,嚴格身份認證和權限管理;
(二)採取技術措施,防範計算機病毒和網絡攻擊、網絡侵入等危害網絡安全行為;
(三)採取技術措施,監測、記錄網絡運行狀態、網絡安全事件,並按照規定留存相關的網絡日誌不少於六個月;
(四)採取數據分類、重要數據備份和加密認證等措施。
第二十四條 除本條例第二十三條外,運營者還應當按照國家法律法規的規定和相關國家標準的強制性要求,履行下列安全保護義務:
(一)設置專門網絡安全管理機構和網絡安全管理負責人,並對該負責人和關鍵崗位人員進行安全背景審查;
(二)定期對從業人員進行網絡安全教育、技術培訓和技能考核;
(三)對重要係統和數據庫進行容災備份,及時對系統漏洞等安全風險採取補救措施;
(四)制定網絡安全事件應急預案並定期進行演練;
(五)法律、行政法規規定的其他義務。
第二十五條 運營者網絡安全管理負責人履行下列職責:
(一) 組織製定網絡安全規章制度、操作規程並監督執行;
(二)組織對關鍵崗位人員的技能考核;
(三)組織製定並實施本單位網絡安全教育和培訓計劃;
(四)組織開展網絡安全檢查和應急演練,應對處置網絡安全事件;
(五)按規定向國家有關部門報告網絡安全重要事項、事件。
第二十六條 運營者網絡安全關鍵崗位專業技術人員實行執證上崗制度。
執證上崗具體規定由國務院人力資源社會保障部門會同國家網信部門等部門製定。
第二十七條 運營者應當組織從業人員網絡安全教育培訓,每人每年教育培訓時長不得少於1個工作日,關鍵崗位專業技術人員每人每年教育培訓時長不得少於3個工作日。
第二十八條 運營者應當建立健全關鍵信息基礎設施安全檢測評估制度,關鍵信息基礎設施上線運行前或者發生重大變化時應當進行安全檢測評估。
運營者應當自行或委託網絡安全服務機構對關鍵信息基礎設施的安全性和可能存在的風險隱患每年至少進行一次檢測評估,對發現的問題及時進行整改,並將有關情況報國家行業主管或監管部門。
第二十九條 運營者在中華人民共和國境內運營中收集和產生的個人信息和重要數據應當在境內存儲。因業務需要,確需向境外提供的,應當按照個人信息和重要數據出境安全評估辦法進行評估;法律、行政法規另有規定的,依照其規定。

第五章 產品和服務安全
第三十條 運營者採購、使用的網絡關鍵設備、網絡安全專用產品,應當符合法律、行政法規的規定和相關國家標準的強制性要求。
第三十一條 運營者採購網絡產品和服務,可能影響國家安全的,應當按照網絡產品和服務安全審查辦法的要求,通過網絡安全審查,並與提供者簽訂安全保密協議。
第三十二條 運營者應當對外包開發的系統、軟件,接受捐贈的網絡產品,在其上線應用前進行安全檢測。
第三十三條 運營者發現使用的網絡產品、服務存在安全缺陷、漏洞等風險的,應當及時採取措施消除風險隱患,涉及重大風險的應當按規定向有關部門報告。
第三十四條 關鍵信息基礎設施的運行維護應當在境內實施。因業務需要,確需進行境外遠程維護的,應事先報國家行業主管或監管部門和國務院公安部門。
第三十五條 面向關鍵信息基礎設施開展安全檢測評估,發布系統漏洞、計算機病毒、網絡攻擊等安全威脅信息,提供雲計算、信息技術外包等服務的機構,應當符合有關要求。
具體要求由國家網信部門會同國務院有關部門製定。

第六章 監測預警、應急處置和檢測評估
第三十六條國家網信部門統籌建立關鍵信息基礎設施網絡安全監測預警體系和信息通報製度,組織指導有關機構開展網絡安全信息匯總、分析研判和通報工作,按照規定統一發佈網絡安全監測預警信息。
第三十七條國家行業主管或監管部門應當建立健全本行業、本領域的關鍵信息基礎設施網絡安全監測預警和信息通報製度,及時掌握本行業、本領域關鍵信息基礎設施運行狀況和安全風險,向有關運營者通報安全風險和相關工作信息。
國家行業主管或監管部門應當組織對安全監測信息進行研判,認為需要立即採取防範應對措施的,應當及時向有關運營者發布預警信息和應急防範措施建議,並按照國家網絡安全事件應急預案的要求向有關部門報告。
第三十八條 國家網信部門統籌協調有關部門、運營者以及有關研究機構、網絡安全服務機構建立關鍵信息基礎設施網絡安全信息共享機制,促進網絡安全信息共享。
第三十九條國家網信部門按照國家網絡安全事件應急預案的要求,統籌有關部門建立健全關鍵信息基礎設施網絡安全應急協作機制,加強網絡安全應急力量建設,指導協調有關部門組織跨行業、跨地域網絡安全應急演練。
國家行業主管或監管部門應當組織製定本行業、本領域的網絡安全事件應急預案,並定期組織演練,提升網絡安全事件應對和災難恢復能力。發生重大網絡安全事件或接到網信部門的預警信息後,應立即啟動應急預案組織應對,並及時報告有關情況。
第四十條國家行業主管或監管部門應當定期組織對本行業、本領域關鍵信息基礎設施的安全風險以及運營者履行安全保護義務的情況進行抽查檢測,提出改進措施,指導、督促運營者及時整改檢測評估中發現的問題。
國家網信部門統籌協調有關部門開展的抽查檢測工作,避免交叉重複檢測評估。
第四十一條 有關部門組織開展關鍵信息基礎設施安全檢測評估,應堅持客觀公正、高效透明的原則,採取科學的檢測評估方法,規範檢測評估流程,控制檢測評估風險。
運營者應當對有關部門依法實施的檢測評估予以配合,對檢測評估發現的問題及時進行整改。
第四十二條 有關部門組織開展關鍵信息基礎設施安全檢測評估,可採取下列措施:
(一)要求運營者相關人員就檢測評估事項作出說明;
(二)查閱、調取、複製與安全保護有關的文檔、記錄;
(三)查看網絡安全管理制度製訂、落實情況以及網絡安全技術措施規劃、建設、運行情況;
(四)利用檢測工具或委託網絡安全服務機構進行技術檢測;
(五)經運營者同意的其他必要方式。
第四十三條 有關部門以及網絡安全服務機構在關鍵信息基礎設施安全檢測評估中獲取的信息,只能用於維護網絡安全的需要,不得用於其他用途。
第四十四條 有關部門組織開展關鍵信息基礎設施安全檢測評估,不得向被檢測評估單位收取費用,不得要求被檢測評估單位購買指定品牌或者指定生產、銷售單位的產品和服務。

第七章 法律責任
第四十五條運營者不履行本條例第二十條第一款、第二十一條、第二十三條、第二十四條、第二十六條、第二十七條、第二十八條、第三十條、第三十二條、第三十三條、第三十四條規定的網絡安全保護義務的,由有關主管部門依據職責責令改正,給予警告;拒不改正或者導致危害網絡安全等後果的,處十萬元以上一百萬元以下罰款,對直接負責的主管人員處一萬元以上十萬元以下罰款。
第四十六條運營者違反本條例第二十九條規定,在境外存儲網絡數據,或者向境外提供網絡數據的,由國家有關主管部門依據職責責令改正,給予警告,沒收違法所得,處五萬元以上五十萬元以下罰款,並可以責令暫停相關業務、停業整頓、關閉網站、吊銷相關業務許可證;對直接負責的主管人員和其他直接責任人員處一萬元以上十萬元以下罰款。
第四十七條運營者違反本條例第三十一條規定,使用未經安全審查或安全審查未通過的網絡產品或者服務的,由國家有關主管部門依據職責責令停止使用,處採購金額一倍以上十倍以下罰款;對直接負責的主管人員和其他直接責任人員處一萬元以上十萬元以下罰款。
第四十八條個人違反本條例第十六條規定,尚不構成犯罪的,由公安機關沒收違法所得,處五日以下拘留,可以並處五萬元以上五十萬元以下罰款;情節較重的,處五日以上十五日以下拘留,可以並處十萬元以上一百萬元以下罰款;構成犯罪的,依法追究刑事責任。
單位有前款行為的,由公安機關沒收違法所得,處十萬元以上一百萬元以下罰款,並對直接負責的主管人員和其他直接責任人員依照前款規定處罰。
違反本條例第十六條規定,受到刑事處罰的人員,終身不得從事關鍵信息基礎設施安全管理和網絡運營關鍵崗位的工作。
第四十九條 國家機關關鍵信息基礎設施的運營者不履行本條例規定的網絡安全保護義務的,由其上級機關或者有關機關責令改正;對直接負責的主管人員和其他直接負責人員依法給予處分。
第五十條 有關部門及其工作人員有下列行為之一的,對直接負責的主管人員和其他直接責任人員依法給予處分;構成犯罪的,依法追究刑事責任:
(一)在工作中利用職權索取、收受賄賂;
(二)玩忽職守、濫用職權;
(三)擅自洩露關鍵信息基礎設施有關信息、資料及數據文件;
(四)其他違反法定職責的行為。
第五十一條關鍵信息基礎設施發生重大網絡安全事件,經調查確定為責任事故的,除應當查明運營單位責任並依法予以追究外,還應查明相關網絡安全服務機構及有關部門的責任,對有失職、瀆職及其他違法行為的,依法追究責任。
第五十二條境外的機構、組織、個人從事攻擊、侵入、干擾、破壞等危害中華人民共和國的關鍵信息基礎設施的活動,造成嚴重後果的,依法追究法律責任;國務院公安部門、國家安全機關和有關部門並可以決定對該機構、組織、個人採取凍結財產或者其他必要的製裁措施。

第八章 附則
第五十三條 存儲、處理涉及國家秘密信息的關鍵信息基礎設施的安全保護,還應當遵守保密法律、行政法規的規定。
關鍵信息基礎設施中的密碼使用和管理,還應當遵守密碼法律、行政法規的規定。
第五十四條 軍事關鍵信息基礎設施的安全保護,由中央軍事委員會另行規定。
第五十五條 本條例自****年**月**日起施行。

Referring URL:

http://www.cac.gov.cn/2017-07/11/c_1121294220.htm

中國軍隊分析北韓軍隊朝鲜先军时代军事战略问题研究 // Chinese Military Analysis of North Korean Army

中國軍隊分析北韓軍隊朝鲜先军时代军事战略问题研究 //

Chinese Military Analysis of North Korean Army

The first part of the preface

In the late 1980s and early 1990s, the drastic changes in the Eastern Europe, the disintegration of the Soviet Union and the socialist camp suffered great setbacks. In the mid-1990s, the Korean economy suddenly plunged into recession. In July 1994, Kim Il Sung died. At that time, people generally believe that North Korea is facing a serious crisis, the development prospects of North Korea is quite worrying. Nevertheless, North Korea has experienced three years of “mourning mourning”, and continue to missile test and nuclear test activities, and constantly strengthen its military power.

Into 2000, the DPRK has provoked the second, third Western war, carried out two nuclear tests, and the implementation of several missile test firing. In 2010, the DPRK in the West Sea (Korean Peninsula in the western waters) to create a “Cheonan ship incident” and “Yin Ping Island shelling incident.” North Korea’s military provocation, not only to South Korea, back to the surrounding countries to bring unease, but also to the security situation in Northeast Asia has brought great variables, and become an important factor in the regional arms competition.

September 1998, Kim Jong Il in the introduction of its regime, held high the banner of building a “strong power”, put forward a new political slogan – “first army politics.” To December 17, 2011 Kim Jong-il died, he had a long-17 years of strong rule of the DPRK. Kim Jong Il’s “first army politics” refers to all military work as the first, all military work as the most important, under the principle of military advance, to solve all the problems in the revolution and national construction, the people’s army as a pillar of the revolution , The political way of advancing the whole of socialism. It can be said that the first army politics is Kim Jong-Japanese political way. Its core content is that under the leadership of Kim Jong Il, the DPRK’s army actively responded to economic difficulties, social problems and security crisis, and strive to maintain the Korean-style socialist system. “Military strategy” is the DPRK in order to “first army politics” rooted in the Korean society, all to give priority to the development of national defense forces for all purposes, to give priority to the protection of national defense for the purpose of Kim Jong-Japanese military forces use.

In this paper, after the death of Kim Il Sung, Kim Jong-il system under the Korean military strategy development changes in the study, in particular, the DPRK in spite of the strong opposition from the international community, is still nuclear development and has a certain nuclear weapons after the strategic changes as a study Focus.

The second part of the Korean military strategy

First, the formation of the Korean military strategy background

The military strategy of the DPRK is gradually formed on the basis of Kim Il Sung’s military strategic thinking. Kim Il Sung’s military strategic thinking can be said to be the integration of formal warfare and guerrilla warfare. In the process of anti-Japanese activities in China and the former Soviet Union, Kim Il Sung accumulated a wealth of practical experience, which laid a solid foundation for the formation of its military strategic thinking. On the basis of these military experiences, Kim Il Sung put forward the “main tactics”, and stressed that “the main tactics” is the DPRK’s unique military strategy. In order to fully understand the DPRK’s military strategy, the study of Kim Il Sung’s military experience is very important.

In 1928, Kim Il Sung joined the Communist Youth League of China. Later, Kim Il Sung as a member of the Communist Party of China, in the East Manchuria, coastal state area carried out anti-Japanese activities behind enemy lines. Through the small Wangqing, the old Montenegro, Putian Fort fighting and other guerrilla warfare, Kim Il Sung from Mao Zedong’s military thinking to draw a wealth of wisdom and nutrition, and gradually realize the penetration war, guerrilla warfare, night war, behind enemy lines, large forces and small forces With the importance of tactics. Kim Il Sung was led behind the enemy’s anti-Japanese activities, the main fighting style for the ambush, raid, etc., but belong to the tactical category of guerrilla warfare. However, the DPRK will be these guerrilla warfare style exaggerated, propaganda into a large-scale battle, that is, a typical war in the revolutionary war. Because of this, today’s North Korean army still attaches great importance to guerrilla warfare.

In the late 1940s, Kim Il Sung had to flee to the former Soviet Union and was incorporated into the Red Army of the Soviet Union due to the encroachment of the Japanese Kwantung Army. At that time, Kim Il-sheng by learning Mikhail Nikolayevich Tukachevsky (1893 – 1939) prepared by the Marshal of the “workers and peasants Red Army field”, the military-style military organization , With the mobile combat-based battle compiled, the fire as the center of the weapons and equipment system and other content of the Soviet army’s regular war thinking has a certain understanding. Kim Il Sung’s military struggle in China and the former Soviet Union has played a very important role in the development of the military-based military forces in North Korea and the formation of military tactics such as speed warfare, raid warfare and cooperation. Through the Korean War, the DPRK in its military strategy to increase the annihilation of enemy forces surrounded by war, to promote political work, to ensure that the contents of war materials and so on. Through local conflicts, North Korea recognizes the need to strengthen the ability to cooperate with the war, strengthen the mechanized forces and air force. Based on the above, the DPRK continued to carry out the war to supplement and improve the method.

Figure 1: The formation of the Korean military strategy.

2
Figure 1: The formation of the Korean military strategy. [Save to album]

Source: Park Jung Pao, “North Korea’s Military Strategy Research”, “Korean Studies” Volume 6 (Seoul: Dongguo University, 2010), p.123.

Second, Kim Il Sung military strategy

1, preemptive attack strategy

Preemptive strategy is to choose the enemy completely unpredictable, or even if it can be expected but there is no time to respond to the timing, places and methods to attack each other’s strategy. Preemptive attack strategy can maximize the play to a sudden, fast, secret, camouflage, etc.. Often, the implementation of surprise operations, you can at the lowest cost, get the maximum combat effect. Kim Il Sung has repeatedly stressed that to do surprise success, usually must maintain a good fighting situation. Not only that, the combat troops have to really have the ability to completely destroy each other’s combat capability. This means that the purpose of pre-emptive surprise strategy is through the efficient and fast combat operations, in a short time focus on fighting forces, the complete destruction of enemy combat forces.

In order to implement pre-emptive surprise attacks, North Korea will be the deployment of most of the military forces in the front area. In the structure of the troops, but also highlights the rapid response, flexible and flexible features. It is particularly worth mentioning that North Korea will be about 70% of the military forces deployed in Pyongyang – Yuan Shan line south, if the DPRK made surprise attack decision, then the North Korean troops do not have another combat deployment, you can directly to South Korea to take military action.

2, with the strategy

“Coordination strategy” refers to a battle, two or more combat forms of mutual cooperation, mutual coordination strategy. On the basis of Mao Zedong ‘s guerrilla war ideas, summed up the experience of the Vietnam War, and fully considered the characteristics of the Korean Peninsula after the so – called “main tactics. The core of the war is in the large-scale regular warfare and guerrilla warfare, large forces and small forces with the launch of various forms of attack operations, such a battlefield will be no front and rear, making the other completely into a state of chaos.

In order to implement the war, North Korea has established the world’s largest special forces, and has AN-2 machine, hovercraft, submarines and other sea, air penetration means. In addition, the North Korean Navy, the Air Force also set up a sniper brigade, taking into account the characteristics of different services, and constantly strengthen the combat capability building. North Korea may take the type of war with a combination of regular warfare and guerrilla warfare, cooperation between large forces and small forces, cooperation between different services (land and sea air force), between different arms (arms), military and people force (Military and folk resources) and so on.

3, quick fix strategy

In the traditional military strategy theory, quick fix strategy has been highly valued by all parties. Quick tactical strategy is to focus on superior forces, each break the other main force, in a short time, with rapid tactical victory, the end of the war strategy. To this end, North Korea attaches great importance to the rapid development strategy, from the 20th century, 80 years, North Korea focused on the construction of armored forces, mechanized forces. In order to achieve the speed of war, North Korea’s military structure is also fully highlighted the rapid response, flexible and flexible features. The main combat forces of the warlords are tanks, armored vehicles, fighters, standing forces, compared with South Korea, in addition to armored vehicles, the DPRK in the number of obvious dominant. Therefore, if the DPRK launched a speed war on South Korea, then within a few days, the Korean army may sweep the whole of South Korea, and block the US military reinforcements involved.

Third, the evaluation of Kim Il Sung’s military strategy

Kim Il Sung’s military strategy is to sum up Kim Il Sung’s experience of military struggle in China and the former Soviet Union, taking into account the terrain characteristics of the Korean Peninsula and the gradual formation of local warfare. It can be said that Kim Il Sung’s military strategy is offensive offensive strategy. It is particularly worth emphasizing that the use of conventional combat power to occupy the number of advantages, the attack on South Korea launched a surprise attack, and then master the war dominance, and in the external reinforcements arrived in the Korean Peninsula before the end of the war speed strategy is Kim Il Sung’s military strategy core.

At present, the local war style is changing from long-term war, war of attrition, ground warfare to ground combat, maritime combat, air combat, space operations, network operations and other integrated all-round, multi-level modern three-dimensional operations. In addition, with the development of science and technology, the destruction of weapons and equipment, remote precision strike capability increased significantly, making the war style is developing into a rapid focus on precision strike style. In the past, the focus of the war was to use conventional military forces to win the victory of war and compete for the dominance of war. The focus of modern warfare is based on cutting-edge weapons and equipment system, to achieve the battlefield digital, efficient play the overall effectiveness of combat effectiveness. However, Kim Il Sung’s military strategy only embodies the conventional combat power of the implementation of the war, North Korea’s nuclear and missile areas are not included. Obviously, Kim Il Sung’s military strategy is very obvious, can not adapt to the needs of modern warfare. The army is an effective means for the DPRK to maintain its regime and to combat the threat of the system. Therefore, in order to give full play to the role of the military, Kim had to put forward a new military strategic concept.

The third part of the military era of military strategy and military strength construction

First, the military strategy

Kim Jong-il pointed out that the modern war was a new form of war, characterized by a highly expanded three-dimensional warfare, information warfare (reconnaissance, electronic warfare, cyber warfare, psychological warfare) Non-symmetrical warfare, non-contact warfare, precision strike, short time war decisive battle. In addition, Kim Jong Il also stressed that to do a good job in preparing for the new battle. It can be seen that Kim Jong-il has fully recognized that the modern war style is subject to qualitative changes, and that continue to use the existing conventional war tactics, can not guarantee the victory of future war. Therefore, in full consideration of the modern war style at the same time, in order to develop can cope with the United States and South Korea joint military forces, Kim Jong Il conceived the “large-scale destruction strategy”, “quick decision strategy”, “network strategy.”

(A), large-scale destruction strategy

Large-scale destruction strategy is to bring a huge destructive strategy to each other, is a “serious retaliation strategy” of a. To achieve a large-scale destruction strategy, need to have beyond the other side of the military power or have to give each other a decisive loss of military means. North Korea for large-scale destruction of the strategic forces, including nuclear weapons, including weapons of mass destruction and artillery units.

The massive destruction strategy is a strategy developed by the DPRK in order to protect the “victorious” battle of victory. In 1994, the DPRK was facing a major crisis because of the US threat to military attacks on North Korea’s nuclear facilities. It can be said that the emergence of this crisis directly promoted Kim Jong Il from the containment level to develop large-scale destruction of the military strategy.

The massive destruction strategy is the most representative strategy adopted by countries with nuclear weapons. In order to make up for the “blockade strategy” deficiencies, the former US President Eisenhower has proposed a “large-scale revenge strategy.” The United States, on the basis of its absolute nuclear superiority, pursued a large-scale retaliation strategy, reduced defense spending and established military hegemony in the international community. Former Soviet leader Khrushchev argues that the Soviet Union had failed in the “Cuban Missile Crisis” in 1962, mainly because the Soviet Union was at a disadvantage in terms of nuclear warfare compared with the United States. Therefore, Khrushchev actively promote nuclear weapons as the main force of large-scale retaliation strategy, trying to have the military strength with the United States. In 1964, China’s first atomic bomb after the success of China’s international influence, political status has been significantly improved. It can be said that through the nuclear development, to take a deterrent revenge strategy, China protects the security of its own country and establishes the status of the Asian military power based on it.

As mentioned above, countries with nuclear weapons, as a military power, can occupy a dominant position in the international community. Not only that, but also nuclear weapons as a primary means to promote large-scale retaliation strategy, in order to ensure their own national security. Therefore, the DPRK may be through the possession of nuclear weapons to promote large-scale destruction strategy. In other words, large-scale destruction strategy can not only make North Korea effective response to a variety of external threats, but also in the “something” to ensure that North Korea to win. 6.25 After the war, North Korea and the United States has maintained a truce. In recent years, the DPRK-US relations, due to nuclear problems, human rights issues, counterfeiting problems and other contradictions, the contest continued. In this context, the DPRK that at any time possible with the United States outbreak of war. Therefore, the DPRK’s massive destruction strategy is likely to play an important role in the future DPRK-US relations.

In 2006, the DPRK Labor Party Propaganda Department Deputy Minister has said that once the war broke out, the whole of Seoul will be 30 minutes into a flames, 100,000 US troops, 70% of South Korean residents face death, South Korea’s economic 90% Above into ashes. July 24, 2010, the DPRK National Defense Commission has also issued a threat that will be necessary when the start of nuclear-based North Korean retaliation “jihad”. This means that “something” when North Korea will use weapons of mass destruction to launch attacks.

(2) quick fix strategy

Kim Jong Il’s “quick fix strategy” is in the external forces reinforce the Korean Peninsula before the end of the war strategy, is Kim Il Sung’s strategy of succession, continuation and development. The Gulf War, the war in Afghanistan, the war in Iraq, the “quick fix strategy” has been widely used. Obviously, through the “quick fix strategy”, you can focus on attack and destroy hostile country command facilities and the main force, to master the war dominance, and in a very short time to end the war victory. The reason why North Korea will use quick fix strategy, the main reasons are as follows:

1, North Korea has a considerable scale can start the speed of combat forces

North Korea’s armored forces and mechanized forces with a high degree of mobility, can give each other a strong impact and deterrence, artillery forces can focus on the enemy’s core targets, can cause great losses and damage to each other. North Korea’s main battle of the speed of war – armored forces is 1.7 times the Han Jun, artillery units are Han Jun 2.5 times.

2, North Korea’s military system as a whole is conducive to maneuver

Despite North Korea’s economic difficulties, North Korea has been building military power. In recent years, not only the strength of military forces and equipment continued to increase, the army structure adaptation, also pay great attention to the construction of mobile combat capability. According to South Korea’s defense paper published in 2010, in order to improve the combat effectiveness of the troops, the DPRK reorganized part of the army, the two mechanized army reorganized as mechanized division, a tank army reorganized as armored division, an artillery army reorganized as artillery division. In addition, the DPRK has also strengthened the front forces of firepower building capacity. These changes in the Korean army provide a reliable guarantee for its speed warfare.

3, the Korean army most of the combat effectiveness deployed in the front area

North Korea has deployed more than 10 troops and more than 60 divisions / brigades in Pyongyang – south of Wonsan Line, accounting for about 70% of the overall combat effectiveness of the Korean army. In this way, as long as the North Korean leadership determined, then the North Korean troops do not have to re-adjust the deployment, you can always put into the South invasion. In November 2009, after the third naval battle in the Western Seas (Korean Peninsula), the Korean army deployed a 240-mm rocket launcher on its west coast, posing a direct threat to the South West and the capitals. It can be said that North Korea in front of the deployment of a large number of troops in order to focus on the early war to launch attacks, through the speed of war hit the Korean army.

North Korea stressed that with the traditional war style changes, non-linear combat, non-contact operations and other new combat methods are emerging, modern war may be in front and rear at the same time start. This means that the DPRK regular forces in front of a positive attack at the same time, the Korean special forces may be to the south of the region to launch interference operations. Undeniably, the battlefield before and after the start at the same time, the war will be quick to play a decisive role.

4, network strategy

Network attack refers to the use of computer networks exist loopholes and security flaws, the enemy military, administrative, personnel and other major systems and resources to attack, usually also known as “no gunfire.” With the rapid development of computer technology and the concept of network-centric warfare, the center of modern warfare is moving from the traditional combat platform to the network. From recent years, the local war style can also be seen, network combat is as one of the main forms of war, played a very important role.

In 2009, Kim Jong Il held a speech at the senior parliamentary conference of the Korean army that the war of the twentieth century was a war of oil and shells, and that war in the twenty-first century was an information war. It can also be seen that North Korea attaches great importance to cyber warfare.

There are two main ways to network attacks. The first for the illegal invasion of each other’s information systems, steal the system confidential information, damage to the target system data. The second is not invade the other side of the information system, the external destruction of the other information system, so that its function can not play a role.

From the 90s of the 20th century, North Korea in Pyongyang command automation university, computer technology university, Jinze Industrial University, and so vigorously cultivate professional network warfare talent. Pyongyang command automation university under the People’s Army General Staff, is North Korea’s most representative network warfare personnel training institutions, each year for the army to train more than 100 computer professional and technical personnel. It is speculated that the Korean army has a professional hacker scale of 500 to 600.

The military strategy of the United States, South Korea and other developed countries is heavily dependent on the computer network. If North Korea launched a network attack, it is easy to lead to South Korea’s network system confusion, affecting the transmission and sharing of information. At the crucial moment, and even may paralyze the entire network, so that South Korea missed the opportunity to deal with, so as to bring a fatal blow to South Korea. Before the outbreak of the war, the DPRK may attack the government of the Korean government at home or abroad through hacking. During the war, the DPRK may also interfere with the destruction of Han Jun’s computer network, leading to the entire computer network data transmission interruption and system paralysis.

North Korea’s network strategy will also have a positive impact on the psychological warfare. With regard to the war in Iraq, the DPRK believes that the US imperialists have been able to win in the war in Iraq, not so much the role of high-tech weapons, as it is the psychological warfare in the role, and from the ideological collapse of Iraq results. It can be seen that North Korea attaches great importance to the psychological warfare, and that in the future war conditions, the psychological war will run through the whole process of war. North Korea through the network to carry out the psychological warfare style mainly includes: in hostile countries or support the national network spread to the DPRK is conducive to the spread of information and gossip, and even false information (bacterial warfare, chemical warfare, the use of nuclear weapons, large casualties) Thus bringing panic to the public in hostile countries and weakening the will of the hostile countries. For the support of the country, through the efforts to create anti-war public opinion, forcing the support of the state to stop the reinforcements, and the early withdrawal of troops have been invested.

Figure 2: Military strategy of the army.

2
Figure 2: Military strategy of the army. [Save to album]

The main feature of the military strategy of the army is based on Kim Il Sung’s aggressive strategy, in order to maintain the regime, increase the content of the protective strategy. In other words, Kim Jong Il through the army to establish a military strategy, will be his successor Kim Jong-un faithfully inheritance, continuation and carry forward.

Although Kim Il Sung’s military strategy – pre-emptive attack strategy, with the strategy, quick fix strategy is based on conventional combat power to develop, but taking into account the status of North Korea’s weapons and equipment system and changes in modern war style, these military strategy will Will continue to continue. Based on the pre-emptive strike strategy, most of the troops of the Korean army are deployed in the front area. This will reduce the time required for the deployment, movement and take-over of the troops, thereby increasing the mobility of the force. Based on the strategy of cooperation, we can realize the effective cooperation between the Korean troops and the regular combat forces. This can improve operational effectiveness, weaken the other side of the military power, and then achieve the purpose of quick fix.

Second, the military characteristics of the military strategy: the pursuit of military adventurism

After the death of Kim Il Sung, North Korea’s biggest change in the military field is that North Korea has carried out nuclear development. North Korea, despite the strong opposition from the international community, is still engaged in nuclear development, its purpose is to the United States, the relationship between Korea, through the pursuit of military adventurism to take the initiative.

In December 2010, the Democratic People’s Armed Forces Minister Kim Yong-chun pointed out that the Korean Revolutionary Armed Forces had been prepared to launch the “nuclear-based jihad-based jihad” when necessary. North Korea’s revolutionary armed forces not only to resist aggression, but also sweep the enemy base camp, to eliminate the root causes of war, and then realize the reunification of the motherland history. In addition, the DPRK in 2009 set up a new reconnaissance General Administration, to further strengthen the role of external intelligence departments and functions. As can be seen from these initiatives in the DPRK, North Korea is strengthening military adventurism on the Korean Peninsula, based on the evolving military power.

North Korea’s pursuit of military adventurism, mainly for the following reasons: First, the historical experience to tell North Korea, the pursuit of military adventurism is very necessary. North Korea believes that the late 20th century, the late 60s to capture the US armed spy ship “Pueblo” incident and shot down the US EC-121 reconnaissance plane incident, North Korea and the United States confrontation made a major victory. Therefore, it can be said that these two events have become North Korea continue to promote the main cause of military adventurism. Second, trying to urge the international community to recognize North Korea as a military power. The DPRK believes that public military demonstrations or military provocation can be carried out to demonstrate to the international community its military power. In other words, North Korea in advocates, have a strong military strength in order to attract people’s attention, building a strong army is the power of the country. Thirdly, a powerful army can be used as an effective means of strengthening internal unity within its system. North Korea believes that a military provocation in the vicinity of the northern limit line or the armistice can create a military crisis within the DPRK, and this sense of crisis can effectively enhance unity within North Korea.

In the following circumstances, North Korea is likely to take military adventurism action: First, the North-South exchange is interrupted, further escalation of military tensions. Second, the DPRK nuclear issue has not progressed, the DPRK-US relations have stalled and the relationship has deteriorated seriously. Third, Kim Jong-un system is unstable. Military adventurist actions include: the implementation of nuclear tests, the launch of long-range missiles, in the West Sea (South Korea’s western waters) and near the stop line to launch local provocation. North Korea believes that through these provocative activities, can enhance the unity of the people, consolidate and improve the Kim Jong-un system.

Third, the military strength of the military construction

(A) to maintain the military superiority of South Korea

Although North Korea is facing serious economic difficulties, it is still actively promoting the modernization of weapons and equipment, vigorously developing nuclear weapons, chemical weapons, missiles and other weapons of mass destruction, and strive to build a strategic weapon system, and promote a strong military power based on the construction of a strong power. Into 2000, North Korea not only to strengthen the standing forces, artillery units, armored forces, special operations forces have also been rapid development. According to South Korea’s 2010 Defense White Paper, compared with 2008, North Korea ground forces added four divisions and one motor brigade, an increase of more than 200 tanks.

Table 1: Comparison of North and South Military Forces.

1
Table 1: Comparison of North and South Military Forces. [Save to album]

* In order to facilitate the comparison of military forces between the North and the South, the Marine Corps equipment into the Army troops equipment project was calculated.

Source: Defense Department, Defense White Paper 2010 (Seoul: Republic of Korea Ministry of Defense, 2010) p.271.

North Korea believes that as long as the US military to withdraw from the Korean Peninsula, South Korea to maintain military superiority in the case, the DPRK can achieve the “unity of the South.” There is no doubt that North Korea has strengthened its military power and provided a reliable guarantee for its large-scale destruction and speed warfare. In addition, the DPRK also believes that the collapse of the former Soviet Union and China’s reform and opening up, resulting in North Korea’s back-up forces weakened. Based on this judgment, the DPRK began to strengthen the military building for the South Triangular Military Relations (Korea, the United States and Japan) to enhance its autonomous military response capability.

(B) to strengthen the containment strategy

1, nuclear development

North Korea received 10 kilograms to 15 kilograms of plutonium from the start of the 5 MWe nuclear reactor in Ningxia before the International Atomic Energy Agency (IAEA) verification in June 1992. According to the analysis, North Korea has been using these plutonium to promote nuclear weapons research and development program. At present, North Korea has about 40 kilograms to 50 kilograms of plutonium, which can produce 6 to 9 nuclear weapons (the manufacture of a nuclear weapon requires 6 kg to 8 kg of plutonium). In addition, North Korea’s uranium (for the manufacture of atomic reactor nuclear fuel) reserves are very rich, the total burial of about 26 million tons, of which the amount of 4 million tons.

With regard to North Korea’s nuclear capabilities, the former head of the US National Nuclear Institute, Dr. Heck, wrote in the article “North Korea’s Lessons Learned in the Core Crisis” that North Korea has nuclear weapons manufacturing that is as powerful as the United States in Nagasaki, Japan ability. From the current situation, the DPRK is likely to have 4-8 pieces of primary nuclear weapons. On April 9, 2010, US Secretary of State Hillary Clinton said in a speech titled “Nuclear Nonproliferation” at the University of Louisville, Kentucky, that North Korea has six thousand nuclear weapons. This is the first time that US government officials have formally addressed the number of nuclear weapons owned by the DPRK in public. In March 2010, when he participated in political studies, political instructors pointed out that “North Korea is a country with nuclear weapons, although the United States is the world,” the Korean People’s Army in South Korea, in March 2010, Power, but not provoke North Korea, entirely because North Korea has nuclear weapons. ”

Therefore, North Korea can be considered independent of nuclear weapons manufacturing capacity, with the number of nuclear weapons for the 1-8. But so far, it is not clear to the extent to which the DPRK will carry nuclear weapons on its missiles to launch nuclear weapons technology to what extent.

On the issue of highly enriched uranium (HEU), on September 3, 2009, the former representative of the DPRK in the United States, Park Ji-yuan, pointed out that North Korea has successfully pilot uranium enrichment, the test has entered the final stage. If uranium enrichment is successful, it means that it can be produced with less, continuous mass production, and is not easily perceived by the outside world. The use of uranium in comparison with the way in which plutonium is used to make nuclear weapons is relatively simple and easy to achieve the miniaturization of nuclear weapons. In order to be able to carry nuclear weapons on field artillery or short-range missiles as tactical nuclear weapons to use, many nuclear-owned countries often choose to use uranium to create nuclear weapons. Compared with the development of conventional combat power, the development of nuclear weapons investment costs less, and can effectively compensate for the military power of the disadvantages. Therefore, the more weak national defense forces, in order to have the means to contain the war, with the military to carry out military confrontation, the more vigorously develop nuclear weapons.

It is not difficult to predict that North Korea will strive to improve its ability to strike short-range military targets by developing small-scale nuclear weapons. Han Peninsula battlefield lack of depth, so in the Korean Peninsula battlefield environment, compared with the long-range nuclear weapons, can be close combat tactical nuclear weapons can play a full role. In addition, the DPRK will also build a large-scale nuclear weapons production system, trying to establish its military power status.

2, chemical and biological weapons

From the 20th century, 80 years, the DPRK independent production of gas bombs and bacteriological weapons, with a certain degree of chemical and biological weapons attack capability. Since the 1990s, the DPRK has started to develop, produce and stockpile the chemical and biological (radioactive) weapons and materials, and has the capability of biochemical radiative warfare. At present, North Korea will 2,500 tons to 5,000 tons of chemical agents dispersed in six storage facilities, chemical weapons, the average annual production capacity of 4,500 tons. In addition, North Korea can also cultivate and produce 13 kinds of biological weapons such as anthrax, smallpox, cholera, typhoid, plague and so on. It is reported that these biological weapons training about 10 days, you can directly put into use.

North Korea’s biochemical weapons will use artillery, missiles, aircraft and other delivery tools. At the beginning of the war, the DPRK is likely to focus on the use of chemical weapons in the area, in order to destroy Han Jun’s defensive positions, to create favorable conditions for its attack. North Korea is also likely to use chemical and biological weapons to South Korea’s capitals, large cities and other densely populated areas to launch indiscriminate attacks, by triggering public panic to interfere with military operations.

3, missile development

In 1985, the DPRK experimented with an improved Scud-B missile with a range of 320 km to 340 km. In 1989, the Scout-500 missile with a range of 500 km was tested. In May 1993, the shooting range was 1,300 km Of the missile No. 1, in August 1998, a test of a 1,600 km to 2,500 km Dapu dong 1 missile, in July 2006 and April 2009 test of the intercontinental ballistic missile (ICBM) level of the Taipu hole 2 Missiles.

In 2004, North Korea successfully developed a range of 120 km KN-02-type short-range missiles, and carried out a combat deployment. In 2007, North Korea also deployed a medium-range ballistic missile (IRBM) with a range of more than 3,000 km using a mobile launcher. In 2010, the DPRK created a “new IRBM division”, the division under the People’s Army General Staff Missile Guidance Bureau. The reason why North Korea continues to develop a range of 3,000 km or more medium-range missiles, is to “something” to fight against the Korean Peninsula reinforcements, to prevent the US military and the Pacific region in the external combat power to the Korean Peninsula. Although the Korean missile range has increased significantly, but the accuracy is not high. As a result, the DPRK had to increase the number of missiles in order to strike the target effectively.

Table 2: North Korean missile development status quo.

1
Table 2: North Korean missile development status quo. [Save to album]

Source: Ministry of Defense, “Encyclopedia of weapons of mass destruction” (Seoul: Ministry of Defense, 2004), p.35; reference to “Defense White Paper 2010”.

North Korea’s ballistic missiles, not only able to attack South Korea, Japan, and even the United States are under its threat. North Korea in accelerating the development of the missile at the same time, but also actively promote nuclear development, which has aroused great concern of the international community. Because the DPRK once the ability to carry nuclear weapons on the missile, the threat range and destructive power will be greatly increased. In other words, if North Korea to achieve the miniaturization of nuclear weapons, that is, to create a nuclear weapons below 1 ton, it means that North Korea can be equipped with nuclear weapons in the use of ballistic missiles.

North Korea’s missile production capacity in the former Soviet Union and China’s technical guidance, through independent research and development has reached a considerable level. It is widely believed that North Korea’s missile manufacturing capacity ranks sixth in the world.

(C) to enhance the speed of quick fix

North Korea from the 20th century, 80 years, in order to implement the speed war, focus on strengthening the armored forces, mechanized troops. The late 1980s, the DPRK began to produce the former Soviet Union T-62 tank imitation – “Tianma” tank, this tank in the water depth of 5.5 meters can also successfully wading river. In addition, the DPRK also introduced, produced, deployed a 23 mm air gun. In 2009, North Korea successfully developed “Tianma” tank improved – “storm” tank, and the actual deployment of two “storm” tank brigade. The reason why North Korea attaches importance to the construction of mechanized forces, mainly in order to use the mechanized forces of the motor power and the impact of the speed of war. Over the past decade, North Korea has increased the deployment of more than 2,000 rockets (more than 3,100 doors to more than 5,100 doors) and more than 300 long-range artillery deployments in the vicinity of the Armed Forces (DME). The reason why the DPRK forward deployment of rockets and long-range artillery, is to the beginning of the war on the South Korean capital to focus on the fight.

The North Korean Navy is equipped with more than 810 ships, including combat ships, submarines, support ships and so on. Among them, about 60% of the ships deployed in front of the base. There are more than 290 ships, such as the ship’s combat ship, the missile boat, the torpedo boat, the fire support boat and so on. The support ship has more than 290 ships such as landing craft and hovercraft. The submarine has more than 70 vessels such as Romeo class submarine, shark class submarine and south class submarine The

With the technical support of Russia, the Korean Air Force assembled the MIG-29 fighter from the early 1990s. Since 1999, North Korea has introduced more than 40 MIG-21s from Kazakhstan. In addition, the DPRK has also introduced a new MI-8 helicopter from Russia. Including the main models MIG-19/21, IL-28, SU-7/25 and other 470 aircraft, including the Korean Air Force has a total of 1,650 aircraft.

Into 2000, the DPRK created a light infantry division, light infantry division under the front army. In addition, the former division of the light infantry brigade expansion for the light infantry regiment. In this way, the strength of the special forces of the DPRK significantly enhanced, the number of more than 20 million. The reason why North Korea strengthened the construction of special forces was to make a decision after taking full account of the reality of the Korean-American Joint Forces and the lessons learned from the war in Iraq. Most of the Korean special forces were deployed in Pyongyang and south of the mountain, so they could be used immediately in the early stages of the war. In order to train officers and men of the special combat capability, the DPRK in the division, military forces set up a special combat training ground. According to the Korean Peninsula combat environment continue to strengthen the night war, mountain warfare, street fighting and other special subjects training, making the troops of the special combat capability has been significantly improved. It is not difficult to predict that in the early days of the war, the DPRK will be through the tunnel, air, sea and other infiltration, the special forces focused on the rear area of ​​Korea. In this way, through the active match, the war developed into a speed war.

North Korean troops to the front of the troops as the center, to strengthen the ground forces fire configuration. In addition, special forces are created or expanded. Through these efforts, the army’s first echelon of combat power can be greatly enhanced. This laid the groundwork for the Korean army to focus on the fighting in the early stages of the war.

After the death of Kim Il Sung, the DPRK in the development of nuclear weapons, missiles and other strategic weapons at the same time, the number and level of conventional combat power has also improved. It is widely believed that North Korea’s military power has grown rapidly. The DPRK has provided the necessary military capabilities and means to realize its military strategy by vigorously strengthening the quantity and quality of military forces.

The fourth part of the DPRK military action outlook

First, the Korean crisis situation evaluation

In the late 1980s and early 1990s, the socialist countries of Eastern Europe changed drastically. Today, the democratization of anti-dictatorship is spreading and spreading. In this complex international environment, has always been to maintain the dictatorship of the DPRK unprecedented unprecedented difficulties and pressure. The collapse of the former Soviet Union and China’s reform and opening up began to let North Korea doubt its powerful host country. 2011 in Egypt and Libya and other Middle East jasmine revolution occurred, so that North Korea’s sense of crisis further aggravated. At present, North Korea is building the hereditary system of the Jinjia dynasty, but also faces a series of internal and external crises.

Table 3: North Korea may face the crisis index may occur.
Table 3: North Korea may face the crisis index may occur. [Save to album]

From the perspective of the internal crisis of the DPRK, as long as the Kim Jong-un regime is unstable, then around the control of the regime, at any time there may be internal fighting. In addition, economic difficulties, food shortages and other issues may also lead to the discontent of the DPRK residents, leading to distraught inside the DPRK, social unrest.

From the DPRK’s external crisis level, the DPRK nuclear crisis worsened, the international community to increase sanctions against North Korea, will inevitably lead to North Korea’s economy is facing more serious difficulties. North Korea’s military provocation to South Korea has led to further tension in North-South relations, disruption of North-South exchanges and the possible occurrence of new North-South military conflicts. In addition, the communist circle, the collapse of long-term dictatorship, etc., at any time may spread to North Korea, and affect the stability of the Korean system.

When North Korea faces a crisis index, North Korea is more likely to take military action in order to maintain its institutional security. On the other hand, when North Korea faces a relatively low crisis index, North Korea is more likely to focus on strengthening its internal solidarity than military action. In other words, when the internal and external crisis is serious, North Korea will be through military action to strengthen internal control, to resist external threats and pressures, and strive to maintain its political stability. When the internal and external crises are moderate, North Korea will put the army into economic activity in order to get rid of serious economic difficulties. When the external crisis is serious, but the internal crisis is moderate, North Korea will take concrete military action to deal with external threats, and thus strengthen internal solidarity. When the external crisis is eased and the internal crisis is serious, the DPRK will use the army to strengthen its control over the population and ensure its stability.

Second, the military action outlook

If the DPRK launched a military provocation based on weapons of mass destruction, the DPRK’s crisis index would determine North Korea’s military operations. North Korea may take the military action can be divided into four types.

Figure 3: Military operations in North Korea in different crisis situations.

1
Figure 3: Military operations in North Korea in different crisis situations. [Save to album]

In the “situation I”, the DPRK will launch a comprehensive war. In this situation, the DPRK’s internal and external environment is extremely bad, in addition to launching a comprehensive war, there is no other way to choose. In other words, because of the issue of power inheritance, food problems, North Korea into a serious chaos, the North Korean system is facing a crisis of collapse. In addition, the DPRK-US relations are stalled by the DPRK nuclear issue, and there is no room for maneuver. In this case, the DPRK is likely to choose a comprehensive war that extreme behavior. At this time, North Korea will use strategic weapons – nuclear weapons and missiles threat to South Korea and the United States, and the use of conventional combat power to South Korea launched a large-scale destruction war and speed war. For North Korea, it is necessary to have a prerequisite for launching a comprehensive war, that is, the need for pre-approval and active assistance from China and Russia.

In the “situation II”, the DPRK will launch a local provocation to South Korea. In this situation, North Korea, although facing external and internal crises, but the external crisis is not very serious. In other words, although the DPRK faces external pressures due to nuclear problems, but this external crisis has not intensified. From the internal situation of the DPRK, the DPRK residents due to food difficulties and other issues, dissatisfaction. The whole regime was controlled by Kim Jong-un, but there was a trace of power struggle. At that time, the DPRK launched a military provocation in the area of ​​the Armistice Line and the North Boundary Line (NLL), attempting to divert domestic contradictions, strengthen internal solidarity and further consolidate the Kim Jong-un system. 2010 “Cheonan ship incident” and “Yin Ping Island shelling incident”, is two typical examples. At that time, Kim Jong Il in order to establish its power inheritance system, launched a military provocation to South Korea.

Under “situation III”, the DPRK will take measures to ease military tension. In this situation, both the external crisis, or the internal crisis is not serious, tensions tend to ease. In other words, speaking abroad, the DPRK nuclear issue is moving in the direction of favoring the DPRK, and the economic problem has been solved to a certain extent. On the inside, Kim Jong-un system has been established and consolidated, political stability in North Korea, social stability, there is no power struggle. At this time, North Korea will promote similar to China’s reform and opening up the line, while taking measures to reduce armaments and other positive measures to establish a new relationship between Korea and the United States.

Under “condition IV”, the DPRK will carry out military force demonstrations. In this situation, North Korea’s external crisis is serious, and the internal crisis is not obvious. In other words, despite the existence of food problems within North Korea, but its internal control is very successful. To the outside world, the international community has intensified its pressure on the DPRK due to the nuclear issue, the export of illegal arms and human rights. The DPRK’s friendly forces – China and Russia, have stopped their support for North Korea or taken careless measures. Will be through nuclear tests and missile test to seek foreign political consultation approach. In addition, in order to highlight the role of Kim Jong-un, internal and external display of strong achievements in the construction of a strong country, North Korea may also continue to carry out nuclear tests or missile test activities.

From the above four conditions, the most likely to happen is the “situation II”, that is, North Korea launched a local provocation. At present, North-South relations are stalled. After the death of Kim Jong Il, Kim Jong-un system is full of instability and uncertainty. In order to alleviate the internal contradictions, North Korea is likely to launch a provocation to South Korea. In particular, if there is a power struggle within North Korea or the Kim Jong-un system is provocative or shocked, Kim Jong-un is likely to launch a provocative activity against South Korea in order to demonstrate his strong leadership while eradicating opposition. North Korea may choose to provoke the main way: the peninsula in the western waters or eastern waters using submarines to attack; occupation or shelling the West Sea (South Korea Sea) five islands; in the armistice zone manufacturing military conflict; the implementation of terrorist activities to create chaos in South Korea society Wait.

The most unlikely is “situation I”, that is, North Korea launched a comprehensive war. North Korea is very clear to launch a comprehensive war, means that joint efforts with the ROK and the United States to combat. Obviously, the level of combat effectiveness of the Korean army compared with the United States and South Korea, compared with the absolute disadvantage. Therefore, if the DPRK wants to launch a comprehensive war, is bound to need China and Russia’s full support and help. However, from the reality of the situation, Russia and China will not easily intervene in the Korean Peninsula war. After the disintegration of the former Soviet Union, the Russian national power injury, has not recovered. Therefore, it is difficult for Russia to carry out effective assistance to the DPRK. Although China stressed that North Korea and China are close neighbors, but China is unswervingly promoting reform and opening up, and actively promote economic growth. In this context, China is clearly reluctant to oppose the United States, involved in the Korean Peninsula war, destroy the hard-won peace and stability of the development environment.

Part 5 concluding remarks

Kim Jong Il regime in order to maintain the advantages of the military field of Korea, focusing on the development of nuclear weapons, missiles and other asymmetric combat capability. It can be said that the construction of military forces in North Korea fully embodies the large-scale destruction strategy, quick fix strategy, network strategy.

The “mass destruction strategy” is a strategy established to ensure that “something” is victorious. In 1994, the United States threatened to bomb North Korea’s nuclear facilities. This crisis has prompted the DPRK to establish a “mass destruction strategy” from the containment level has played a decisive role. “Quick war strategy” is based on Kim Il Sung’s military strategy established, the North Korean aviation forces, armored forces, mechanized forces, etc. will play a full role in the speed of war, the military structure is also around the military is conducive to maneuver And the preparation of the. Taking into account these factors, the DPRK will continue to maintain a quick strategy in the future for a long time. “Network strategy” is also the DPRK may adopt the military strategy. At present, North Korea has a considerable number of professional hackers, coupled with the United States, South Korea and other developed countries, military strategy is heavily dependent on computer networks. If North Korea’s “network strategy” can play a role, will directly affect the Korean-American joint forces to play.

The military strategy of the army is based on the military strategy of Kim Il Sung’s offensive concept, adding the military strategy of Kim Jong Il’s defense concept. That is, the military strategy of the army is Kim Jong-il in order to maintain its political stability and socialist system security made a specific choice. Kim Jong-il has repeatedly stressed that the modern war is a new form of war, which is characterized by a highly expanded three-dimensional warfare, information warfare, asymmetric warfare, non-contact warfare, precision combat, short time and decisive battle, and asked the troops to adapt Modern warfare ready to fight. It can be seen that Kim Jong-il has recognized the need to change the conventional tactics of the past and argues that it is possible to win in the future war only if he has adopted a new tactic that can deal with modern warfare. Therefore, it can be said that the DPRK’s military strategy fully reflects the Kim Jong-il military ideology of the war to carry out the method.

From the DPRK’s military strategic changes and the direction of the development of military forces, the DPRK’s most likely future military action is to launch a local provocation to South Korea. In the case of the instability of the Kim Jung-en regime and the stalemate in North-South relations, it is possible for the DPRK to launch local provocations in the vicinity of the Western Seas (South Korea’s western waters) or near the armistice, as well as possible long-range missile tests, nuclear tests, etc. To seek institutional security. Through these military and military actions, the DPRK tried to divert internal contradictions, strengthen internal solidarity and consolidate the regime. As South Korea, in the face of various threats and complex situations, the need to develop a specific, effective and practical response to the program.

Original Mandarin Chinese:

第一部分 前 言

20世纪八十年代末90年代初,东欧剧变,苏联解体,社会主义阵营遭受巨大挫折。20世纪90年代中期,朝鲜经济突然陷入衰退。1994年7月,金日成逝世。当时,人们普遍认为朝鲜面临着严重危机,对朝鲜发展前景颇为堪忧。尽管如此,朝鲜经历了三年“苦难的行军”,并继续进行导弹试射与核试验等活动,不断强化其军事力量。

进入2000年后,朝鲜先后挑起了第2次、第3次西海交战,进行了两次核试验,并实施了数次导弹试射。2010年,朝鲜又在西海(韩半岛西部海域)制造了“天安舰事件”和“延坪岛炮击事件”。朝鲜的这些军事挑衅行动,不但给韩国,还给周边国家带来不安,同时也给东北亚的安全形势带来了很大的变数,并成为引发地区军备竞争的重要因素。

1998年9月,金正日在其政权出台之际,高举建设“强盛大国”的旗帜,提出了新的政治口号-“先军政治”。至2011年12月17日金正日去世为止,他对朝鲜进行了长达17年的强权统治。金正日提出的“先军政治”是指一切以军事工作为先,一切以军事工作为重,在军事先行的原则下,解决革命和国家建设中的所有问题,把人民军队作为革命的栋梁,推进整个社会主义伟业的政治方式 。可以说,先军政治是金正日式的政治方式。其核心内容为,在金正日的领导下,朝鲜的军队积极应对经济困难、社会问题和安全危机,努力维护朝鲜式社会主义体制。“先军军事战略”是朝鲜为了让“先军政治”植根于朝鲜社会,一切以优先发展国防力量为目的,一切以优先保障国防建设为目的的金正日式的军事力量运用方法。

本文针对金日成去世后,金正日体制下的朝鲜军事战略发展变化情况展开研究,特别是将朝鲜不顾国际社会的强烈反对,依然进行核开发并拥有一定的核武器后的战略变化作为研究的重点。

第二部分 朝鲜军事战略

一、朝鲜军事战略的形成背景

朝鲜的军事战略是在金日成的军事战略思想基础上逐渐形成的。金日成军事战略思想可以说是正规战思想和游击战思想的融合。在中国和前苏联的抗日活动过程中,金日成积累了丰富的实践经验,这些为其军事战略思想的形成奠定了坚实的基础。在这些军事经验的基础上,金日成提出了“主体战法 ”,并强调“主体战法”是朝鲜特有的军事战略。为了充分理解朝鲜的军事战略,研究金日成的军事经历是非常重要的。

1928年,金日成加入中国共产党青年同盟。之后,金日成作为中国共产党的一员,在东满洲、沿海州一带开展了敌后抗日活动。通过小汪清、老黑山、普天堡战斗等游击战,金日成从毛泽东军事思想中汲取了丰富的智慧和营养,逐步认识到渗透战、游击战、夜间战、敌后抗日活动、大部队和小部队间配合战术的重要性。金日成当时领导的敌后抗日活动,主要战斗样式为设伏、突袭等,只是属于战术范畴的游击战。但是,朝鲜将这些游击战样式一味夸大,宣传成大规模的战斗,即革命战争中的典型战例。正因为如此,今天的朝鲜军队依然非常重视游击战 。

20世纪40年代后期,迫于日本关东军的围剿扫荡,金日成不得不逃往前苏联,并被编入苏联红军。当时,金日成通过学习米哈伊尔•尼古拉耶维奇•图哈切夫斯基(1893年-1939年)元帅编写的《工农红军野外条令》,对统合军式的军事组织结构、以机动作战为主的战斗编成、火力为中心的武器装备体系等内容的苏联军队的正规战思想有了一定的认识。金日成在中国及前苏联的军事斗争经历,对于朝鲜发展以数量为主的军事力量,形成实施速度战、突袭战、配合战等的军事战略起到了非常重要的作用。通过韩国战争,朝鲜在其军事战略中增加了歼灭敌有生力量 的包围战,推进政治工作,确保战争物资等内容。通过局部冲突,朝鲜认识至增强配合战执行能力,强化机械化部队及空军力量的必要性。基于上述内容,朝鲜不断对遂行战争的方法加以补充与完善。

图-1:朝鲜军事战略的形成。

2
图-1:朝鲜军事战略的形成。 [保存到相册]

出处:朴容丸,“朝鲜军事战略问题研究”,《朝鲜学研究》第6卷1号(首尔:东国大学,2010), p.123。

二、金日成军事战略

1、先发制人奇袭战略

先发制人奇袭战略是指选择敌人完全无法预料,或者即便可以预料但是也没有时间做出反应的时机、场所和方法,向对方发动攻击的战略。先发制人奇袭战略可以最大限度地发挥突然性,以快速、秘密、伪装等方式进行。通常,实施奇袭作战,可以以最小的代价,获得最大的作战效果 。金日成曾多次强调,要做到奇袭成功,平时必须保持良好的战斗态势。不但如此,作战部队还要真正具备能够完全摧毁对方的作战能力。这意味着先发制人奇袭战略的目的是通过高效、快速的作战行动,在短时间内集中战斗力量,彻底摧毁敌作战力量。

为了实施先发制人的奇袭战,朝鲜将大部分的军事力量部署在前方地区。在部队编制结构上,也突出了快速反应、机动灵活的特点。特别值得一提的是,朝鲜将约70%的军事力量部署在平壤-元山线以南,如果朝鲜做出奇袭战的决定,那么朝鲜军队不用另外进行作战部署,就可以直接对韩国采取军事行动。

2、配合战略

“配合战略”是指在一次战斗中,两个以上的作战形态相互配合、相互协同的战略。配合战是金日成在毛泽东的游击战争思想基础上,总结越南战争的经验教训,并充分考虑韩半岛地形特点后,提出的所谓“主体战法”。配合战的核心是在大规模的正规战与游击战,大部队与小部队配合下,发动多种形式的攻击作战,这样的战场将无前后方可言,使得对方完全陷入混乱状态。

为了实施配合战,朝鲜建立了世界上最大规模的特种部队,并拥有AN-2机、气垫船、潜艇等多种海上、空中渗透手段。另外,朝鲜海军、空军还分别成立了狙击旅,考虑到不同军种的特点,不断加强配合战能力建设。朝鲜可能采取的配合战类型有正规战与游击战的配合,大部队与小部队间的配合,不同军种间的配合(陆海空军),不同兵种间的配合(兵种间),军队与人民武力间的配合(军队和民间资源)等。

3、速战速决战略

在传统的军事战略理论中,速战速决战略一直受到各方面的高度重视。速战速决战略是集中优势兵力,各个击破对方主力部队,在短时间内,以快速的战术取得胜利、结束战局的战略 。为此,朝鲜非常重视速战速决战略的发展,从20世纪80年代起,朝鲜集中力量建设装甲部队、机械化部队。为了实现速度战,朝鲜的部队结构编制也充分突出了快速反应、机动灵活的特点。朝军发动速度战的主要战力有坦克、装甲车、战斗机、常备兵力,与韩国相比,除了装甲车外,朝鲜在数量上明显占据优势。因此,如果朝鲜对韩国发动速度战,那么在数日内,朝鲜军队就可能席卷整个韩国,并阻断美军增援部队的介入。

三、对金日成军事战略的评价

金日成的军事战略是总结金日成在中国及前苏联的军事斗争经验基础上,综合考虑韩半岛的地形特征及局部战争作战样式后逐渐形成的。可以说,金日成的军事战略是攻势的进攻战略。特别值得强调的是,利用占据数量优势的常规战力,对韩国发动突袭攻击,进而掌握战争主导权,并在外部增援兵力抵达韩半岛之前结束战争的速战速决战略是金日成军事战略的核心。

目前,局部战争样式正在由长期战、消耗战、地面战为主转变为地面作战、海上作战、空中作战、太空作战、网络作战等一体化的全方位、多层次现代立体作战。另外,随着科学技术的发展,武器装备的破坏能力、远程精确打击能力大幅提升,使得战争样式正在发展成为快速集中精确打击样式。过去,战争的重点是利用常规军事力量赢得战争的胜利,争夺战争的主导权。而现代战争的重点是基于尖端的武器装备体系,实现战场数字化,高效发挥战斗力的整体效能。但是,金日成时期的军事战略只体现了常规战力的战争执行方式,朝鲜的核及导弹领域未被纳入其中。显然,金日成军事战略的局限性非常明显,无法适应现代战争的需要。军队是朝鲜维持政权,打击体制威胁势力的有效手段。因此,为了充分发挥军队的作用,金正日不得不提出全新的军事战略构想。

第三部分 先军时代的军事战略和军事力量建设

一、先军军事战略

金正日在向人民军下达的《学习提纲》中指出,现代战争是新的形态的战争,其特征为高度扩大的立体战、信息战(侦察战、电子战、网络战、心理战)、非对称战、非接触战、精确打击战、短时间速决战 。此外,金正日还强调,要做好新的战斗准备。从中可以看出,金正日已经充分认识到现代战争样式正在发生质的变化,并认为继续采用现有的常规战战法,无法保证未来战争的胜利。因此,在充分考虑现代战争样式的同时,为了发展可以应对韩美联合战力的军事力量,金正日构想了“大规模破坏战略”、“速战速决战略”、“网络战略”。

(一)、大规模破坏战略

大规模破坏战略是给对方带来巨大破坏力的战略,是“严惩报复战略”的一种。实现大规模破坏战略,需要具备超出对方的军事力量或者是具备能给对方带来决定性损失的军事手段。朝鲜用于大规模破坏战略的战力包括核武器在内的大规模杀伤性武器和炮兵部队。

大规模破坏战略是朝鲜为了保障“有事时”的作战胜利而制定的战略。1994年,朝鲜曾因美国威胁要对朝鲜的核设施进行军事打击而面临重大危机。可以说,这次危机的出现直接推动了金正日从遏制层面上制订大规模破坏的军事战略。

大规模破坏战略是拥有核武器的国家采取的最具代表性的战略。为了弥补“封锁战略”的不足,美国前总统艾森豪威尔曾提出了“大规模报复战略”。美国在拥有绝对核优势的基础上推行大规模报复战略,减少了国防开支,并在国际社会中确立了军事霸权地位。前苏联领导人赫鲁晓夫认为,在1962年的“古巴导弹危机”中,前苏联之所以遭到失败,主要原因是苏联与美国相比在核战力方面处于劣势。因此,赫鲁晓夫积极推进以核武器为主要战力的大规模报复战略,试图拥有与美国对等的军事实力。1964年,中国的第一颗原子弹爆炸成功后,中国的国际影响力、政治地位得到明显提升。可以说,通过核开发,采取遏制的报复战略,中国保护了自己国家的安全,并基于此确立了亚洲军事强国的地位。

如上所述,拥有核武器的国家,作为军事强国,可以在国际社会中占据优势地位。不但如此,还可以将核武器作为主要手段来推进大规模报复战略,以此来保证自己国家的安全。因此,朝鲜有可能会通过拥有核武器来推进大规模破坏战略。也就是说,大规模破坏战略不但可以使朝鲜有效应对各种外部威胁,还可以在“有事时”确保朝鲜取得胜利。6.25战争结束后,朝鲜与美国一直保持着停战状态。近几年,朝美关系因核问题、人权问题、伪钞问题等矛盾迭出、较量不断。在这种背景下,朝鲜认为随时都有可能与美国爆发战争。因此,朝鲜的大规模破坏战略极有可能在未来的朝美关系中发挥重要作用。

2006年,朝鲜劳动党宣传部副部长曾发表谈话称,一旦战争爆发,整个首尔将在30分钟内变成一片火海,10万名美军、70%的南朝鲜居民面临死亡,韩国经济的90%以上化为灰烬 。2010年7月24日,朝鲜国防委员会也曾发出威胁称,将在必要的时候启动基于核遏制力的朝鲜式的报复“圣战”。这意味着,“有事时”朝鲜将会利用大规模杀伤性武器来发动攻击。

(二)速战速决战略

金正日时期的“速战速决战略”是在外部势力增援韩半岛前结束战争的战略,是金日成战略的继承、延续与发展。海湾战争、阿富汗战争、伊拉克战争中,“速战速决战略”曾被广泛使用。很明显,通过“速战速决战略”,可以集中攻击并摧毁敌对国家的指挥设施及主力部队,掌握战争主导权,并在很短时间内胜利结束战争。之所以认为朝鲜将采用速战速决战略,主要理由如下:

1、朝鲜拥有相当规模的可以发动速度战的作战力量

朝鲜的装甲部队和机械化部队具备高度的机动能力,能够给对方造成强烈的冲击力与威慑力,炮兵部队可以集中打击敌核心目标,能够给对方造成极大的损失和破坏。朝鲜速度战的主要战力—装甲部队是韩军的1.7倍,炮兵部队是韩军的2.5倍。

2、朝鲜的部队编制整体上有利于机动作战

尽管朝鲜经济上面临诸多困境,但是朝鲜一直在加强军事力量建设。近年来,不但朝军的兵力规模和装备持续增加,部队结构改编时,也非常注重机动作战能力的建设。据韩国2010年发表的国防白皮书称,为提高部队战斗力,朝鲜整编部分军队,将两个机械化军整编为机械化师,将1个坦克军整编为装甲师,将1个炮兵军整编为炮兵师。此外,朝鲜还加强了前方部队的火力打击能力建设 。朝鲜军队的这些变化,为其实施速度战提供了可靠的保证。

3、朝鲜军队的大部分战斗力部署在前方地区

朝鲜在平壤-元山线以南地区前进部署了10多个军、60多个师/旅,约占朝鲜军队总体战斗力的70%。这样,只要朝鲜领导层下定决心,那么朝鲜军队不用重新调整部署,就可以随时投入到南侵作战中。2009年11月,第三次西海(韩半岛西部海域)海战发生后,朝鲜军队在其西海岸集中部署了240毫米火箭炮,对韩国西海及首都圈构成了直接威胁。可以说,朝鲜在前方部署大量军队的目的是为了在开战初期集中发动攻击,通过速度战重创韩国军队。

朝鲜强调,随着传统战争样式的变化,非线性作战、非接触作战等新的作战方式正在出现,现代战争可能会在前方和后方同时展开。这意味着朝鲜正规部队在前方发动正面攻击的同时,朝鲜特种部队可能向韩国后方地区发动干扰作战。不可否认,战场前后方同时展开,将对战争的速战速决起到决定性的作用。

4、网络战略

网络攻击是指利用计算机网络存在的漏洞和安全缺陷,对敌方军事、行政、人事等主要系统和资源发动的攻击,通常也被称为“没有枪声的战争”。随着计算机技术的快速发展及网络中心战概念的提出,现代战争的中心正在由传统的作战平台转向网络。从近几年的局部战争样式中也可以看出,网络作战正在作为战争的主要形态之一,起到了非常重要的作用。

2009年,金正日在朝鲜军队高级将领演讲会上发表谈话称,二十世纪的战争是油和炮弹的战争,二十一世纪的战争是信息战争。由此也可以看出,朝鲜非常重视网络战争。

网络攻击主要有两种方式 。第一种为非法侵入对方的信息系统,窃取系统保密信息、破坏目标系统数据的方式。第二种为不侵入对方信息系统,在外部破坏对方信息系统,使其功能无法发挥作用的方式。

从20世纪90年代起,朝鲜在平壤指挥自动化大学、计算机技术大学、金策工业综合大学等大力培养专业网络战人才。平壤指挥自动化大学隶属于人民军总参谋部,是朝鲜最具代表性的网络战人才培训机构,每年为军队培养出100多名计算机专业技术人员。据推测,朝鲜军队拥有的专业黑客规模达500名至600名。

美国、韩国等发达国家的军事战略严重依赖计算机网络。如果朝鲜发动网络攻击,就很容易导致韩国的网络系统出现混乱,影响到信息的传递与共享。在关键时刻,甚至还可能瘫痪整个网络,使韩国错过应对时机,从而给韩国带来致命的打击。在战争爆发前,朝鲜可能会在国内或海外,通过黑客入侵方式攻击韩国政府机关的网络。在战争期间,朝鲜还有可能干扰、破坏韩军的计算机网络,导致军队的整个计算机网络数据传输中断和系统瘫痪。

朝鲜的网络战略同样会对心理战产生积极影响。关于伊拉克战争,朝鲜认为,美帝之所以能够在伊拉克战争中取得胜利,与其说是高新技术武器发挥作用,不如说是心理战在发挥作用,并从思想上瓦解伊拉克导致的结果。从中可以看出,朝鲜非常重视心理战,并认为在未来战争条件下,心理战将贯穿于战争的全过程。朝鲜通过网络展开的心理战样式主要包括:在敌对国家或者支援国家网络上散布有利于朝鲜的信息及流言蜚语,甚至是假情报(细菌战、化学战、使用核武器、出现大规模伤亡)等,从而给敌对国家的公众带来恐慌,削弱敌对国家的战争意志。对于支援国家,通过大力制造反战舆论,迫使支援国家中止兵力增援,并尽早撤出已投入的兵力。

图-2:先军军事战略。

2
图-2:先军军事战略。 [保存到相册]

先军军事战略的主要特征是在金日成攻击性战略的基础上,为了维持政权,增加了防护性战略的内容。也就是说,金正日通过先军政治建立起来的先军军事战略,将由他的继承人金正恩去忠实地传承、延续和发扬。

虽然金日成时期的军事战略—先发制人奇袭战略、配合战略、速战速决战略是在常规战力基础上制定的,但是考虑到朝鲜武器装备体系的现状以及现代战争样式的变化,这些军事战略将会继续维持下去。基于先发制人奇袭战略,朝鲜军队的大部分兵力部署在前方地区。这样可以缩短部队部署、移动及接敌需要的时间,从而提高部队的机动性。基于配合战略,可以实现朝鲜军队正规战兵力与非正规战兵力的有效配合。这样可以提高作战效能,弱化对方军事力量,进而达成速战速决的目的。

二、先军军事战略的特征:追求军事冒险主义

金日成去世后,朝鲜在军事领域的最大变化是朝鲜进行了核开发。朝鲜不顾国际社会的强烈反对依然进行核开发,其目的就是在对美、对韩关系中,通过追求军事冒险主义来占据主动地位。

2010年12月,朝鲜人民武力部部长金永春指出,朝鲜革命武装已做好各种准备,在必要的时候将展开“基于核遏制力的朝鲜式圣战”。朝鲜革命武装不但要抵御侵略,还要扫荡敌大本营,消除战争根源,进而实现祖国统一的历史伟业 。此外,朝鲜在2009年新组建了侦察总局 ,进一步强化对外谍报部门的作用和职能。从朝鲜的这些举措中可以看出,朝鲜基于不断发展的军事力量,正在强化在韩半岛的军事冒险主义。

朝鲜之所以追求军事冒险主义,主要有如下原因:第一、历史的经验告诉朝鲜,追求军事冒险主义是非常必要的。朝鲜认为,20世纪60年代后期发生的捕获美国武装间谍船“普韦布洛”号事件和击落美国EC-121侦察机事件,是朝鲜与美国对峙中取得的重大胜利。因此,可以说,这两起事件成为朝鲜继续推进军事冒险主义的主要动因。第二、试图促使国际社会承认朝鲜是军事强国。朝鲜认为,公开进行军事武力示威或者发动军事挑衅活动,可以向国际社会展示其军事力量。也就是说,朝鲜在主张,拥有强大的军事实力才能引起人们的重视,建设强大的军队才是强国之本。第三、强大的军队可以用作强化其体制内部团结的有效手段。朝鲜认为,在北方限界线或者停战线附近发动军事挑衅,可以在朝鲜内部营造军事危机局面,而这种危机意识可以有效增强朝鲜内部的团结。

在如下情况下,朝鲜有可能采取军事冒险主义行动:第一、南北交流中断,军事紧张局势进一步升级。第二、朝鲜核问题毫无进展,朝美关系陷入僵局,关系严重恶化。第三、金正恩体制不稳定。军事冒险主义行动包括:实施核试验、发射远程导弹、在西海(韩国西部海域)及停战线附近发动局部挑衅。朝鲜认为,通过这些挑衅活动,可以增进人民内部团结,巩固与完善金正恩体制。

三、先军时代军事力量建设

(一)维持对韩国的军事优势

尽管朝鲜面临严重的经济困难,但是依然积极推进武器装备现代化建设,大力发展核武器、化学武器、导弹等大规模杀伤性武器,努力构建战略武器体系,推进基于强大军事力量的强盛大国建设。进入2000年后,朝鲜不但加强常备兵力建设,炮兵部队、装甲部队、特种作战部队等也得到了快速发展。据韩国2010年国防白皮书称,与2008年相比,朝鲜地面部队新增了4个师和1个机动旅,增加200多辆坦克。

表-1:南北军事力量比较。

1
表-1:南北军事力量比较。 [保存到相册]

*为了方便南北军事力量比较,将海军陆战队装备纳入陆军部队装备项目中进行了计算。

出处:国防部,《国防白皮书2010》(首尔:大韩民国国防部,2010)p.271.

朝鲜认为,只要美军撤出韩半岛 ,在保持对韩军事优势的情况下,朝鲜就可以实现“对南赤化统一”。无疑,朝鲜强化军事力量,为其实施大规模破坏战和速度战提供了可靠的保证。另外,朝鲜还认为前苏联崩溃和中国的改革开放,造成朝鲜的后援势力变弱。基于这种判断,朝鲜开始针对南方三角军事关系(韩国、美国、日本)大力加强军备建设,以提高其自主的军事应对能力。

(二)强化遏制战略

1、核开发

朝鲜从启动宁边5MWe核反应堆,到1992年6月接受国际原子能机构(IAEA)核查前,共获得了10 公斤至15 公斤的钚 。据分析,朝鲜一直利用这些钚来推进核武器研发计划。目前,朝鲜大约拥有40 公斤至50 公斤的钚,这些可以生产6枚至9枚核武器(制造1枚核武器需要 6 公斤至8 公斤的钚)。另外,朝鲜的铀(用于制造原子反应堆核燃料)储量非常丰富,整个埋藏量约2,600万吨,其中可采量为400万吨。

关于朝鲜的核能力,美国前国立核研究所所长赫克博士在《朝鲜在核心危机中学到的教训》一文中指出,朝鲜具备与美国在日本长崎投放的那颗原子弹相同威力的核武器制造能力。从目前的情形来看,朝鲜极有可能拥有初级核武器4-8枚。2010年4月9日,时任美国国务卿希拉里•克林顿在肯塔基州路易斯维尔大学发表题为《核不扩散》的演讲中称,据判断,朝鲜拥有 1-6枚核武器。这是美国政府官员首次在公开场合正式论及朝鲜拥有的核武器数量。2010年3月,通过东部战线归顺韩国的朝鲜人民军***在证词中称,2010年1月,他在参加政治学习时,政治教官曾指出“朝鲜是拥有核武器的国家,美国虽然是世界强国,但是不敢招惹朝鲜,完全是因为朝鲜拥有核武器”。

因此,可以认为朝鲜具备自主的核武器制造能力,拥有的核武器数量为1-8枚。但是,到目前为止,尚不清楚朝鲜将核武器搭载于导弹上进行发射的核武器小型化技术究竟发展到什么程度。

关于高浓缩铀(HEU)问题,2009年9月3日,朝鲜驻联合国前任代表朴吉渊曾指出,朝鲜已成功进行试验性铀浓缩,试验已进入最后阶段。铀浓缩若取得成功,意味着可以以较少的投入,连续进行大量生产,而且还不易被外界察觉 。与使用钚制造核武器的方式相比,使用铀的话,核武器的起爆装置制造起来会相对简单,而且还便于实现核武器小型化。为了能够将核武器搭载于野战炮或短程导弹上作为战术核武器来使用,很多核拥有国往往会选择使用铀来制造核武器。与发展常规战力相比,发展核武器投入的费用较少,并且能够有效弥补军事力量上的劣势。因此,越是国防力量薄弱的国家,为了具备遏制战争的手段,能够与大国进行军事对抗,越会大力发展核武器。

不难预计,朝鲜今后将努力通过发展小型化核武器,来提升对近距离军事目标的打击能力。韩半岛战场缺乏纵深,因此在韩半岛战场环境下,与远程核武器相比,能够进行近距离打击的战术核武器更能充分发挥作用 。另外,朝鲜还将通过构筑大规模的核武器生产体系,试图确立其军事强国的地位。

2、生化武器

从20世纪80年代起,朝鲜自主生产毒气弹和细菌武器,具备了一定程度的生化武器攻击能力。20世纪90年代起,朝鲜开始研发、生产及储备化生放(化学、生物、放射性) 武器和物资,具备了生物化学放射战执行能力。目前,朝鲜将2,500吨到5,000吨的化学作用剂分散保管在6个储藏设施中 ,化学武器的年均生产能力为4,500吨。另外,朝鲜还能够培养和生产炭疽菌、天花、霍乱、伤寒、瘟疫等13种生物武器。据悉,这些生物武器培养10天左右,就能直接投入使用。

朝鲜的生化武器将使用火炮、导弹、飞机等各种投放工具。开战初期,朝鲜极有可能在停战线一带集中使用化学武器,以此来摧毁韩军的防御阵地,为其发动攻击创造有利条件。朝鲜还有可能使用生化武器对韩国的首都圈、大城市等人口密集区发动无差别攻击,通过引发公众的恐慌心理来干扰军事作战。

3、导弹开发

朝鲜于1985年试射了射程为320公里至340公里的改进型飞毛腿-B型导弹,1989年试射了射程为500公里的飞毛腿-C型导弹,1993年5月试射了射程为1,300公里的劳动1号导弹,1998年8月试射了射程为1,800公里至2,500公里的大浦洞1号导弹,2006年7月和2009年4月试射了洲际弹道导弹(ICBM)水平的大浦洞2号导弹。

2004年,朝鲜成功研发射程为120公里的KN-02型地对舰短程导弹,并进行了实战部署。2007年,朝鲜又实战部署了利用移动式发射架发射的射程超过3,000公里的中程弹道导弹(IRBM)。2010年,朝军创建了“新型IRBM师”,该师隶属于人民军总参谋部导弹指导局。朝鲜之所以持续研发射程3,000公里以上的中程导弹,就是为了“有事时”打击向韩半岛增援的兵力,阻止美军及在太平洋地区活动的外部战力向韩半岛移动。虽然朝鲜的导弹射程有了明显增加,但是精确度并不高。因此,朝鲜为了对目标实施有效打击,不得不增加导弹的拥有数量。

表-2:朝鲜导弹开发现状。

1
表-2:朝鲜导弹开发现状。 [保存到相册]

出处:国防部,《大规模杀伤性武器问答百科》(首尔:国防部,2004年), p.35;参考《国防白皮书2010》。

朝鲜的弹道导弹,不但能够攻击韩国、日本,甚至包括美本土都在其威胁之下。朝鲜在加快导弹开发的同时,还积极推进核开发,这已引起了国际社会的高度关注。因为朝鲜一旦有能力在导弹上搭载核武器,其威胁范围及破坏力将会大幅增加。也就是说,朝鲜若能实现核武器小型化,即制造出1吨以下的核武器时,那就意味着朝鲜可以将核武器搭载在弹道导弹上来使用。

朝鲜的导弹生产能力在前苏联和中国的技术指导下,通过自主研发已达到相当的水平。普遍认为,朝鲜的导弹制造能力位居世界第六位。

(三)提升速战速决能力

朝鲜从20世纪80年代起,为了实施速度战,集中加强装甲部队、机械化部队建设。20世纪80年代末期,朝鲜开始生产前苏联T-62型坦克的仿制型-“天马号”坦克,这种坦克在水下5.5米深度也能够成功涉水渡河。此外,朝鲜还引进、生产、部署了23毫米对空火炮。2009年,朝鲜成功研制“天马号”坦克的改进型-“暴风号”坦克,并实战部署了2个“暴风号”坦克大队。朝鲜之所以重视机械化部队建设,主要是为了利用机械化部队的机动力和冲击力展开速度战。最近十年,朝鲜又增加部署了2,000多门火箭炮(从3,100多门增加到5,100多门),另外还在非武装地带(DME)附近地区部署了300多门远程火炮。朝鲜之所以前进部署火箭炮和远程火炮,就是为了在开战初期对韩国的首都圈进行集中打击 。

朝鲜海军装备有810多艘舰艇,包括战斗舰、潜艇、支援舰等。其中,约60%的舰艇部署在前方基地。水面战斗舰有警备舰、导弹艇、鱼雷艇、火力支援艇等420多艘,支援舰有登陆舰、气垫船等290多艘,潜艇有罗密欧级潜艇、鲨鱼级潜艇、南联级潜艇等70多艘。

在俄罗斯的技术支援下,朝鲜空军从20世纪90年代初起组装生产MIG-29最新式战斗机。1999年起,朝鲜从哈萨克斯坦引进了40多架MIG-21。另外,朝鲜还从俄罗斯引进了新型MI-8直升机。包括主力机种MIG-19/21, IL-28,SU-7/25等470多架飞机在内,朝鲜空军共拥有1,650架飞机。

进入2000年后,朝鲜创建了轻步兵师,轻步兵师隶属于前方军。另外,前方师的轻步兵大队扩编为轻步兵团。这样,朝鲜的特种部队实力明显增强,人数达20多万名。朝鲜之所以加强特种部队建设,是在充分考虑韩美联合部队战力优势现实及吸取伊拉克战争教训后,做出的决定。朝鲜特种部队大部分部署在平壤和元山以南地区,因此在开战初期就能马上投入使用。为了训练官兵的特种作战能力,朝军在师、军级部队设立了特种作战训练场。朝军根据韩半岛作战环境不断加强夜战、山岳战、巷战等特种科目的训练,使得部队的特种作战能力得到了明显提升。不难预计,在战争初期,朝鲜将通过地道、空中、海上等渗透方式,把特种兵力集中投放到韩国后方地区。这样,通过积极的配合战,使战争发展为速度战。

朝鲜军队以前方部队为中心,加强地面部队火力配置。另外,还创建或扩建特种部队。通过这些努力,朝军第一梯队的作战力量得以大幅增强。这为朝鲜军队在战争初期集中战斗力实施速度战打下了基础。

金日成去世后,朝鲜在发展核武器、导弹等战略武器的同时,常规战力的数量和水平也有所提升。普遍认为,朝鲜的军事力量得到了快速增长 。朝鲜通过大力加强军事力量的数量、质量建设,为实现其先军军事战略提供了必要的军事能力和手段。

第四部分 朝鲜军事行动展望

一、朝鲜危机状况评价

20世纪80年代末90年代初,东欧社会主义国家发生剧变。今天,反独裁政权的民主化抵抗运动正在蔓延和扩散。在这种复杂的国际环境下,一直以来维持独裁政权的朝鲜空前感到了巨大的困难和压力。前苏联的崩溃和中国的改革开放,开始让朝鲜怀疑其强大的后援国。2011年在埃及和利比亚等中东地区发生的茉莉花革命 ,使朝鲜的危机感进一步加重。目前,朝鲜正在构建金家王朝的世袭体制,但也面临着一系列的内外危机。

表-3:朝鲜面临的危机指数 可能出现的情况。
表-3:朝鲜面临的危机指数 可能出现的情况。 [保存到相册]

从朝鲜的内部危机层面来看,只要金正恩政权不稳定,那么围绕控制政权,随时都有可能发生内部争斗。另外,经济困难、粮食短缺等问题还可能引发朝鲜居民的不满情绪,从而导致朝鲜内部人心涣散、社会动荡不安。

从朝鲜的外部危机层面来看,朝鲜核危机恶化,国际社会加大对朝鲜的制裁力度,必将导致朝鲜经济面临更加严重的困难。朝鲜对韩发动军事挑衅活动,导致南北关系进一步紧张,南北交流中断,并可能发生新的南北军事冲突。另外,共产圈国家、长期独裁国家的崩溃等,随时都有可能波及朝鲜,并影响到朝鲜体制的稳定。

当朝鲜面临的危机指数升高时,为了维持其体制安全,朝鲜更有可能采取军事行动。与此相反,当朝鲜面临的危机指数相对较低时,比起采取军事行动,朝鲜更可能将精力放在加强其内部团结上。也就是说,当内部、外部危机严重时,朝鲜将会通过军事行动来加强内部管制,抵御外部威胁及压力,努力维护其政权稳定。当内部、外部危机出现缓和时,朝鲜将会把军队投入到经济活动中去,以期摆脱严重的经济困境。当外部危机严重,但是内部危机缓和时,朝鲜将会采取具体的军事行动来应对外部威胁,并以此加强内部团结。当外部危机出现缓和,内部危机严重时,朝鲜将会利用军队加强对居民的管制,并确保其体制稳定。

二、军事行动展望

如果朝鲜基于大规模杀伤性武器发动军事挑衅的话,朝鲜的危机指数将决定朝鲜的军事行动类型。朝鲜可能采取的军事行动大体上可分为四种类型。

图-3:朝鲜不同危机状况下的军事行动。

1
图-3:朝鲜不同危机状况下的军事行动。 [保存到相册]

在“状况I”下,朝鲜将发动全面战争。在这种状况下,朝鲜的对内、对外环境极度恶化,除了发动全面战争之外,别无其他方法可以选择。也就是说,因权力继承问题、粮食问题等,朝鲜陷入严重混乱,朝鲜体制面临崩溃的危机。另外,朝美关系因朝核问题陷入僵局,无回旋余地。这种情形下,朝鲜极有可能会选择全面战这种极端的行为。这时,朝鲜将利用战略武器—核武器和导弹威胁韩国和美国,并使用常规战力对韩国发动大规模破坏战和速度战。对于朝鲜而言,若要发动全面战还需要一个前提条件,即需要获得中国和俄罗斯的事前同意和积极援助。

在“状况II”下,朝鲜将对韩国发动局部挑衅。在这种状况下,朝鲜虽面临外部及内部危机,但是外部危机情况并非十分严峻。也就是说,尽管朝鲜因核问题等面临外部压力,但是这种外部危机并没有激化。从朝鲜的内部情况来看,朝鲜居民因粮食困难等问题,不满情绪高涨。政权整体上虽由金正恩所控制,但是出现了权力斗争的迹向。这时,朝鲜在停战线和北方限界线(NLL)一带发动军事挑衅,试图转移国内矛盾,加强内部团结,进一步巩固金正恩体制。2010年的“天安舰事件”和“延坪岛炮击事件”,就是两个典型的例子。当时,金正日为了确立其权力继承体制,发动了对韩军事挑衅活动。

在“状况III”下,朝鲜将采取缓解军事紧张的措施。在这种状况下,无论是外部危机,还是内部危机均不严重,紧张局势趋于缓和。也就是说,对外来讲,朝核问题朝着有利于朝鲜的方向发展,经济问题得到了一定程度的解决。对内来讲,金正恩体制得到了确立及巩固,朝鲜政治稳定,社会安定,内部没有权力斗争。这时,朝鲜将会推进类似于中国的改革开放路线,同时采取裁减军备等积极措施,以确立新的对韩、对美关系。

在“状况Ⅳ”下,朝鲜将进行军事武力示威。在这种状况下,朝鲜的外部危机严重,而内部危机不明显。也就是说,尽管朝鲜内部存在着粮食困难等问题,但是其内部管制非常成功。对外来讲,国际社会因核问题、非法武器出口问题、人权问题等加大了对朝鲜的施压力度,朝鲜的友好势力—中国和俄罗斯中止对朝鲜的支援或采取不理睬措施时,朝鲜将会通过核试验及导弹试射来寻求对外政治协商的途径。另外,为了凸显金正恩的作用,对内对外展示强盛大国建设的辉煌成就,朝鲜也有可能会继续进行核试验或导弹试射活动。

从以上四种状况来看,最有可能发生的是“状况II”,即朝鲜发动局部挑衅活动。目前,南北韩关系陷入僵局。金正日去世后,金正恩体制充满了不稳定性和不确定性。为了缓解内部矛盾,朝鲜很有可能发动对韩挑衅活动。特别地,如果朝鲜内部出现权力斗争,或者金正恩体制受到挑衅或冲击,金正恩为了展示其强大的领导力,在铲除反对势力的同时,极有可能会发动对韩国的挑衅活动。朝鲜可能选择的挑衅方式主要有:在半岛西部海域或东部海域利用潜艇发动攻击;占领或炮击西海(韩国西部海域)五岛;在停战线一带制造军事冲突;实施恐怖活动,给韩国社会制造混乱等。

最不可能发生的是“状况I”,即朝鲜发动全面战争。朝鲜很清楚发动全面战争,意味着与韩美联合战力进行作战。显然,朝鲜军队的战斗力水平与韩美联合战力相比,处于绝对劣势。因此,朝鲜若想发动全面战争,势必需要得到中国和俄罗斯的全力支持和大力帮助。但是,从现实的情况来看,俄罗斯和中国都不会轻易介入韩半岛战争。前苏联解体后,俄罗斯国力大伤, 一直没有恢复元气。因此,俄罗斯很难对朝鲜进行有效的援助。中国虽然强调朝鲜与中国是唇齿相依的友好邻邦,但是中国正在坚定不移地推进改革开放,积极促进经济增长。在这种背景下,中国显然不愿意与美国对立,介入韩半岛战争,破坏来之不易的和平稳定发展环境。

第五部分 结束语

金正日政权为了保持对韩军事领域的优势,重点发展核武器、导弹等非对称战力。可以说,朝鲜的军事力量建设充分体现了大规模破坏战略、速战速决战略、网络战略。

“大规模破坏战略”是为了确保“有事时”作战胜利确立起的战略。1994年,美国威胁要对朝鲜的核设施进行轰炸。这一危机,促使朝鲜从遏制层面确立“大规模破坏战略”起到了决定性的作用。“速战速决战略”是在金日成军事战略的基础上确立的,朝鲜的航空部队、装甲部队、机械化部队等将在速度战时充分发挥作用,朝军的部队结构也是围绕有利于机动作战而编制的。综合考虑这些因素,朝军将在今后相当长的时间内,继续维持速战速决战略。“网络战略”同样是朝鲜可能会采用的军事战略。目前,朝鲜拥有相当数量的专业黑客,再加上美国、韩国等发达国家的军事战略严重依赖计算机网络。如果朝鲜的“网络战略”能够发挥作用,将会直接影响韩美联合部队作战力的发挥。

先军军事战略是在金日成攻势概念的军事战略基础上,增添了金正日防御概念的军事战略。即,先军军事战略是金正日为了维护其政权稳定和社会主义体制安全做出的具体选择。金正日曾多次强调,现代战争是新的形态的战争,其特征是高度扩大的立体战、信息战、非对称战、非接触战、精确打击战、短时间速决战,并要求部队为适应现代战争做好战斗准备。从中可以看出,金正日已认识到改变过去那种常规战法的必要性,认为只有采取能够应对现代战争的新的战法,才有可能在未来战争中取得胜利。因此,可以说,朝鲜的先军军事战略充分反映了金正日军事思想的战争遂行方法。

从朝鲜的军事战略变化和军事力量发展方向来看,朝鲜今后最有可能采取的军事行动是发动对韩国的局部挑衅。在金正恩政权不稳定、南北关系陷入僵局的情况下,朝鲜有可能在西海(韩国西部海域)或者停战线附近发动局部挑衅活动,也有可能进行远程导弹试射、核试验等来展示武力,以此来谋求体制安全。朝鲜通过这些军事武力行动,试图转移内部矛盾,加强内部团结,巩固金正恩政权。作为韩国,面对各种威胁及复杂情况,需制订具体的、有效的、切实可行的应对方案。

Original URL:

http://mil.sohu.com/20130701/

美國軍事網絡戰:黑客入侵防禦成為無菸的戰爭 // American military network warfare: hackers attack and defense creating a war without smoke

美國軍事網絡戰:黑客入侵防禦成為無菸的戰爭

American military network warfare: hackers attack and defense creating a war without smoke

Hackers may also be soldiers. Recently, the US Internet security company and the government issued a series of reports that “the Chinese military to participate in hacking.” With the “China hacker threat theory”, the US government immediately announced the latest anti-hacking strategy, although the Chinese Ministry of Foreign Affairs and the Ministry of Defense in a timely manner to make a refutation, but for a time, hacker news from the army or aroused everyone’s interest. In fact, the United States is the world’s largest Internet hacker location, has a huge network of troops.

As the daily consumption from the physical store to the transfer of electricity, and now the war has also moved from the line to the line. Not only the United States, Europe and the United States and Asia, many countries have begun to set up their own “network forces” – hackers is to become a frequent visitor to this service. And how these countries are leading the “formal” network of the army.

In 007 “skyfall” in the lovely Mr. Q is a network war master.

In May 2010, the US Department of Defense set up a network warfare headquarters officially launched, the US military strategic headquarters in September 1, 2010 before the development of a network warfare philosophy and plans, and plans in the next few years to expand the network security forces to 4900 people. This marks the United States intends to military hegemony from the land, sea, sky and space to the so-called “fifth field” of the network space extension.

It is reported that the United States is currently recruiting 2,000 to 4,000 soldiers, set up a “network special forces.” This unit not only to assume the task of network defense, but also to other countries of the computer network and electronic systems for secret attacks. According to Xinhua reported that a former US Air Force Major John Bradley at a meeting in 2002, said the United States spent on network attacks on the study than the network defense much more, because the senior staff of the former more Interested. And, the US military network attack time may be much earlier than we imagined.

In the Iraq war that began in 2003, the US military used the cyber warfare more widely. Before the war, thousands of Iraqi military and political officials in their e-mail mailbox received the US military sent the “persuade the letter”, resulting in a great psychological impact. Less than four hours after the war, Al Jazeera English website will be the US military “ban”, can not function properly.

In addition, the United States also in 2006 and 2008 has held two code-named “network storm” large-scale network war exercises.

Japan and South Korea: already set up a “network army”

At the end of 2009, the Ministry of Defense of Japan decided to establish a special “cyber space defense team” in 2011 to guard against hacker attacks and strengthen the ability to protect confidential information. According to the Japanese “Yomiuri Shimbun” reported on May 1, 2011, “cyberspace defense team” plan is set in the SDF command communications system under the initial number of about 60 people. This “network force” is responsible for collecting and analyzing the latest virus information, and anti-hacker attack training.

Japan’s network warfare is through the master “system of network” to paralyze the enemy combat system. Japan in the construction of network combat system, emphasizing the “offensive and defensive”, allocated large sums of money into the network hardware and “network warfare” construction, respectively, the establishment of the “defense information communication platform” and “computer system common platform”, to achieve the SDF Organs, forces network system of mutual exchange and resource sharing. And set up by the 5000 people of the “cyberspace defense team”, developed the network operations “offensive weapons” and network defense system, now has a strong network attack combat strength.

The DPRK this “enemy”, South Korea in 1999 put forward the overall vision of the future information construction, announced in 2009 will be the formation of “network command”, and officially launched in 2010. At present, South Korea already has about 20 million received professional training of the huge personnel, and 5% of annual defense funds are used to develop and improve the implementation of the core technology of network warfare.

Britain and Russia: enlisted hackers

Network forces hackers preferred, as early as 1998, because of the successful invasion of the US Pentagon computer system, Israel’s 18-year-old boy hacker Tenenbaum put on uniforms to become an Israeli soldier. Subsequently, the British government also in 2009, including former hackers, including network elite to defend the network security. They are young, diverse in background, some have been hackers, and even minor cybercrime.

On June 25, 2009, the UK government introduced its first national cybersecurity strategy and announced the establishment of two new departments of cybersecurity, the Network Security Office and the Network Security Operations Center, which are responsible for coordinating government security and coordination of government and government The security of the main computer system of civil society.

India in 2007 formed a land, sea and air armed forces joint emergency team, and enlisted hackers. At the same time, by absorbing the civil master enlisted and the cadet students “hacker” technical training, etc., and gradually complete the future network war talent pool.

Military power Russia in the 1990s on the establishment of the Information Security Committee, specifically responsible for network information security, launched in 2002, “Russian Federal Information Security Theory”, the network information warfare compared to the future “sixth generation of war.” Russia already has a large number of network elite, anti-virus technology is walking in the forefront of the world, in the event of a threat or need, these talents and technology will soon be transferred to military use.

“Black door”: ridiculous blame

Although there is no factual basis, but the US Internet security companies and the government is still often create “hacker door”, directed at China, not only involving colleges and universities, enterprises, as well as technical schools such as Shandong Lan Xiang, there are network individuals, now point to the Chinese military, Even to provide “hacker headquarters building” photos. However, the relationship between the IP address alone, “the source of the attack from China,” highlighting the ignorance of the relevant US people.

How do hackers use their own computer to attack? How can I leave a registered IP address? They usually through the springboard control of third-party computer to form a botnet and then attack. Take the initiative to expose the IP address left traces, is it a professional hacker!

China’s Ministry of Defense International Bureau of Communications Deputy Director Meng Yan wrote that the United States in the transformation of the way to render the Chinese hacker attack trick, even ignore itself is the network virtual space “rule makers.” 2012, 73,000 foreign IP addresses as Trojans and botnet control server to participate in the control of more than 1,400 million hosts in China, 32,000 IP through the implantation of the back door of China’s nearly 38,000 sites in the implementation of remote control, which originated in the United States The number of network attacks ranked first.

Hacker attack and defense: no smoke of the war

Only a few minutes, the domestic password experts, Tsinghua University Distinguished Professor Wang Xiaoyun and her research team with ordinary personal computers, will be able to crack MD5 password algorithm. Before her, even with the fastest giant computer, but also to calculate more than 1 million years to crack.

If this is a war, you can not hear the sound and can not see the smoke. Hackers often through the acquisition of passwords, place Trojan horse program, e-mail attacks, node attacks, network monitoring, find system vulnerabilities, steal privileges and so on, and the use of WWW spoofing technology, the use of account attacks, etc. to launch network attacks.

Reporters learned that the current “hanging horse” (that is, in the page to load Trojan virus), “phishing” (forged WEB site or e-mail, etc.) and other ways to become the mainstream of hacker attacks.

Original Mandarin Chinese:

 

黑客也可能是戰士。近日,美國網絡安全公司和政府接連發布報告稱“中國軍方參與黑客攻擊”。借助“中國黑客威脅論”,美國政府隨即公佈最新反黑客戰略,儘管中國外交部和國防部及時對此做出駁斥,但一時間,黑客從軍的消息還是激起大家的興趣。其實,美國才是世界上最大的網絡黑客所在地,擁有龐大的網絡大軍。

如同日常消費從實體店向電商轉移,如今戰爭也已經從線下搬到線上。不僅是美國,歐美亞等洲許多國家都已經著手建立本國的“網絡部隊”——黑客更是成為此軍種的常客。而這些國家又是如何領導這批“正規”的網絡大軍。

在007《skyfall》中可愛的Q先生就是一名網絡戰的高手。

2010年5月,美國國防部組建網絡戰司令部正式啟動,美軍戰略司令部要求在2010年9月1日前製訂出網絡戰作戰理念和計劃,併計劃在隨後幾年把網絡安全部隊擴編到4900人。這標誌著美國打算將軍事霸權從陸地、海洋、天空和太空向號稱“第五領域”的網絡空間延伸。

據悉,美國目前正在招募2000至4000名士兵,組建一支“網絡特種部隊”。這支部隊不僅要承擔網絡防禦的任務,還將對他國的電腦網絡和電子系統進行秘密攻擊。據新華網報導,一位前美國空軍少校約翰·布萊德利在參加2002年一次會議時就表示,美國花在網絡攻擊上的研究比網絡防禦上要多得多,因為高層人員對前者更感興趣。並且,美軍實施網絡攻擊的時間可能比大家想像的要早得多。

而在2003年開始的伊拉克戰爭中,美軍更為廣泛地使用網絡戰手段。戰前,數千名伊拉克軍政要員在他們的電子郵件信箱中收到美軍發來的“勸降信”,造成很大的心理影響。開戰後不到4個小時,半島電視台英語網站便被美軍“封殺”,不能正常運作。

另外,美國還於2006年和2008年先後舉行了兩次代號為“網絡風暴”的大規模網絡戰演習。

日韓:早已組建“網絡軍隊”

2009年底日本防衛省即決定,在2011年度建立一支專門的“網絡空間防衛隊”,以防備黑客攻擊,加強保護機密信息的能力。據日本《讀賣新聞》2011年5月1日報導,“網絡空間防衛隊”計劃設置於自衛隊指揮通信系統部之下,初期人數約60人。這支“網絡部隊”負責收集和分析研究最新的病毒信息,並進行反黑客攻擊訓練。

日本網絡戰是通過掌握“製網權”達到癱瘓敵人作戰系統。日本在構建網絡作戰系統中強調“攻守兼備”,撥付大筆經費投入網絡硬件及“網戰部隊”建設,分別建立了“防衛信息通信平台”和“計算機系統通用平台”,實現了自衛隊各機關、部隊網絡系統的相互交流和資源共享。並成立由5000人組成的“網絡空間防衛隊”,研製開發的網絡作戰“進攻武器”和網絡防禦系統,目前已經具備了較強的網絡進攻作戰實力。

而對朝鮮這個“敵人”,韓國在1999年提出了未來信息建設的總體設想,2009年宣布將組建“網絡司令部”,並於2010年正式啟動。目前,韓國已經擁有了約20萬接受過專業訓練的龐大的人才隊伍,而且每年國防經費的5%被用來研發和改進實施網絡戰的核心技術。

英俄:徵召黑客入伍

網絡部隊黑客優先,早在1998年,因為成功入侵美國五角大樓電腦系統,以色列18歲的少年黑客Tenenbaum穿上軍裝成為一名以色列士兵。隨後,英國政府也於2009年徵召包括前黑客在內的網絡精英保衛網絡安全。他們年輕,背景多樣,有的曾經是黑客,甚至有輕度網絡犯罪行為。

在2009年6月25日,英國政府出台首個國家網絡安全戰略,並宣布成立兩個網絡安全新部門,即網絡安全辦公室和網絡安全行動中心,分別負責協調政府各部門網絡安全和協調政府與民間機構主要電腦系統安全保護工作。

印度則在2007年組建了陸、海、空三軍聯合計算機應急分隊,並徵召黑客入伍。同時,通過吸納民間高手入伍和對軍校學員進行“黑客”技術培訓等方式,逐步完成未來網絡戰的人才儲備。

軍事大國俄羅斯上世紀90年代就設立了信息安全委員會,專門負責網絡信息安全,2002年推出《俄聯邦信息安全學說》,將網絡信息戰比作未來的“第六代戰爭”。俄羅斯已經擁有了眾多的網絡精英,反病毒技術更是走在了世界的前列,在遇到威脅或有需要時,這些人才和技術將能很快地轉入軍事用途。

“黑客門”:可笑的指責

雖然沒有事實依據,但美國網絡安全公司和政府仍然屢屢製造“黑客門”,矛頭直指中國,不僅涉及高校、企業,還有技校如山東藍翔,也有網絡個體,如今則指向中國軍方,甚至提供“黑客總部大樓”照片。然而,僅憑IP地址的關係就得出“攻擊源頭來自中國”,凸顯美國相關人士的無知。

黑客怎麼用自己的電腦發動攻擊?又怎麼會留下註冊IP地址?他們通常是通過跳板控制第三方電腦形成殭屍網絡再展開攻擊。主動暴露IP地址留下痕跡,豈是專業黑客所為!

中國國防部國際傳播局副局長孟彥日前撰文稱,美國各界在變換手法渲染中國黑客攻擊把戲時,竟然無視自身才是網絡虛擬空間的“規則制定者”。 2012年,7.3萬個境外IP地址作為木馬和殭屍網絡控制服務器參與控制中國境內1400餘萬台主機,3.2萬個IP通過植入後門對中國境內近3.8萬個網站實施遠程控制,其中源自美國的網絡攻擊數量名列第一。

黑客攻防:無硝煙的戰爭

只需要幾分鐘,國內密碼專家、清華大學特聘教授王小雲和她的研究小組用普通的個人電腦,就能破解MD5密碼算法。在她之前,即使採用最快的巨型計算機,也要運算100萬年以上才能破解。

如果這是戰爭,則聽不到聲音看不到硝煙。黑客往往通過獲取口令、放置特洛伊木馬程序、電子郵件攻擊、節點攻擊、網絡監聽、尋找系統漏洞、偷取特權等以及利用WWW欺騙技術、利用賬號攻擊等方式發起網絡攻擊。

記者了解到,目前“網頁掛馬”(即在網頁中加載木馬病毒)、“網絡釣魚”(偽造WEB站點或電子郵件等)等方式成為黑客攻擊的主流行為。

Russian Ministry of Defense set up information operations forces to deal with Western networks – psychological attacks // 俄國防部組建信息作戰部隊 應對西方網絡-心理攻擊

Russian Ministry of Defense set up information operations forces to deal with Western networks – psychological attacks // 俄國防部組建信息作戰部隊 應對西方網絡-心理攻擊

With the Russian and Western cyber space in the game is becoming increasingly fierce, especially in the 2018 Russian presidential election near the background, the Western countries for Russia’s network and information / psychological attacks increasing. To this end, Russia to strengthen the network and information security construction. At the end of 2016, the revision of the new edition of the Russian Federation Information Security Theory. February 27, 2017, Russian Defense Minister Shaoyou announced the formation of information operations forces, accelerate the construction of information combat forces, clear its functional mission.

First, the new theory clearly set up the purpose of information combat forces and their functions

December 6, 2016, Russian President Vladimir Putin approved the new version of “Russian Federation information security theory.” It points out that the main objectives of information security in the field of defense include the implementation of strategic containment and prevention of military conflicts caused by information technology, the improvement of the Russian armed forces information security system, the development of information confrontation forces and equipment, the forecasting, inspection and evaluation of the Russian armed forces Threats in the field of information; elimination of information / psychological effects aimed at destabilizing national history and patriotic traditions.

The formation of information combat forces is one of Russia’s important initiatives to achieve these goals. First of all, the Russian information combat forces is to contain and prevent the field of network information conflict or the main force of war. Second, the formation of information combat forces is the Russian armed forces information security system construction and the Russian new military reform an important step, will take into account the strength of construction and equipment development. Once again, the information warfare forces ensure that Russian armed forces are protected from cyber attacks and information security threats, ensuring wartime command and control and operational capability. Finally, the information warfare forces will also confront and counter the Western countries of the anti-Russian information penetration and psychological impact, to maintain the fighting morale and national stability.

Second, the troops named on the network attack and information penetration of the “two-handedly”

Russian Defense Minister Shao Yigu pointed out that the main functions of the information combatants include: centralized management of network operations; protection of Russian military networks and nodes, military command systems and communications systems from hackers; to ensure reliable access to information; Russian military capacity to expand its ability to act in cyberspace; against the Western anti-Russian information / psychological propaganda and penetration.

Russian military experts believe that the future of military struggle in the information combat objectives not only include the armed forces allegation system, the government administrative system and the financial system and other hard targets, more strategic is the soldiers and public psychology and other soft targets. An attack on the implementation of soft targets such as soldiers and people can lead to dislocation and disintegration. Information combat forces should not only have to protect their own side and attack each other hard targets and other capabilities, but also have to confront and oppose the enemy information / psychological attack and penetration. At present, countries with network dominance use different means to implement information operations against different objectives. For the use of special information weapons, such as computer viruses, information bombs, logic bombs, computer chips that are given special missions, explosive devices that generate electromagnetic pulses, UHF generators, and electronic biological weapons. And for the soldiers and the public psychological and other soft targets, create provocative or intimidating false information and spread through the information media to achieve military and political purposes.

Therefore, Russia will be named the “information combat forces” rather than the network combat forces fully embodies the scope of its combat both soft and hard targets.

Third, the integration of active elite forces and the recruitment of new forces simultaneously

The force will integrate the existing Russian armed forces network operations, electronic reconnaissance and electronic confrontation and other departments and functions, while absorbing the Ministry of Internal Affairs and security system of network information security and related experts, including mathematicians, programmers, engineers, cryptographers , Communications experts, electronic confrontation experts, translators and so on.

Russian military arms and institutions in 2013 has set up a “technology even”, and from college graduates in the recruitment of professionals, which is the key components of the military system / unit reserves and training professionals specializing in technology research and development and information security team. According to statistics, this force mainly includes the Air Force’s second science and technology even the space and defense forces of the third technology even under the Army’s fifth technology even, under the Military Academy of Sciences, the seventh technology even Wait. Each with 2 to 3 rows, each with about 20 people. To the air days of military science and technology, for example, the troops regularly recruit college graduates, give priority to the use of computer security, communications systems, information security, special radio systems, cryptography, electronic optoelectronic special equipment and other professionals, by the Air Force Academy of Military Academy training and education The center is responsible for training new people.

Fourth, the force commander has not yet determined, Gracimov is the most likely candidate

Russian Defense Minister Shaoyou clear, information warfare force commander will be general rank. Western countries believe that the Russian armed forces, the current chief of staff, Mr. Grazimov served as the commander of the information operations the possibility of the largest. He has proposed the Russian version of the “mixed war” concept, and received the approval of President Putin. He pointed out that “the current principle of war itself has undergone substantial changes, the realization of political and strategic objectives of the non-military means of the status of a series of events show that the effect of non-military means sometimes more than the use of weapons.” In his description of the “civil war in Ukraine” and “the spring of Arabia”, he pointed out that the information / psychological warfare could “turn a peaceful and prosperous country into a brutal armed struggle in months or even days”. March 4, 2017, Grazimov in military academy, asked the Russian Academy of Military Sciences to intensify the study of the new model of confrontation between countries and effective counter-measures. In addition, the West speculated that Gerasimov’s another reason is that he has served as the Russian armed forces network information warfare the highest commander. In 2010, the Russian Armed Forces commanded a powerful message / psychological offensive, and it was Gracimov who had recaptured the Crimea.

Five, conclusion

At present, the Russian Defense Ministry official website has not yet put information warfare troops, and the existing army, air force, navy and strategic missile soldiers, airborne soldiers of these five arms tied. The forces become separate forces or scattered in the existing five arms and key sectors are not yet known. However, the formation of information combat forces is not only a key step in the construction of Russian network information security forces, but also an important step in the reform of the Russian army in the context of the increasingly fierce network security of information security and the increasingly complex environment of security. Information operations forces will defend Russia’s cyberspace and information in the field of soft and hard targets, to achieve their own attack and defense functions, maintaining national network security and political and military security.

Original Mandarin Chinese:

隨著俄羅斯與西方在網絡空間的博弈日趨激烈,特別在2018年俄總統大選臨近的大背景下,西方國家針對俄羅斯的網絡和信息/心理攻擊日益增多。為此,俄羅斯加強網絡和信息安全建設。 2016年底,修訂頒布新版《俄羅斯聯邦信息安全學說》。 2017年2月27日,俄國防部長紹伊古宣布組建信息作戰部隊,加快推進信息作戰力量建設,明確其職能使命。

一、新版學說明確組建信息作戰部隊的目的及其職能

2016年12月6日,俄總統普京批准新版《俄羅斯聯邦信息安全學說》。其中指出,國防領域信息安全保障的主要目標包括:對利用信息技術導致的軍事衝突實施戰略遏制和預防;完善俄武裝力量信息保障體系,發展信息對抗力量和裝備;預測、檢查和評估俄武裝力量在信息領域的威脅;消除旨在動搖國家歷史觀念和愛國傳統的信息/心理影響等。

組建信息作戰部隊是俄實現上述目標的重要舉措之一。首先,俄羅斯信息作戰部隊是遏制和預防網絡信息領域衝突或戰爭的主要力量。其次,組建信息作戰部隊是俄武裝力量信息保障體系建設和俄羅斯新軍事改革的重要步驟,將兼顧力量建設和裝備發展。再次,信息作戰部隊確保俄武裝力量免受網絡攻擊和信息安全威脅,保證戰時指揮控制和作戰行動能力。最後,信息作戰部隊還將對抗和反制西方國家的反俄信息滲透和心理影響,保持士兵鬥志和國民思想穩定。

二、部隊命名體現對網絡攻擊和信息滲透的“兩手抓”

俄國防部長紹伊古指出,信息作戰部隊主要職能包括:對網絡作戰行動進行集中統一管理;保護俄羅斯軍用網絡和節點、軍事指揮系統和通信系統免受黑客攻擊;確保實現可靠的信息傳遞通道;檢驗俄軍的網絡能力,拓展其在網絡空間的行動能力;對抗西方的反俄信息/心理宣傳和滲透等。

俄軍事專家認為,未來軍事鬥爭中的信息作戰目標不僅包括武裝力量指控系統、政府行政管理系統和金融系統等硬目標,更具戰略意義的是士兵和民眾心理等軟目標。對士兵和民眾等軟目標實施的信息攻擊,可導致人心渙散和瓦解。信息作戰部隊不僅要具備保護己方和攻擊對方硬目標等能力,還要具備對抗和反制敵方信息/心理的攻擊與滲透。當前,擁有網絡主導權的國家針對不同目標運用不同手段實施信息作戰。針對硬目標使用特殊的信息武器,如計算機病毒、信息炸彈、邏輯炸彈、被賦予特殊使命的計算機芯片、能產生電磁脈衝的爆炸裝置、超高頻發生器、電子生物武器等。而針對士兵和民眾心理等軟目標,製造煽動性或恐嚇性的虛假消息並通過信息媒介傳播,以達到軍事政治目的。

因此,俄將該部隊命名為“信息作戰部隊”而非網絡作戰部隊充分體現了其作戰範圍兼顧軟硬兩類目標。

三、整合現役精銳力量和招募高校新生力量並舉

該部隊將整合現有俄羅斯武裝力量網絡作戰、電子偵察和電子對抗等部門人員和職能,同時吸收內務部和安全系統的網絡信息安全及相關專家,包括數學家、程序員、工程師、密碼學家、通信專家、電子對抗專家、翻譯人員等。

俄各軍兵種和機關在2013年先後組建“科技連”,並從高校畢業生中招募專業人才,這是軍隊系統各關鍵部門/單位儲備和培養的專門從事技術研發和信息安全保障的隊伍。據資料顯示,這支力量主要包括隸屬於空天軍的空軍第二科技連和空天防禦部隊的第三科技連、隸屬於陸軍的第五科技連、隸屬於軍事通訊科學院的第七科技連等。每個連有2~3個排,每個排約20人。以空天軍“科技連”為例,部隊定期招收高校畢業生,優先錄用計算機安全、通訊系統信息安全、特種無線電系統、密碼學、電子光電特種設備等專業人員,並由空軍軍事科學院培訓教育中心負責培養新人。

四、部隊司令尚未確定,格拉西莫夫是最大可能人選

俄國防部長紹伊古明確,信息作戰部隊司令將是大將軍銜。西方國家認為,俄武裝力量現任總參謀長格拉西莫夫大出任信息作戰部隊司令的可能性最大。他曾提出俄版“混合戰爭”概念,並得到普京總統的認同。他指出,“目前的戰爭原則本身已發生實質性改變,實現政治和戰略目標的非軍事手段的地位在上升。一系列事件表明,非軍事手段的效果有時超過了使用武器”。他在對“烏克蘭內戰”和“阿拉伯之春”等事件的描述中指出,信息/心理戰能夠將“一個祥和繁榮的國家在幾個月甚至幾天之內變成殘酷武裝鬥爭的戰場”。 2017年3月4日,格拉西莫夫在參加軍事學術會議時,要求俄軍事科學院加緊研究國家間對抗的新模式及有效反製手段。此外,西方推測格拉西莫夫的另一原因是,他此前一直擔任俄武裝力量網絡信息作戰的最高指揮官。 2014年指揮俄武裝力量發動強大信息/心理攻勢,兵不血刃收復克里米亞的正是格拉西莫夫。

五、結語

目前,俄國防部官方網站還沒有將信息作戰部隊,與現有的陸軍、空天軍、海軍和戰略導彈兵、空降兵這五大軍兵種並列放置。該部隊成為單列軍兵種亦或散佈於現有五大軍兵種和關鍵部門還未可知。但信息作戰部隊的組建不僅是俄羅斯網絡信息安全力量建設的關鍵舉措,更是在大國網絡信息安全博弈日益激烈和安全環境日益複雜的大背景下俄軍改革的重要步驟。信息作戰部隊將保衛俄羅斯網絡空間和信息領域的軟、硬目標,實現自身的攻、防職能,維護國家網絡信息安全和政治軍事安全。

 

作者:易鑫磊 來源:中國日報網

http://world.chinadaily.com.cn/2017-06/19/content_29801583.htm