Category Archives: China Cyber Dilemma in the 21st Century

Communist Chinese Cyber Fundamentals : Strategic Thinking of Network Power //共產主義中國網絡基礎:網絡權力的戰略思考

Communist Chinese Fundamentals : Strategic Thinking of Network Power //

共產主義基本原理:網絡權力的戰略思考

Author: 中國共產黨

Date: 2017

Since the 18th National Congress of the Communist Party of China, the Party Central Committee with Comrade Xi Jinping has attached great importance to and vigorously promoted cybersecurity and informationization, profoundly grasped the characteristics of the development of the information age of human society, and objectively analyzed the current national conditions of China’s Internet development and the development of global Internet. The situation has successively issued a series of important speeches, and put forward a series of new ideas, new ideas and new theories on the governance of the Internet, and scientifically answered the major question of “why build a network power, build a network power and how to build a network power”. Formed Xi Jinping’s strategic thinking of network power. Seriously studying these new ideas is of great significance to promoting the building of a network-building nation and realizing the “two hundred years” struggle goal and the Chinese dream of the great rejuvenation of the Chinese nation.

First, why build a network power

On February 27, 2014, General Secretary Xi Jinping initially proposed the vision of building a network power in the first meeting of the Central Network Security and Informatization Leading Group, and systematically explained the background, situation, tasks and connotations of the network power. Requirements, thus making this idea a relatively complete, systematic theoretical system.

Xi Jinping put forward a rigorous logical relationship between the strategic thinking of the network power, starting from the foundation of the big power network, in view of the overall situation of the network business and the new situation changes, especially objectively analyzing the existing gap and strengthening the strategy of building a network power. aims. In his speech, Xi Jinping pointed out that in today’s world, the information technology revolution is changing with each passing day, which has had a profound impact on the development of international politics, economy, culture, society and military. Informatization and economic globalization have promoted each other, and the Internet has been integrated into all aspects of social life, profoundly changing people’s production and lifestyle. China is in the midst of this tide and is getting more and more affected. China’s Internet and informatization work has achieved remarkable development achievements. The network has entered thousands of households, and the number of Internet users is the highest in the world. China has become a big network country. This is our basic premise. He pointed out that the Internet is a big platform for social information. The hundreds of millions of Internet users have access to information and exchange information. This will have an important impact on their ways of seeking knowledge, ways of thinking, and values. In particular, they will be against the country, society, and Work and perceptions of life have an important impact. Xi Jinping emphasized that cybersecurity and informatization are all about the whole world of a country. We must recognize the situation and tasks we are facing, fully understand the importance and urgency of doing a good job, and seek for the situation. Take the trend and follow the trend. This is all about the whole. Xi Jinping pointed out that with the development of the Internet, especially the mobile Internet, the social governance model is shifting from one-way management to two-way interaction, from offline to online and offline integration, from simple government supervision to more emphasis on social coordinated governance. This is a change in the situation. In today’s world, information technology is developing very fast. If you don’t advance, you will retreat. Compared with the world’s advanced level, compared with the strategic goal of building a network power, we still have a lot of gaps in many aspects, especially in terms of Internet innovation capability, infrastructure construction, information resource sharing, and industrial strength. The biggest gap is in core technology.

Second, what kind of network power to build

Xi Jinping pointed out that without cyber security, there would be no national security, and without informationization, there would be no modernization. To build a network power, we must have our own technology and have strong technology; we must have rich and comprehensive information services, a prosperous and developing network culture; we must have a good information infrastructure to form a strong information economy; we must have a high-quality network. Security and information technology talent team; we must actively carry out bilateral and multilateral Internet international exchanges and cooperation. He also stressed that cyberspace is the spiritual home of hundreds of millions of people. The cyberspace is clear and ecological, and is in line with the interests of the people. The cyberspace is smouldering and deteriorating, and it is not in the interests of the people.

In a nutshell, there are at least six major signs of network power: First, the network information infrastructure must be at the world’s leading level. The second is to have a clear cyberspace strategy and a network voice in the international community. Third, the key technologies must be self-controllable, especially the operating system and CPU technology. Fourth, network security must have sufficient safeguards and capabilities. Fifth, network applications should be at the world’s leading level in terms of scale and quality. Sixth, in the cyberspace strategy, we must have the ability and strength to occupy the commanding heights.

The Outline of the National Informatization Strategy proposes that the construction of a network powerhouse is divided into three steps: the first step is to 2020, the total amount of information consumption will reach 6 trillion yuan, and the scale of e-commerce transactions will reach 38 trillion yuan. At the international advanced level, the international competitiveness of the information industry has been greatly enhanced, and information technology has become the leading force driving the modernization drive. The second step is to 20 billion yuan in information consumption by 2025, and the scale of e-commerce transactions has reached 67 trillion yuan. The leading mobile communication network fundamentally changes the core key technologies to be controlled by people, realizes the strategic goals of advanced technology, developed industry, advanced application, and insecure network security. A large number of large-scale multinational network enterprises with strong international competitiveness emerge; By the middle of this century, informationization has comprehensively supported the building of a socialist modernized country with rich, strong, democratic, civilized and harmonious relations. The status of a network powerhouse has been increasingly consolidated, and it has made greater achievements in leading the development of global informationization.

Xi Jinping planned the timetable for building a network powerhouse. The strategic deployment of building a network powerhouse should be promoted in parallel with the goal of “two hundred years”, the basic popularization of network infrastructure, the enhancement of independent innovation capability, the comprehensive development of information economy, and network security. Ensuring strong goals continue to advance.

Third, how to build a network power

(1) Fundamental requirements: People-centered

Governing the country is always the same, and the people are oriented. Xi Jinping emphasized that in order to develop the network business, it is necessary to implement the people-centered development thinking. It is necessary to adapt to people’s expectations and needs, accelerate the popularization of information services, reduce application costs, and provide useful, affordable and well-used information services for the people, so that hundreds of millions of people can gain more sense of sharing Internet development results. . Compared with cities, rural Internet infrastructure construction is our shortcoming. It is necessary to increase investment, speed up the pace of rural Internet construction, and expand the effective coverage of fiber-optic networks and broadband networks in rural areas. We can do a good job in the in-depth integration of informatization and industrialization, develop smart manufacturing, and drive more people to innovate and start a business; we can aim at the main direction of agricultural modernization, improve the level of agricultural production intelligence and network management, and help farmers increase their income; Give full play to the advantages of the Internet, implement “Internet + education”, “Internet + medical”, “Internet + culture”, etc., to promote the equalization of basic public services; can play the role of the Internet in helping to overcome poverty and promote accurate poverty alleviation and precision poverty alleviation, Let more difficult people use the Internet, let agricultural products go out of the country through the Internet, and enable children in the ravine to receive quality education; accelerate the promotion of e-government, encourage government departments at all levels to break down information barriers, improve service efficiency, and let the people run less errands. More information, running, solving problems that are difficult to handle, slow, and complicated. There are many things to do in these areas. Some Internet companies have already tried and achieved good economic and social benefits.

On November 29, 2016, the National Network Poverty Alleviation Work Promotion Meeting was held in Ningdu, Jiangxi. “We must implement the network poverty alleviation action, promote accurate poverty alleviation, and accurately eliminate poverty, so that poverty alleviation work can be accessible anytime and anywhere, so that people in poverty-stricken areas have more sense of gaining in the Internet construction and sharing.” General Secretary Xi is an important indicator in the old Red Revolution. Once again, the network’s poverty alleviation has become a new lever to win the overall well-off.

(II) Concept requirements: Practicing the five development concepts

The Fifth Plenary Session of the 18th CPC Central Committee put forward a new development concept of innovation, coordination, green, openness and sharing. This is based on profoundly summarizing domestic and foreign development experience and lessons, and in-depth analysis of domestic and international development trends. Our party has a new understanding of China’s economic and social development laws. Promoting China’s economic and social development in accordance with the new development concept is the general requirement and general trend of China’s development in the current and future period. The ancients said: “At any time, to raise things, to make meritorious deeds due to capital, and to profit from the power of all things.” The development of China’s online letter business should adapt to this general trend. Generally speaking, the network letter business represents new productivity and new development direction, and should be able to take the lead in practicing the new development concept.

Innovation is the core strength of the development of the network business. Innovation is the genes of Internet development. The concept innovation and technological innovation of the Internet are the needs of its own development. If there is no progress in the Internet tide, there will be no living space without innovation. We must always place innovation at the forefront, promote institutional and institutional innovation, concept innovation, technological innovation, and application innovation, and support the encouragement of Internet entrepreneurs, leading talents, and engineers to create and create innovative technologies for the development of the Internet. Xi Jinping pointed out at the 2nd World Internet Conference: “China is implementing the ‘Internet +’ action plan, promoting the construction of ‘Digital China’, developing the sharing economy, supporting various Internet-based innovations, and improving the quality and efficiency of development.”

Coordination is the inherent requirement of the development of the network business. Whether it is domestic or foreign, there are problems of unbalanced and uncoordinated development of network security and informationization. To solve these problems, we must establish a concept of coordinated development, eliminate the digital divide, narrow the gap between urban and rural areas, regional differences, and ensure information security. Balanced development, all-round development, and safe development. At the first meeting of the Central Network Security and Informatization Leading Group, Xi Jinping pointed out: “From the international and domestic general trend, the overall layout, co-ordinate all parties, innovation and development, and strive to build China into a network power.”

Green development is an important guarantee for the healthy development of the network business. The information industry is a green industry. Informationization and networking are supporting the application and upgrading of industries, agriculture, and national defense, and promoting green development, low-carbon development, and circular development. It is necessary to carry forward the main theme, spread positive energy, and make the cyberspace clear. At the symposium on April 19, 2016, Xi Jinping pointed out: “The cyberspace is clear and ecological, and it is in line with the interests of the people. The cyberspace is smouldering and ecologically degraded, which is not in the interest of the people.” He also stressed: “We want this Responsible for the society and responsible for the people, strengthen the cyberspace governance in accordance with the law, strengthen the construction of online content, strengthen the positive publicity on the Internet, foster a positive and healthy, up-to-good network culture, and nourish the social core values ​​and the outstanding achievements of human civilization. People’s hearts, nourish the society, and achieve positive energy and high melody, creating a clean and cyberspace for the majority of Internet users, especially young people.”

Openness is the essential feature of the development of the network business. The Internet has opened the door to openness in all countries of the world. Xi Jinping pointed out: “The Internet has turned the world into a global village where the sound of chickens and dogs is heard. People who are thousands of miles away are no longer ‘old and dead.’ It can be said that the world is more colorful because of the Internet, and life is more because of the Internet. Rich.” The development of China’s Internet industry is inseparable from the world, and the Internet industry in the world cannot be separated from China. Xi Jinping pointed out at the Second World Internet Conference: “The Internet in China is booming, providing a broad market space for enterprises and entrepreneurs in various countries. The door to China’s opening will never be closed, and the policy of using foreign capital will not change. Foreign-invested enterprises The protection of legitimate rights and interests will not change, and the direction for countries and enterprises to provide better services in China will not change. He also stressed: “All countries should promote open cooperation in the Internet field, enrich the open connotation, increase the level of openness, and build more Communicate and cooperate with the platform to create more points of interest, cooperation growth, and win-win new highlights, and promote mutual complementarity and common development in the cyberspace, so that more countries and people can take advantage of the information age of express trains and share Internet development results.” We must actively participate in international Internet exchanges and cooperation, learn from the advanced experience and technological achievements of countries around the world, grasp and lead the development trend of the Internet, and promote open cooperation and mutual benefit for cyberspace.

Sharing is the fundamental purpose of the development of the network business. Serving the people and benefiting the people’s livelihood is the fundamental starting point and the foothold of China’s Internet development. Xi Jinping stressed: “In order to develop the network, the company must implement the people-centered development thinking. It is necessary to adapt to the people’s expectations and needs, accelerate the popularization of information services, reduce the application cost, and provide the people with the necessary, affordable and useful. Good information services will enable hundreds of millions of people to gain more sense of sharing Internet development results. “We must push the network into thousands of households and guide the people to understand the world, master information, exchange ideas, innovate and improve, and improve through the Internet. Life, let the Internet development achievements not only benefit the 1.3 billion Chinese people, but also benefit the people of all countries in the world.

(3) Governance requirements: safety and development go hand in hand

In 2014, Xi Jinping emphasized at the first meeting of the Central Network Security and Informatization Leading Group that “maintenance of network space security and network data integrity, security, reliability, and maintenance of network space security capabilities.” He also called for the overall relationship between network security and informatization. “Network security and informatization are two wings and two wheels of integration. They must be unified planning, unified deployment, unified promotion, and unified implementation. Do a good job in network security and informationization. Work, we must handle the relationship between security and development, to achieve coherence, go hand in hand, to ensure development by safety, to promote safety through development, to strive to build a long-term security, growth and governance.” Two years later, at the symposium, he pointed out again “Network security and informatization are mutually reinforcing. Security is the premise of development, development is the guarantee of security, and security and development must advance simultaneously. From a global perspective, cybersecurity threats and risks are increasingly prominent, and increasingly toward politics, economy, Conductive penetration in the fields of culture, society, ecology, national defense, etc., especially the key information infrastructure of the country Face greater potential risks, prevention and control of network security capability is weak, it is difficult to effectively deal with national, organized high-strength network attacks. This is a problem for the world, we are certainly no exception. “

In addition, he pointed out that “in the face of complex and severe network security situation, we must remain clear-headed, and all parties must jointly manage and effectively maintain network security.” First, establish a correct view of network security. The idea determines the action. There are several main features of today’s network security. First, cybersecurity is holistic rather than fragmented. Second, network security is dynamic rather than static. Third, cybersecurity is open rather than closed. Fourth, cybersecurity is relative rather than absolute. Fifth, cybersecurity is common rather than isolated. Second, accelerate the construction of a key information infrastructure security system. Third, all-weather perception of the network security situation. Fourth, enhance network security defense capabilities and deterrence capabilities.

(4) Cadre requirements: Take the network mass line and build a concentric circle

The mass line is the fundamental line of our party. Xi Jinping pointed out: “The netizens come from the common people, the people are on the net, and the public opinion is on the net. Where are the people, where are our leading cadres going, or how to contact the masses? Party and government organs and leading cadres at all levels must learn Take the mass route through the Internet, often go online to see, dive, chat, and voice, understand what the masses think, collect good ideas and suggestions, and actively respond to netizens’ concerns and doubts. Be good at using the Internet to understand public opinion and work. It is the basic skill of leading cadres to do their work well under the new situation.”

How to take the network mass route? Xi Jinping gave the method. “The majority of netizens are ordinary people, come from all directions, and their experiences are different. The opinions and ideas must be varied. They cannot be asked to be so accurate and correct about all issues. To be more inclusive. And patience, timely absorption of constructive opinions, timely assistance for difficulties, timely referrals to those who do not understand the situation, timely clarification of vague understanding, timely resolution of complaints of resentment, timely guidance and correction of wrong opinions, Let the Internet become a new platform for us to communicate and communicate with the masses, and become a new way to understand the masses, be close to the masses, solve problems for the masses, and become a new channel for carrying forward people’s democracy and accepting people’s supervision.”

At the same time, Xi Jinping pointed out the efforts of cadres at all levels. “To correctly handle the relationship between security and development, openness and autonomy, management and service, and constantly improve the ability to grasp the laws of the Internet, the ability to guide the public opinion, and the development of informationization. Capabilities, the ability to guarantee network security, and the continuous advancement of network power construction.”

(5) Management requirements: unified leadership, management according to law

The Political Bureau of the CPC Central Committee conducted the 36th collective study on the implementation of the strategy of strengthening the country by the Internet. Accelerate the improvement of network management.

Xi Jinping put forward requirements from the institutional mechanism. He emphasized that the central cybersecurity and informationization leading group should play a centralized and unified leadership role, coordinate and coordinate major issues of cybersecurity and informatization in various fields, and formulate and implement national cybersecurity and informationization development strategies. , macro-planning and major policies, continuously enhance security and security capabilities.

Instructed from the management ideas, in China, more than 700 million people on the Internet, certainly need to manage, and this management is very complicated and very heavy. Enterprises must assume the responsibility of enterprises, and the party and the government must assume the responsibility of the party and the government. No side can give up their responsibilities. It is necessary to deeply understand the role of the Internet in state management and social governance, and to promote e-government and build a new smart city, and to build a nationally integrated national big data center with data concentration and sharing as a way to promote technology integration. Business integration, data integration, and cross-level, cross-regional, cross-system, cross-department, and cross-business collaborative management and services. It is necessary to strengthen the Internet thinking, take advantage of the flat, interactive and rapid advantages of the Internet, promote the scientific decision-making of the government, the precision of social governance, the efficiency of public services, and better use the means of information to better understand the social situation, smooth communication channels, and assist decision-making governance. .

From the legislative norms to point out the direction, we must promptly formulate legislative plans, improve Internet information content management, key information infrastructure protection and other laws and regulations, manage cyberspace in accordance with the law, and safeguard the legitimate rights and interests of citizens. It is necessary to strictly guard against cybercrime, especially new cybercrime, and safeguard the interests of the people and the harmony and stability of society. It is necessary to speed up the process of network legislation, improve the regulatory measures according to law, and resolve network risks. It is necessary to strengthen the management of big data in accordance with the law. Some data concerning national interests and national security are in the hands of Internet companies, and enterprises must ensure the security of these data. Enterprises should pay attention to data security. If the company has problems with data protection and security, it will also have an adverse impact on its own reputation.

It also puts forward hopes for the whole society. Network security is for the people, network security depends on the people, and maintaining network security is the common responsibility of the whole society. It requires the government, enterprises, social organizations and the majority of netizens to participate in the construction of a network security defense line. These characteristics must be well grasped by all relevant parties.

(6) Guarantee requirements: technological breakthroughs, construction of infrastructure and sharing systems

Xi Jinping emphasized that in order to grasp the initiative of China’s Internet development and safeguard Internet security and national security, we must break through the core technology and strive to achieve “curve overtaking” in certain areas and in certain aspects. To achieve breakthroughs in core technologies, we must have determination, perseverance, and focus. He hopes that the vast number of entrepreneurs, experts, scholars and scientific and technological personnel in the field of China’s online information should establish this ambition, strive for this tone, and strive to achieve new major breakthroughs in core technology as soon as possible. The so-called “days, not afraid of thousands of miles; often do, not afraid of thousands of things.”

Xi Jinping stressed that it is necessary to firmly hold the core technology of independent innovation, and to break through the cutting-edge technologies of network development and key core technologies with international competitiveness, accelerate the promotion of domestically controlled independent alternative plans, and build a safe and controllable information technology system. . First, correctly handle open and autonomous relationships. Second, concentrate on the scientific research investment to do big things. Third, actively promote the transformation of core technological achievements. Fourth, promote strong alliances and coordinated research. Fifth, we can explore the formation of an alliance of industry, academia and research, and open the list. To lay a solid foundation for the research and development of core technologies, it is necessary not only to blow up the charge, but also to blow up the collection number, that is, to accumulate the strongest forces together to form the commando and special forces.

Xi Jinping stressed that it is necessary to speed up the construction of a key information infrastructure security system. The key information infrastructure in the fields of finance, energy, electricity, communications, transportation, etc. is the nerve center of economic and social operation, the top priority of network security, and the target of possible key attacks. The “physical isolation” line of defense can be invaded across the network, the power allocation instructions can be maliciously tampered with, and the financial transaction information can be stolen. These are major risk hazards. If there is no problem, it will cause traffic disruption, financial disorder, power hupfer and other issues, which is very destructive and lethal. We must conduct in-depth research and take effective measures to effectively protect the country’s critical information infrastructure.

At the same time, he pointed out that it is necessary to promote the modernization of the national governance system and governance capacity through informationization, coordinate the development of e-government, build an integrated online service platform, promote the construction of new smart cities by hierarchical classification, open up information barriers, and build a national information resource sharing system. It is easy to use information technology to sense social situation, smooth communication channels, and assist scientific decision-making.

(7) Propaganda requirements: the most important thing, to build consensus

Xi Jinping pointed out that we must adhere to the attitude of being responsible to the society and responsible to the people, strengthen the cyberspace governance in accordance with the law, strengthen the construction of online content, strengthen the positive publicity on the Internet, foster a positive and healthy, up-to-good network culture, and use the socialist core values. outstanding achievements of human civilization and nourishing the heart, nourishing community, so that positive energy is abundant, the main theme of the high for the majority of Internet users, especially young people to create a Delicate gas is cyberspace.

Do online media work is a long-term task to improve the online promotion of innovation, the use of propagation network, promote the theme, stimulate positive energy, great efforts to cultivate and practice the socialist core values, when good grasp of the Internet to guide public opinion, and validity To make the cyberspace clear.

Forming a good online public opinion atmosphere is not to say that there can only be one voice, one tone, but that it cannot be used to confess right and wrong, reverse black and white, make a living, commit crimes, and cannot transcend the legal boundaries of the Constitution. An important means to put power into the cage of the system is to play the role of public opinion supervision, including Internet supervision. This article, party and government organs and leading cadres at all levels must pay special attention to, first of all, do a good job. We must not only welcome, but also carefully study and learn from the online criticism of goodwill and the supervision of the Internet, whether it is for the work of the party and the government or for the leading cadres, whether it is ruthless or loyal.

Xi Jinping pointed out that the new application of new technologies and new technologies in the Internet has made the social mobilization function of the Internet increasingly enhanced. To spread positive energy, enhance communication and guiding force. It is necessary to strictly guard against cybercrime, especially new cybercrime, and safeguard the interests of the people and the harmony and stability of society. It is necessary to give full play to the advantages of network communication, experience, and sharing, listen to the will of the people, benefit the people’s livelihood, solve the people’s worries, and unite the social consensus. Online and offline networks should be united and coordinated, forming a good situation for jointly preventing social risks and building a concentric circle together. It is necessary to maintain the security of cyberspace and the integrity, security and reliability of network data, and improve the security of maintaining cyberspace.

Xi Jinping pointed out that the new application of new technologies and new technologies in the Internet has made the social mobilization function of the Internet increasingly enhanced. To spread positive energy, enhance communication and guiding force. It is necessary to give full play to the advantages of network communication, experience, and sharing, listen to the will of the people, benefit the people’s livelihood, solve the people’s worries, and unite the social consensus. Online and offline networks should be united and coordinated, forming a good situation for jointly preventing social risks and building a concentric circle together.

(8) Talent requirements: unrestricted talents

“The people are happy, the losers are falling.” Xi Jinping stressed that to build a network power, we must bring together talent resources and build a strong team with strong politics, good business and good work style. “A thousand troops are easy to get, and one will be hard to find.” It is necessary to train scientists, network technology leaders, engineers, and high-level innovation teams that have created world-class skills.

In terms of ideas, he pointed out that the competition in cyberspace is, in the final analysis, talent competition. Building a network power, there is no outstanding talent team, no talent creation, vitality, and it is difficult to succeed. After reading the talents, you can get twice the result with half the effort. Our brains have to turn around, not only paying attention to capital, but also paying attention to talents. The intensity of introducing talents should be further increased, and the steps of reforming the talent system should be further developed. The field of network information can be tested first, and research should be carried out to formulate ways to attract talents, train talents, and retain talents.

In terms of scope, he pointed out that the development of China’s online letter industry must fully mobilize the enthusiasm, initiative and creativity of entrepreneurs, experts, scholars and scientific and technological personnel. Entrepreneurs, experts, scholars, and scientific and technological personnel must have the responsibility of the state and social responsibility, and contribute their wisdom and strength to the development of the national network. Party committees and governments at all levels must respect knowledge and respect talents from the bottom of their hearts, create good conditions for talents to develop their intelligence, create a relaxed environment, and provide a broad platform.

In terms of methods, he pointed out that the Internet is mainly the cause of young people, and it is necessary to reduce talents. It is necessary to emancipate the mind, to recognize the talents, and to love the talents. To train netizen talents, we must make great efforts and make big money. We invite excellent teachers, compile excellent teaching materials, recruit outstanding students, and build a first-class cyberspace security college. Many talents in the Internet field are geeks and geniuses. They often do not take the usual routines and have many whimsy. There must be special policies for treating special talents, not requiring full blame, not arguing for seniority, and not using a ruler.

In terms of policy, he pointed out that it is necessary to adopt special policies, establish a personnel system and a salary system that adapt to the characteristics of online letters, and condense outstanding talents into technical departments, research departments, and management departments. It is necessary to establish a talent evaluation mechanism that adapts to the characteristics of online letters. The actual ability is the standard of measurement. It is not only academic, not only a thesis, not only a qualification, but also highlights professionalism, innovation and practicality. It is necessary to establish a flexible talent incentive mechanism to enable those who contribute to have a sense of accomplishment and a sense of acquisition. It is necessary to explore scientific research results, intellectual property rights, and interest distribution mechanisms in the field of online information, and formulate specific policies on talent stock participation, technology shareholding, and taxation. In the flow of talents, we must break the institutional boundaries and enable talents to achieve an orderly and smooth flow between the government, enterprises, and think tanks. The advantages of the “revolving door” system in foreign countries can also be used for reference.

At the station, he pointed out that there must be a global perspective on talent selection and the introduction of high-end talents. As China’s comprehensive national strength continues to increase, many countries’ talents also hope to come to China for development. We must take advantage of the trend, reform talents to introduce various supporting systems, and build a globally competitive talent system. No matter which country or region, as long as it is a good talent, it can be used for me. This work has been done by some enterprises and research institutes. I went to some enterprises and research institutes, and also talked with these talents imported from abroad. In this regard, we must increase our efforts to continuously improve our ability to allocate talent resources globally.

(9) Industry requirements: focus on self-discipline and healthy development

The development of a company is directly proportional to its social responsibility. Xi Jinping pointed out that China’s Internet enterprises have played an important role in stabilizing growth, promoting employment, and benefiting people’s livelihood, from small to large, from weak to strong. Let the company continue to develop healthily is not only the goal of entrepreneurs but also the needs of national development. The fate of a company is closely related to the development of the country. It is difficult to become stronger and bigger than the support of the state, the disengagement of the masses, and the service to the country and the people.

How to be stronger and bigger? Xi Jinping pointed out the direction: internally, it is necessary to introduce policies to support the development of enterprises, so that they become the main body of technological innovation and become the main body of information industry development. Externally, we must encourage and support China’s network enterprises to go out, deepen Internet international exchanges and cooperation, and actively participate in the construction of the “Belt and Road” to achieve “where the national interests are and where informationization will be covered”. Foreign Internet companies, as long as they comply with our laws and regulations, we are welcome.

How to avoid the phenomenon of “disconnecting one after another, killing one tube” that has often appeared in the past, and embarking on a new road of joint management and benign interaction? Xi Jinping gave the idea: First, insist on encouraging support and standard development in parallel. Enterprises should be encouraged and supported to become the main body of R&D, the main body of innovation, and the main body of industry. Encourage and support the cutting-edge technology of enterprise layout, promote independent innovation of core technologies, create and seize more opportunities, participate in international competition, and expand overseas development space. It is necessary to regulate market order and encourage healthy competition. The Fourth Plenary Session of the 18th CPC Central Committee proposed to improve the system of property rights protection with fairness as the core principle, strengthen the protection of property rights of various ownership economic organizations and natural persons, and clean up laws and regulations that violate fairness. These requirements should be put in place as soon as possible. Second, adhere to policy guidance and management according to law. The government should create a favorable environment for enterprise development, accelerate the reform of the examination and approval system, financing system, and patent system, reduce duplication of testing and certification, implement a high-quality and high-price government procurement system, reduce the burden on enterprises, and remove institutional and institutional obstacles. At the same time, it is necessary to speed up the process of network legislation, improve the regulatory measures according to law, and resolve network risks. It is necessary to strengthen the management of big data in accordance with the law. Third, adhere to both economic and social benefits. Only a wealth of love is a truly meaningful asset. Only a company that actively assumes social responsibility is the most competitive and vital enterprise. It is hoped that the vast number of Internet companies will adhere to the unity of economic and social benefits, and at the same time of their own development, drink water and source, return the society and benefit the people. We must encourage and support our networked enterprises to go out, deepen the international exchanges and cooperation in the Internet, and actively participate in the construction of the “Belt and Road” to achieve “where the national interests are and where informationization will be covered”. Foreign Internet companies, as long as they comply with our laws and regulations, we are welcome.

(10) International requirements: building a community of destiny

With the multi-polarization of the world, economic globalization, cultural diversity, and in-depth development of social information, the Internet will play a greater role in promoting the progress of human civilization. At the same time, problems such as unbalanced development in the Internet field, unsound rules, and unreasonable order have become increasingly prominent. The information gap between different countries and regions is constantly widening. Existing cyberspace governance rules are difficult to reflect the wishes and interests of most countries; violations of personal privacy, intellectual property rights, cybercrime, etc. occur worldwide, network monitoring, cyber attacks, networks Terrorism and other activities have become global public nuisances.

Faced with these problems and challenges, the international community should strengthen dialogue and cooperation on the basis of mutual respect and mutual trust, promote the reform of the global governance system of the Internet, and jointly build a cyberspace of peace, security, openness and cooperation, and establish multilateral, democratic and transparent. The global Internet governance system. It is proposed that “China is willing to work with the international community to adhere to the common prosperity of mankind, adhere to the concept of cyber sovereignty, promote global Internet governance in a more just and rational direction, and promote cyberspace to achieve equal respect, innovative development, open sharing, and security. The goal of the order.”

“The way of benefit is to go with time.” Cyberspace is the common space for human activities. The future of cyberspace should be mastered by all countries in the world. To promote the reform of the global Internet governance system, we should adhere to the four principles. Respect network sovereignty. Maintain peace and security. Promote open cooperation. Build a good order. Countries should strengthen communication, expand consensus, deepen cooperation, and jointly build a community of cyberspace destiny. In this regard, I would like to make five points. First, accelerate the construction of global network infrastructure and promote interconnection. Second, create an online cultural exchange and sharing platform to promote exchanges and mutual learning. Third, promote the innovation and development of the network economy and promote common prosperity. Fourth, safeguard network security and promote orderly development. Fifth, build an Internet governance system to promote fairness and justice. It has won the approval of most countries in the world.

Xi Jinping pointed out that the Internet is the common home of mankind and works together to build a community of cyberspace destiny. It is the common responsibility of the international community to make this home more beautiful, cleaner and safer. Let us join hands to jointly promote the interconnection and sharing of cyberspace, share common governance, and help create a better future for human development!

Original Mandarin Chinese:

黨的十八大以來,以習近平同志為核心的黨中央高度重視、大力推進網絡安全和信息化工作,深刻把握人類社會發展信息時代階段特徵,客觀分析當前我國互聯網發展基本國情及全球互聯網發展新形勢,先後發表了一系列重要講話,提出了一系列治網新理念新思想新論斷,科學回答了“為什麼要建設網絡強國、建設什麼樣的網絡強國以及怎樣建設網絡強國”這一重大問題,形成了習近平網絡強國戰略思想。認真學習這些新思想,對於推進網絡強國建設,實現“兩個一百年”奮鬥目標和中華民族偉大復興的中國夢具有重要意義。

一、為什麼建設網絡強國

2014年2月27日,習近平總書記在中央網絡安全和信息化領導小組第一次會議上初步提出了建設網絡強國的願景目標,並系統闡釋了網絡強國戰略思想的時代背景、形勢任務、內涵要求,從而使這一思想成為相對完整、系統的理論體系。

習近平提出網絡強國戰略思想的有著嚴謹的邏輯關係,從網絡大國的基礎出發,鑑於網信事業事關全局和麵臨的新形勢轉變,尤其是客觀剖析了存在的差距,堅定了建設網絡強國的戰略目標。習近平在講話中指出,當今世界,信息技術革命日新月異,對國際政治、經濟、文化、社會、軍事等領域發展產生了深刻影響。信息化和經濟全球化相互促進,互聯網已經融入社會生活方方面面,深刻改變了人們的生產和生活方式。我國正處在這個大潮之中,受到的影響越來越深。我國互聯網和信息化工作取得了顯著發展成就,網絡走入千家萬戶,網民數量世界第一,我國已成為網絡大國。這是我們的基礎前提。他指出,互聯網是一個社會信息大平台,億萬網民在上面獲得信息、交流信息,這會對他們的求知途徑、思維方式、價值觀念產生重要影響,特別是會對他們對國家、對社會、對工作、對人生的看法產生重要影響。習近平強調,網絡安全和信息化對一個國家很多領域都是牽一發而動全身的,要認清我們面臨的形勢和任務,充分認識做好工作的重要性和緊迫性,因勢而謀,應勢而動,順勢而為。這是事關全局。習近平指出,隨著互聯網特別是移動互聯網發展,社會治理模式正在從單向管理轉向雙向互動,從線下轉向線上線下融合,從單純的政府監管向更加註重社會協同治理轉變。這是形勢轉變。當今世界,信息化發展很快,不進則退,慢進亦退。同世界先進水平相比,同建設網絡強國戰略目標相比,我們在很多方面還有不小差距,特別是在互聯網創新能力、基礎設施建設、信息資源共享、產業實力等方面還存在不小差距,其中最大的差距在核心技術上。

二、建設什麼樣的網絡強國

習近平指出,沒有網絡安全就沒有國家安全,沒有信息化就沒有現代化。建設網絡強國,要有自己的技術,有過硬的技術;要有豐富全面的信息服務,繁榮發展的網絡文化;要有良好的信息基礎設施,形成實力雄厚的信息經濟;要有高素質的網絡安全和信息化人才隊伍;要積極開展雙邊、多邊的互聯網國際交流合作。他還強調,網絡空間是億萬民眾共同的精神家園。網絡空間天朗氣清、生態良好,符合人民利益。網絡空間烏煙瘴氣、生態惡化,不符合人民利益。

概括地講,網絡強國至少有六大標誌:一是網絡信息化基礎設施要處於世界領先水平。二是要有明確的網絡空間戰略和國際社會中的網絡話語權。三是關鍵技術上要自主可控,特別是操作系統和CPU技術。四是網絡安全要有足夠的保障手段和能力。五是網絡應用在規模、質量等方面要處在世界領先水平。六是在網絡空間戰略中,要有佔領制高點的能力和實力。

《國家信息化戰略綱要》提出,建設網絡強國具體分三步走:第一步到2020年,信息消費總額達到6萬億元,電子商務交易規模達到38萬億元,核心關鍵技術部分領域達到國際先進水平,信息產業國際競爭力大幅提升,信息化成為驅動現代化建設的先導力量;第二步到2025年,信息消費總額達到12萬億元,電子商務交易規模達到67萬億元,建成國際領先的移動通信網絡,根本改變核心關鍵技術受制於人的局面,實現技術先進、產業發達、應用領先、網絡安全堅不可摧的戰略目標,湧現一批具有強大國際競爭力的大型跨國網信企業;第三步到本世紀中葉,信息化全面支撐富強民主文明和諧的社會主義現代化國家建設,網絡強國地位日益鞏固,在引領全球信息化發展方面有更大作為。

習近平規劃了建設網絡強國的時間表,建設網絡強國的戰略部署要與“兩個一百年”奮鬥目標同步推進,向著網絡基礎設施基本普及、自主創新能力顯著增強、信息經濟全面發展、網絡安全保障有力的目標不斷前進。

三、怎樣建設網絡強國

(一)根本要求:以人民為中心

治國有常,而利民為本。習近平強調,網信事業要發展,必須貫徹以人民為中心的發展思想。要適應人民期待和需求,加快信息化服務普及,降低應用成本,為老百姓提供用得上、用得起、用得好的信息服務,讓億萬人民在共享互聯網發展成果上有更多獲得感。相比城市,農村互聯網基礎設施建設是我們的短板。要加大投入力度,加快農村互聯網建設步伐,擴大光纖網、寬帶網在農村的有效覆蓋。可以做好信息化和工業化深度融合這篇大文章,發展智能製造,帶動更多人創新創業;可以瞄準農業現代化主攻方向,提高農業生產智能化、經營網絡化水平,幫助廣大農民增加收入;可以發揮互聯網優勢,實施“互聯網+教育”、“互聯網+醫療”、“互聯網+文化”等,促進基本公共服務均等化;可以發揮互聯網在助推脫貧攻堅中的作用,推進精準扶貧、精準脫貧,讓更多困難群眾用上互聯網,讓農產品通過互聯網走出鄉村,讓山溝裡的孩子也能接受優質教育;可以加快推進電子政務,鼓勵各級政府部門打破信息壁壘、提升服務效率,讓百姓少跑腿、信息多跑路,解決辦事難、辦事慢、辦事繁的問題,等等。這些方面有很多事情可做,一些互聯網企業已經做了嘗試,取得了較好的經濟效益和社會效益。

2016年11月29日,全國網絡扶貧工作現場推進會在江西寧都召開。 “要實施網絡扶貧行動,推進精準扶貧、精準脫貧,讓扶貧工作隨時隨地、四通八達,讓貧困地區群眾在互聯網共建共享中有更多獲得感”,習總書記這一重要指示在紅色革命老區再次宣示,網絡扶貧成為決勝全面小康的新槓桿。

(二)理念要求:踐行五大發展理念先行一步

黨的十八屆五中全會提出了創新、協調、綠色、開放、共享的新發展理念,這是在深刻總結國內外發展經驗教訓、深入分析國內外發展大勢的基礎上提出的,集中反映了我們黨對我國經濟社會發展規律的新認識。按照新發展理念推動我國經濟社會發展,是當前和今後一個時期我國發展的總要求和大趨勢。古人說:“隨時以舉事,因資而立功,用萬物之能而獲利其上。”我國網信事業發展要適應這個大趨勢。總體上說,網信事業代表著新的生產力、新的發展方向,應該也能夠在踐行新發展理念上先行一步。

創新是網信事業發展的核心力量。創新是互聯網發展的基因。互聯網的理念創新、技術創新是自身發展的需要,在互聯網大潮中不進則退,沒有創新就沒有生存空間。要始終把創新擺在首要位置,推動體制機制創新、理念創新、技術創新、應用創新,支持鼓勵互聯網企業家、領軍人才和工程技術人員創新創造,為互聯網發展提供不竭動力。習近平在第二屆世界互聯網大會上指出:“中國正在實施‘互聯網+’行動計劃,推進‘數字中國’建設,發展分享經濟,支持基於互聯網的各類創新,提高發展質量和效益。”

協調是網信事業發展的內在要求。無論是國內還是國外,都存在網絡安全和信息化發展不平衡、不協調的問題,解決這些問題,就要樹立協調發展的理念,消除數字鴻溝,縮小城鄉差異、地區差異,保障信息安全,實現均衡發展、全面發展、安全發展。習近平在中央網絡安全和信息化領導小組第一次會議上指出:“要從國際國內大勢出發,總體佈局,統籌各方,創新發展,努力把我國建設成為網絡強國。”

綠色發展是網信事業健康發展的重要保障。信息化產業就是綠色產業,信息化、網絡化正支撐著工業、農業、國防等各個領域的應用和升級,推動著綠色發展、低碳發展、循環發展。要弘揚主旋律,傳播正能量,使網絡空間清朗起來。在2016年4月19日的座談會上習近平指出:“網絡空間天朗氣清、生態良好,符合人民利益。網絡空間烏煙瘴氣、生態惡化,不符合人民利益。” 他還強調:“我們要本著對社會負責、對人民負責的態度,依法加強網絡空間治理,加強網絡內容建設,做強網上正面宣傳,培育積極健康、向上向善的網絡文化,用社會主義核心價值觀和人類優秀文明成果滋養人心、滋養社會,做到正能量充沛、主旋律高昂,為廣大網民特別是青少年營造一個風清氣正的網絡空間。”

開放是網信事業發展的本質特徵。互聯網打開了世界各國開放的大門。習近平指出:“互聯網讓世界變成了’雞犬之聲相聞’的地球村,相隔萬里的人們不再’老死不相往來’。可以說,世界因互聯網而更多彩,生活因互聯網而更豐富。”中國互聯網事業的發展離不開世界,世界的互聯網事業也離不開中國。習近平在第二屆世界互聯網大會上指出:“中國互聯網蓬勃發展,為各國企業和創業者提供了廣闊市場空間。中國開放的大門永遠不會關上,利用外資的政策不會變,對外商投資企業合法權益的保障不會變,為各國企業在華投資興業提供更好服務的方向不會變。”他還強調:“各國應該推進互聯網領域開放合作,豐富開放內涵,提高開放水平,搭建更多溝通合作平台,創造更多利益契合點、合作增長點、共贏新亮點,推動彼此在網絡空間優勢互補、共同發展,讓更多國家和人民搭乘信息時代的快車、共享互聯網發展成果。”我們要積極參與國際互聯網交流與合作,學習借鑒世界各國先進經驗和技術成果,把握和引領國際互聯網發展趨勢,推動網絡空間開放合作、互利共贏。

共享是網信事業發展的根本宗旨。服務百姓、惠及民生是我國互聯網發展的根本出發點和落腳點。習近平強調:“網信事業要發展,必須貫徹以人民為中心的發展思想。要適應人民期待和需求,加快信息化服務普及,降低應用成本,為老百姓提供用得上、用得起、用得好的信息服務,讓億萬人民在共享互聯網發展成果上有更多獲得感。”我們要推動網絡走進千家萬戶,引導人民群眾通過互聯網了解世界、掌握信息、交流思想、創新創業、改善生活,讓互聯網發展成果不僅惠及13億中國人民,同時也造福於世界各國人民。

(三)治理要求:安全與發展齊頭並進

2014年,習近平在中央網絡安全和信息化領導小組第一次會議上就特別強調,“要維護網絡空間安全以及網絡數據的完整性、安全性、可靠性,提高維護網絡空間安全能力。”同時,他還要求統籌好網絡安全和信息化的關係,“網絡安全和信息化是一體之兩翼、驅動之雙輪,必須統一謀劃、統一部署、統一推進、統一實施。做好網絡安全和信息化工作,要處理好安全和發展的關係,做到協調一致、齊頭並進,以安全保發展、以發展促安全,努力建久安之勢、成長治之業。” 兩年之後的座談會上,他再次指出,“網絡安全和信息化是相輔相成的。安全是發展的前提,發展是安全的保障,安全和發展要同步推進。從世界範圍看,網絡安全威脅和風險日益突出,並日益向政治、經濟、文化、社會、生態、國防等領域傳導滲透。特別是國家關鍵信息基礎設面臨較大風險隱患,網絡安全防控能力薄弱,難以有效應對國家級、有組織的高強度網絡攻擊。這對世界各國都是一個難題,我們當然也不例外。”

此外,他指出“面對複雜嚴峻的網絡安全形勢,我們要保持清醒頭腦,各方面齊抓共管,切實維護網絡安全。”第一,樹立正確的網絡安全觀。理念決定行動。當今的網絡安全,有幾個主要特點。一是網絡安全是整體的而不是割裂的。二是網絡安全是動態的而不是靜態的。三是網絡安全是開放的而不是封閉的。四是網絡安全是相對的而不是絕對的。五是網絡安全是共同的而不是孤立的。第二,加快構建關鍵信息基礎設施安全保障體系。第三,全天候全方位感知網絡安全態勢。第四,增強網絡安全防禦能力和威懾能力。

(四)幹部要求:走好網絡群眾路線,共築同心圓

群眾路線是我們黨的根本路線。習近平指出,“網民來自老百姓,老百姓上了網,民意也就上了網。群眾在哪兒,我們的領導幹部就要到哪兒去,不然怎麼聯繫群眾呢?各級黨政機關和領導幹部要學會通過網絡走群眾路線,經常上網看看,潛潛水、聊聊天、發發聲,了解群眾所思所願,收集好想法好建議,積極回應網民關切、解疑釋惑。善於運用網絡了解民意、開展工作,是新形勢下領導幹部做好工作的基本功。”

如何走好網絡群眾路線?習近平給出了方法,“網民大多數是普通群眾,來自四面八方,各自經歷不同,觀點和想法肯定是五花八門的,不能要求他們對所有問題都看得那麼準、說得那麼對。要多一些包容和耐心,對建設性意見要及時吸納,對困難要及時幫助,對不了解情況的要及時宣介,對模糊認識要及時廓清,對怨氣怨言要及時化解,對錯誤看法要及時引導和糾正,讓互聯網成為我們同群眾交流溝通的新平台,成為了解群眾、貼近群眾、為群眾排憂解難的新途徑,成為發揚人民民主、接受人民監督的新渠道。”

同時習近平指出各級幹部的努力方向,“要正確處理安全和發展、開放和自主、管理和服務的關係,不斷提高對互聯網規律的把握能力、對網絡輿論的引導能力、對信息化發展的駕馭能力、對網絡安全的保障能力,把網絡強國建設不斷推向前進。”

(五)管理要求:統一領導,依法管理

中共中央政治局就實施網絡強國戰略進行第三十六次集體學習。加快提高網絡管理水平。

習近平從體制機制上提出了要求,他強調,中央網絡安全和信息化領導小組要發揮集中統一領導作用,統籌協調各個領域的網絡安全和信息化重大問題,制定實施國家網絡安全和信息化發展戰略、宏觀規劃和重大政策,不斷增強安全保障能力。

從管理思路上作出了指示,在我國,7億多人上互聯網,肯定需要管理,而且這個管理是很複雜、很繁重的。企業要承擔企業的責任,黨和政府要承擔黨和政府的責任,哪一邊都不能放棄自己的責任。要深刻認識互聯網在國家管理和社會治理中的作用,以推行電子政務、建設新型智慧城市等為抓手,以數據集中和共享為途徑,建設全國一體化的國家大數據中心,推進技術融合、業務融合、數據融合,實現跨層級、跨地域、跨系統、跨部門、跨業務的協同管理和服務。要強化互聯網思維,利用互聯網扁平化、交互式、快捷性優勢,推進政府決策科學化、社會治理精準化、公共服務高效化,用信息化手段更好感知社會態勢、暢通溝通渠道、輔助決策施政。

從立法規範上指明了方向,要抓緊制定立法規劃,完善互聯網信息內容管理、關鍵信息基礎設施保護等法律法規,依法治理網絡空間,維護公民合法權益。要嚴密防範網絡犯罪特別是新型網絡犯罪,維護人民群眾利益和社會和諧穩定。要加快網絡立法進程,完善依法監管措施,化解網絡風險。要依法加強對大數據的管理。一些涉及國家利益、國家安全的數據,很多掌握在互聯網企業手裡,企業要保證這些數據安全。企業要重視數據安全。如果企業在數據保護和安全上出了問題,對自己的信譽也會產生不利影響。

並對全社會提出了希望,網絡安全為人民,網絡安全靠人民,維護網絡安全是全社會共同責任,需要政府、企業、社會組織、廣大網民共同參與,共築網絡安全防線。這幾個特點,各有關方面要好好把握。

(六)保障要求:技術突破,建設基礎設施和共享體系

習近平強調,我們要掌握我國互聯網發展主動權,保障互聯網安全、國家安全,就必須突破核心技術這個難題,爭取在某些領域、某些方面實現“彎道超車”。核心技術要取得突破,就要有決心、恆心、重心。他希望,我國網信領域廣大企業家、專家學者、科技人員要樹立這個雄心壯志,要爭這口氣,努力盡快在核心技術上取得新的重大突破。正所謂“日日行,不怕千萬里;常常做,不怕千萬事”。

習近平強調,要緊緊牽住核心技術自主創新這個“牛鼻子”,抓緊突破網絡發展的前沿技術和具有國際競爭力的關鍵核心技術,加快推進國產自主可控替代計劃,構建安全可控的信息技術體系。第一,正確處理開放和自主的關係。第二,在科研投入上集中力量辦大事。第三,積極推動核心技術成果轉化。第四,推動強強聯合、協同攻關。第五,可以探索組建產學研用聯盟、揭榜掛帥。要打好核心技術研發攻堅戰,不僅要把衝鋒號吹起來,而且要把集合號吹起來,也就是要把最強的力量積聚起來共同幹,組成攻關的突擊隊、特種兵。

習近平強調,要加快構建關鍵信息基礎設施安全保障體系。金融、能源、電力、通信、交通等領域的關鍵信息基礎設施是經濟社會運行的神經中樞,是網絡安全的重中之重,也是可能遭到重點攻擊的目標。 “物理隔離”防線可被跨網入侵,電力調配指令可被惡意篡改,金融交易信息可被竊取,這些都是重大風險隱患。不出問題則已,一出就可能導致交通中斷、金融紊亂、電力癱瘓等問題,具有很大的破壞性和殺傷力。我們必須深入研究,採取有效措施,切實做好國家關鍵信息基礎設施安全防護。

同時,他指出,要以信息化推進國家治理體系和治理能力現代化,統籌發展電子政務,構建一體化在線服務平台,分級分類推進新型智慧城市建設,打通信息壁壘,構建全國信息資源共享體系,更好用信息化手段感知社會態勢、暢通溝通渠道、輔助科學決策。

(七)宣傳要求:重中之重,凝聚共識

習近平指出,我們要本著對社會負責、對人民負責的態度,依法加強網絡空間治理,加強網絡內容建設,做強網上正面宣傳,培育積極健康、向上向善的網絡文化,用社會主義核心價值觀和人類優秀文明成果滋養人心、滋養社會,做到正能量充沛、主旋律高昂,為廣大網民特別是青少年營造一個風清氣正的網絡空間。

做好網上輿論工作是一項長期任務,要創新改進網上宣傳,運用網絡傳播規律,弘揚主旋律,激發正能量,大力培育和踐行社會主義核心價值觀,把握好網上輿論引導的時、度、效,使網絡空間清朗起來。

形成良好網上輿論氛圍,不是說只能有一個聲音、一個調子,而是說不能搬弄是非、顛倒黑白、造謠生事、違法犯罪,不能超越了憲法法律界限。要把權力關進制度的籠子裡,一個重要手段就是發揮輿論監督包括互聯網監督作用。這一條,各級黨政機關和領導幹部特別要注意,首先要做好。對網上那些出於善意的批評,對互聯網監督,不論是對黨和政府工作提的還是對領導幹部個人提的,不論是和風細雨的還是忠言逆耳的,我們不僅要歡迎,而且要認真研究和吸取。

習近平指出,互聯網新技術新應用不斷發展,使互聯網的社會動員功能日益增強。要傳播正能量,提升傳播力和引導力。要嚴密防範網絡犯罪特別是新型網絡犯罪,維護人民群眾利益和社會和諧穩定。要發揮網絡傳播互動、體驗、分享的優勢,聽民意、惠民生、解民憂,凝聚社會共識。網上網下要同心聚力、齊抓共管,形成共同防範社會風險、共同構築同心圓的良好局面。要維護網絡空間安全以及網絡數據的完整性、安全性、可靠性,提高維護網絡空間安全能力。

習近平指出,互聯網新技術新應用不斷發展,使互聯網的社會動員功能日益增強。要傳播正能量,提升傳播力和引導力。要發揮網絡傳播互動、體驗、分享的優勢,聽民意、惠民生、解民憂,凝聚社會共識。網上網下要同心聚力、齊抓共管,形成共同防範社會風險、共同構築同心圓的良好局面。

(八)人才要求:不拘一格降人才

“得人者興,失人者崩。”習近平強調,建設網絡強國,要把人才資源匯聚起來,建設一支政治強、業務精、作風好的強大隊伍。 “千軍易得,一將難求”,要培養造就世界水平的科學家、網絡科技領軍人才、卓越工程師、高水平創新團隊。

思路上,他指出,網絡空間的競爭,歸根結底是人才競爭。建設網絡強國,沒有一支優秀的人才隊伍,沒有人才創造力迸發、活力湧流,是難以成功的。念好了人才經,才能事半功倍。我們的腦子要轉過彎來,既要重視資本,更要重視人才,引進人才力度要進一步加大,人才體制機制改革步子要進一步邁開。網信領域可以先行先試,抓緊調研,制定吸引人才、培養人才、留住人才的辦法。

範圍上,他指出,我國網信事業發展,必須充分調動企業家、專家學者、科技人員積極性、主動性、創造性。企業家、專家學者、科技人員要有國家擔當、社會責任,為促進國家網信事業發展多貢獻自己的智慧和力量。各級黨委和政府要從心底里尊重知識、尊重人才,為人才發揮聰明才智創造良好條件,營造寬鬆環境,提供廣闊平台。

方法上,他指出,互聯網主要是年輕人的事業,要不拘一格降人才。要解放思想,慧眼識才,愛才惜才。培養網信人才,要下大功夫、下大本錢,請優秀的老師,編優秀的教材,招優秀的學生,建一流的網絡空間安全學院。互聯網領域的人才,不少是怪才、奇才,他們往往不走一般套路,有很多奇思妙想。對待特殊人才要有特殊政策,不要求全責備,不要論資排輩,不要都用一把尺子衡量。

政策上,他指出,要採取特殊政策,建立適應網信特點的人事制度、薪酬制度,把優秀人才凝聚到技術部門、研究部門、管理部門中來。要建立適應網信特點的人才評價機制,以實際能力為衡量標準,不唯學歷,不唯論文,不唯資歷,突出專業性、創新性、實用性。要建立靈活的人才激勵機制,讓作出貢獻的人才有成就感、獲得感。要探索網信領域科研成果、知識產權歸屬、利益分配機制,在人才入股、技術入股以及稅收方面製定專門政策。在人才流動上要打破體制界限,讓人才能夠在政府、企業、智庫間實現有序順暢流動。國外那種“旋轉門”制度的優點,我們也可以藉鑑。

站位上,他指出,在人才選拔上要有全球視野,下大氣力引進高端人才。隨著我國綜合國力不斷增強,有很多國家的人才也希望來我國發展。我們要順勢而為,改革人才引進各項配套制度,構建具有全球競爭力的人才制度體系。不管是哪個國家、哪個地區的,只要是優秀人才,都可以為我所用。這項工作,有些企業、科研院所已經做了,我到一些企業、科研院所去,也同這些從國外引進的人才進行過交談。這方面要加大力度,不斷提高我們在全球配置人才資源能力。

(九)行業要求:注重自律和健康發展

企業的發展與其承擔的社會責任是成正比的。習近平指出,我國互聯網企業由小到大、由弱變強,在穩增長、促就業、惠民生等方面發揮了重要作用。讓企業持續健康發展,既是企業家奮鬥的目標,也是國家發展的需要。企業命運與國家發展息息相關。脫離了國家支持、脫離了群眾支持,脫離了為國家服務、為人民服務,企業難以做強做大。

如何做強做大?習近平指明了方向:對內,要出台支持企業發展的政策,讓他們成為技術創新主體,成為信息產業發展主體。對外,要鼓勵和支持我國網信企業走出去,深化互聯網國際交流合作,積極參與“一帶一路”建設,做到“國家利益在哪裡,信息化就覆蓋到哪裡”。外國互聯網企業,只要遵守我國法律法規,我們都歡迎。

如何避免過去經常出現的“一放就亂、一管就死”現象,走出一條齊抓共管、良性互動的新路?習近平給出了思路:第一,堅持鼓勵支持和規範發展並行。應該鼓勵和支持企業成為研發主體、創新主體、產業主體,鼓勵和支持企業佈局前沿技術,推動核心技術自主創新,創造和把握更多機會,參與國際競爭,拓展海外發展空間。要規範市場秩序,鼓勵進行良性競爭。黨的十八屆四中全會提出健全以公平為核心原則的產權保護製度,加強對各種所有製經濟組織和自然人財產權的保護,清理有違公平的法律法規條款。這些要求要盡快落實到位。第二,堅持政策引導和依法管理並舉。政府要為企業發展營造良好環境,加快推進審批制度、融資制度、專利制度等改革,減少重複檢測認證,施行優質優價政府採購制度,減輕企業負擔,破除體制機制障礙。同時,要加快網絡立法進程,完善依法監管措施,化解網絡風險。要依法加強對大數據的管理。第三,堅持經濟效益和社會效益並重。只有富有愛心的財富才是真正有意義的財富,只有積極承擔社會責任的企業才是最有競爭力和生命力的企業。希望廣大互聯網企業堅持經濟效益和社會效益統一,在自身發展的同時,飲水思源,回報社會,造福人民。我們要鼓勵和支持我國網信企業走出去,深化互聯網國際交流合作,積極參與“一帶一路”建設,做到“國家利益在哪裡,信息化就覆蓋到哪裡”。外國互聯網企業,只要遵守我國法律法規,我們都歡迎。

(十)國際要求:共建命運共同體

隨著世界多極化、經濟全球化、文化多樣化、社會信息化深入發展,互聯網對人類文明進步將發揮更大促進作用。同時,互聯網領域發展不平衡、規則不健全、秩序不合理等問題日益凸顯。不同國家和地區信息鴻溝不斷拉大,現有網絡空間治理規則難以反映大多數國家意願和利益;世界範圍內侵害個人隱私、侵犯知識產權、網絡犯罪等時有發生,網絡監聽、網絡攻擊、網絡恐怖主義活動等成為全球公害。

面對這些問題和挑戰,國際社會應該在相互尊重、相互信任的基礎上,加強對話合作,推動互聯網全球治理體系變革,共同構建和平、安全、開放、合作的網絡空間,建立多邊、民主、透明的全球互聯網治理體系。提出“中國願同國際社會一道,堅持以人類共同福祉為根本,堅持網絡主權理念,推動全球互聯網治理朝著更加公正合理的方向邁進,推動網絡空間實現平等尊重、創新發展、開放共享、安全有序的目標。”

“凡益之道,與時偕行。”網絡空間是人類共同的活動空間,網絡空間前途命運應由世界各國共同掌握。推進全球互聯網治理體系變革,應該堅持四項原則。尊重網絡主權。維護和平安全。促進開放合作。構建良好秩序。各國應該加強溝通、擴大共識、深化合作,共同構建網絡空間命運共同體。對此,我願提出5點主張。第一,加快全球網絡基礎設施建設,促進互聯互通。第二,打造網上文化交流共享平台,促進交流互鑑。第三,推動網絡經濟創新發展,促進共同繁榮。第四,保障網絡安全,促進有序發展。第五,構建互聯網治理體系,促進公平正義。贏得了世界絕大多數國家贊同。

習近平指出,互聯網是人類的共同家園,攜手構建網絡空間命運共同體。讓這個家園更美麗、更乾淨、更安全,是國際社會的共同責任。讓我們攜起手來,共同推動網絡空間互聯互通、共享共治,為開創人類發展更加美好的未來助力!

Original Referring URL:  http://theory.people.com.cn/n1/

Chinese Military: Cyber security is a matter of war. In the information war, cyberspace has become a new dimension of battlefield space // 中國軍隊:網絡安全是戰爭問題。 在信息戰中,網絡空間已成為戰場空間的新維度

Chinese Military: Cyber security is a matter of war. In the information war, cyberspace has become a new dimension of battlefield space //

中國軍隊:網絡安全是戰爭問題。 在信息戰中,網絡空間已成為戰場空間的新維度

 

Author:   來源: 解放軍報 作者: 周鴻禕 張春雨

DTG: 2018年05月22日 16:XX:XX

 ● Promote network security. The integration of military and civilian needs to integrate and optimize the allocation at the national level, and promote the two-way flow of technology, talents and resources.

  ● Whether it is network security analysis, situation research, emergency response, or network protection hardware and software development, a large number of information technology talents are needed.

  

        President Xi profoundly pointed out that there is no national security without cyber security. In the digital age, cyberspace has penetrated into various fields such as politics, economy, military, culture, etc. It has the natural attributes of military and civilian integration, and is an important aspect of the integration and development of military and civilians in the new era. At present, China is marching toward a network power and building a network great wall combining military and civilian integration. It is not only the basic system design for building a network power and information army, but also an important driving force for promoting the deep development of military and civilian integration. Under the new situation, we will actively promote the in-depth development of cyber security, military and civilian integration, and urgently need to break down institutional barriers, structural contradictions, and policy issues, and constantly improve the level of integration and enhance joint protection capabilities.

Cybersecurity is related to the overall security of the country, and it is necessary for the military to walk away from the road of comprehensive integration.

  In the information age, cyberspace security has become a new commanding height of the national strategy. Last year, the “Eternal Blue” ransomware that broke out in the world, the Ukrainian power grid attacked, and the US election “mail door” and other events showed that cyber security concerns national security, social stability and war victory or defeat. The cyber security contest has risen to the national level of confrontation, beyond the scope of the military’s respective management and control, and it is necessary to rely on the integration of the military and the local forces to manage and manage well.

  Cybersecurity is a national interest. As the network’s tentacles extend to economic, social, cultural and other fields, its security will affect economic security, social security, cultural security, and information security. In May 2017, the “Eternal Blue” ransom virus swept through more than 150 countries and regions, including government, banks, communications companies, energy companies and other important departments, and the infrastructure was paralyzed, causing an uproar in the world. Earlier, Saudi Arabia’s infrastructure was attacked by cyber attacks. In just a few minutes, the computer hard drive was destroyed, all data was emptied, and the attacker tried to cause an explosion. If it succeeded, it would undoubtedly have serious consequences.

  Cybersecurity is a matter of war. In the information war, cyberspace has become a new dimension of battlefield space. At present, the United States, the United Kingdom, and Japan have established cyber warfare forces and vigorously developed various cyber weapons. In the Iraq war, the US military first destroyed the five key command and radar facilities of the Iraqi army, and used electronic interference to firmly grasp the information superiority, making the Iraqi army blind and paralyzed, and the defense system quickly paralyzed. With the accelerated evolution of war forms, the competition for information superiority has increasingly become the core content of war wins and losses. As the “main battlefield” of information control, cyberspace has increasingly become the commanding height of war games.

  Cybersecurity is a common practice in the world. At present, many countries in the world regard military and civilian integration as an important way to improve the security of cyberspace. For example, the United States has made cybersecurity the focus of national security. The White House and the Pentagon have designated Boeing and Lockheed Martin as the national network security team, and designated information technology giants such as Microsoft, Intel, Cisco, Apple, and Google for network security. Professional team, designated Symantec, McAfee and other network security protection companies for the network security special team. In Israel, after the retiring of many Israeli cyber security forces, they became the elite of local high-tech enterprises and founded several network security companies. These companies have come back to cooperate with the Israeli army in the field of network security to enhance the security of the military network and promote the development of the entire network space security.

Network security resources are diversified and diverse, requiring military to strengthen top-level design coordination

  Promoting the integration of military and civilian development is a systematic project. It is necessary to use system science, system thinking, and systematic methods to solve problems. At present, China’s various information network systems are developing at a high speed, and network functions of different functions and types are being put into use one after another. The overall framework of the network security protection system is basically established. However, network security resources are widely distributed in the military and local areas. Promoting network security and military-civilian integration, improving synergy protection needs to strengthen top-level design coordination, break down institutional barriers and departmental interests, unify integration and optimize allocation at the national level, and promote technology, talents, resources, etc. Two-way flow conversion of features.

  Establish and improve the leadership system of the network security organization. It is necessary to speed up the establishment of a leading agency for cybersecurity work organizations with Chinese characteristics in order to ensure a clear hierarchy and division of labor. The national cybersecurity leadership agency’s work focuses on strengthening the top-level design and macro-management of cybersecurity military-civilian integration, formulating development strategies and planning plans, fulfilling the overall coordination function in military-civilian integration, and being responsible for domestic cybersecurity defense and emergency response, and combating cybercrime. And cyber terrorism; military cyber security authorities focus on the overall planning and construction of military cybersecurity, integrating the areas of military and civilian integration into the overall development of national cybersecurity, and doing a good job of connecting with national cybersecurity development plans, We will clarify the relevant processes and management methods for military-land coordination, improve the work system for regular military conferences, important situation notifications, and major operational coordination, and form joint prevention, joint management, and joint control of cyberspace security.

  Coordinate the planning standards for military network security construction. With the goal of effectively responding to the current and future cyber offensive and defensive measures, the overall framework of military and civilian cybersecurity construction will be scientifically formulated, the construction model will be classified, the short-term and long-term construction goals will be defined, and the supporting measures for completing the tasks will be determined. The first is to adhere to the standard. Actively promote the unification of technical standards for network security basic products such as autonomously controllable secure operating systems and secure database systems, and achieve full integration of systems at key moments to create a solid and reliable network security defense line. The second is to insist on a unified assessment. Strengthen the assessment of network security construction and technical risk assessment of network security products, clarify the evaluation procedures and links, and adopt scientific and effective evaluation methods to ensure that the network is secure and controllable after it is built.

  Establish a network security military resource sharing mechanism. To realize the sharing of military network security resources, the key is to establish a mechanism for military land demand. The information on military and civilian technical achievements should be released in a timely manner. The real-time table of “the battlefield needs to be lacking” and “market ownership” should be fully shared with the military and land needs, technologies, standards, products and other information resources; accelerate the construction of military information integration and sharing platform, Expand Unicom channels, standardize interoperability standards, and achieve full complementarity and sharing of military and territorial information resources; establish a network security access system, clearly define the scope of confidentiality levels, and the military business authorities and the “Ministry of the Army” enterprises regularly meet, information, and demand docking Collaborate with research and development to prevent civil network security forces from developing technology and losing targets, reducing targets, protecting tactics from losing rivals, and lacking direction; establishing a network threat information exchange mechanism, timely interoperating with domestic and international network security updates and major event notifications, encouraging private Enterprises and governments, the military share real-time network security threat information, improve the professional and real-time response capabilities of research and analysis.

The essence of cybersecurity is the contest of talents.

  The essence of cybersecurity is cyber confrontation, which is essentially the competition of talents. Whether it is network security analysis, planning, situation research, response and disposal, or network protection hardware and software development, a large number of information technology talents are needed. In order to meet the huge demand of military network security talents, it is necessary to firmly establish a joint thinking.

  Jointly train talents. In recent years, important progress has been made in the training of national cyber security personnel. Cyberspace security has been added to the first-level discipline by the Academic Degrees Committee and the Ministry of Education, and nearly 10,000 graduates in the field of cyberspace security each year. However, compared with the demand for building a network strong country and strengthening the army, there is still a big gap, such as a large gap in the talent team, a need to improve the training system, and insufficient reserve of practical talents. We should actively explore the military, local colleges, research institutes and network security enterprises to carry out joint training channels for talents, build a team of teachers, jointly set up experimental sites, and set up a practice base to realize the organic combination of classroom teaching and practical practice, through network security training. Camp, safety operation and maintenance personnel training, etc., to enhance the professional capabilities of network security practitioners, improve the rapid, large-scale, actual combat security operation and maintenance, analysis and response, attack and defense penetration and other network security personnel joint training mechanism.

  Joint use of strength. We should coordinate the use of various forces in the military, strengthen operational coordination, and establish a relatively comprehensive network security joint prevention and control mechanism. On the one hand, give full play to the role of local network security talents, open up the military network security top-level design, core technology research and development, and network security overall construction to meet the needs of military network security for talents; on the other hand, give full play to the military network security needs The role of the booster is to use the military’s advanced network technology to test the security of national critical infrastructure networks such as nuclear power, communications, transportation, and finance, and to verify the effectiveness of the emergency response system.

  Joint research and development technology. Military and civilian collaborative innovation is an important way to achieve breakthroughs in network protection technology innovation. We should focus on the use of military demand for cutting-edge innovation, and focus on breaking key network technologies, promoting the sharing of military and civilians on the basic platform, and vigorously promoting the mutual transformation of military and civilian technologies; encouraging universities, research institutes, military enterprises, and superior private enterprises to strengthen alliances. Focus on military, human, material and financial resources, and focus on key chips, core devices, operating systems, etc.; explore military and civilian integration network security equipment technology innovation model, develop a new generation of firewalls, intrusion detection, information encryption, information hiding, anti-eavesdropping And other protection technologies to jointly foster an ecological chain of autonomous network security industry.

  In addition, due to the comprehensive complexity of network security, military and regional forces are needed to strengthen regulatory and policy guarantees. Formulate a legal system for network security and military-civilian integration, relevant policies to support the integration of cyber security and civil-military, and relevant documents in the field of cybersecurity military-civilian integration key protection, ensure that the measures for network security and military-civilian integration take root, and form a joint support system for military and land.

Original Mandarin Chinese:

要點提示

●推動網絡安全軍民融合,需要在國家層面統一整合、優化配置,促進技術、人才、資源等要素雙向流動轉化。

●無論是網絡安全分析、態勢研判、應急處置,還是網絡防護硬件、軟件的研發,都需要大量的信息科技人才。

習主席深刻指出,沒有網絡安全就沒有國家安全。數字化時代,網絡空間已滲透到政治、經濟、軍事、文化等各個領域,具備軍民一體的天然屬性,是新時代軍民融合發展的重要方面。當前,我國正向網絡強國邁進,打造軍民融合的網絡長城,既是建設網絡強國和信息化軍隊的基本製度設計,也是推動軍民融合深度發展的重要驅動力量。新形勢下,積極推動網絡安全軍民融合深度發展,亟須破解體制性障礙、結構性矛盾、政策性問題,不斷提高融合水平、提升聯合防護能力。

網絡安全事關國家整體安全,需軍地走開全面融合之路

信息化時代,網絡空間安全已經成為國家戰略新的製高點。去年全球爆發的“永恆之藍”勒索病毒、烏克蘭電網遭攻擊、美國大選“郵件門”等事件表明,網絡安全事關國家安全、社會穩定和戰爭勝敗。網絡安全的較量已上升為國家層面的對抗,超出軍地各自管理控制的範疇,需要依靠軍地一體合力集中統管才有可能管得住、管得好。

網絡安全事關國家利益。由於網絡觸角延伸到經濟、社會、文化等各個領域,其安全必將影響到經濟安全、社會安全、文化安全、信息安全等。 2017年5月,“永恆之藍”勒索病毒席捲150多個國家和地區,包括政府、銀行、通信公司、能源企業等重要部門機構基礎設施陷入癱瘓,在全球引起軒然大波。早前,沙特的基礎設施遭網絡攻擊,僅僅數分鐘內,計算機硬盤就被破壞,所有數據被清空,攻擊者還試圖引發爆炸,如果得逞無疑會造成十分嚴重的後果。

網絡安全事關戰爭勝負。信息化戰爭中,網絡空間已成為新維戰場空間。當前,美國、英國、日本等都已建立網絡作戰部隊,並大力研發各種網絡武器。伊拉克戰爭中,美軍首先摧毀了伊軍非常關鍵的5個指揮與雷達設施,並使用電子乾擾等方式牢牢掌握信息優勢,使伊軍又盲又聾,防禦體系迅速癱瘓。隨著戰爭形態的加速演變,信息優勢爭奪日益成為戰爭勝負的核心內容,網絡空間作為信息控制的“主戰場”,日益成為戰爭博弈的製高點。

網絡安全軍民一體是世界普遍做法。當前,世界很多國家都將軍民一體看作是提升網絡空間安全的重要途徑。例如,美國就將網絡安全作為國家安全的重點,白宮和五角大樓指定波音、洛克希德·馬丁等公司為網絡安全國家隊,指定微軟、英特爾、思科、蘋果、谷歌等信息技術巨頭為網絡安全的專業隊,指定賽門鐵克、邁克菲等網絡安全防護企業為網絡安全的特種隊。在以色列,許多以軍網絡安全部隊的軍人退役後,成為地方高科技企業的精英,並創辦多家網絡安全公司。這些公司回過頭來與以軍在網絡安全領域展開全方位合作,提升以軍網絡防護能力的同時,推動整個網絡空間安全的發展。

網絡安全資源分散多元,需軍地強化頂層設計統籌

推動軍民融合發展是一個系統工程,要善於運用系統科學、系統思維、系統方法研究解決問題。目前,我國各類信息網絡系統高速發展,不同功能、類型的網絡安全設施陸續配套投入使用,網絡安全防護系統的總體框架基本建立。但網絡安全資源廣泛分佈於軍隊和地方,推動網絡安全軍民融合,提高協同防護能力需要強化頂層設計統籌,打破體制壁壘和部門利益,在國家層面統一整合、優化配置,促進技術、人才、資源等要素雙向流動轉化。

構建完善網絡安全組織領導體制。應加快建立軍地一體具有中國特色的網絡安全工作組織領導機構,確保層級清晰、分工協作。國家網絡安全領導機構的工作重點是加強網絡安全軍民融合的頂層設計和宏觀管控,制定發展戰略和規劃計劃,履行軍民融合中的統籌協調職能,負責國內網絡安全的防禦與應急反應,打擊網絡犯罪和網絡恐怖主義等;軍隊網絡安全主管機構側重於擬制軍隊網絡安全的整體規劃和建設,將可以實施軍民融合的領域納入國家網絡安全發展全局,做好與國家網絡安全發展規劃的相互銜接,明確軍地協調的相關流程和管理辦法,健全軍地定期會商、重要情況通報、重大行動協同等工作制度,形成網絡空間安全的聯防、聯管、聯控。

統籌軍地網絡安全建設規劃標準。以有效應對當前和未來一段時期網絡攻防手段為目標,科學制定軍民網絡安全建設總體框架,分類確立建設模式,明確近期和長遠建設目標,確定完成任務的配套措施。一是堅持統一標準。積極推動自主可控的安全操作系統、安全數據庫系統等網絡安全基礎產品的技術標準統一,關鍵時刻能實現各系統的全面融合,打造堅固可靠的網絡安全防線。二是堅持統一評估。加強網絡安全建設評估和網絡安全產品的技術風險評估,明確評估程序和環節,採取科學有效的評估方法,確保網絡建成后防得牢、控得住。

建立網絡安全軍地資源共享機制。實現軍地網絡安全資源共享,關鍵是建立軍地需求共提機制。應及時發布軍民兩用技術成果信息,實時對錶“戰場需缺”與“市場所有”,實現軍地雙方需求、技術、標準、產品等信息資源充分共享;加快構建軍地信息融合共享平台,拓展聯通渠道,規範互通標準,實現軍地信息資源充分互補共用;建立網絡安全准入制度,明確劃定保密等級範圍,軍隊業務主管部門與“民參軍”企業定期會商、信息通報、需求對接和協作攻研,防止民用網絡安全力量技術研發丟了目標、少了靶子,防護戰術失去對手、缺乏指向;建立網絡威脅信息互通機制,及時互通國內外網絡安全最新動態和重大事件通報,鼓勵民營企業與政府、軍隊實時共享網絡安全威脅信息,提高研究分析的專業性和實時響應能力。

網絡安全實質是人才的較量,需軍地樹牢聯合思想

網絡安全的本質是網絡對抗,實質是人才的競爭較量。無論是網絡安全分析、規劃、態勢研判、響應和處置,還是網絡防護硬件、軟件的研發,都需要大量的信息科技人才。為滿足軍地網絡安全人才巨大需求,需要牢固樹立聯合思想。

聯合培養人才。近年來,國家網絡安全人才培養取得重要進展,網絡空間安全被國務院學位委員會和教育部增設為一級學科,每年網絡空間安全領域畢業生近萬名。但與打造網絡強國和強軍興軍需求相比還存在較大差距,存在人才隊伍缺口較大、培養體係有待完善、實踐型人才儲備不足等問題。應積極探索軍隊、地方高校、科研院所和網絡安全企業開展人才聯合培養渠道,共建師資隊伍、共搭實驗場所、共設實習基地,實現課堂教學、實習實踐的有機結合,通過網絡安全訓練營、安全運維人才培養等,提升網絡安全從業人員的專業能力,完善快速化、規模化、實戰化的安全運維、分析響應、攻防滲透等網絡安全人才聯合培養機制。

聯合運用力量。應統籌軍地各種力量的運用,加強行動協同,建立較為完善的網絡安全聯防聯控機制。一方面,充分發揮地方網絡安全人才的作用,開放軍隊網絡安全頂層設計、核心技術研發、網絡安全整體建設等領域,以滿足軍隊網絡安全對人才的需求;另一方面,充分發揮軍隊網絡安全需求的助推器作用,利用軍方先進的網絡技術,測試核能、通信、交通、金融等國家關鍵基礎設施網絡的安全性,檢驗應急響應體系的有效性。

聯合研發技術。軍民協同創新是實現網絡防護技術創新突破的重要途徑。應圍繞發揮軍事需求對前沿創新的牽引帶動作用,聚力突破關鍵網絡技術,促進基礎平台軍民共享,大力推動軍民技術相互轉化;鼓勵高校、科研院所、軍工企業和優勢民營企業強強聯合,集中軍地人力、物力和財力,對關鍵芯片、核心器件、操作系統等領域集智攻關;探索軍民融合網絡安全裝備技術創新模式,研發新一代防火牆、入侵檢測、信息加密、信息隱藏、反竊聽等防護技術,共同培育自主化網絡安全產業生態鏈。

此外,由於網絡安全具有綜合性複雜性,還需軍地合力來強化法規政策保障。制定網絡安全軍民融合的法規體系、支撐網絡安全軍民融合的相關政策,以及網絡安全軍民融合重點保障領域的相關文件,確保網絡安全軍民融合的措施落地生根,形成軍地聯合支撐體系。

Chinese Military Review: From Army Information Construction to Construction of Information Army // 中國軍事評論:從軍隊信息建設到建設信息化軍隊

Chinese Military Review: From Army Information Construction to Construction of Information Army //

中國軍事評論:從軍隊信息建設到建設信息化軍隊

2006年04月20日 22:00

From the Army Information Construction to the Construction of Informatized Army——Opening the Eyes to See the New Military Revolution in the World

  Li Bingyan

  A few years ago, there was a curtain factory abroad that was on the verge of bankruptcy and turned to the consulting company. The consulting company only asked them to change the curtain factory to a shading technology factory, and the factory would survive.

  A name change has broadened the horizon of development; a concept change has opened up the mind shackles. Updating the concept is inseparable from the concept of renewal. In the new military revolution, we need to adopt new concepts in a timely manner to show new development ideas.

  Although the ongoing new military revolution still does not see the other side, it is clear that the change has entered a new stage.

  This new military revolution was triggered by a new technological revolution centered on information technology. In the 1990s, the revolutionary impact of information technology on the military mainly remained at the stage of “construction”, that is, information technology embedding, networking, networking, and integration within the framework of the mechanized military organization. Technology strengthens mechanization and enhances mechanization. The theoretical community often refers to this stage of change as a revolution in the military field, which is to promote the army.

Information construction. At that time, the digital division and the digital army to be built by the US Army were carried out within the structure of the original mechanized army. Later, the US military learned from the experience of informatization of some large enterprises and multinational corporations in the society and changed the way of thinking.

  In the past, military changes were first to change military technology, weapons and equipment, and finally to complete the transformation of the military organizational system to adapt to the new methods of warfare. The new military revolution, characterized by informatization, especially the post-launch army, should be reversed. The experience of the business community is also “first rationalization of organizational structure, re-automation, informationization.”

  Before the 1990s, the US business community carried out informatization construction, focusing only on improving work efficiency. Although effective, it still cannot be changed. Ford Motor Company has spent a lot of money on automation, and its office efficiency has improved significantly. For example, the financial department of the North American branch has reduced the number of employees from 500 to 400 after office automation. The company leaders think it is good. Later, they learned about Japan.

Mazda Motor Company did the same job and used only five people. In contrast, Ford’s leadership was shocked. After in-depth investigation, they found that Mazda started to adjust the organizational structure, first change the workflow, and then engage in office automation. Ford’s financial system, organizational structure or traditional model has caused a lot of useless work. Later, Ford Company optimized its structure, re-engineered its business processes, and started office automation on this basis. The company’s financial staff was compressed to a quarter.

  In the development of human society, there is a phenomenon of “path dependence”. After a social system is formed, it will continue to strengthen itself in the actual operation, so that people will not be able to get rid of the influence of the original ideas afterwards.

  In addition, the organizational structure does not change, it is difficult to make the right decision in information. Usually, people are standing in their own units and planning work in this department, forming a “professional syndrome.” The research informatization is first of all the informationization of the unit, beyond the scope of construction of the unit, the leadership vision will not be achieved. This has led to the emergence of new “isomorphic diseases” – large and complete, small and complete, you have me, can not be interconnected, interoperable, interoperable. In this regard, some people call it the “potato effect”: a sack of potatoes, all sprouting, each self-contained system, self-enclosed, and not connected. Building these systems may be reasonable from a local perspective, but it may not be scientific or irrational from the overall perspective of informatization.

  In the practice, the foreign military realized that if informationization is not detoured, it should start with rationalizing the system and adjusting the command system. Otherwise, all levels and departments are busy with informationization. It is likely that the faster and the more the action is now, the greater the losses will be caused once reworked in the future.

  The rationalization of the organizational structure, the consideration of informationization, or the rationalization of organizational structure and informationization, and the simultaneous development have become a new consensus on the new military revolution. After entering the 21st century, the US military proposed a military transformation, marking a new stage in military transformation. At this stage, information technology has shifted from a “construction” role to a “deconstruction” role. That is: instead of strengthening mechanization, it is reorganizing mechanization. As a result, the army’s informatization construction has turned to the construction of an information-based army; the changes in the military field have turned to real military changes.

  In the theoretical preparation stage of the US military, the future army that was designed was: the sensor army, the precision strike army, the dominant mobile army, and the logistics army. In the transition, after a new argument, the future goals of the US military reorganization are proposed: the full-dimensional battlefield perception army, the precision firepower strike army, the efficient command and control army, and the intelligent logistics support army.

  In 2005, Germany proposed the idea of ​​building a “new three armed forces”, namely: rapid reaction forces, standing combat troops, and logistics support forces.

  At the end of last year, the Russian General Staff Department completed the reform of the armed forces. The Russian military’s new round of structural reforms eliminated the arms, military regions and fleets and re-established three functional headquarters and three regional headquarters. The three functional commands are: Strategic Nuclear Power Command, Transportation Command, and Aerospace Defense Command. The three regional commands are: Western European Command, Central Asian Command and Far East Command.

  Generally speaking, although the structural changes of the military have their own characteristics, the common point is that they tend to be integrated and tend to be integrated, and the boundaries between the traditional arms and services are increasingly blurred. The informationized army is not just a technology, but a new structure that is linked to new technologies – ultimately, a structural decision function.

Original Mandarin Chinese:

從軍隊信息建設到建設信息化軍隊——放開眼界看世界新軍事變革

李炳彥

幾年前,國外有一家窗簾廠,瀕臨倒閉之際,求助於諮詢公司。諮詢公司只讓他們把窗簾廠改為遮光技術廠,這個廠子便活了起來。

一個名字改變,拓寬了發展視野;一個概念更換,撬開了心智枷鎖。更新觀念,離不開更新概念。在新軍事變革中,我們需要適時採用新的概念,來展現新的發展思路。

持續發生的新軍事變革雖然至今仍看不到彼岸,但清晰可見變革已經進入到一個新階段。

這場新軍事變革,是由以信息技術為核心的新技術革命引發的。上個世紀90年代,信息技術對軍隊的革命性影響,主要還停留於“建構”階段,即在機械化軍隊的組織結構框架內進行信息技術嵌入、建網、聯網、集成,實際上是用信息技術加強機械化、提昇機械化。理論界常把這一階段的變革,稱之為軍事領域裡的變革,是推動軍隊

信息化建設。當時,美陸軍要建設的數字化師、數字化軍,都是在原來機械化軍隊的結構內進行的。後來,美軍汲取社會上一些大企業、跨國公司進行信息化的經驗,改變了變革的思路。
以往的軍事變革,都是先變革軍事技術、武器裝備,最後完成軍事組織體制的變革,以適應新的作戰方式。而信息化為標誌的新軍事變革,特別是後發之軍,應當反過來進行。企業界的經驗也是“先組織結構合理化,再自動化、信息化”。

上個世紀90年代以前,美國企業界進行信息化建設,只著眼於提高工作效率,雖有成效,但還談不上變革。美福特汽車公司,曾花大筆金錢搞自動化,辦公效率明顯提高,如北美分公司的財務部,實現辦公自動化後,人員由原來的500人減少到400人,公司領導自認為不錯。後來,他們得知日本

馬自達汽車公司做同樣的工作,一共只用了5個人。兩者相對照,福特公司的領導大吃一驚。他們深入調查後發現,馬自達公司從調整組織結構入手,先改變工作流程,再搞辦公自動化。福特公司的財務制度、組織結構還是傳統模式,造成許多無用功。後來,福特公司經過優化結構,再造業務流程,在此基礎上搞辦公自動化,公司財務員工壓縮到了原來的四分之一。
人類社會在發展中,存在一種“路徑依賴”現象,即一個社會系統形成後,必將在實際運作中不斷自我強化,以致後來人們改進它的種種嘗試,都難以擺脫原有思路的影響。

另外,組織結構不改變,很難做出信息化的正確決策。通常,人們都是站在本單位、本部門謀劃工作,形成了一種“職業官能症”。研究信息化首先是本單位的信息化,超出本單位的建設範圍,領導視野就達不到了。致使出現新的“同構病”——大而全、小而全,你有我也有,不能互聯、互通、互操作。對此,有人稱之為“馬鈴薯效應”:一麻袋馬鈴薯,個個都發芽,個個自成小系統,自我封閉,互不相聯。建這些系統,從局部來看可能合理,但從信息化的全局看可能並不科學、不合理。

外軍在實踐中認識到:要想信息化不走彎路,還應從理順編制體制、調整指揮體系入手。否則,各級、各部門都忙著信息化,很可能現在動作愈快、投入愈多,將來一旦返工,造成的損失就愈大。

先組織結構合理化,在信息化,或者組織結構合理化與信息化一併考慮,同時進行,成了新軍事變革的一種新共識。進入21世紀後,美軍提出軍隊轉型,標誌著軍事變革進入了一個新階段。在這個階段,信息技術從“建構”作用,轉向“解構”作用。即:不是加強機械化,而是重組機械化。由此,軍隊信息化建設,轉向了建設信息化軍隊;軍事領域裡的變革,轉向真正的軍事變革。

美軍在理論準備階段,曾設計出的未來軍隊是:傳感器軍,精確打擊軍,主導機動軍,聚焦後勤軍。在轉型中,經過新的論證,提出美軍重組的未來目標:全維戰場感知軍,精確火力打擊軍,高效指揮控制軍,智能後勤保障軍。

德國於2005年,提出了建設“新三軍”設想,即:快速反應部隊,常備作戰部隊,後勤支援部隊。

去年底,俄軍總參謀部完成了關於武裝力量改革方案。俄軍新一輪結構改革方案,取消了軍兵種、軍區和艦隊,重新成立三個職能司令部和三個地區司令部。三個職能司令部是:戰略核力量司令部、運輸司令部、空天防禦司令部。三個地區司令部是:西歐司令部、中亞司令部和遠東司令部。

從總體上看,軍隊結構變革雖然各國都有自己的特色,但共同點是趨於綜合、趨於一體化,傳統的軍兵種之間的界限日益模糊。信息化軍隊不只是技術,重要的是與新技術相聯繫的新的結構方式——最終還是結構決定功能。

Original Referring url: http://mil.news.sina.com.cn/2006-04-20/

People’s Liberation Army must be brave enough to take responsibility for China’s “Cyberspace” Sovereignty // 人民解放軍必須勇敢地對中國的“網絡空間”主權負責

People’s Liberation Army must be brave enough to take responsibility for China’s “Cyberspace” Sovereignty //

人民解放軍必須勇敢地對中國的“網絡空間”主權負責

Original: “National Defense Reference”, No. 3, 2017

作者:安卫平 北部战区副参谋长

  The cyberspace was born in the military field. For example, the first computer, the APA network and the GPS navigation system all originated from the military. Today, cyberspace security has been closely related to national security, and the military has once again become the protagonist of maintaining national cyberspace security. Whether it is facing normalized network penetration or large-scale cyberattacks, it is urgent for the military to move from defending the “network camp gate” to guarding the “network country gate”, breaking through the traditional military mission and mission, breaking through the traditional war preparation mode. With a new network of national defense thinking, the founding of the network era of the country’s strong shield.

  From the “network camp door” to the “network country door”, the new era brings a new trend of military mission

  Cyberspace is not only related to the maintenance of national strategic interests, but also directly affects political, economic, cultural security and social development. It has also become the blood and link of modern battlefield joint operations. The Chinese military cannot be limited to maintaining the internal network security of the military camp. It must also actively adapt to the trend of the times and take the responsibility of the country that guards the “network country.” The strong army of the Internet is an important part of the construction of a network power. From the “network camp door” to the “network country door” is the inevitable trend of the development of the domestic and international situation in the information age.

  Guarding the “network country door” is forced by the cyberspace security situation. As the first major Internet country, China’s security situation is not optimistic, and strategic opponents have never stopped preparing for our network operations. The United States, Britain, France and other countries are actively preparing for cyberspace, giving military functions through cyberspace security legislation, developing cyber warfare forces, developing cyber warfare weapons and equipment, and advancing war to the “fifth space” of mankind, especially in China. In the historical process of the rise, the Western countries used the means of network technology and communication to implement uninterrupted harassment, subversion and cyberattacks under the leadership of the Cold War mentality and the containment subversion strategy, which seriously affected the security and social development of our country. China gradually became National security is at great risk for the hardest hit by cybersecurity threats, the test sites for virus attacks, and the destination of conscious penetration.

  In the coming period, as a new emerging country, China’s conflicts of interest with other parties will intensify. Strengthening the network defense strategy and strengthening the operational readiness of cyberspace are the inevitable ways to actively strive for the dominance and discourse power of cyberspace, and also the rise of China. The only way to go. As the main force of national security and stability, the military must adapt to the characteristics of cyberspace and become the backbone and main force to resist network intrusion and network subversion, and safeguard national security and social stability.

  Winning cyber warfare is the trend of new military revolution in the information age. As one of the most advanced productivity in the information age, network technology has made cyberspace warfare a dominant factor guiding the evolution of modern warfare and affecting the overall situation of war. In recent years, from the “seismic net” attack in Iran, the cyber warfare in the Russian-Georgian conflict, the large-scale obstruction of the Ukrainian power grid , and the cyberattack of the US military against IS, the huge role played by cyberspace in actual combat has gradually emerged, indicating that cyber warfare Has become an important style of future joint operations.

  The US military attaches great importance to the construction of cyberspace armaments, the establishment of the Cyberspace Command, the launch of cyberspace joint warfare, the extensive expansion of cyber warfare forces, the maintenance of its cyberspace hegemony, and the formation of cyberspace control capabilities as a “third offset strategy”. “Absolute advantage is the most important competitive content.

  Many countries in the world have followed suit, and the trend of militarization of cyberspace is obvious. The rigorous cyberspace military struggle situation requires the Chinese military to focus on the changes in the network battlefield space, adapt to the requirements of the information war era, and achieve the strong military goal of smashing and winning in cyberspace.

  Effective network warfare is an inherent need to accelerate the construction of a network powerhouse. In the process of China’s development from a network power to a network power, it is inseparable from the strong cyberspace military power as a guarantee. The international competition in cyberspace is a comprehensive game of the country’s comprehensive strength. Among them, the quality of network military capacity building is directly related to national security and stability, and it is the core element of the entire national security field.

  At present, the interests of countries in the world in the cyberspace are mutually infiltrated, and there is a situation in which you have me, I have you, cooperate with each other, and develop together. However, this kind of common development is not equal. The US and Western powers have taken advantage of the cyberspace dominance, and have already achieved certain network warfare advantages, which has made my network development and interests subject to people. How the military can fulfill its mission of defending the earth in the construction of a network-strength country, the premise is to form a network environment capable of curbing the crisis, controlling the opponent’s network attack and defense capabilities, and ensuring peaceful development.

  Therefore, the military needs to establish a deterrent strategic goal of effective warfare, form a strategic check and balance ability that can “destroy each other” with the enemy, thereby enhancing strategic competitiveness, ending cyberspace aggression, and ensuring the smooth advancement of the network power strategy.

  From “keeping the soil and being responsible” to “protecting the net and defending the country”, the new situation requires the military to undertake new tasks.

  The military is the main force and pillar of national security, and cyberspace is no exception. The National Security Law, which was enacted on July 1, 2015, stipulates: ” Citizens of the People’s Republic of China , all state organs and armed forces, political parties and people’s organizations, enterprises and institutions, and other social organizations have the responsibility to safeguard national security. And obligations.” The Cybersecurity Law, promulgated in November 2016, emphasizes the need to maintain cyberspace sovereignty and national security.

  On the basis of the laws of these two countries, on December 27, 2016, the “National Cyberspace Security Strategy” (hereinafter referred to as “Strategy”) was officially launched, providing overall guidance for creating a new pattern of network powers at a new starting point. Basically follow, clearly put forward nine strategic tasks, further embodying the mission of the military in the process of building a network power.

  With the national mission of protecting the network, the military must be a strong pillar to defend the cyberspace sovereignty. The first of the nine strategic tasks listed in the “Strategy” is “firmly defending the cyberspace sovereignty” and clearly proposes to “take all measures including economic, administrative, scientific, technological, legal, diplomatic, military, etc., and unswervingly maintain our network.” Space sovereignty.” It can be seen that the military must assume the military mission of using physical space and defend the national mission of the sovereign security and interests of virtual cyberspace.

  Cyberspace sovereignty is the core interest of the state and an important component of national sovereignty. It indicates the independence, equal, self-defense and management rights of the state in cyberspace. A once hostile forces violated my cyberspace sovereignty is tantamount to a violation of national sovereignty physical space of my land, sea and so on, China will have the right to take all measures, including military means, including giving resolutely fight back.

  Internationally, the United States has long proposed a cyberspace deterrence strategy, declaring that attacks on US network information facilities are equivalent to war acts, and the United States will take military strikes to retaliate. Military means is a means of safeguarding national sovereignty and plays a vital role in safeguarding national cyberspace security. Therefore, the military, air, sea and air military forces have been given the historical mission of protecting the cyberspace sovereignty. They must rely on the powerful physical space to defend the national interests of cyberspace and effectively deter the hostile forces from cyber-damaging attempts.

  In accordance with the era of the Internet, the military must be the ballast stone to defend national security. The second item of the “Strategy” mission emphasizes the need to resolutely safeguard national security, prevent, deter and punish any use of the Internet for treason, secession, sedition, subversion or incitement to subvert the people’s democratic dictatorship.

  In the era of information network, the military of all countries in the world has become an important participant in cyberspace. The level of cyberspace capability has become the main indicator for assessing the modernization of a country’s military. It is one of the main duties of the informationized military to carry out cyberspace missions and maintain national security.

  Judging from the historical process of China’s development, it is necessary to be highly vigilant against the danger of the country being invaded, subverted, and divided in cyberspace in order to adapt to the national security strategy needs of building a well-off society in an all-round way. Highly alert to the reform caused by cyberspace. The danger of developing the overall situation is destroyed, and we are highly wary of the danger of interference and destruction in the development of socialism with Chinese characteristics.

  Preventing problems before they occur requires the state to have the means to cope with and deal with these dangers, and to have the powerful force to prevent, stop and legally punish cyberspace violations. Defending the country has always been an unshirkable historical responsibility of the military. The inherent mission and mission have determined that the Chinese military must assume the role of taking various measures in the cyberspace to safeguard the country’s political, economic, cultural security and social stability.

  The strategic mission of both offensive and defensive, the military must be a strong backing to enhance the ability of cyberspace protection. The third and eighth items of the Nine Major Tasks in the Strategy clearly state that all necessary measures must be taken to protect critical information infrastructure and its important data from attack and destruction, and that technology and management should be adhered to, protected and shocked; We will build a network space protection force that is commensurate with China’s international status and compatible with the network powers. We will vigorously develop network security defense methods, timely discover and resist network intrusion, and build a strong backing for national security. Among all the political, diplomatic, military, and scientific and technological capabilities of the country to maintain security, military power has always been the foundation and support for all capabilities, the fundamental guarantee for all capabilities, and the ultimate support for national security.

  Therefore, the military must undertake the strategic task of strengthening the national cyberspace protection capability. In the real society, the military is the reassurance of safeguarding national security. In the cyberspace, it should also become the security dependence and guarantee of the people. As an important part of the national cyberspace protection capability, the military must achieve both offensive and defensive capabilities, and the ability to resolutely safeguard the interests and security of the country and the people in cyberspace, and effectively eliminate the various crises caused by cybersecurity threats. The turbulence of thoughts enables the people to truly feel that production and life are effectively protected and become the confidence of the people of the whole country in their confidence in the national network protection capabilities.

  The global responsibility of UNPROFOR, the military must be an important support for maintaining global cybersecurity. The last item of the “Strategy” mission clearly proposes to strengthen international cooperation in cyberspace, support the United Nations in playing a leading role, promote the development of universally accepted international rules on cyberspace, international anti-terrorism conventions on cyberspace, and improve the judicial assistance mechanism for combating cybercrime, deepening International cooperation in the areas of policy law, technological innovation, standardization, emergency response, and protection of key information infrastructure.

  Cyber ​​terrorism and cybercrime are new forms of global threat catalyzed by information network fermentation. They pose a huge threat to the political, economic, military and cultural security of all countries in the world. It is not enough to rely solely on the power of the government and the people. Western countries have given the military the responsibility to protect cybersecurity and the power to fight cyber terrorism. Maintaining the security and stability of global cyberspace is in the fundamental interests of China and the rest of the world. The military should become an important defender of global cyberspace security and an important force in combating global cyber terrorism and cybercrime.

  The globalization and unbounded nature of the Internet determine the international demand for combating cyber terrorism and transnational cybercrime. The military should promote military cooperation between countries in the framework of the UN Security Council and use the strategies and technologies of the Internet era to establish joint defense and joint defense. Mechanism to effectively safeguard the security of the national and world cyberspace.

  From “field training” to “network preparation”, new areas require new preparations for the military

  Under the new historical situation, cyberspace puts forward new requirements for the military training and preparation mode. It should adapt to the new characteristics of cyberspace and the new mission of the military to carry out innovative reforms on the traditional model, strengthen the country’s military objectives, and strengthen macro-coordination. Focusing on the legal needs of cyberspace military operations, it closely follows the natural attributes of cyberspace “military and civilian integration”, builds a network security attack and defense system that combines peacetime and warfare, and builds a network defense force of “military and land use”.

  Legislation empowerment provides a legal basis for the military to carry out its functional mission. The countries of the world, especially the western developed countries, attach great importance to the issue of network defense in cyber security legislation. The United States has successively issued a series of policies and regulations such as “National Security No. 16 Presidential Decree”, “Network Space Action Strategy”, and has continuously deepened and standardized on how to protect national network security in the field of network defense.

  At present, it is necessary to clarify the duties and responsibilities of the cyberspace military from the legal level. It should be based on the National Security Law and the Cyber ​​Security Law, and introduce the network defense law and related cyberspace military operational regulations, for the construction of the network defense field and military. The action provides regulatory support and a program of action to make the military’s responsibilities and mission in cyberspace more specific and specific.

  First, further define the network sovereignty and network frontier through the network defense legislation, and clearly define the scope of the military.

  The second is to establish the operational authority of the military to defend the national cyberspace security through the construction of cyber warfare laws and regulations, and to distinguish military means against network intrusion and network destruction. Third, through the cyberspace international cooperation policy, the military will coordinate with other countries and civilian forces to combat international cyber terrorism and cybercrime.

  The integration of military and civilian provides an innovative driving force for the construction of a network powerhouse. The integration of military and civilian is the main method for the world power to enhance the competitiveness of cyberspace. For the construction of China’s network powerhouse, building a military-civilian network security attack and defense system and developing a military-land dual-use defense information infrastructure is to inspire the innovation of military cyberspace combat capability. Source.

  The first is to coordinate the military, civilian, and functional departments of the state, the military, and various levels of government, set up special command and coordination agencies, mobilize all national network forces, and build a network security attack and defense system that combines “military and civilian integration” and “peace and war.”

  The second is to issue guidance on the in-depth development of cyber security military-civilian integration as soon as possible, and gradually carry out basic legal research and demonstration of military-civilian integration to guide the development of medium- and long-term military-civil integration.

  Third, relying on the country’s existing public mobile communication network, optical fiber communication network and satellite system, the military and civilians will build an information infrastructure covering the entire army of the whole country, and realize the unified construction and sharing of military and civilian.

  The fourth is to establish an emergency response mechanism for military-civilian joints, increase the ability to train military authorities to control events, strengthen experts and emergency professional strength, and enhance the ability to quickly recover damaged networks or information systems.

  Military-civilian joint training provides a practical environment for the generation of cyberspace military capabilities. The military-civilian sharing characteristics of cyberspace make military-civilian joint training an important means of military training in cyberspace around the world. The cyberspace joint military and civilian exercises in the United States and NATO countries have formed a series of series. The “Network Storm” and “Network Guardian” drills have attracted the participation of governments, enterprises, research institutions and even civilian hackers. Our military cyberspace military strength training also needs to attract a wide range of civil forces to participate.

  First, do a good job in military-government cooperation, establish a military-civilian joint offensive and defensive drill mechanism, learn from the red-blue confrontation training methods in the cyber war drills of developed countries such as the United States, actively build a “national network shooting range”, plan a series of joint exercises of the government and non-government organizations, and enhance the integration of the military and the people. The level of attack and defense of the network of the government and the people.

  The second is to do a good job in military-enterprise cooperation, relying on net-based enterprises to set up a training field on the Internet, to promote the ability of attack and defense between the military and civilians, and jointly improve the ability to prevent unknown risks.

  The third is to organize private network security companies and hacker talents, carry out network security competitions and other activities, and mutually verify each other to jointly improve the level of network security protection technology and tactics.

  The network reserve service provides a source of strength for building a powerful network army. As a backup supplement to the national defense force, the reserve has both military and civilian characteristics and is a powerful measure to realize the organic unification of the development of cyberspace economy and national defense.

  First, it is led by the national security department, and overall planning is carried out according to national interests. A series of laws and regulations conducive to the construction of the network national defense reserve are introduced, and the main division of labor, promotion strategy, interest coordination, etc. of the military and civilian construction in the network defense reserve construction are solved from the top level. problem.

  The second is to innovate the reserve organization and comprehensive coordination mechanism, and plan to integrate the reserve construction into all levels and fields of national network information development.

  The third is to focus on the reform of the military and local management models. Based on the management mechanisms of the provincial and municipal governments, the military, and local enterprises and institutions, the network will establish a network of national defense reserve personnel to jointly cultivate and use the mechanism, improve the national emergency mobilization mechanism, and establish a national network defense special talent. The database will include the construction of network militia and reserve forces into the scope of mobilization of the people’s armed forces. In normal times, they will be incorporated into the militia emergency detachment for training. In an emergency, they will select the elite personnel to participate in the non-war military operations missions, and will be recruited and used as needed during wartime. To transform the national defense potential into national defense strength. 

Original Mandarin Chinese:

原題:從守衛“網絡營門”走向守衛“網絡國門”

作者:安衛平北部戰區副參長

原載:“國防參考”2017年年第3期

網絡空間誕生於軍事領域,如首台計算機,阿帕網和GPS導航系統等都源於軍方,時至今日,網絡空間安全已與國家安全息息相關,軍隊又再次成為維護國家網絡空間安全的主角,無論是面對常態化的網絡滲透,還是大規模的網絡攻擊,都迫切需要軍隊從守衛“網絡營門”走向守衛“網絡國門”,突破傳統的軍隊使命任務,突破傳統的應戰備戰模式,以全新的網絡國防思維,鑄造網絡時代國之堅盾。

從“網絡營門”到“網絡國門”,新時代帶來軍隊使命新趨勢

網絡空間不僅事關國家戰略利益維護,直接影響政治,經濟,文化安全和社會發展,也成為現代戰場聯合作戰的血脈和紐帶。中國軍隊不能局限於維護軍營內部網絡安全,更要主動適應時代趨勢,勇於承擔把守“網絡國門”的國家擔當。網絡強軍是網絡強國建設的重要一環,從“網絡營門”走向“網絡國門”是信息時代國內外形勢發展的必然趨勢。

守衛“網絡國門”是網絡空間安全形勢所迫。中國作為第一網絡大國,安全狀況不容樂觀,戰略對手從未停止對我網絡作戰準備。美,英,法等國積極備戰網絡空間,通過網絡空間安全立法賦予軍隊職能,發展網絡戰部隊,研發網絡戰武器裝備,將戰爭推進到了人類的“第五空間”,特別是在中國日益強大崛起的歷史進程中,西方國家在冷戰思維和遏制顛覆戰略的主導下,利用網絡技術手段和傳播方式實施不間斷的騷擾,顛覆和網絡攻擊行動,嚴重影響我國家安全與社會發展,中國逐漸成為網絡安全威脅的重災區,病毒攻擊的試驗場,意識滲透的目的地,國家安全面臨著巨大風險。

未來一段時期內,中國作為新興大國,與各方利益衝突還將加劇,堅定推進網絡國防戰略,加強網絡空間的作戰準備,是積極爭取網絡空間的主導權和話語權的必然途徑,也是中國崛起的必由之路。軍隊作為國家安全穩定的主要力量,必須適應網絡空間特點要求,成為抗擊網絡入侵,網絡顛覆的中堅和主力,維護國家安全和社會穩定。

打贏網絡戰爭是信息時代新軍事變革所趨。網絡技術作為信息時代最先進生產力之一,使得網絡空間作戰成為引導現代戰爭形態演變的主導因素,影響著戰爭全局。近年來,從伊朗“震網“攻擊,俄格衝突網絡戰,烏克蘭電網遭大規模阻癱以及美軍對IS的網絡攻擊,網絡空間在實戰中所展現出的巨大作用逐漸顯現,預示著網絡作戰已成為未來聯合作戰重要樣式。

美軍高度重視網絡空間軍備建設,成立網絡空間司令部,推出網絡空間聯合作戰條令,大幅度擴編網絡戰部隊,極力維護其在網絡空間霸權,把對網絡空間控制能力作為形成“第三次抵消戰略“絕對優勢最重要的競爭內容。

世界多國紛紛跟進,網絡空間軍事化趨勢明顯。嚴峻的網絡空間軍事鬥爭形勢要求中國軍隊著眼網絡戰場空間變化,適應信息化戰爭時代要求,實現在網絡空間能打仗,打勝仗的強軍目標。

有效網絡懾戰是加速網絡強國建設內在所需。在中國由網絡大國向網絡強國發展過程中,離不開強大的網絡空間軍事力量作為保障。網絡空間國際競爭表現為國家綜合實力的全面博弈,其中,網絡軍事能力建設的好壞,直接關係到國家安全與穩定,牽一發而動全身,是整個國家安全領域的核心要素。

當前,世界各國在網絡空間的利益互相滲透,出現“你中有我,我中有你,互相合作,共同發展”的局面。但是這種共同發展是不對等的,美國及西方強國利用網絡空間主導權,已經取得了一定的網絡懾戰優勢,使我網絡發展及利益受制於人。軍隊如何在網絡強國建設中完成守土有責的使命重托,前提就是要形成能夠遏制危機,懾控對手的網絡攻防能力,確保和平發展的網絡環境。

因此,軍隊需要確立有效懾戰的威懾戰略目標,形成能與敵“相互摧毀”的戰略制衡能力,從而增強戰略競爭力,懾止網絡空間侵略,保障網絡強國戰略順利推進。

從“守土有責”到“護網衛國”,新形勢要求軍隊承擔新任務

軍隊是保衛國家安全的主力和柱石,網絡空間也不例外2015年7月1日施行的“國家安全法”規定:“中華人民共和國公民,一切國家機關和武裝力量,各政黨和各人民團體,企業事業組織和其他社會組織,都有維護國家安全的責任和義務。“2016年11月頒布的”網絡安全法“強調了要維護網絡空間主權和國家安全。

在這兩個國家法律的基礎上,2016年12月27日,“國家網絡空間安全戰略”(下文簡稱“戰略”)正式出台,為在新的起點上開創網絡強國新格局提供了總體指導和基本遵循,明確提出了九大戰略任務,進一步體現了軍隊在建設網絡強國進程中的使命任務。

全力護網的國家使命,軍隊要做捍衛網絡空間主權的堅強柱石。“戰略”中列出的九大戰略任務首項就是“堅定捍衛網絡空間主權”,明確提出要“採取包括經濟,行政,科技,法律,外交,軍事等一切措施,堅定不移地維護我國網絡空間主權“。可見,軍隊須承擔起運用實體空間的軍事手段,保衛虛擬網絡空間主權安全和利益的國家使命。

網絡空間主權是國家的核心利益,是國家主權的重要組成,表明國家在網絡空間所擁有的獨立權,平等權,自衛權和管理權。一旦敵對勢力侵犯了我網絡空間主權,就等同於侵犯了我陸海空等實體空間的國家主權,中國將有權利採取包括軍事手段在內的一切措施給予堅決回擊。

在國際上,美國早就提出網絡空間威懾戰略,宣告對美國網絡信息設施的攻擊等同於戰爭行為,美國會採取軍事打擊措施進行報復。軍事手段是維護國家主權的保底手段,在維護國家網絡空間安全中發揮著至關重要的作用。因此,陸海空天軍事力量理所應當地被賦予了保護網絡空間主權的歷史使命,必須憑藉強大的實體空間武力保衛網絡空間的國家利益,有力震懾敵對勢力的網絡破壞企圖。

依網衛國的時代擔當,軍隊要做保衛國家安全的壓艙石。“戰略”任務的第二項著力強調要堅決維護國家安全,防範,制止和依法懲治任何利用網絡進行叛國,分裂國家,煽動叛亂,顛覆或者煽動顛覆人民民主專政政權的行為。

信息網絡時代,世界各國軍隊都已經成為網絡空間重要參與者,網絡空間能力水平成為評估一個國家軍隊現代化程度的主要指標,遂行網絡空間使命任務,維護國家安全成為信息化軍隊的主要職責之一。

從中國發展所處的歷史進程來看,要適應全面建成小康社會決勝階段的國家安全戰略需求,必須高度警惕國家在網絡空間被侵略,被顛覆,被分裂的危險,高度警惕由網絡空間引發改革發展大局被破壞的危險,高度警惕中國特色社會主義發展進程被干擾,破壞的危險。

防患於未然,要求國家必須具有應對和處置這些危險的手段措施,具有防範,制止和依法懲治網絡空間違法破壞行為的強大力量。保衛國家歷來是軍隊不可推卸的歷史責任,固有的使命任務決定了中國軍隊必須承擔起在網絡空間採取各種措施,維護國家政治,經濟,文化安全和社會穩定的時代擔當。

攻防兼備的戰略任務,軍隊要做提升網絡空間防護能力的堅強後盾。“戰略”中九大任務的第三項和第八項明確提出,要採取一切必要措施保護關鍵信息基礎設施及其重要數據不受攻擊破壞,要堅持技術和管理並重,保護和震懾並舉;要建設與我國國際地位相稱,與網絡強國相適應的網絡空間防護力量,大力發展網絡安全防禦手段,及時發現和抵禦網絡入侵,鑄造維護國家網絡安全的堅強後盾。在國家所有維護安全的政治,外交,軍事,科技能力中,軍事力量歷來是所有能力的基礎和支撐,是所有能力的根本保障,是國家安全的最終依托。

因此,軍隊必須承擔起提升國家網絡空間防護能力堅強後盾的戰略任務。現實社會中,軍隊是維護國家安全的定心丸,在網絡空間也同樣應成為人民群眾的安全依賴和保障。軍隊作為國家網絡空間防護能力生成的重要一環,必須做到攻防兼備,懾戰一體,有能力堅決維護國家和人民在網絡空間的利益和安全,能夠有效消除網絡安全威脅造成的各種危機和思想動盪,使人民能夠切實感受到生產生活得到有效保護,成為全國人民對國家網絡防護能力充滿信心的底氣所在。

聯防聯治的全球責任,軍隊要做維護全球網絡安全的重要支撐。“戰略”任務最後一項明確提出要強化網絡空間國際合作,支持聯合國發揮主導作用,推動制定各方普遍接受的網絡空間國際規則,網絡空間國際反恐公約,健全打擊網絡犯罪司法協助機制,深化在政策法律,技術創新,標準規範,應急響應,關鍵信息基礎設施保護等領域的國際合作。

網絡恐怖主義和網絡犯罪是經過信息網絡發酵催化出的全球威脅新形態,對世界上所有國家的政治,經濟,軍事,文化安全都構成巨大威脅,僅僅依靠政府和民間的力量是不夠的,美國等西方國家紛紛賦予軍隊保護網絡安全的職責和打擊網絡恐怖主義的權限。維護全球網絡空間安全與穩定符合中國以及世界各國的根本利益,軍隊應成為全球網絡空間安全的重要維護者,成為打擊全球網絡恐怖主義和網絡犯罪的重要力量。

網絡的全球化,無界性決定了打擊網絡恐怖主義和跨國網絡犯罪的國際需求,軍隊應在聯合國安理會的框架下,推進國家間網絡治理軍事合作,利用網絡時代的戰略和技術,建立聯防聯治機制,切實維護國家和世界網絡空間安全。

從“沙場練兵”到“網絡備戰”,新領域需要軍隊備戰新舉措

在新的歷史形勢下,網絡空間對軍隊練兵備戰模式提出了全新的要求,應適應網絡空間新特點和軍隊新使命對傳統模式進行創新改革,以強國強軍目標為統攬,加強宏觀統籌,著眼網絡空間軍事行動的法理需求,緊扣網絡空間“軍民一體”的天然屬性,建設“平戰結合”的網絡安全攻防體系,打造“軍地兩用”的網絡國防力量。

立法賦權,為軍隊遂行職能使命提供法理依據。世界各國尤其是西方發達國家在網絡安全立法上高度重視網絡國防問題。美國先後出台了“國家安全第16號總統令”,“網絡空間行動戰略”等一系列政策法規,對如何在網絡國防領域保護國家網絡安全進行了不斷的深化規範。

當前,從法律層面釐清網絡空間軍隊的職責任務非常必要,應以“國家安全法”,“網絡安全法”為依據,出台網絡國防法和有關網絡空間軍事作戰條令法規,為網絡國防領域建設和軍事行動提供法規支撐和行動綱領,使軍隊在網絡空間的職責和使命更加明確具體。

一是通過網絡國防立法進一步界定網絡主權和網絡邊疆,清晰軍隊的職責範圍。

二是通過網絡作戰法規建設,明確軍隊遂行保衛國家網絡空間安全的行動權限,區分應對網絡入侵,網絡破壞等行為的軍事手段。三是通過網絡空間國際合作政策,明確軍隊協同他國,民間力量等打擊國際網絡恐怖主義,網絡犯罪的職能任務。

軍民融合,為網絡強國建設提供創新動力。軍民融合是世界強國提升網絡空間競爭力的主要做法,對於中國網絡強國建設來說,構建軍民融合網絡安全攻防體系,開發軍地兩用的國防信息基礎設施,是激發軍隊網絡空間作戰能力創新的源泉。

一是統籌國家,軍隊和各級政府等軍民融合職能部門,設置專門的指揮協調機構,調動一切國家網絡力量,建設“軍民一體”,“平戰結合”的網絡安全攻防體系。

二是盡快出台網絡安全軍民融合深度發展指導性意見,逐步展開軍民融合基本法律研究論證,指導中長期軍民融合發展。

三是依托國家現有公共移動通信網,光纖通信網及衛星系統,軍民共建覆蓋全國全軍的信息基礎設施,實現軍民統建,分管共享。

四是建立軍民聯合的應急響應機制,加大培訓軍地主管部門控制事態的能力,加強專家和應急專業力量,提升快速恢復受損網絡或信息系統的能力。

軍民聯訓,為網絡空間軍事能力生成提供實戰化環境。網絡空間的軍民共用特性使得軍民聯訓成為世界各國網絡空間軍事演訓的重要方式。美國及北約等國家的網絡空間軍民聯合演習已經形成系列化,“網絡風暴”,“網絡衛士”等演練活動吸引了政府,企業,研究機構甚至民間黑客的廣泛參與。我軍網絡空間軍事力量訓練也需要廣泛吸引民間力量參與。

一是搞好軍政合作,建立軍民聯合攻防演練機制,借鑒美國等發達國家網絡戰演練中的紅藍對抗訓練方法,積極建設“國家網絡靶場”,策劃政府,民間機構系列聯合演習,提升軍民一體,官民一體的網絡攻防水平。

二是搞好軍企協作,在互聯網上依靠網信企業設置演練場區,促進軍民之間攻防能力磨合,共同提高防範未知風險能力。

三是著眼軍隊和地方兩頭管理模式改革,以各省市政府,軍隊和地方企事業單位的管理機制為依托,建立網絡國防預備役人才聯合培養使用機制,完善國家應急動員機制,建立國家網絡防禦專用人才數據庫,將網絡民兵和預備役部隊建設納入人民武裝動員的範圍,平時按規定編入民兵應急分隊進行訓練,急時挑選精幹人員隨隊參加遂行非戰爭軍事行動任務,戰時按需要成建制徵召使用,使國防潛力轉變為國防實力。

Original referring url:  http://mil.huanqiu.com/strategysituation/2017-04/

Chinese Military Analysis of American Information Warfare Strategy Theory and Its Practical Conception // 中國對美國信息戰戰略理論的軍事分析及其實踐觀

Chinese Military Analysis of American Information Warfare Strategy Theory and Its Practical Conception //

中國對美國信息戰戰略理論的軍事分析及其實踐觀

By 胡 堅

 From various news media, we can often read reports of hacking attacks on US information systems and computer networks, especially when the United States is arrogant and provocative in the world. . As a country with the most reliance on computers and information technology and the most popular application in the world, the vulnerability of the US information system and the vulnerability caused by its huge number are obvious. However, we must not forget that the United States is not only the only superpower in the world today, but also the number one information technology power. The importance of the United States to information warfare and the depth of research are unmatched by any country in the world. In addition to theoretical research, the United States has conducted several information warfare simulations and practical exercises of varying sizes. The US information war strategy is consistent with the starting point of its global military strategic thinking and is based on aggressiveness and expansion. While arguing and even exaggerating hackers pose a serious threat to its information infrastructure, on the other hand, the United States is quietly taking an active position in its information warfare in the future, and even launching large-scale information to other countries. Attack and make positive preparations. Therefore, people should not take it lightly and relax their vigilance. This article intends to briefly explain some important viewpoints of the United States on the strategic theory of information warfare for reference. 
    I. The United States’ definition of information warfare The 
    United States has been studying information warfare theory for a long time, and has published a large number of research literatures in this area, but the definition of information warfare has been constantly revised and improved. At the beginning of 1996, the Joint Chiefs of Staff of the United States gave an earlier definition of 
    information warfare : information warfare refers to the impact of capturing information superiority, the enemy information systems and computer networks, and the existing information systems and Facilities such as computer networks are protected and information is taken.
    The above includes two aspects of attack and protection of the information infrastructure (NII). In October 1998, the Joint Chiefs of Staff made a perfection and supplement to the definition of information warfare in the newly promulgated “Information Warfare Common Dogma”. The most striking thing is that it is the first time in the form of government documents. The National Information Infrastructure (NII) is included in the scope of the information warfare. There are two main points: First, civilian facilities such as telephone, electric power and air traffic control systems will become the targets of information warfare attacks; second, the act of using any means to interfere with and destroy the enemy’s information decision-making process has been put into practice. . 
    The above definition shows that in order to achieve its strategic goals, the United States will not hesitate to destroy the vital infrastructure of a country as a means to force the other party to submit, in the process, it does not care about any loss that may be caused to civilians. With casualties. This was fully taught in the conflict that erupted in Kosovo from April to June 1999. 
    Second, the enemy 
    of information warfare The definition of the enemy of the information warfare in the United States is very complicated and ambiguous. The definition in the “Information Warfare Common Dogma” is as follows: 
    “The enemy of information warfare refers to the influence of my decision makers. Information threats and terrorist acts that are organized, premeditated and politically motivated or politically motivated. Hackers, individuals or organized criminals, internal apostates, industrial and economic agents who attack attacks on protected information systems and Terrorists are among the following. 
    From this definition, we can find that under certain circumstances, the United States can include foreign individuals or organizations, even a sovereign country, among its opponents of information warfare. Let us take an analogy: an energy company in a third world country negotiates with a US company and intends to purchase the electric equipment produced by the latter. Since the energy company’s information management system was purchased from the Netherlands and managed by Dutch engineering and technical personnel, these managers inadvertently learned about the transaction and reported the home country company, which led to the involvement of Dutch power equipment manufacturing companies. Competing with US companies ultimately led to major changes in the outcome of the deal. So the Dutch contender has in fact become a hostile party to the US information warfare. 
    Third, the strategic considerations of information warfare
    The US information war strategy is one of the means of dismantling the enemy and forcing the opponent to obey the will of the United States and act according to the will of the United States. The explanation in the “Information Warfare Common Dogma” is as follows: 
    “In the peace year and the initial stage of the crisis, information warfare may be the best deterrent means to exert influence on the other party. Information warfare is to resolve the crisis and shorten the confrontation cycle. Enhancing the effectiveness of intelligence, diplomacy, economic and military means, and avoiding the use of mercenaries in conflict zones will play a major role.” 
    Please pay close attention to the “best deterrent measures in peace years…” In a word, this is a very threatening phrase because it shows that the United States can initiate an information attack from any country that it considers to be an opponent without declaring war. That is to say, in the form of a formal program document, the United States has unambiguously stated to the world that information warfare will be an effective tool for intervening in other countries’ internal affairs and interfering in other countries’ internal affairs during the years of peace. 
    US information warfare expert William Church From the above theory, several different types of conflicts or crises in the world that may occur in the future, information warfare is proposed to solve several hypothetical means: 
    one hypothetical: war territorial dispute triggered by 
the first Second British, Ama Island War. The traditional war process is considered to be that Argentina once again sent troops and reclaimed the Malvinas Islands (Falkland Islands). The United Kingdom is convinced that Argentina is difficult to find international carriers because it does not have aircraft carriers and intercontinental ballistic missiles. Holding the island, the end of the war will still be the same as last time, with the British sending a powerful fleet to attack the island, Argentina defeated and summed, Britain won the return to the island. 
    But after considering the factors of information warfare, another situation may arise. Since information warfare will become an important weapon in future wars, Argentina can make full use of it to change its obvious weakness and counterattack Britain. And the final peace talks opportunity may also be created by the clever use of information warfare. In the war, the information warfare that Argentina can implement has the following aspects:
    1. Obstructing each other’s war preparations: Through the means of information attacks, the British military’s communication systems and equipment are ineffective, destroying the British military’s personnel and equipment database, delaying the preparations for war in the UK, and increasing the huge expenditure for this. In the end, it may even force the British government to reconsider its ability and feasibility to take military action. 
    2. Psychological warfare changes the public opinion of the British public: psychological warfare can be varied, from spreading rumors to creating false news and stories that can dominate the entire paradox. The effect of using psychological warfare alone may not be ideal, but if combined with other means of information warfare, it can produce excellent results. 
    3. Creating a national information infrastructure crisis: If Argentina can launch an effective attack on the UK’s telecommunications, telephone, rail and air traffic control information infrastructure, it will be paralyzed or awkward. In this case, the British government wants to The determination to send troops to a war thousands of miles away will be difficult. In the half-month voyage of the aircraft carrier battle group to the destination, the voices and plans for seeking a peaceful solution that accompanied the domestic panic are likely to be brewing or negotiating. 
    4. Destroy the economic and financial means of maintaining war in the UK: weaknesses and shortcomings in the financial system can be exploited to create financial crises and panic. In 1998, there was an incident in the US stock market that caused the stock index to fall 200 points in just a few minutes due to computer program errors. The cause of the incident was that when a computer program reported the proceeds of several investment funds, the data was wrong due to incorrect programming. As a result, the stock price fluctuations of these funds caused a French businessman to be shocked and first hit. The order of immediately throwing the disk, the result triggered a panic that should not have occurred, causing the stock market to plummet, and many companies and shareholders suffered heavy losses. Information warfare experts believe that such defects can be replicated by means of information. It can attract the attention of the government and create a serious illusion of economic problems, thus affecting the government’s decision-making and financial support for war. 
    Hypothesis 2: Disagreements caused by economic dependence
    Singapore is a city with a combination of international trading port, Far East financial center and Southeast Asian sea transportation center. It is economically developed and the people are rich, but it is a small country. The neighboring Malaysia is vast, but it is very poor and backward. Due to the small size of the country, Singapore’s air routes will pass through the southern part of Malaysia. This route is called the “air corridor” and it is a lifeline of Singapore. Although the two countries are both ASEAN countries, the relationship is still good, but there have been differences in how to use the “air corridor.” If one day Malaysia refuses to continue to use Singapore’s route through its airspace, the differences between the two countries may develop into a confrontation. 
    Information warfare can have many different ways of expression in this dispute. The most noticeable thing is that Singapore refused to provide advanced air traffic control services to Malaysia to pressure Malaysia to surrender and was forced to sit down and negotiate to solve the problem. And disputes. Because there is no binding clause in international law for such retaliation, once such incidents occur, it will surely attract strong attention from the international community. 
    The illusion of three: 
    a typical example of military confrontation and nuclear competition is the nuclear race and long-term military confrontation between India and Pakistan. Information weapons are likely to play a key role in resolving and eliminating this growing competition. The use of advanced electromagnetic pulse weapons, or the use of hacker infiltration methods to smash the nuclear weapons control information system and destroy the database of research data, can shake the nuclear weapons research programs of these two countries. This approach can also be extended to attack and destroy all important manufacturing, production and test equipment. 
    The illusion of the fourth: to change the attitude of a country from the eradication of the economy 
    In the information war, do not underestimate the impact of the National Information Infrastructure (NII) attack, it can give attackers an ideal opportunity to manipulate the economic situation of the other side. The direct result is that it can force hostile countries to greatly reduce their military spending, turn their financial resources to restore the economy, or force hostile countries to move from confrontation to easing.
    Let us use an imaginary information attack example to illustrate its great destructiveness: A country confronts with B. During this period, State A found that B has an important water conservancy project (such as the river dam) and the national economy and people’s livelihood. It is closely related, so the country took the means of information attack, invaded and took over the monitoring and management system of the dam, and by changing the water storage capacity of the dam reservoir, it achieved the purpose of significantly changing the climate dry humidity in a certain area of ​​B; Further, if State A puts a virus or destructive code in the dam’s control system, the reservoir’s control and regulation system suddenly fails at critical moments (such as the flood season), and as a result, the reservoir is lost due to flooding. The role of flooding, causing serious natural disasters and economic losses, in the end, the original economic advantages of the country B completely lost, under the pressure of internal and external, the country B had to succumb to the country. 
    The illusion of the fifth: the use of information weapons to obtain the same effect of using weapons of mass destruction in information warfare research, a problem that US information warfare experts are very interested in is: using information attacks, can create similar pearls of the year The massive damage effect of the Hong Kong incident? The conclusion is that, in theory, this possibility is completely present and necessary in hostile action, because it can greatly weaken the other’s ability to respond, resulting in the same possible military cost. effect. However, to achieve this, it is impossible to achieve without careful planning and sufficient resources to support and support. The US research program in this area is highly classified and unknown to outsiders. 
    The US military strategy theory believes that a country’s infrastructure can be greatly weakened by exerting a long-lasting military strike against it. But the ultimate goal of this is to clear the obstacles for the peace talks and force the other party to accept harsh conditions for peace talks. To this end, not only detailed and thorough target strike plans and multiple simulation rehearsals for attack plans, but also contingency measures in case of retaliatory counterattacks, as well as a complete command and logistics support system, etc., are required. Wait. NATO’s humanitarian signage and the brutal invasion of the Federal Republic of Yugoslavia are an actual rehearsal of this theory. 
    four. The traditional strategic defense priority theory faces severe challenges
    In the spring of 1998, American military experts Stephen Van Evra and Charles L. Glazer published the “Attack, Defence, and War Causes” in the American Journal of International Security, Vol. 22, No. 4. “The concept of “attack and defense balance point and its measurement” and many other articles, that during the Cold War after World War II, it belongs to the era of strategic defense theory. At that time, the confrontational East and West sides were evenly matched and indifferent to each other in terms of the quantity and quality of their own conventional weapons and nuclear weapons. They always tried to avoid direct conflicts and confrontation. The main concern of both sides at the time was the balance and constraints of each other. 
    But nowadays, due to the emergence of a new war mode—-the emergence of information warfare, it is possible to use information attacks to directly attack the infrastructure of a country. Especially in information warfare, the cost of the attacker is far less than that of the defender. Therefore, some military experts in the United States believe that the old strategic theory must be revised to meet the needs of the new situation. In addition, they also stressed that implementation of the new strategic theory, depends on three factors simultaneously: 
    · On the basis of a strong military machine as a backup and security, and gradually reduce the investment in traditional military equipment; 
    · globalization The neoliberal trend of thought and the appreciation and acceptance of global market mechanisms; 
    • The dependence of developed and developing countries on information infrastructure is growing. The heart of speculation can be seen here. 
    American military critic Lawrence Friedman made a profound understanding and elaboration of the above-mentioned theory among American military personnel: “Western countries (the United States and NATO) have never considered the ultimate in developing military capabilities. The way of thinking has developed to such a dangerous point: if the military strength cannot reach the full overwhelming tendency of the enemy and the enemy has no power to fight, it cannot be regarded as qualified; the purpose of military action is to follow the set. The plan creates a very favorable negotiating position for one’s own side. Therefore, this time (the introduction of the new strategic theory), it is also necessary to take the lead in the comprehensive consideration of various factors.”

Original Mandarin Chinese:

從各種新聞媒體上,我們經常可以讀到美國的信息系統和計算機網絡遭到黑客攻擊的報導,特別是當美國在世界上蠻橫霸道、挑起事端時,這種攻擊就愈發激烈。作為世界上對計算機和信息技術依賴最重、應用最普及的一個國家,美國信息系統的易受攻擊性和由其龐大數量所帶來的脆弱性,是顯而易見的。但是,我們不要忘了,美國不僅是當今世界上唯一的超級大國,而且也是頭號信息技術強國,美國對信息戰的重視程度和研究的深度,是世界上任何一個國家都無法比擬的。除理論研究外,美國還進行過多次規模不等的信息戰模擬和實戰演習。美國的信息戰戰略,與其全球軍事戰略思想的出發點一致,也是建立在攻擊性和擴張性基礎上的。在大肆宣揚甚至誇張黑客對其信息基礎設施構成了嚴重威脅的同時,另一方面,美國卻在不聲不響地為其未來在信息戰戰爭中佔據主動地位、乃至向他國發動大規模的信息攻擊,進行著積極的準備。因此,人們切不可以掉以輕心,放鬆警惕。本文擬對美國在信息戰戰略理論上的一些重要觀點做一簡要的闡述,以供參考。
一、美國對信息戰的定義
美國對信息戰理論的研究由來已久,並發布過大量這方面的研究文獻,但對信息戰的定義卻一直在不斷地修改​​和完善之中。 1996年初,美國參謀長聯席會議曾給信息戰下過一個較早的定義:
信息戰是指為奪取信息優勢,對敵方信息系統與計算機網絡等設施施加影響,並對已方的信息系統和計算機網絡等設施進行保護,所採取的信息行動。
上述的內容包括對信息基礎設施(NII)的攻擊與防護兩個方面。 1998年10月,參謀長聯席會議在最新頒布的《信息戰共同教條》中,又對信息戰的定義做了完善和補充,其中最引人注目的,就是它首次以政府文件的形式,把國家信息基礎設施(NII)列入了信息戰打擊的對象範圍之內。其要點有二:一是民用設施如電話、電力與空中交通管制系統等,將會成為信息戰攻擊的目標;二是把用任何手段干擾和破壞敵方信息決策過程的行為,付諸了條文。
上述定義說明,為了實現自己的戰略目標,美國將不惜以摧毀一個國家生死攸關的基礎設施為手段,來達到迫使對方就範的目的,而在此過程中,它並不在乎可能給平民帶來的任何損失與傷亡。 1999年4-6月在科索沃爆發的衝突中,人們就充分領教了這一點。
二、信息戰的敵方
美國對於信息戰敵對一方的定義,是十分複雜而又含混的,在《信息戰共同教條》中的定義如下:
“信息戰的敵方,是指影響我決策者的有組織、有預謀並帶有政治目的或受政治動機所激發的信息威脅與恐怖行為。對受保護的信息系統發動攻擊的黑客、個人或有組織的罪犯、內部變節者、工業和經濟間諜及恐怖主義分子,均屬此列。”
從該定義中我們可以發現,在特定情況下,美國可以把國外的個人或組織、甚至某個主權國家,都納入其信息戰的對手之列。我們不妨來打一個比方:某個第三世界國家的能源公司與美國某企業進行商談,打算購買後者生產的電力設備。由於該能源公司的信息管理系統購自荷蘭,且受荷蘭工程技術人員管理,這些管理人員在無意中知悉了這一交易,並報告了母國公司,結果使荷蘭的電力設備製造公司也介入進來,與美國公司開展競爭,最終使這筆交易的結果發生了很大的變化。於是荷蘭的這個競爭者,事實上就成了美國信息戰的敵對一方。
三、信息戰的戰略考慮
美國的信息戰戰略,是把它作為瓦解敵方,強制對手順從美國的意願,按美國的意志行事的手段之一。在《信息戰共同教條》中的闡述如下:
“在和平年月以及危機爆發的最初階段,信息戰有可能是對對方施加影響的最好的威懾手段。信息戰對於化解危機、縮短對抗週期,增強情報、外交、經濟與軍事手段的效能,盡量避免在衝突地區採用僱傭軍等,都將發揮重大的作用。”
請仔細注意上文中“在和平年月……的最好的威懾手段”這一段話,這是非常具有威脅性的辭句,因為它表明美國可以從自身的利益出發,在不宣戰的情況下向任何一個它認為是對手的國家發起信息攻擊。也就是說,美國以正式的綱領文件的形式,向世人明白無誤地聲明了信息戰將是它在和平年月時介入別國內部事務、干涉別國內政的一個有效的工具。
美國信息戰專家威廉·丘奇從上述理論出發,對未來世界上可能發生的幾種不同類型的衝突或危機,提出了幾種假想的信息戰解決手段:
假想之一:領土爭端引發的戰爭
第二次英、阿馬島戰爭。傳統的戰爭進程考慮是,阿根廷再次出兵,收回了馬爾維納斯群島(福克蘭群島),英國確信阿根廷由於沒有航空母艦和洲際彈道導彈,以及難以尋求到國際上的實質性援助,所以很難守住馬島,因此戰爭的結局仍會同上次一樣,以英國派出強大的艦隊向馬島發起進攻,阿根廷戰敗求和,英國奪回馬島而告終。
但是考慮信息戰的因素後,就可能出現另外的情況,由於信息戰在未來戰爭中必將成為一個重要的武器,阿根廷可以充分利用它來改變自己的明顯弱勢,反擊英國。並且最終的和談機會,也可能由對信息戰的巧妙運用而營造出來。在戰爭中,阿根廷可以實施的信息戰手段有以下幾個方面:
1.阻礙對方的戰爭準備:通過信息攻擊手段,使英國軍方的通信系統和設備喪失效能,破壞英軍的人員和裝備數據庫,遲緩英國的戰爭準備,並使其為此增加巨大的開支。最終,甚至可能迫使英國政府重新考慮它採取軍事行動的能力和可行性。
2.以心理戰改變英國公眾的輿論向背:心理戰的方式可以有多種多樣,從散佈各種謠言,到製造能夠主導整個輿論向背的虛假新聞和故事等等,不一而足。單獨採用心理戰的手法效果可能不會很理想,但若是與信息戰的其他手段結合使用,則可以產生出色的效果。
3.製造國家信息基礎設施危機:如果阿根廷能對英國的電信、電話、鐵路與航空管制等信息基礎設施發起有效的攻擊,使其陷入癱瘓或半癱瘓,在這種情況下,英國政府要想出兵進行一場遠在幾千英里之外的戰爭,其決心將會是很難下的。在航空母艦戰鬥群開赴目的地的半個多月航程中,伴隨著國內恐慌而誕生的尋求和平解決的呼聲及方案,很可能就已經在醞釀或商談之中。
4.破壞英國維持戰爭的經濟和財源手段:金融體制上的弱點和缺陷,可以被利用來製造金融危機和恐慌。 1998年,美國股市曾發生一起因電腦程序錯誤導致在短短幾分鐘內股指狂跌200點的事件。事件的起因是,一個電腦程序在報告幾個投資基金的收益時,由於程序設計有誤使數據出錯,結果引起這幾個基金股價的波動,一位法國商人見狀大驚失色,首先打出“立即拋盤”的指令,結果引發了一場本來不該發生的恐慌,造成股市大跌,不少企業和股東損失慘重。信息戰專家認為,這種缺陷是可以利用信息手段進行複制的,它可以吸引政府的注意力,造成一種經濟問題嚴重的假象,從而影響政府對戰爭的決策與財力支持。
假想之二:經濟依存關係導致的分歧
新加坡是一個集國際貿易港、遠東金融中心、東南亞海上交通中心於一身的城市國家,經濟發達、人民富裕,但卻是個彈丸小國;而毗鄰的馬來西亞國土遼闊,但卻十分貧困和落後。由於國土很小,新加坡的空中航線要穿過馬來西亞的南部地區,這段航線被叫做“空中走廊”,它是新加坡的一條生命線。兩國雖同屬東盟國家,關係尚好,但在如何使用“空中走廊”上一直存在分歧。如果有一天馬來西亞拒絕新加坡繼續使用穿越其領空的這條航線,兩國之間的分歧就可能會發展成為一種對抗。
信息戰在這場糾紛中可以有很多不同的表現方式,而最能引起人們注意的,就是新加坡以拒絕向馬來西亞提供先進的空中交通管制服務,來壓馬來西亞屈服,最終被迫坐下來談判解決問題和糾紛。因為國際法中沒有對這種報復行為的約束條款,一旦這類事件發生,必將引起國際社會強烈的注意。
假象之三:軍事對峙與核競賽
這方面的典型例子是印度、巴基斯坦的核競賽與長期軍事對峙。而信息武器在化解和消弭這場愈演愈烈的對抗賽中,有可能發揮關鍵的作用。利用先進的電磁脈衝武器,或者採取黑客滲透的方法來癱瘓雙方核武器的控制信息系統、破壞其存放研究資料的數據庫,可以動搖這兩個國家的核武器研究計劃。這種方法還能夠擴大到對所有重要的製造、生產與試驗設備進行攻擊和破壞。
假象之四:從搞垮經濟入手轉變一個國家的態度
在信息戰中,切不要小看對國家信息基礎設施(NII)的攻擊效果,它可以使攻擊者獲得一個理想的操縱對方經濟形勢的機會,其直接的結果,就是能夠迫使敵對國大大減少其軍事開支、將財力轉向恢復經濟,或者使敵對國被迫從對抗走向緩和。
讓我們用一個假象的信息攻擊的例子,來說明它的巨大破壞性:甲國與乙國發生對抗,在此期間,甲國發現乙國有一個重要的水利工程(如攔河大壩)與國計民生息息相關,於是甲國採取信息攻擊的手段,入侵並接管了這個大壩的監控管理系統,並通過改變大壩水庫蓄水量的做法,達到了明顯改變乙國某地區氣候乾濕度的目的;更進一步,如果甲國在大壩的控制系統中安放了病毒或破壞性的代碼,使水庫的控制調節系統在關鍵時刻(如洪澇季節)突然失靈,結果在洪水來臨時水庫喪失了應有的調節作用,造成洪水氾濫,產生嚴重的自然災害和經濟損失,最終,乙國原有的經濟優勢完全喪失,在內外壓力下,乙國不得不屈服於甲國。
假象之五:用信息武器獲得採用大規模毀傷性武器得到的同樣效果在信息戰研究中,美國的信息戰專家們很感興趣的一個問題是:利用信息攻擊手段,能否創造出類似當年珍珠港事件那樣的大規模毀傷效果?結論是,從理論上講,這種可能性是完全存在的,而且在敵對行動中非常必要,因為它能夠大大削弱對方的應變能力,從而產生要花極大的軍事代價才有可能得到的同樣效果。但是,要想做到這一點,沒有周密的計劃和足夠的資源配合與支持,是不可能實現的。美國在這​​方面的研究計劃被列入高度機密,外人無從知曉。
美國的軍事戰略理論認為,一個國家的基礎設施,可以通過對其施以長時間持續不斷的軍事打擊,來予以大大削弱。但這樣做的最終目的,是為和談掃清障礙,迫使對方接受苛刻的和談條件。為此,不但需要詳細而又周密的目標打擊計劃和針對攻擊行動方案的多次模擬預演,還要製定在遭到對方報復性反擊情況下的應變措施,以及完善的指揮與後勤保障系統,等等。北約打著人道主義招牌,對南聯盟實施的野蠻入侵行為,就是對這一理論的一次實際預演。
四.傳統的戰略防禦優先理論面臨嚴峻的挑戰
1998年春,美國軍事專家斯蒂芬·範·埃弗拉與查爾斯·L·格拉澤等人,在美國出版的刊物《國際安全》第22卷第4期上,發表了“進攻,防禦與戰爭的起因”、“攻防平衡點的概念及其度量”等多篇文章,認為二戰後的冷戰期間,屬於戰略防禦理論優先的時代。那時,對峙的東、西雙方在各自擁有的常規武器和核武器的數量與質量上,勢均力敵、難分伯仲,彼此都忌憚三分,因此總是力求避免爆發直接的衝突和對抗。當時雙方關注的主要問題,是相互的平衡與製約。
但是如今,由於新的戰爭模式—-信息戰的出現,使利用信息攻擊手段直接打擊一個國家的基礎設施成為了可能,尤其是在信息戰中,進攻方的代價要遠遠小於防禦方,因此美國的一些軍事專家們認為,必須修改舊的戰略理論,以適應新的形勢發展的需要。此外,他們還強調新的戰略理論的實施,有賴於以下三個因素的同步進行:
·在有強大軍事機器作為後盾和保障的基礎上,逐步降低在傳統軍事裝備上的投資;
·對全球化的新自由主義思潮,以及全球市場機制採取讚賞和接受的態度;
·發達國家和發展中國家對信息基礎設施的依賴越來越大。叵測之心,於此可窺一斑。
美國軍事評論家勞倫斯·弗里德曼,對美國軍方人士中的上述理論,作了深刻的認識和闡述:“西方國家(美國和北約)在發展軍事能力上,是永遠沒有終極考慮的。其思想方式已經發展到瞭如此危險的地步:軍事實力若不能達到對敵呈完全壓倒之勢、使敵方毫無招架之力,則不能算做合格;軍事行動的目的,就是要按照即定的計劃,為己方製造出一個極為有利的談判地位。因此這一次(新的戰略理論思想的提出),同樣是在綜合考慮各種因素的前提下,要想把先機佔盡。”

Original Referring url: http://old.globalview.cn/

The most comprehensive Chinese cyber attack simulation tool inventory in history // 史上最全面的中國網絡攻擊模擬工具庫存

The most comprehensive Chinese cyber attack simulation tool inventory in history //

史上最全面的中國網絡攻擊模擬工具庫存

Lead: Simulated attacks provide a way to test the network’s ability to recover from advanced attacks, but in a simulated attack environment, all tests are automatically run by the system. If this is a true “attack,” the system will not run these attacks with simulated features. Still, “attack simulation” can help you verify your security tools.

The most comprehensive attack simulation tool inventory in history

Every once in a while, the security industry will have a new buzzword and introduce terms that sound cool and appealing. For example, the recent “adversary emulation” vocabulary, I translated it in this article as “attack simulation.” Let us first understand what it really means. Simulated attacks provide a way to test the network’s ability to recover from advanced attacks, but in a simulated attack environment, all tests are automatically run by the system. If this is a true “attack,” the system will not run these attacks with simulated features. Still, “attack simulation” can help you verify that your security tools are running as required, whether closed source or open source, to help run these simulation tests. In fact, MITRE has also developed an ATT&CK , ATT&CK is a curated knowledge base and model of cyberattack behavior, reflecting changes in the various stages of the attacker’s life cycle. ATT&CK is useful for understanding security risks against known attacks, planning for security improvements, and verifying that defenses work as expected. Most security tools seem to use this framework. Let’s take a look at the list of attack simulation tools.

The most comprehensive attack simulation tool inventory in history

Open source attack simulation tool

1.CALDERA: CALDERA provides an intelligent automated attack simulation system that reduces the resources required by security teams for routine testing, enabling them to solve other critical issues.

The most comprehensive attack simulation tool inventory in history

It can be used to test endpoint security solutions and assess the security posture of the network based on common attack techniques in the ATT&CK model. CALDERA uses the ATT&CK model to identify and simulate attack behavior, click here to download CADERERA .

2.Metta: Uber recently opened up this hostile simulation tool, which was generated by several internal projects. Metta uses Redis/Celery, Python and VirtualBox for hostile simulation so users can test host-based security systems. In addition, users can test other network-based security detection and control, but it depends on how it is set up. Metta is compatible with Microsoft Windows, MacOS and Linux endpoints, click here to download Uber Metta .

3. ATP Simulator: ATP Simulator is actually a set of Windows Batch scripts. Its main function is to simulate the activity of an attacker, not to simulate the activity of malware. ATP Simulator uses a set of tools and output files to make the system appear to be attacked. It can help you simulate a real attack environment in a more realistic way. Obviously, this is a Windows-only solution, click here to download ATP Simulator .

4. Red Team Automation: Recently, network security company Endgame has released the source code of Red Team Automation, a set of executables with 38 scripts and support to generate reliable components corresponding to the technology in the ATT&CK framework. To date, Red Team Automation offers 50 components supported by ATT&CK technology, and the number will increase in the future. I believe this tool provides very good endpoint detection and response (EDR) coverage.

The most comprehensive attack simulation tool inventory in history

Red Team Automation supports Microsoft Windows and is coded in python. It can also perform anti-forensics operations, maliciously propagate, bypass UAC (User Account Control), etc. Click here to download Red Team Automation .

5. Invoke -Adversary: Invoke-Adversary is a PowerShell script that evaluates security products and monitoring solutions based on the extent of APT attacks. Let’s just say that this tool is a newcomer in the field of attack simulation. Microsoft’s call attack is a PowerShell script. Inspired by the APT simulator, Invoke-Adversary has tested for persistent attacks, credential access, evasion detection, information collection, commands, and controls. Click here to download Invoke-Adversary .

6. Atomic Red Team: It is a new automated testing framework for security design. The Atomic Red Team was launched in 2017 and is an open source testing framework that tests users’ attack detection capabilities. It is called “atomic” because it can be used as a small component for small or large security teams to simulate the activities of a specific attacker.

The Atomic Red Team maps small, portable inspection tests to the Mitre ATT&CK framework, which is not automatic, but supports Microsoft Windows, MacOS and Linux styles. Click here to download Atomic Red Team .

7. Infection Monkey: Infection Monkey is a data center security detection tool released by Israeli security company GuardiCore at the 2016 Black Hat Conference. It is mainly used for automated detection of data center boundaries and internal server security. The tool is divided into Monkey (scanning and exploiting side) and C&C server (equivalent to reporter, but only for collecting information about monkey detection). Simply put, it is another open source vulnerability and attack simulation tool.

The most comprehensive attack simulation tool inventory in history

It is also coded in Python for Microsoft Windows and Linux systems. Click here to download Infection Monkey .

8. Blue Team Training Toolkit (BT3): This tool is a defensive security training software that takes your network analysis training courses, incident response drills and teamwork to the next level. This toolkit allows you to create realistic computer attack scenarios while reducing infrastructure costs, implementation time and risk.

The most comprehensive attack simulation tool inventory in history

It is written in Python and includes the latest versions of Encripto’s Maligno, Pcapteller and Mocksum. It also contains multiple malware indicator profiles, click here to download Blue Team Training Toolkit v2.6.

9. DumpsterFire : DumpsterFire is a modular, menu-driven, cross-platform Python tool for building custom, delayed distributed security events. Security personnel can use it to easily create custom event chains such as sensors or alert mappings, click here to download DumpsterFire v1.0.0 .

10. AutoTTP: Abbreviation for Automated Tactics Techniques & Procedures, AutoTTP based on the attack life cycle model . It uses a purely PowerShell and Python late exploit agent tool – Empire, click here to download AutoTTP .

The following open source tools are worth mentioning, but they are not technically an analog attack tool.

1. RedHunt operating system: The goal of the RedHunt operating system is to actively identify the attacks in the environment by integrating the attacker’s arsenal and the defender’s toolkit, thus becoming a one-stop security detection store that meets all your attack simulation and attack requirements. . The basic device is Lubuntu-17.10.1 x64. It contains the following tools for different purposes:

Attack Simulation: Caldera, Atomic Red Team, DumpsterFire, Metta, RTA, Nmap, CrackMapExec, Responder, Zap.

Recording and monitoring: Kolide Fleet, ELK (Elasticsearch, Logstash and Kibana) stack

Open Source Intelligence (OSINT): Maltego, Recon-ng, Datasploit, Thearvestor

Attack Information Analysis: Yeti, Harpoon

Click here to download RedHunt OS Beta v1

2. Invoke-ATTACKAPI : This is an open source PowerShell script that interacts with the MITRE ATT&CK framework through its own API to gather information about attack techniques, policies, etc. Click here to get this script.

Enterprise-class simulation attack tool

1. Cobalt Strike : Cobalt Strike is the commercial version of Armitage. Armitage is a Java-written Metasploit graphical interface attack software that can be used in conjunction with attacks known by Metasploit to automate attacks against existing vulnerabilities.

2. Israel’s network security company Cymulate : Cymulate is mainly for attack simulation of the following scenarios, such as simulated attack WAF, simulated attack mailbox, DLP attack test, SOC simulation test, mailbox test, ransomware test, Trojan, Payload penetration test, etc. . The main purpose of these tests is to improve the product, rich security awareness of employees, and the corresponding ability to detect and attack techniques to enhance. For example, the use of email and phishing attacks can count the number of users in the move.

3. Immunity Adversary Simulation : This platform allows you to build advanced permanent attack models from within the infrastructure and assess how the security team responds to live real attacks on the network.

4. SafeBreach: This software platform simulates attack violations throughout the kill chain without affecting users or infrastructure. Look here.

5. Network Security Startup SafeBreach : Founded in 2014, SafeBreach is headquartered in Delaware, USA, and is committed to revolutionizing the way the network security industry performs risk verification. The company provides users with a continuous security verification platform, using a centralized management system, combined with a complete hacking network method “script”, from the central location to manage the intrusion simulator of the distributed network, the simulator can play virtual hackers in the real world. The role, from the “hacker’s point of view” to actively demonstrate the cyber security risks of the enterprise. Users can verify their security control performance through this platform, analyze the impact of this attack on the company’s system and the effectiveness of the attack defense, so as to obtain sufficient time advantage to repair network risk vulnerabilities and improve the enterprise security operation and maintenance center. (SOC) Analyst responsiveness. In essence, this platform is to allow any enterprise to intuitively see how it will cope when it encounters a network attack in real life.

6. SimSpace ; SimSpace seems to be using Wormhole.

7. AttackIQ FireDrill : AttackIQ’s simulated attack platform, FireDrill, can launch simulated attacks against customers’ networks and test for flaws and vulnerabilities in defense systems.

8. Verodin Instrumented Security Platform : This platform proactively identifies configuration issues in the security stack and reveals the real difference between the attacker, the attack process, and the attack technology.

The above list does not include services such as MDSec’s ActiveBreach, Nk33, FusionX, Red Siege, Spectre Ops and TrustedSec, as they are implemented by real people.

Original Mandarin Chinese:

導語:模擬攻擊提供了一種用來測試網絡在應對高級攻擊時的恢復能力,不過在模擬攻擊環境下,所有測試均由系統自動運行如果這是一個真正的“攻擊”,系統將不會運行這些具有模擬特點的攻擊。儘管如此,“攻擊模擬”還是可以幫助你驗證你的安全工具

史上最全攻擊模擬工具盤點
每隔一段時間,安全行業就會出現一個新的熱門詞彙,並引入聽起來很酷以及吸引人們興趣的術語。比如最近出現的“adversary emulation”詞彙,我在本文將其翻譯為“攻擊模擬” 。首先讓我們先來了解它的真正含義,模擬攻擊提供了一種用來測試網絡在應對高級攻擊時的恢復能力,不過在模擬攻擊環境下,所有測試均由系統自動運行。如果這是一個真正的“攻擊”,系統將不會運行這些具有模擬特點的攻擊。儘管如此,“攻擊模擬”還是可以幫助你驗證你的安全工具是否按要求運行,無論是閉源還是開源,它都有助在運行這些模擬測試。事實上,MITER還開發了一種ATT&CK,ATT&CK是網絡攻擊行為的策劃知識庫和模型,反映了攻擊者生命週期的各個階段變化.ATT&CK對於理解針對已知攻擊行為的安全風險,規劃安全改進以及驗證防禦措施是否按預期工作很有用。大多數安全工具似乎都使用了這個框架。下面,就讓我們來看看攻擊模擬工具的列表。

史上最全攻擊模擬工具盤點
開源攻擊模擬工具

1.CALDERA:CALDERA提供了一個智能的自動化攻擊模擬系統,可以減少安全團隊進行常規測試所需的資源,使他們能夠解決其他關鍵問題。

史上最全攻擊模擬工具盤點
它可用於測試端點安全解決方案,並根據ATT&CK模型中常見的攻擊技術評估網絡的安全狀況.CALDERA利用ATT&CK模型來識別和模擬攻擊行為,點擊這裡下載CALDERA。

2.Metta:烏伯最近開源了這個敵對模擬工具,它是由多個內部項目產生的.Metta使用的Redis /芹菜,蟒和VirtualBox的進行敵對模擬,這樣用戶就可以測試基於主機的安全系統另外用戶還能測試其他基於網絡的安全檢測和控制,不過這具體取決於設置的方式.Metta與Microsoft Windows,MacOS和Linux端點兼容,點擊這裡下載Uber Metta。

3.ATP模擬器:ATP模擬器其實就是一套Windows Batch腳本集合,它的主要功能就是模擬攻擊者的活動,而並非模擬惡意軟件的活動.ATP Simulator會使用一組工具和輸出文件使系統看起來好像是被攻擊了。它可以幫助你以更真實的方式模擬真實的攻擊環境。顯然,這是一個僅限Windows的解決方案,點擊這裡下載ATP模擬器。

4.Red Team Automation:最近網絡安全公司Endgame公開了Red Team Automation的源代碼,它是一組有著38個腳本和支持的可執行文件,可生成與ATT&CK框架中的技術相對應的可靠組件。截至目前,紅隊自動化提供50種由ATT&CK技術支持的組件,將來數量還會增加。我相信,這個工具提供了非常好的端點檢測和響應(EDR)覆蓋。

史上最全攻擊模擬工具盤點
Red Team Automation支持Microsoft Windows,並且使用python進行編碼,另外它還可以執行反取證操作,進行惡意傳播,繞過UAC(用戶帳戶控制)等等,點擊這裡下載Red Team Automation。

5.Invoke-敵手:調用-敵手是一個基於APT攻擊程度,來評估安全產品和監控解決方案的PowerShell的腳本這麼說吧,該工具是攻擊模擬領域的新人,微軟的調用攻擊就是一種PowerShell的腳本。可能是受到了APT模擬器的啟發,截至目前,調用-敵手具有測試持久性攻擊,憑證訪問,逃避檢測,信息收集,命令和控制等功能,點擊這裡下載調用-敵手。

6.Atomic Red Team:它是針對安防設計的新型自動化測試框架,Atomic Red Team是在2017年推出的,是一個開源測試框架,可以測試用戶的攻擊檢測能力。之所以稱之為為“atomic(原子) )“,是因為它可以作為小型組件,方便小型或大型安全團隊使用,用來模擬特定攻擊者的活動。

Atomic Red Team會員小巧便攜的檢測測試映射到Mitre ATT&CK框架,該框架不是自動的,但支持Microsoft Windows,MacOS和Linux風格,點擊這裡下載Atomic Red Team。

7.感染猴子:感染猴子是一款由以色列安全公司GuardiCore在2016黑帽大會上發布的數據中心安全檢測工具,其主要用於數據中心邊界及內部服務器安全性的自動化檢測。該工具在架構上,則分為猴(掃描及漏洞利用端)以及C&C服務器(相當於記者,但僅僅只是用於收集猴探測的信息)。簡單說,它是另一個開源漏洞和攻擊模擬工具。

史上最全攻擊模擬工具盤點
它也用Python編碼,適用於Microsoft Windows和Linux系統,點擊這裡下載Infection Monkey。

8.藍隊培訓工具包(BT3):該工具是用於防禦性安全培訓的軟件,它將你的網絡分析培訓課程,事件響應演練和團隊合作提升到一個新的水平。該工具包允許你創建逼真的計算機攻擊場景,同時降低基礎架構成本,實施時間和風險。

史上最全攻擊模擬工具盤點
它是用Python編寫的,包括Encripto的Maligno,Pcapteller和Mocksum的最新版本。它還包含多個惡意軟件指示符配置文件,點擊這裡下載Blue Team Training Toolkit v2.6。

9.DumpsterFire:DumpsterFire是一個模塊化的,菜單驅動的跨平台Python工具,用於構建自定義的,延遲的分佈式安全事件。安全人員可以利用它輕鬆創建比如傳感器或警報映射(alert mapping)的自定義事件鏈,點擊這裡下載DumpsterFire v1.0.0。

10.AutoTTP:Automated Tactics Techniques&Procedures的縮寫,AutoTTP基於攻擊生命週期模型(攻擊生命週期模型)。它使用了一個純碎的PowerShell和Python後期漏洞利用代理工具–Empire,點擊這裡下載AutoTTP。

以下開源工具值得一提,不過它們在技術上不屬於模擬攻擊工具

1.RedHunt操作系統:RedHunt操作系統的目標是通過集成攻擊者的武庫以及防御者的工具包來積極識別環境中的攻擊,從而成為一站式安全檢測商店,滿足你的所有攻擊仿真和攻擊要求。基本設備是Lubuntu-17.10.1 x64。它包含以下用於不同目的的工具:

攻擊仿真:Caldera,Atomic Red Team,DumpsterFire,Metta,RTA,Nmap,CrackMapExec,Responder,Zap。

記錄和監測:Kolide Fleet,ELK(Elasticsearch,Logstash和Kibana)堆棧

開源智能(OSINT):Maltego,偵察-NG,Datasploit,Thearvestor

攻擊信息分析:Yeti,Harpoon

點此下載RedHunt OS Beta v1

2.Invoke-ATTACKAPI:這是一個開源的PowerShell腳本,通過自己的API與MITER ATT&CK框架進行交互,以收集有關攻擊技術,策略等信息,點擊這裡獲取這個腳本。

企業級模擬攻擊工具

1.Cobalt Strike:Cobalt Strike是Armitage商業版,Armitage是一款Java寫的Metasploit圖形界面的攻擊軟件,可以用它結合Metasploit已知的攻擊來針對存在的漏洞自動化攻擊。

2.以色列的網絡安全公司Cymulate:Cymulate主要是針對以下場景進行攻擊模擬,例如模擬攻擊WAF,模擬攻擊郵箱,DLP攻擊測試,SOC模擬測試,郵箱測試,勒索軟件測試,木馬,有效載荷滲透攻擊測試等。這類測試的主要目的是完善產品,豐富員工的安全意識,以及相應的攻擊技術能力檢測和提升。舉個例子,利用郵箱以及可以統計釣魚攻擊有多少用戶中招。

3.Immunity Adversary Simulation:該平台允許你從基礎架構內建立高級永久性攻擊模型,並評估安全團隊如何應對網絡上活躍的真實攻擊。

看看該軟件平台模擬整個殺戮鏈中的攻擊違規方法,而不會影響用戶或基礎設施這裡:4.SafeBreach。

5.網絡安全初創公司SafeBreach:SafeBreach創立於2014年,總部位於美國特拉華州,致力於革新網絡安全行業風險驗證的方式。公司為用戶提供一個持續性安全驗證平台,採用集中管理系統,結合完整的黑客入侵網絡方法“劇本”,從中心位置管理分佈式網絡的入侵模擬器,模擬器能夠在現實世界中扮演虛擬黑客的角色,從“黑客的角度”主動展示企業存在的網絡安全風險。用戶可以通過這一平台驗證自己的安全控制性能,分析這種攻擊對於公司系統的影響力及攻擊防禦的有效性問題,從而獲得充足的時間優勢來修復網絡風險漏洞,並提高企業安全運維中心(SOC)分析師響應能力。實質上,這一平台就是可以讓任何企業直觀的看到在現實生活中遇到網絡攻擊時,自己將如何應對。

6.SimSpace; SimSpace似乎在使用蟲洞。

7.AttackIQ FireDrill:AttackIQ的模擬攻擊平台FireDrill可以針對客戶的網絡展開模擬攻擊,測試防禦系統的缺陷和漏洞。

8.Verodin儀表化的安全平台:該平台會主動識別安全堆棧中的配置問題,並揭示攻擊者,攻擊流程和攻擊技術之間的真實區別。

以上列表不包括諸如MDSec的ActiveBreach,Nk33,FusionX,Red Siege,Spectre Ops和TrustedSec等服務,因為它們是由真人實施的。

Original Referring url: http://www.4hou.com/web/11241.html

Chinese Military Information Warfare Attacks on Mind and Spirit // 中國軍隊信息戰隊思想和精神的攻擊

Chinese Military Information Warfare Attacks on Mind and Spirit //

中國軍隊信息戰隊思想和精神的攻擊

June 01, 2004 08:58
  If the 1991 Gulf War was the first time that the United States brought information warfare from the research report to the actual battlefield, then the Iraq war that ended last year may be the further development of information warfare in actual combat. Information warfare, as the focus of the new military revolution in the 21st century, has increasingly attracted people’s attention. However, through the information campaign to study the lively scenes, we will find that quite a few people only understand information warfare from the perspective of military and technology alone, but information warfare is not so simple. 

  Information warfare is a new emergence of human beings entering the information age. a phenomenon of war. It is not a simple style of warfare, but a new form of warfare relative to firepower. The emergence of information warfare has formed a major breakthrough in many traditional war concepts such as the object of war, the boundaries of war, and the content of war. Among them, the focus should be on the ideological and spiritual side of information warfare. 

  What you see is only the tip of the iceberg 

  . There are dozens of concepts about information warfare in the world. However, many of them only understand information warfare from the military and technical perspectives. Even the United States, which is in the leading position of information warfare, is only from the last It was only at the end of the century that this issue was considered from a strategic and social point of view. This is not comprehensive. An important prerequisite for understanding information warfare is that information warfare should not be viewed simply with the war view of the industrial age. In the information age, computers and networks have dramatically changed the shape of war in the past. In the information war, the army and the society, the military and civilians, the war and the crime, the state and the individual have been intertwined in many cases, and they are unclear and unreasonable. 

  Information warfare broadly refers to the war against the information space and the competition for information resources in the military (including political, economic, cultural, scientific, and social fields). It mainly refers to the use of information to achieve the national strategic goals; narrowly Refers to the confrontation between the warring parties in the armed field in the field of information, and seizes the right to control the information. It should be emphasized that information warfare is not a simple military technical issue and should not be understood as a combat style. Information warfare is actually a form of war.

  The term “information” is understood relative to the times, and corresponds to the agricultural and industrial eras; in terms of social forms, it is also in line with agricultural and industrial societies. At the same time, it is one of the three major resources that human beings must compare with matter and energy. Investigating information warfare, only by knowing at this level can we reveal information warfare in the true sense. 

  The rise of information warfare lies not in what kind of nouns it uses, nor in the war nouns. It is as simple as the buzzwords of “information,” “information,” “information age,” and “digitalization.” It is the inevitable result of the development of society and science and technology, with revolutionary and epoch-making significance. The information wars that emerged at the end of the 20th century, or the information wars we have seen, are only the tip of the iceberg, and are only partial and limited information wars embodied in the military field. Only when the world reaches full network and the earth becomes a small village in the true sense can we see the broad and real information war. 

  Information warfare is not just  about the military. When it comes to information warfare, people often think of the army first. Indeed, in the traditional war, the army is the protagonist of the war, and the battlefield is also the stage of the military. Under the conditions of information warfare, the situation is very different. The scope of the battlefield has greatly expanded, and the war has become far more than just military affairs, but has developed into a national war under high-tech conditions. Information warfare is not only carried out through the military, but also through the entire social network. With the construction of the world information highway, information warfare has been difficult to define boundaries. Any social NGO or even an individual who has ordinary computer equipment and masters computer communication technology may use a globally connected computer and communication system to participate in an information war. 

  The information warfare is not only the main manifestation of the army: First, the participants in the information war are no longer limited to military personnel, but also include ordinary people. Information warfare combatants can be either regular soldiers or teenage hackers. Second, many of the weapons and equipment used in information warfare, such as computers and optical instruments, can no longer be military supplies, and are available in the civilian goods market. Take the United States, an information war powerhouse, as an example. The US military’s information warfare system relies heavily on civilian information infrastructure. Senior US military personnel referred to the informationization of the US military’s military as “buy from the market.” Third, information warfare is not only on the battlefield, but on the entire society. “The battlefield is only where the soldiers are killed. It no longer covers information warfare.”

  Information warfare is not only played in wartime. 


  Since the war, the attackers launched wars, and the defenders resisted aggression, and they must be prepared for war. In particular, mechanized warfare has shown obvious phase and proceduralization. In the war of information age, the boundaries between war preparation and implementation are increasingly blurred and even mixed. Looking around the world, it is not difficult to find that information powers are fighting almost every day: public opinion, intelligence confrontation, network reconnaissance, and so on. These are actually information wars that have transformed form, and can be called public opinion warfare, intelligence warfare, and cyber warfare. 

  In the Iraq war, the power of public opinion wars opened the eyes of the world. It has been said that the “discussion war”, one of the forms of information warfare, has been going on since the war. Earlier cases of “public opinion wars” can be traced back to the “Oath of the Oath” of China’s Xia Dynasty and later “Looking for Cao Yuwen” and “Discussing Wushu”. The “discussion of public opinion” has no boundaries between wartime and peace. It controls, manipulates, plans, and utilizes various public opinion tools to systematically deliver selected information to the audience, affecting the audience’s emotions, motivations, judgments, and choices, thus having a major and direct impact on the outcome of the war. As for the information warfare and cyber warfare in the information war, it is even more ignoring the difference between wartime and peacetime. At that time, the US Clinton Administration put forward the idea of ​​building an information highway and promoting global informationization. This move has made the world believe that the United States is leading the human society into the information age. However, the strategic intention of the United States is actually that when the informationization of human society is still in a blank, it will expand the information territory of the United States in order to occupy the opportunity of informationization. As a result, the future development of global informationization will follow the US road map. The United States can integrate the countries of the world into the informatization map of the United States. Looking at it now, this strategic attempt by the United States is far more effective than winning a war of blood and hurricanes.

  When information warfare is not only a battle, this is not only manifested in the blurring of the preparation and implementation of information warfare, especially in the attack of information warfare on people’s thoughts and spirit. The formation of thoughts and spirits is a subtle process. Through the information superiority, we can achieve the goal of “no war and defeated soldiers” or “less war and defeated soldiers”. The general approach is to use information superiority to create contrast between the enemy and the enemy, use psychological warfare and strategic deception to shake, frustrate the enemy’s military, people’s hearts and government beliefs, and destroy the enemy’s normal political and economic operation system. Means can put the enemy in a state of paralysis, curb the will of the hostile country to wage war, or deprive it of its ability to war. 

  In the 1980s, the scenes of the US-Soviet confrontation were very interesting. Reagan, the US president who is good at acting, has proposed an aggressive “Star Wars” plan, claiming to make all the strategic nuclear missiles of the Soviet Union useless. As soon as the plan was announced, the United States started to promote all the propaganda machines and caused a great sensation in the world. The Soviet leaders convened an emergency meeting in succession and decided to resolutely respond to the blood and establish a strategic defense shield of the Soviet Union. In fact, the “Star Wars” program in the United States only carried out a little bit of technical experimentation. It didn’t cost much at all, but a movie of the same name “Star Ball” was popular in the world. However, the Soviets were very hardworking and hard work. When the national economy was on the verge of collapse, the vast ruble was still thrown into the arms race. The Soviet Union, which had been unable to do so, ran out of the last drop of blood after seven years. It cannot be said that the collapse of the Soviet economy and the collapse of the regime were not dragged down by the US information war. 

  Paying attention to the people’s war that defends the boundaries of 

  information. Under the conditions of information warfare, national sovereignty has a new content. The extension of national security has expanded and its connotation has become more abundant. The influence of information warfare is no longer limited to the military field, but radiates to the whole. Human society. Under the conditions of information warfare, the important magic weapon for a weak country to defeat a powerful country is the people’s war. Only by insisting on the people’s war under the conditions of information warfare can we effectively defend the national information territory and safeguard national information sovereignty. In addition to information technology and tactics, the most important thing is to grasp the construction of the information talent team and build the two lines of the national spirit defense line in the information age. 

  Those who have talents are in the world. The outcome of the information warfare depends to a large extent on human factors, and must be supported by a large number of high-tech information warfare personnel.

  In the information warfare, a small number of top information talents can often play a key role in the outcome of the war. During the Second World War, in order to grab a German atomic physicist, the US military changed the direction of the attack of the three Army divisions. After the end of World War II, the history of “the wise man grabbed the people, the fools took the device” was even more intriguing. In the East, the Soviets were busy carrying the seized tanks and cannons; in the West, Americans hurriedly transported more than 3,000 German scientists back home. More than half a century has passed, and the country that grabbed talents is still continuing to write a history of robbing people, and its economy, technology and military are incomprehensible. The country that robbed the weapon was now facing the reality of being robbed. After the disintegration, the Soviet Union had tens of thousands of outstanding scientific and technological talents to change their positions to serve the opponents of the year. As a commanding height of military struggle, the struggle for talents is more decisive in the military contest of the information age. 

  Compared with the “hard killing” brought about by information warfare, the “soft killing” of information warfare is even more terrible. The spiritual realm is the most “window of vulnerability” under the conditions of information warfare. 

  As information technology becomes more developed, channels become more and more fluent, and information sources are more extensive. People will get more and more information and get information faster and faster. The means of modernization have transmitted the information to be transmitted to the countries of the world effectively without any restrictions. At present, developed countries pay great attention to using their advanced information technology to establish a global network of radio, television, and computer networks, thereby exporting their political opinions and values ​​on a large scale and expanding the information frontier. As a result, countries with backward informationization have been subjected to a strong spiritual impact. Therefore, in order to win the people’s war under the conditions of information warfare, from the individual, the media, the army to the whole country, we must comprehensively enhance the awareness of information and national defense, establish the concept of defending the national information territory and information boundary, and consciously build an invisible spiritual defense line. 

  Related Links 

  Scanning the overall situation of the world information war It 

  can be said that the development of the world information warfare has gone through three stages. 

  The first stage: the period of information warfare before the Gulf War in 1991; the 

  second stage: the implementation and maturity of the information war after the Gulf War to 1998; the 

  third stage: the development period of the information warfare after 1998 .

  At present, the new military revolution triggered by information warfare is still going on around the world. The transformation of mechanized warfare into information warfare has been fully carried out in the world. The armed forces of major countries around the world are adjusting their strategies and tactics, preparing equipment, and combat training in accordance with the information warfare, in preparation for winning information warfare. All the wars after the Gulf War have been marked with traces of information warfare. The power of information warfare is impacting all areas of society. 

  Information warfare techniques and techniques click 

  Currently, the world’s countries in the application and development of information warfare technology are mainly: 

  1. Reconnaissance and surveillance technology. Various means of reconnaissance, surveillance, early warning and navigation, including space-based, space-based, sea-based and foundation. 

  2. Platform integrated information warfare system. Realize radar warning, missile launch and attack alarm, information support, information interference and avoidance, and synergistic integration, and integrate with other information equipment on the platform to achieve information sharing. 

  3. Network command and control warfare technology. 4. Computer virus technology. 

  5. Attacking weapons technology. Including electromagnetic pulse weapons, ultrasonic weapons and infrasound weapons. 6. Advanced electronic countermeasures technology. 

  The latest information warfare equipment glimpse 

  In the development of information warfare weapons, in recent years, the following equipments have been developed or put into active service in various countries. 

  1. The Joint Surveillance and Target Attack Radar System is a battlefield information processing system that accurately detects moving and fixed targets to cope with the implementation of long-range precision strikes, and provides commanders with important information about combat development and combat management. 

  2. The Joint Tactical Air-to-Ground Information Station is a weapon support system that processes the vital information needed for space-based sensor data and operational capabilities for early warning missile launches. 

  3. A beam-energy weapon can penetrate targets hundreds of kilometers or even thousands of kilometers in an instant without leaving a “hard injury”, especially for the direct destruction of high-precision guided high-tech weapons. Therefore, it is considered to be tactical air defense and anti-armor. Optoelectronic countermeasures and even strategic anti-missile, anti-satellite, anti-satellite, multi-purpose ideal weapon for all spacecraft.

  4. Smart warfare, woven with a fiber optic network and a conductive polymer network, and a miniature measurement system that monitors the soldier’s physical condition. In the future battlefield, a soldier was injured. At the moment of his fall, the medical staff at the ambulance center can accurately determine whether it is a bullet or a knife wound, where the injured part is, and other basic injuries. 

  In addition, there are military robots, shipboard electronic warfare systems, high-power RF amplifier technology, advanced antenna technology and signal processing technology. 

  The information 

  warfare is fiercely competitive. Looking at the world, more than 20 countries including Britain, France, Israel, and Russia have conducted in-depth research on information warfare. The development of information warfare in the United States is at the forefront of the world, mainly in technology, equipment, and theory. 

  United States: The information war strategy was changed from defense to attack. In order to improve the US military’s information warfare technical capabilities, the US Department of Defense has a specialized information system processing agency responsible for maintaining the 2.5 million computers used by the US military. It is also studying how to improve the attack capabilities of computers and create communication networks and financial systems that destroy hostile countries. And the intrusion of the power system. As early as the fall of 2000, the US Space Command Center began to develop aggressive computer weapons. This means a major adjustment in the US military’s information war strategy—from strategic defense to strategic attack. 

  Russia: The focus of information warfare is on “Heavenly Soldiers.” The development of information warfare in Russia has concentrated on the development of “Heavenly Soldiers” — the astronauts. In 2002, Russia invested about 31.6 billion rubles for space research, 5.4 billion rubles for the development of global navigation systems, and strengthened the development of lasers, high-power microwaves and anti-satellite weapons. 

  Japan: Accelerate the formation of information warfare units. The Japanese Defense Agency is forming an information warfare force of 5,000 people, focusing on the development of cyber weapons as the focus of future defense plans, and speeding up the construction of the Japanese Army’s digital forces.

  EU and other Western countries: embarking on the construction of digital troops. Countries such as France, Germany, Britain, Canada, Australia, the Netherlands and Sweden are also developing platforms and individual C4I systems. More than 10 countries, including France, Britain, Germany, Australia, Canada, Italy, and Israel, are embarking on the implementation of digital military and digital battlefield construction plans. Among them, most countries are concentrating human and financial resources to develop the equipment needed for digital units, and a few countries in the past have conducted several digital force test exercises. In the future, while the above-mentioned countries continue to develop the digital “hardware” of the battlefield, they will begin to consider the composition of the digital units, and more countries will join the ranks of the digital construction of the troops.  

Source: China National Defense News

Original Mandarin Chinese:

如果說,1991年的海灣戰爭是美國第一次把信息戰從研究報告中搬上實戰戰場,那麼去年結束的伊拉克戰爭也許就是信息戰在實戰中的進一步發展。信息戰,作為21世紀新軍事革命狂飆的重心,已經越來越引起人們的重視。然而,透過信息戰研究熱鬧的場面,我們會發現,相當多的人們只是從單純軍事和技術的角度認識信息戰的,但信息戰其實並不這麼簡單——

信息戰是人類進入信息時代新出現的一種戰爭現象。它不是一種簡單的作戰樣式,而是相對於火力戰的一種新的戰爭形態。信息戰的出現對諸如戰爭對象、戰爭界限、戰爭內容等許多傳統戰爭理念都形成了重大突破,其中尤其應該引起關注的是信息戰攻擊思想和精神的一面。

看到的只是冰山一角

目前世界上關於信息戰的概念有幾十種,然而,很多卻只是單純從軍事和技術的角度來認識信息戰的,即使處於信息戰領先地位的美國也只是從上個世紀末才開始從戰略高度和社會意義上思考這個問題,這很不全面。認識信息戰的一個重要前提是,不應該簡單地用工業時代的戰爭觀來看待信息戰。信息時代,電腦和網絡大大改變了以往的戰爭形態。信息戰中,軍隊與社會、軍人與平民、戰爭與犯罪、國家與個人在很多情況下已經交織在一起,分不清,理還亂。

信息戰廣義地指對壘的軍事(也包括政治、經濟、文化、科技及社會一切領域)集團搶佔信息空間和爭奪信息資源的戰爭,主要是指利用信息達成國家大戰略目標的行動﹔狹義地是指武力戰中交戰雙方在信息領域的對抗,奪取制信息權。需要強調的是,信息戰不是一個簡單的軍事技術問題,不應該被理解為一種作戰樣式。信息戰實際上是一種戰爭形態。

“信息”這個名詞相對於時代來理解,是與農業時代、工業時代相對應的﹔就社會形態而言,又是與農業社會、工業社會相呼應。同時,它又是與物質、能量相提並論的人類必須的三大資源之一。考察信息戰,隻有從這個層次上去認識,才能揭示真正意義上的信息戰。

信息戰的崛起不在於它用了什麼樣的名詞,也不是戰爭名詞上冠以“信息化 ”、“信息”、“信息時代”、“數字化”這些時髦的詞藻那麼簡單。它是社會和科技發展的必然結果,帶有革命性、劃時代的意義。 20世紀末出現的信息戰,或者說我們已經看到的信息戰只是冰山之一角,僅僅是體現在軍事領域中的局部和有限的信息戰。隻有當世界達到全面網絡化,地球成為真正意義上的小村落時,我們才能看到那種廣義上、真正的信息戰。

信息戰不隻靠軍隊打

一提起打信息戰,人們往往首先就想到軍隊。確實,傳統戰爭中,軍隊是戰爭的主角,戰場也主要是軍人的舞台。信息戰條件下,情況則大不一樣。戰場的範疇大大擴展,戰爭變得遠遠不只是軍隊的事情,而是發展成高技術條件下的全民戰。信息戰不只是通過軍隊,同時也可以通過全社會網絡來實施。隨著世界信息高速公路的建設,信息戰已難以劃定界限。任何社會民間組織甚至個人隻要擁有普通計算機設備、掌握計算機通訊技術,都有可能利用全球聯網的計算機與通信系統參與一場信息戰。

信息戰不隻打軍隊主要表現在:第一,信息戰的參與者不再僅限於軍人,而且還包括普通民眾。信息戰作戰人員既可以是正規軍人,也可以是十幾歲的少年黑客。第二,信息戰所使用的許多武器裝備,如計算機、光學儀器等可以不再是軍用品,在民用品市場上都可買到。以信息戰強國美國為例,美軍的信息戰系統在很大程度上依賴民用信息基礎設施。美國軍方高層人士把美軍軍隊信息化變革稱為“從市場上買來的”。第三,信息戰作戰不單在戰場,而是分佈於整個社會。 “戰場只是士兵陣亡的地方,已不再囊括信息戰交戰場所。”

信息戰不隻在戰時打

自有戰爭以來,進攻者發動戰爭,防御者抵禦侵略,都要進行周密的戰爭準備。特別是機械化戰爭,呈現出明顯的階段性、程序化。而信息時代的戰爭,戰爭準備與實施的界限則日趨模糊,甚至混為一體。環顧世界,不難發現,信息強國幾乎每天都在進行戰爭:輿論宣傳、情報對抗、網絡偵察等等。這些實際上都是轉化了形式的信息戰,可以稱之為輿論戰、情報戰、網絡戰。

伊拉克戰爭中,輿論戰的威力讓世人大開眼界。有人說,作為信息戰作戰形式之一的“輿論戰”自有戰爭以來就一直在進行著。進行“輿論戰”的較早案例甚至可以追溯到中國夏朝的《甘誓》以及後來的《討曹檄文》與《討武檄文》。 “輿論戰”的進行完全沒有戰時與平時的界限。它通過控制、操縱、策劃、利用各種輿論工具,有計劃地向受眾傳遞經過選擇的信息,影響受眾的情感、動機、判斷和抉擇,從而對戰爭結果產生重大而直接的影響。至於信息戰中的情報戰、網絡戰就更是無視戰時與平時的分別了。當年,美國克林頓政府提出了構建信息高速公路、推進全球信息化的主張。此舉曾讓世人認為美國正在引領人類社會步入信息化時代。然而,美國的戰略意圖其實是趁人類社會的信息化尚處於一片空白之時,跑馬圈地,擴張美國的信息疆域,以期佔住信息化的先機。如此一來,全球信息化未來的發展就將按美國的路線圖行進。美國可以一舉將世界各國納入美國規劃的信息化版圖。現在看,美國的這一戰略企圖,其成效已遠遠勝於贏得一場硝煙彌漫、血雨腥風的戰爭。

信息戰不隻打戰時,這不僅表現為信息戰戰爭的準備與實施界限模糊,尤其體現在信息戰對人的思想和精神的攻擊上。思想和精神的形成是一個潛移默化的過程,通過信息優勢可以達成“不戰而屈人之兵”或“少戰而屈人之兵”的目標。其一般做法是:利用信息優勢在敵我之間製造反差,運用心理戰和戰略欺騙等手段,動搖、沮喪敵方軍心、民心和政府信念,破壞敵方正常的政治、經濟運行體系,通過上述手段可以使敵國處於癱瘓狀態,遏制敵對國家發動戰爭的意志,或使其喪失戰爭能力。

上個世紀80年代美蘇對峙中的一幕場景很值得人玩味。擅長演戲的美國總統裡根提出了一個咄咄逼人的“星球大戰”計劃,號稱要讓蘇聯的所有戰略核導彈失去作用。該計劃一宣布,美國就開動全部的宣傳機器拼命鼓吹,在全世界引起了巨大轟動。蘇聯領導人連續召開緊急會議,決定不惜血本堅決應對,建立起蘇聯的戰略防禦盾牌。其實,美國的“星球大戰”計劃隻進行了星星點點的技術實驗,壓根就沒有花多少錢,倒是一部同名的《星球大球》的電影風靡世界。而蘇聯人卻非常認真地埋頭苦幹,在國民經濟已經瀕臨崩潰的情況下,仍然把大把的盧布投向軍備競賽。本來已經力不從心的蘇聯在7年之後流盡了最後一滴血。不能說,蘇聯經濟的崩潰及政權的垮台沒有受美國信息戰的拖累。

關注保衛信息邊界的人民戰爭

在信息戰條件下,國家主權有了新的內容,國家安全的外延擴大了、內涵更豐富了,信息戰的影響也不再僅僅局限於軍事領域,而且輻射到整個人類社會。在信息戰條件下,弱國戰勝強國的重要法寶就是人民戰爭。隻有堅持打信息戰條件下的人民戰爭才能切實保衛國家信息疆域,維護國家信息主權。這其中除了信息技術和戰法等因素外,最主要的是抓住信息人才隊伍建設與構築信息時代的全民精神防線兩個環節。

得人才者興天下。信息戰的戰果如何,在很大程度上取決於人的因素,必須有大量的高技術信息戰人才作支撐。

在信息戰中,為數不多的頂尖信息人才往往能對戰爭的勝負起到關鍵作用。二戰期間,美軍為了把一個德國原子物理學家搶到手,竟然將3個陸軍師的進攻方向作了改變。二戰結束後那段“智者搶人,愚者奪器”的歷史更是耐人尋味。在東方,蘇聯人忙著搬運繳獲來的坦克大砲﹔在西方,美國人卻急急把3000多名德國科學家運回國內。半個多世紀過去了,當年搶人才的國家如今仍然在續寫著搶人的歷史,其經濟、科技和軍事不可一世。當年搶兵器的國家如今則在無奈地面對著被搶的現實。解體後的蘇聯有上萬名優秀科技人才改換門庭,服務於當年的對手。人才之爭作為軍事鬥爭的一個制高點,在信息時代的軍事較量中,更具有決定性的意義。

與信息戰所帶來的“硬殺傷”相比,信息戰的“軟殺傷”更為可怕。信息戰條件下精神領域是最“易受攻擊之窗”。

隨著信息技術越來越發達,信道越來越流暢,信息來源更為廣泛,人們獲取的信息將越來越多,獲取信息的速度也越來越快。現代化的傳播手段把所要傳遞的信息幾乎不受任何限制,有效地傳到世界各國。當前,發達國家十分注意利用它們的先進信息技術,建立覆蓋全球的廣播、電視、計算機網絡,藉此大規模輸出其政治主張和價值觀念,擴充信息疆域。其結果是信息化發展落後的國家受到強烈的精神沖擊。因此,要想打贏信息戰條件下的人民戰爭,從個人、媒體、軍隊到整個國家都必須全面增強信息國防意識,樹立保衛國家信息疆域和信息邊界的觀念,自覺築起無形的精神防線。

相關鏈接

世界信息戰總體形勢掃描

可以認為,世界信息戰的發展經歷了3個階段。

第一階段:1991年海灣戰爭以前信息戰的醞釀和提出時期﹔

第二階段:海灣戰爭後至1998年前信息戰的實施和成熟時期﹔

第三階段:1998年後至今遏制信息戰的發展時期。

當前,信息戰引發的新軍事革命仍在全球進行。機械化戰爭向信息戰的轉變已在全球全面展開。全世界各主要國家的軍隊正按照信息戰思想調整戰略戰術、編制裝備、作戰訓練等,為打贏信息戰作準備。海灣戰爭以後的所有戰爭無不烙上信息戰的痕跡。信息戰的威力正沖擊著社會的各個領域。

信息戰實戰技法點擊

當前,世界各國在信息戰技術手段的應用與發展上主要有:

1.偵察監視技術。包括天基、空基、海基和地基在內的各種偵察、監視、預警、導航等手段。

2.平台一體化信息戰系統。實現雷達告警、導彈發射和攻擊告警、信息支援、信息幹擾及規避、協同一體化,而且與平台上其他信息設備綜合為一體,達成信息共享。

3.網絡指揮控制戰技術。 4.計算機病毒技術。

5.攻心武器技術。包括電磁脈沖武器、超聲波武器和次聲波武器。 6.先進電子對抗技術。

最新信息戰裝備掠影

在信息戰武器發展上,近年來各國研製或已投入現役的主要有以下裝備。

1.聯合監視與目標攻擊雷達系統,是一種戰場信息處理系統,能精確探測移動的和固定的目標,以配合實施遠距離精確打擊,還能向指揮官提供有關戰況發展和戰鬥管理的重要情報。

2.聯合戰術空對地信息站,是一種武器支援系統,能處理供預警導彈發射用的天基傳感器數據、作戰能力所需的重要信息。

3.束能武器,能在瞬間穿透數百公裡甚至數千公裡外的目標而不留下“硬傷”,尤其對精確制導高技術武器有直接的破壞作用,因此被認為是戰術防空、反裝甲、光電對抗乃至戰略反導、反衛星、反一切航天器的多功能理想武器。

4.智能戰衣,編織有光纖網絡和導電聚合網絡,並有監視士兵身體狀態的微型測量系統。在未來戰場上,一名士兵受了傷,就在其倒地的瞬間,救護中心的醫務人員就能準確判斷出是彈傷還是刀傷、受傷部位在何處以及其他基本傷情。

此外,還有軍用機器人、艦載電子戰系統、強功率射頻放大器技術、先進的天線技術和信號處理技術等等。

信息戰國力競爭激烈

放眼世界,現在已有英國、法國、以色列、俄羅斯等20多個國家對信息戰展開深入研究。美國信息戰發展走在世界前列,主要體現在技術、裝備、理論等方面。

美國:信息戰戰略由防轉攻。為了提高美軍信息戰技術能力,美國國防部有專門信息系統處理機構負責維護美國軍方使用的250萬台電腦,並在抓緊研究如何提高電腦的攻擊能力,製造破壞敵對國的通信網絡、金融系統及電力系統的入侵病毒。早在2000年秋天,美國太空指揮中心已開始研製攻擊性電腦武器。這意味著美軍信息戰戰略的重大調整———由戰略防禦轉向戰略進攻。

俄羅斯:信息戰重心在“天兵”。俄羅斯的信息戰發展集中力量發展“天兵 ”———航天兵。 2002年俄羅斯投入約316億盧布用於太空專項研究,54億盧布用於全球導航系統的研發,還加強了激光、高功率微波和反衛星武器的研製。

日本:加快組建信息戰部隊。日本防衛廳正在組建5000人規模的信息戰部隊,把網絡武器的開發作為今后防衛計劃的重點,並加快了日本陸軍數字化部隊的建設。

歐盟和其他西方國家:著手數字化部隊建設。法、德、英、加、澳、荷蘭和瑞典等國也在研製平台和單兵的C4I系統。法國、英國、德國、澳大利亞、加拿大、意大利、以色列等10多個國家都在著手執行數字化部隊和數字化戰場建設計劃。其中,多數國家正在集中人力財力開發數字化部隊所需要的裝備,少數走在前面的國家已進行過多次數字化部隊試驗演習。今後,上述國家在繼續開發戰場數字化“硬件”的同時,將開始考慮數字化部隊的編成結構,並將有更多的國家加入部隊數字化建設的行列。

來源:中國國防報

Original Referring URL: http://people.com.cn/BIG5/junshi/1078/

 

 

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //

中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

■ cyberspace is easy to attack and defend, traditional passive defense is difficult to effectively deal with organized high-intensity attacks

■ Improve network security, the defense side can not rely solely on the technology game, but also need to win the counterattack on the concept

The new “Thirty-six” of network security

  ■Chen Sen

点击进入下一页

Fisher

  News reason

  In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

  The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

  The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

  Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

  Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

  As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

  Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

  Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

  In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

  At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

  Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

  In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

  The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

  Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

  The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

  The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

  Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

  Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Related Links–

Network attack and defense

“Shenzhen”: the pioneer of network physics warfare

点击进入下一页

  In August 2010, Iran built the Bushehr nuclear power plant with the help of Russia. However, the nuclear power plant, which was scheduled to be put into operation in October of that year, was postponed several times. A year later, according to media reports, it was caused by a computer network virus attack of unknown source. More than 30,000 computers were “in the middle”. Thousands of centrifuges in Natans were scrapped. The newly capped Bushehr nuclear power plant had to be taken out. Nuclear fuel was delayed and the Iranian nuclear development plan was forced to shelve. This virus, later named “Shenzhen”, pioneered the control and destruction of entities through the network.

“Flame”: the most powerful spy in history

点击进入下一页

  Network intelligence activities are the most active part of the cyberspace strategy game and security struggle. In 2012, a large amount of data from the Iranian oil sector was stolen and cleared, making it impossible for oil production and exports to function properly. In order to avoid continuing to create hazards, Iran was urgently disconnected from the network of the oil facilities on the Halk Island near the Gulf. After a large-scale investigation, a new virus emerged, which later appeared in the “flame” virus in Israel, Palestine and other Middle Eastern countries. The “Flame” virus combines the three characteristics of worms, backdoors and Trojans. It combines the interception of screen images, recording audio dialogues, intercepting keyboard input, and stealing Bluetooth devices. It has become a new type of electronic company that steals secret information from other countries. spy”.

“Shut”: System breaks

点击进入下一页

  In 2007, in order to kill the Syrian nuclear program in the bud, 18 F-16 fighters of the 69th Fighter Squadron of the Israeli Air Force quietly broke through the advanced Russian “Dor”-M1 air defense deployed by Syria on the Syrian-Israeli border. The system carried out precise bombing of a nuclear facility about 100 kilometers west of the Syrian-Israeli border and about 400 kilometers northeast of Damascus, and returned safely from the original road.

  According to the disclosure, the “Orchard Action” has made the US “Shuter” attack system shine. “Shut” invaded by remote radio, 瘫痪 radar, radio communication system, is the “behind the scenes” to make the Syrian air defense system in a state of failure. As a new type of network power attack system for networked weapon platforms and networked information systems, “Shut” represents the development trend of military technology and combat methods, and is bound to bring a new war landscape.

“Shadow Network”: Invisible Internet

点击进入下一页

  The complicated situation of ideological struggle caused by the Internet has created an alternative channel for information penetration and “colonization” of thought. In the “Jasmine Revolution” in North Africa and the “Arab Spring” in the Middle East, there are “shadow networks”.

  A ghost-like “shadow network” can bypass the traditionally regulated Internet, form an invisible and independent wireless local area network, realize mutual information communication, and access the Internet at any time as needed, and access the network resources “unrestricted”. The New York Times disclosed that the US State Department and the Pentagon have invested heavily in building an independent system in Afghanistan and using a launch tower located in the military camp to transmit signals to protect them from Taliban militants. Subsequently, an “invisible communication system” was established in Iran, Syria and Libya to help local anti-government organizations to communicate with each other or with the outside world.

“X Plan”: To control the network battlefield

点击进入下一页

  Foreign media revealed that the Pentagon is building a 22nd century war plan, the “X Plan.” The “X Plan” is dedicated to building an advanced global computer map. With this “network map” that can be continuously updated and updated, the US military can easily lock the target and make it embarrassing. “If this plan is completed, the US military will be able to control the network battlefield as it controls the traditional battlefield.”

  It is not difficult to foresee that after the deployment of the “X Plan”, it is definitely not just “get rid of the constraints of the keyboard”, but also enables situational awareness and cyber attacks on a global scale.

Original Mandarin Chinese

■網絡空間易攻難守,傳統的被動式防禦難以有效應對有組織的高強度攻擊

■提高網絡安全性,防禦一端不能只靠技術博弈,還需打贏理念上的反擊戰

網絡安全之新“三十六計”

■陳 森

點擊進入下一頁

費雪 繪

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

相關鏈接——

各顯其能的網絡攻防戰

“震網”:網絡物理戰先驅

點擊進入下一頁

2010年8月,伊朗在俄羅斯幫助下建成布什爾核電站,但這座計劃於當年10月正式發電運轉的核電站,卻多次推遲運行。一年後,據媒體揭秘,是因為遭到來源不明的計算機網絡病毒攻擊,超過3萬台電腦“中招”,位於納坦斯的千台離心機報廢,剛封頂的布什爾核電站不得不取出核燃料並延期啟動,伊朗核發展計劃則被迫擱置。這種後來被冠名為“震網”的病毒,開創了通過網絡控制並摧毀實體的先河。

“火焰”:史上最強大間諜

點擊進入下一頁

網絡情報活動,是網絡空間戰略博弈和安全斗爭最活躍的部分。 2012年,伊朗石油部門大量數據失竊並遭到清除,致使其無法正常進行石油生產和出口。為避免繼續製造危害,伊朗被迫切斷了海灣附近哈爾克島石油設施的網絡連接。大規模的調查後,一種新的病毒浮出水面,即後來又現身於以色列、巴勒斯坦等中東國家的“火焰”病毒。 “火焰”病毒兼具蠕蟲、後門和木馬三重特點,集截取屏幕畫面、記錄音頻對話、截獲鍵盤輸入、偷開藍牙設備等多種數據盜竊功能於一身,成為專門竊取他國機密情報的新型“電子間諜”。

“舒特”:體系破擊露鋒芒

點擊進入下一頁

2007年,為將敘利亞核計劃扼殺於萌芽之中,以色列空軍第69戰鬥機中隊的18架F-16戰機,悄無聲息地突破敘利亞在敘以邊境部署的先進俄製“道爾”-M1防空系統,對敘以邊境以西約100千米、大馬士革東北部約400千米的一處核設施實施精確轟炸,並從原路安全返回。

據披露,讓“果園行動”大放異彩的是美軍“舒特”攻擊系統。 “舒特”通過遠程無線電入侵,癱瘓雷達、無線電通信系統,是使敘防空系統處於失效狀態的“幕後真兇”。作為針對組網武器平台及網絡化信息系統的新型網電攻擊系統,“舒特”代表著軍事技術和作戰方式的發展趨勢,勢必將帶來全新戰爭景觀。

“影子網絡”:隱形國際互聯網

點擊進入下一頁

國際互聯網導致意識形態鬥爭的複雜局面,造成了信息滲透、思想“殖民”的另類通道。在北非“茉莉花革命”和中東“阿拉伯之春”中,均有“影子網絡”踪跡。

像幽靈一樣的“影子網絡”可繞過傳統監管的互聯網,形成隱形和獨立的無線局域網,實現相互間信息溝通,一旦需要又可隨時接入國際互聯網,“不受限制”地訪問網絡資源。 《紐約時報》披露稱,美國國務院和五角大樓斥巨資在阿富汗建造了獨立的系統,並利用設在軍營內的發射塔傳遞信號,以免遭塔利班武裝分子破壞。隨後在伊朗、敘利亞和利比亞設立“隱形通訊系統”,幫助當地反政府組織相互聯繫或與外界溝通。

“X計劃”:欲掌控網絡戰場

點擊進入下一頁

外媒披露,五角大樓正在打造一項22世紀的戰爭計劃,即“X計劃”。 “X計劃”致力於建立先進的全球計算機分佈圖,有了這張能夠不斷升級更新的“網絡地圖”,美軍就可以輕易鎖定目標令其癱瘓。 “如果完成了這個計劃,美軍將能夠像控制傳統戰場那樣控製網絡戰場。”

不難預見,“X計劃”部署後,絕對不只是“擺脫鍵盤的束縛”,更可以實現在全球範圍內進行態勢感知和網絡攻擊。

Original Referring URL: http://www.chinanews.com/mil/2016/08-11/

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security // 中國網絡戰如何拒絕外國入侵者關注國家安全

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security //

中國網絡戰如何拒絕外國入侵者關注國家安全

In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Original Mandarin Chinese:

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

Original Referring URL:  http://www.81.cn/jskj/2016-08/11/

Core Task of The Chinese Military Winning Localized War under Conditions of Informationization // 打贏信息化條件下局部戰爭是軍隊核心任務

Core Task of The Chinese Military Winning Localized War under Conditions of Informationization //

打贏信息化條件下局部戰爭是軍隊核心任務

2009/01/08 Article source: Liberation Army Daily

Focusing on local wars under the conditions of informatization and vigorously strengthening preparations for military struggle is a successful experience and an important guiding method for army building and a major strategic task for our military. Strategic tasks are numerous. In accordance with the established decision-making arrangements of the Central Military Commission, the People’s Army has made strides toward preparing for a new journey in military struggle.

Take the road of military struggle and prepare for rational development

New China has gone through nearly 60 years of history. For decades, the country once had a strong enemy and a crisis, but it has always stood firm and unyielding. There are many successful experiences. One important one is to prepare for a comprehensive and solid military struggle. It can be said that it is precisely with the people’s army “always ready” that it has built the steel great wall of the motherland’s security, safeguarded the happiness and tranquility of the people, and guaranteed the prosperity and development of the economy and society. Looking back on the stormy journey of preparations for military struggles for decades, behind the glory of achievements, we must also clearly see places that are not scientific enough. For example, many units are preparing for military struggles, overemphasizing specific threats in guiding ideology, relying too much on “situational stimuli”, causing the level of combat readiness to be weak and strong, and the construction of combat effectiveness to be high and low. The preparation for military struggle has not maintained autonomous and healthy. development of.

When things happen, things change, things change. At present, the preparations for military struggle are standing at a new historical starting point. The national security situation has undergone complex and profound changes. On the one hand, the traditional security threats and non-traditional security threats we are facing are increasing. The world’s major powers are increasingly competing in geostrategic competition around the country. The political situation in neighboring countries continues to be turbulent, and there are many hidden dangers in the regional security environment. The domestic separatist forces and their activities are rampant, the instability and uncertainties affecting national security are increasing, and the preparations for military struggle are facing unprecedented challenges. On the other hand, international unilateralism is frustrated, and the financial crisis has delayed global hegemonic expansion. The situation has been significantly eased, my main strategic direction has eased, and the preparations for military struggle are facing unprecedented opportunities. This opportunity is both strategic and historical. How to seize the opportunity, use the opportunity, and take advantage of the momentum is a realistic proposition that needs to be answered in preparation for the current military struggle. After 30 years of reform and development, our military has undergone a qualitative leap, with more comprehensive and informatized units, more technologically intensive and quality-efficiency features, and a wealth of achievements and advances in military struggle preparation. basic condition. Entering the new stage of the new century, President Hu focused on the special requirements of the party for national defense and army building, and endowed the military with the historical mission of “providing three to provide and play one”, emphasizing that “our army must enhance its ability to win local wars under conditions of informationization.” At the core, we are constantly improving our ability to respond to multiple security threats and accomplish diverse military tasks.” This series of major strategic ideas has adjusted the basic point of preparation for military struggle and expanded the task of preparing for military struggle. The establishment of this important guiding principle of the scientific concept of development puts forward higher requirements for the pursuit of military struggle, and is based on comprehensive, coordinated, sustainable development and people-oriented standards. There are still many ideas that need liberation, and many jobs. Innovation is needed and many aspects need to be improved.

In order to advance the preparations for military struggle under the new situation, we must seek changes based on the situation and make decisions based on the situation, and base ourselves on a new starting point for new development. We should strengthen preparations based on threats, strengthen all-round “threat awareness” and “enemy feelings”, fully recognize the grim reality that war is not far away and not only one, and unswervingly push forward preparations for military struggle. The task of the military should be based on the preparation of the task. The fundamental task of the army is to fight and prepare for war. You can not fight for a hundred years, but you can’t relax for a moment. You must comprehensively and systematically advance the preparations for military struggle in accordance with the standards for effectively fulfilling its functional mission. Based on the ability to prepare for the situation, jump out of the passive emergency preparedness mode led by the enemy, actively design the future war, plan and plan to improve the ability to deal with multiple security threats, complete diversified military tasks, and steadily and scientifically advance the preparations for military struggle.

Breaking through key points to improve the quality of military struggle preparation

Without a focus, there is no strategy, and without a focus, it is difficult to break through. Making full use of the important strategic opportunity period and grasping the key content to seek breakthroughs is not only an objective requirement to follow the inherent laws of military struggle preparation, but also an urgent need to comprehensively improve the actual combat capability of the troops.

As the most basic practical activity of the armed forces in peacetime, military training is the basic way to generate and develop combat power and is the most direct and effective preparation for military struggle. It is necessary to further raise the awareness of the importance of military training, effectively put military training in a strategic position, and truly form a new upsurge in the military training and vigorously promote the transformation of training. We should seize the key link in the formation of joint training, strengthen joint consciousness, improve joint quality, improve joint training regulations, improve joint training mechanism, and promote military training from form to substance. Training should be carried out in a complex electromagnetic environment as an important entry point and grasper, actively explore effective methods of organizing command training, combat technical countermeasures training and weaponry operation and use training, and accelerate the military training under the conditions of mechanization under military training conditions. change. We should use the mission subject training as a carrier to actively construct a battlefield environment that is close to actual combat, and explore the main methods of confrontation training, field training and base training, simulation training, and network training, with the test of truth, difficulty, and reality. Standards, taking the test, comparison, and pull as the practical training path of the implementation mechanism, enhance the effectiveness of training. Non-war military operations training should be actively carried out to improve the professional skills of non-war military operations and enhance the ability of the troops to complete diversified military missions.

Man is the most active and active element among the elements of combat effectiveness. Talent preparation is the most important and arduous preparation in the preparation for military struggle. The victory of the war depends on the battlefield, but the link that determines the outcome is in the usual competition, the focus of which is talent. At present, the key is to highlight the two “strategic graspers” of joint operational command talents and high-level professional and technical personnel, and to promote and promote the overall development of the talent team’s capacity building. Highlight the training of joint operations command personnel, focus on establishing and improving the training mode for commanders at the strategic level, focus on improving the training system for joint operations personnel, reform the content and methods of joint operations, increase the rotation and cross-training of commanding officers, and intensify joint operations. Strengthen emergency response and improve the relevant measures. Highlight the cultivation of high-level professional and technical personnel. In accordance with the principle of focusing on the key points, taking into account the general, grasping the leading, and driving the whole, we will focus on cultivating scientific and technological leaders who can organize major projects in interdisciplinary fields, and can guide the promotion of academic and technological innovation and development of top-notch talents, and can solve the complex technical support of equipment. The technical experts of the puzzles provide strong intellectual support for the construction of information technology.

The speed of the soldiers is the iron law of war guidance. Under the conditions of informationization, the “speed advantage” is emphasized. Rapid response capability has become an important indicator of the level of combat readiness and actual combat capability of an army. A sensitive and efficient emergency command mechanism should be improved. On the basis of summarizing the practical experience of our military in completing various military tasks in recent years, we will do a good job in solidifying and transforming relevant results, establish an emergency mechanism, improve laws and regulations, improve institutional setup, formulate response plans, and organize relevant training to ensure that once something happens. Quick response, efficient command, and correct action. An advanced and reliable command information system should be established. According to the requirements of good interoperability, responsiveness, security and confidentiality, and information sharing, an information network with vertical and horizontal to the edge and a comprehensive and simple command system are established, relying on information technology to improve emergency command and rapid response capability. Grasp the characteristics of strategic investment capacity building, focus on the development of strategic transport aircraft (ships), military helicopters and new types of aircraft, take into account the construction of traffic battlefields, explore the establishment of a smooth and efficient command and management mechanism, and promote the strategic transport capacity building as a whole.

Security is also a fighting force. Any combat action in modern warfare is a systemic confrontation, and the requirements for comprehensive guarantees are getting higher and higher. To advance preparations for military struggle, it is necessary to comprehensively improve the comprehensive support capabilities such as operational support, logistics support, and equipment support. Our military has always paid attention to the coordination and promotion of combat forces and the construction of combat support forces. The support capabilities of reconnaissance and early warning, command and communication, surveying and mapping, meteorological and hydrological, and engineering defense have all been simultaneously improved. However, with the development of the situation and the continuous expansion of the battlefield space, the battle support capability system has begun to appear a new “short board”, which must be completed as soon as possible to form the overall advantage of the joint operations of the full-dimensional battlefield. The focus of logistics support is to improve the level of modernization. In accordance with the requirements of the development of the times, we will steadily implement the logistics reform, and promote the security system to the integration, the security mode to the socialization, the security means to the informationization, the logistics management to the scientific transformation, and promote the sound and rapid development of logistics. The focus of equipment support is to strengthen supporting construction. Improve the ability of independent innovation, accelerate the development of new weapons and equipment, and continuously optimize the structure of our military’s weapons and equipment. Pay attention to equipment system support, system support and support construction, improve equipment serialization, generalization, and standardization level, gradually promote equipment into system to form combat capability and support capability, and accelerate the establishment of weapons and equipment for military-civilian integration and military integration. Scientific research and production system and maintenance guarantee system, further improve the way of military and civilian integration and development of equipment.

Adhere to scientific development and innovation, preparation for military struggle

To advance the preparations for military struggle at a new starting point, we must adhere to the scientific development concept as a guide, and effectively use the way of thinking that meets the requirements of the times to explore the development path for the preparation of innovative military struggles.

Continue to emancipate the mind and advance the preparations for military struggle in the tide of military reform. The deeper the preparations for military struggle, the more deep-seated contradictions and problems that touch on development concepts, institutional mechanisms, policies and systems, and the greater the difficulty of advancing. The fundamental way to solve these problems lies in continuing to emancipate the mind and deepen the reform of national defense and army building. The strategic goal of the military reform is to build an information-based army and win an information-based war. This is consistent with the basic point of preparation for military struggle. Preparation for military struggle is the leader and traction of military reform. Military reform is an important content and optimization condition for military struggle preparation. The two goals are consistent and mutually reinforcing. Therefore, in order to advance the preparations for military struggle under the new situation, we must combine the promotion of national defense and military reform, take the improvement of combat effectiveness as the starting point and the foothold of reform, unify the reform thinking with combat effectiveness standards, measure reform measures, test the effectiveness of reforms, and promote reforms. Preparation for military struggle.

Strengthen scientific co-ordination and coordinate the preparations for military struggle in the process of military modernization. The modernization of the military is a big system, and the preparation for military struggle is the key to taking the initiative and moving the whole body. When the military struggle is ready, it will provide clear and specific needs for the overall development of our military’s modernization drive, provide a real grasp and form a huge traction force. We must stand at the height of the overall development of the military’s modernization drive, effectively coordinate the relationship between the primary and secondary, far and near, construction and use, turn the process of preparation for military struggle into a process of strengthening the modernization of the military, and transform the process of military modernization. In order to serve the military struggle preparation process, the two will promote each other and coordinate development.

Adhere to information-led and innovate to advance military struggle preparations in the transformation of combat capability generation mode. At present, information technology is profoundly changing the combat generation model, and it is also changing all aspects of army building. To advance the preparations for military struggle, we must be keenly adapted to this new situation, take the initiative to jump out of the mechanized mindset, strengthen the information-led concept, focus on relying on scientific and technological progress to improve combat effectiveness, and explore innovative military concepts, military technology, military organizations, and military that meet the requirements of informationized warfare. Management, focus on improving the level of informationization of military personnel training, weapon and equipment development, and the best combination of man and weapon, accelerate the transformation of military training, gradually establish an effective mechanism for the formation and improvement of new combat capabilities, and promote the preparation of military struggle to achieve a qualitative leap.

Highlight the actual combat and accelerate the preparation of military struggles in completing various military tasks. Practice tells us that no matter how the international situation evolves, how the military’s functional mission expands, and how diversified military tasks are, it is always the top priority of our military to contain wars, win wars, and maintain peace. Local war is always the core task of our army. Only with the core military capabilities and a diversified military mission can there be a solid foundation. We must always put the core military capabilities at the forefront, aim at the fundamental functions and promote comprehensive preparations, and do more preparations without “single-on-one”, sorting preparations rather than “one size fits all”, deep preparations instead of “surfaced”, and efforts to make troops Ability to adapt to various conditions, respond to various situations, and complete diverse military tasks.

Original Mandarin Chinese:

以打贏信息化條件下局部戰爭為重點,大力加強軍事鬥爭準備,是軍隊建設的一條成功經驗和重要指導方式,是我軍一項重大的戰略任務。戰略任務重千鈞。人民軍隊按照中央軍委既定的決策部署,向著軍事鬥爭準備新征程闊步邁進。

走軍事鬥爭準備理性化發展之路

新中國走過近60年曆程。幾十年來,國家一度強敵環伺、危機四伏,卻始終屹立不屈,不斷生息壯大。成功的經驗有很多,很重要的一條就是靠全面紮實的軍事鬥爭準備。可以說,正是有了人民軍隊“時刻準備著”,才鑄就了祖國安全的鋼鐵長城,守護了人民群眾的幸福安寧,保障了經濟社會的繁榮發展。回顧幾十年軍事鬥爭準備的風雨征程,在成績的榮耀光環背後,我們也要清醒看到不夠科學的地方。比如不少單位抓軍事鬥爭準備,在指導思想上過於強調具體威脅,過度依賴“情況刺激”,造成戰備水平忽強忽弱,戰鬥力建設忽高忽低,軍事鬥爭準備沒有保持自主、健康地持續發展。

時異則事移,事異則備變。當前,軍事鬥爭準備又站在了一個嶄新的歷史起點上。國家安全形勢發生復雜深刻變化,一方面,我們面臨的傳統安全威脅和非傳統安全威脅都在增加,世界主要大國在我周邊地緣戰略競爭不斷加劇,周邊國家政局持續動盪,地區安全環境存在諸多隱患,國內民族分裂勢力及其活動猖獗,影響國家安全的不穩定、不確定因素增多,軍事鬥爭準備面臨前所未有的挑戰;另一方面,國際上單邊主義受挫,金融危機拖延了全球霸權擴張,台海形勢明顯緩和,我主要戰略方向壓力有所減輕,軍事鬥爭準備面臨前所未有的機遇。這個機遇既是戰略性的,也是歷史性的。怎樣抓住機遇、用好機遇、乘勢推進,是當前軍事鬥爭準備需要回答的現實命題。經過30年改革發展,我軍建設出現質的跨越,部隊合成化、信息化程度更高,科技密集型、質量效能型特徵更加明顯,軍事鬥爭準備有了可資利用的豐富成果和推進躍升的基礎條件。進入新世紀新階段,胡主席著眼黨對國防和軍隊建設的特殊要求,賦予軍隊“三個提供、一個發揮”的歷史使命,強調“我軍必須以增強打贏信息化條件下局部戰爭能力為核心,不斷提高應對多種安全威脅、完成多樣化軍事任務的能力”。這一系列重大戰略思想,調整了軍事鬥爭準備的基點,拓展了軍事鬥爭準備的任務內容。科學發展觀這一重要指導方針的確立,對軍事鬥爭準備提出了好中求快的更高要求,按照全面、協調、可持續發展和以人為本的標準來衡量,還有很多思想需要解放,很多工作需要創新,很多方面需要提高。

新形勢下推進軍事鬥爭準備,必須因勢求變、因情定策,立足新的起點,謀求新的發展。應基於威脅抓準備,強化全方位的“威脅意識”和“敵情觀念”,充分認清戰爭並不遙遠且不只一種的嚴峻現實,堅定不移地推進軍事鬥爭準備。應基於任務抓準備,軍隊的根本任務是打仗和準備打仗,仗可以百年不打,但準備一刻也不能放鬆,必須按照有效履行職能使命的標準,全面系統地推進軍事鬥爭準備。應基於能力抓準備,跳出被敵情牽著走的被動應急準備模式,主動設計未來戰爭,有規劃有計劃地提高應對多種安全威脅、完成多樣化軍事任務能力,穩步科學地推進軍事鬥爭準備。

以重點突破提高軍事鬥爭準備質量

沒有重點就沒有戰略,沒有重點就難以突破。充分利用重要戰略機遇期,抓住重點內容謀求突破,既是遵循軍事鬥爭準備內在規律的客觀要求,更是全面提高部隊實戰能力的迫切需要。

軍事訓練作為和平時期軍隊最基本的實踐活動,是戰鬥力生成和發展的基本途徑,是最直接、最有效的軍事鬥爭準備。必須進一步提高對軍事訓練重要性的認識,切實把軍事訓練擺到戰略位置,真正在部隊形成大抓軍事訓練、大力推進訓練轉變的新高潮。應抓住聯合訓練這個戰鬥力生成的關鍵環節,強化聯合意識,提高聯合素質,健全聯訓法規,完善聯訓機制,推動軍事訓練從形式到實質的聯合。應以復雜電磁環境下訓練為重要切入點和抓手,積極探索組織指揮訓練、戰技術對策研練和武器裝備操作使用訓練的有效辦法,加速推進機械化條件下軍事訓練向信息化條件下軍事訓練轉變。應以使命課題訓練為載體,積極構設近似實戰的戰場環境,探索以對抗訓練、野戰化訓練和基地化訓練、模擬化訓練、網絡化訓練等為主要方式,以真、難、實為檢驗標準,以考、比、拉為落實機制的實戰化訓練路子,增強訓練實效。應積極開展非戰爭軍事行動訓練,提高部隊遂行非戰爭軍事行動專業技能,增強部隊完成多樣化軍事任務的能力。

人是戰鬥力諸要素中最積極、最活躍的要素,人才准備是軍事鬥爭準備中最重要、最艱鉅的準備。戰爭勝負決於戰場,但決定勝負的環節卻在平時的競爭之中,其中的重點就是人才。當前,關鍵是要突出聯合作戰指揮人才和高層次專業技術人才兩個“戰略抓手”,牽引和推動人才隊伍能力建設的整體發展。突出聯合作戰指揮人才培養,重點建立健全戰略戰役層次指揮員培養提高模式,圍繞完善聯合作戰人才培訓體系、改革聯合作戰教學內容和方法、加大指揮軍官崗位輪換和交叉培訓力度、加緊聯合作戰指揮人才應急培訓等,加強和完善有關措施。突出高層次專業技術人才培養。按照突出重點、兼顧一般、抓住龍頭、帶動整體的原則,重點培養能夠跨學科領域謀劃組織重大項目攻關的科技領軍人才、能夠指導推進學術技術創新發展的學科拔尖人才、能夠解決裝備技術保障複雜難題的技術專家人才,為信息化建設提供強有力的智力支撐。

兵貴神速是戰爭指導的鐵律,信息化條件下更強調“速度優勢”。快速反應能力已成為衡量一支軍隊戰備水平和實戰能力的重要標誌。應健全靈敏高效的應急指揮機制。在總結梳理近年我軍完成多樣化軍事任務實踐經驗的基礎上,抓好相關成果的固化和轉化,建立應急機制,健全法規制度,完善機構設置,制定應對預案,組織相關研練,確保一旦有事能快速反應、高效指揮、正確行動。應建立先進可靠的指揮信息系統。按照互操作性好、反應靈敏、安全保密和信息共享的要求,建立縱向到底、橫向到邊的信息網絡和綜合一體、層級簡捷的指揮系統,依靠信息技術提高應急指揮與快速反應能力。把握戰略投送能力建設的特點規律,重點發展戰略運輸機(艦)、軍用直升機和新型航行器,統籌考慮交通戰場建設,探索建立順暢高效的指揮管理機制,整體推進戰略輸送能力建設。

保障也是戰鬥力。現代戰爭中的任何一次作戰行動,都是體系的對抗,對綜合保障的要求越來越高。推進軍事鬥爭準備,必須全面提高作戰保障、後勤保障和裝備保障等綜合保障能力。我軍歷來注重協調推進作戰力量與作戰保障力量建設,偵察預警、指揮通信、測繪導航、氣象水文、工程防化等保障能力總體實現了同步提高。但隨著形勢的發展變化和戰場空間的不斷拓展,作戰保障能力體系開始出現新的“短板”,必須盡快補齊,以形成全維戰場的聯合作戰整體優勢。後勤保障重點是提高現代化水平。按照時代發展要求,穩步實施後勤改革,將保障體制向一體化推進、保障方式向社會化拓展、保障手段向信息化邁進、後勤管理向科學化轉變,推動後勤建設又好又快發展。裝備保障重點是加強配套建設。提高自主創新能力,加快新型武器裝備建設發展,不斷優化我軍武器裝備結構體系。注重裝備的體系配套、系統配套和保障配套建設,提高裝備系列化、通用化、標準化水平,逐步推進裝備成系統成建制形成作戰能力和保障能力,加快建立軍民結合、寓軍於民的武器裝備科研生產體系和維修保障體系,進一步完善軍民融合發展裝備的路子。

堅持科學發展創新軍事鬥爭準備路徑

在新的起點上推進軍事鬥爭準備,必須堅持以科學發展觀為指導,切實運用符合時代要求的思維方式,探索創新軍事鬥爭準備的發展路徑。

繼續解放思想,在軍隊改革大潮中整體推進軍事鬥爭準備。軍事鬥爭準備越深入,觸及發展理念、體制機制、政策制度等方面的深層次矛盾和問題就越多,推進的難度也越大。解決這些問題的根本出路,在於繼續解放思想、深化國防和軍隊建設改革。軍隊改革的戰略目標是建設信息化軍隊、打贏信息化戰爭,這與軍事鬥爭準備的基點是一致的。軍事鬥爭準備是軍隊改革的龍頭和牽引,軍隊改革則是軍事鬥爭準備的重要內容和優化條件,二者目標一致、互為促進。因此,新形勢下推進軍事鬥爭準備,必須與推進國防和軍隊改革結合起來,把提高戰鬥力作為改革的出發點和落腳點,用戰鬥力標準統一改革思想,衡量改革措施,檢驗改革成效,在改革中推進軍事鬥爭準備。

加強科學統籌,在軍隊現代化建設進程中協調推進軍事鬥爭準備。軍隊現代化建設是個大系統,軍事鬥爭準備則是牽一發而動全身的關鍵。軍事鬥爭準備做好了,就能為我軍現代化建設整體發展提供明確具體的需求,提供實實在在的抓手,形成巨大的牽引力量。必須站在軍隊現代化建設發展全局的高度,切實統籌好主與次、遠與近、建與用等關係,把軍事鬥爭準備的過程變成加強軍隊現代化建設的過程,把軍隊現代化建設的過程變成服務軍事鬥爭準備的過程,使二者互為促進,協調發展。

堅持信息主導,在戰鬥力生成模式轉變中創新推進軍事鬥爭準備。當前,信息技術正在深刻改變著戰鬥力生成模式,也在改變著軍隊建設的方方面面。推進軍事鬥爭準備,必須敏銳地適應這個新形勢,主動跳出機械化思維定勢,強化信息主導觀念,注重依靠科技進步提高戰鬥力,探索創新適應信息化戰爭要求的軍事理念、軍事技術、軍事組織和軍事管理,著力提高軍事人才培養、武器裝備發展、人與武器最佳結合的信息化水平,加快推進軍事訓練轉變,逐步確立新型戰鬥力生成與提高的有效機制,推動軍事鬥爭準備實現質的躍升。

突出實戰牽引,在完成多樣化軍事任務中加速推進軍事鬥爭準備。實踐告訴我們,無論國際局勢如何演變、軍隊的職能使命如何拓展、多樣化軍事任務多麼繁重,遏制戰爭、打贏戰爭、維護和平始終是我軍職能的重中之重,打贏信息化條件下局部戰爭永遠是我軍的核心任務。只有具備了核心軍事能力,完成多樣化軍事任務才有堅實基礎。必須始終把提高核心軍事能力放在首要位置,瞄準根本職能推進全面準備,做到多手準備而不“單打一”,分類準備而不“一刀切”,深入準備而不“表面化”,努力使部隊具備適應各種條件、應對各種情況、完成多樣化軍事任務的能力。 (趙立德)

Original Referring URL:  http://www.china.com.cn/military/txt/2009-01/08/