Category Archives: China Cyber Dilemma in the 21st Century

China Cyberspace Security Strategy and Implications // 中國網絡空間安全戰略思考與啟示

China Cyberspace Security Strategy and Implications  //

中國網絡空間安全戰略思考與啟示

習近平

General Secretary Xi pointed out that no network security is no national security, no information will be no modernization. Internationally, the United States on security in cyberspace absolute dominance, they establish hegemony, rules, seeking advantage to control the world, to China’s cyberspace poses a severe challenge.
A US cyberspace security strategy revelation
(a) by the US cyberspace security “policy”, “plan” a national strategy to enhance
the United States in cyberspace is a strategic understanding of the development process. First released in 1998, Presidential Decree No. 63 (PDD63) “Clinton administration policy on critical infrastructure protection,” followed in 2000 issued a “national plan for the protection of information system v1.0”. The Bush administration immediately after the September 11, 2001 issued Executive Order No. 13231 “Information Age critical infrastructure protection,” and announced the establishment of “President Critical Infrastructure Protection Committee” on behalf of its government fully responsible for national security in cyberspace . And to study the drafting of a national strategy, in February 2003 formally issued “to protect cyberspace national strategy”, and posting confidential level No. 54 National Security Presidential Decree in 2008, set up a “comprehensive national cybersecurity plan,” the plan in the “Manhattan” (World War II atomic bomb) name, the specific content of the “Einstein” one, two, three composition, aimed at building the federal government and major information systems engineering protection, the establishment of a unified national security posture information sharing and command system.
(Ii) US cyberspace security strategy to further improve
in April 2008, President Bush issued a “44th president submitted the report to protect the network security space,” suggesting how the next US government to strengthen security in cyberspace.
February 2009, the Obama administration after a comprehensive demonstration, announced the “Cyberspace Policy Assessment – Ensuring credible and robust information and communications infrastructure,” the report, the cyberspace security threats as “the most serious faced by the national economy nationwide one of the challenges and safe country “and declared that” digital infrastructure will be considered national strategic asset, the protection of this infrastructure will be a priority of national security “, a comprehensive plan of strategic measures to defend cyberspace.
June 2009, US Defense Secretary Robert Gates issued an order formally establishing the United States “Cyberspace Command” to the harmonization of network security and protection of US forces to carry out cyber warfare and other military operations. The command part of the US Strategic Command, the preparation of one thousand, in May 2010, the US Cyber ​​Command officially start work.
(C) international and cyberspace war strategy
in May 2011, the White House cybersecurity coordinator Schmidt released in the United States “cyberspace international strategy”, its strategic intentions clear, namely to establish hegemony, rules, seeking advantage, control the world ; in July, the US Department of Defense released “cyberspace operations strategy” put forward five strategic measures for defending US interests in cyberspace, making the United States and its allies and international partners can continue to obtain from the innovation in the information age beneficial.
October 2012, Obama signed the “American Action Network Policy” (PDD21), the law gives the US military has carried out non-traditional combat power, clearly spread from network-centric warfare to cyberspace operations and the like.
In February 2013, Obama published Executive Order No. 13636 “Enhanced network security of critical infrastructure,” clearly states that the policy action to enhance the nation’s critical infrastructure and maintain environmental security and resilience.
In April 2013, Obama Ma Xiangguo submit “fiscal year 2014 defense budget priorities and select” proposed to 2016 reorganized into 133 network forces, including the national task force 68, combat task force 25, the network defense forces 40.
February 2014, the US National Institute for Standards and Technology “to enhance critical infrastructure cybersecurity” that “the United States critical infrastructure to enhance network security framework” (V1.0), emphasizing the use of business-driven network security operations guide, and four levels, the organization’s risk management process. According to different levels of network security risk points
of April 23, 2015, the Pentagon released a new version of network security strategy summary, the first public should cyberwarfare as a future military conflict tactical options, an explicit proposal to increase the US military deterrence in cyberspace and offensive capability.
Not only the United States in full swing and the implementation of international cyberspace war strategy, NATO cyberspace security framework, issued recently shows that there are currently more than one hundred countries in the world have a certain network warfare capabilities, the National Cyber ​​Security Strategy published up to as many as 56.
Thus, cyberspace has become after land, sea, air, space is the fifth largest sovereign area of space, but also the evolution of the international strategy in the military field, which is China’s network security posed a severe challenge, we should actively respond, accelerate the construction of network security system, to defend our national sovereignty cybersecurity.
Second, build the active defense technology security system
(a) immunity trusted computing architecture
computer architecture now used in the design calculation when only the pursuit of speed and no safety factor, such as the difficult task of isolating the system, no memory protection, cross-border, this led directly to the presence service network computing environment, a large number of security issues, such as source configuration can be tampered with, it is implanted malicious programs executed by using a buffer (stack) overflow attacks, illegally take over the system administrator permissions.
Trusted Computing is the result of the development of information science, is a novel immune trusted computing model.Trusted computing using parallel computing and defense dual architecture, at the same time to obtain the computation of security protection, so that the calculation result is always as expected, can be measured to calculate the full control, it is not disturbed.
Compare current most network security system, which is mainly by a firewall, intrusion detection and virus prevention and other components, known as the “third kind.” The image of that, these passive blocking killing is a temporary solution, and trusted computing to achieve active immunization computer architecture, and human immunodeficiency as timely identify “self” and “non-self” ingredients, thereby undermining and exclusion of harmful substances into the body, so that there are shortcomings and gaps being exploited by attackers. .
Cloud computing, big data application of new information technology, networking, industrial systems, mobile Internet, virtual dynamic heterogeneous computing environment requires credible immune system as its base support. Construction of triple protection framework trusted security management center security system can be supported by the structure, to ensure operation behavior, resource allocation, data storage cartridge policy management credibility, the attacker reached the entrance, an unauthorized person can not get vital information, theft Confidential information can not read, can not tamper with systems and information system paralysis not work and can not afford to rely on aggressive behavior of protective effect, if there is credible mechanism, “shock web”, “flame”, “heart blood” and other malicious code may since kill off.
(Ii) China Trusted Computing technology innovation
China Trusted Computing in 1992 and officially approved research and large-scale application early (TCG, established in 2000) in the international Trusted Computing Group.
TCG Trusted Computing research program found that the system problems are: (1) the limitations of cryptography: TCG public key cryptography algorithm using only the RSA, SHA1 hash algorithm only supports series, avoided symmetric cryptography, the resulting key design management, key migration and complicated licensing agreement, but also a direct threat to the security of passwords; (2) the system structure is irrational: TPM calls TCG plug is a passive architecture, dynamic initiative measure can not be performed.
China Trusted Computing over a long period of research, not only to solve the above problems TCG, but also the formation of independent innovation system, its innovative points include:
(1) Trusted Computing Platform password innovative programs
using national self-designed algorithm, credible computing a cryptographic module (TCM), with symmetric cipher and asymmetric cryptography combined system, improve the safety and efficiency; dual certificate structure, simplify certificate management, improved usability and manageability of.
(2) trusted platform control module innovation
presented trusted platform control module (TPCM), TPCM self-control as a trusted root node implant trusted source, be trusted root control functions on the basis of TCM, realized with a password based active control and measurement; TPCM prior to startup of the CPU and BIOS to verify, thereby changing the TPM as the traditional idea of passive devices, to achieve TPCM active control of the whole platform.
(3) a credible innovation board
increase in the amount of confidence in the board trusted platform node (TPCM + TCM), plus a host constitutes a credible two-node, to achieve trust transfer of the operating system, providing reliable hardware environment for the upper platform ; implementation of hardware control bus credible level of peripheral resources, power on the CPU front of the Boot ROM TPCM initiative to measure, so that in the chain of trust “powered first time” to start building; and the use of multi-metric agent establishes a chain of trust for dynamic and virtual measures to provide support.
(4) a credible basis to support innovative software
using host-based software system + double trusted software system architecture ,, trustworthy software group is the Trusted Computing Platform Trusted capabilities to achieve the credibility of all software elements, the host software The system provides active protection of the credibility of the amount of storage, and reporting.
(5) Trusted Network Connect innovation
based on three ternary and other trusted connection architecture, access requester, triple control and identification and access control policies arbiter between; ternary centralized management, improve infrastructure security and manageability; and access requester and the access controller to achieve a unified policy management, improve the system overall credibility.
(Iii) core technology controlled by others to solve the problem
(1) China Trusted Computing industrialization conditions are met. “Long-term Scientific and Technological Development (2006-2020)” made ​​it clear “to the development of high trusted network focusing on the development of network security technology and related products, the establishment of network security technology security system”, “five” plan works trusted computing project regarded as the focus of development, the trusted computing standard series of progressive development, and study of more than 40 units, more than 400 participants, the standard of innovation have made ​​technology validation, to declare more than 40 patents. Many units and departments have developed a chip, machine, software, and network connections and other trusted components and equipment in accordance with relevant standards, and has been effectively used in critical systems in the national grid scheduling. April 16, 2014, established the Zhongguancun Trusted Computing Industry Alliance, and vigorously promote the industrialization and marketization.
(2) laying the foundation for the comprehensive alternative to foreign products. April 2014, Microsoft stopped support for Windows XP Service country about 200 million running XP operating system, the terminal will face a situation of no service; and Windows 8 and Vista (2006 Government procurement is not clear) is the same architecture, Windows8 upgrade is not only costly, but also lose control over security and the secondary development rights. Trusted computing innovation reinforcement XP system can easily upgrade existing equipment as a trusted computer system, a credible alternative service patching services, applications do not change the system, to facilitate the application.
Based on open source technology to develop independent operating system is a realistic option. After 20 years of research, we have accumulated considerable reserves in the operating system and key technologies, which is a breakthrough in technology accumulation mainly based on the open source operating system made. From the perspective of inheritance, we need to select the source as a technical route; from a development perspective, the current is too late to re-encode the formation of a completely new operating system, you want to share the wealth of human knowledge, open source is still a realistic option. Independent innovation is not blocking them out safe, but to fully inherited and developed.
To achieve the “five may” “have a”:
understood: open source system to fully grasp the details, there can be confusion unknown code;
editable: should be based on open source code understood completely customize the code;
Reconfigurable: for specific application scenarios and security requirements, based on open source code refactoring, forming a customized new architecture;
credible: to strengthen the independent operating system immunity with trusted computing technology to prevent autonomous system vulnerability system security;
available: applications and operating system to do the adaptation, ensuring independent operating system to replace foreign products.
We have independent intellectual property rights: to own intellectual property rights on the final autonomous operating system, and deal with intellectual property issues are using open source technologies. GPL open source technology to be bound by the agreement, our country based on existing open source operating system has not encountered significant intellectual property disputes, but just because there is no large-scale application of these systems, once I customize the operating system form a climate, will face challenges in this regard.
Meanwhile, in the process of implementation of the localization of alternative strategies, the trusted protection system fully supports localization of hardware, software, although there are more domestic product defects and loopholes can make credible security flaws and vulnerabilities will not be attacked use ensure more secure than foreign products, localization is self-controlled, safe and reliable escort.
  Faced with increasingly severe international cyberspace situation, we should be based on national conditions, innovation-driven, solving the kinds of problems. Adhere to defense in depth, to build a strong network security system, to build China into a world power network security and work hard!

Original Mandarin Chinese:

習近平

習總書記指出,沒有網絡安全就沒有國家安全,沒有信息化就沒有現代化。國際上,美國在網絡空間安全上佔據絕對優勢,他們確立霸主,制定規則,謀求優勢來控制世界,給我國的網絡空間安全提出了嚴峻的挑戰。
一、美國網絡空間安全戰略啟示
(一)美國將網絡空間安全由“政策”、“計劃”提升為國家戰略
美國在網絡空間戰略是一個認識發展的過程。首先是1998年發布的第63號總統令(PDD63)《克林頓政府對關鍵基礎設施保護的政策》,緊接著2000年發布了《信息系統保護國家計劃v1.0》。布什政府在2001年911事件後馬上發布的第13231號行政令《信息時代的關鍵基礎設施保護》,並宣布成立“總統關鍵基礎設施保護委員會”,由其代表政府全面負責國家的網絡空間安全工作。並研究起草國家戰略,於2003年2月正式發布《保護網絡空間的國家戰略》,又於2008年發布機密級的第54號國家安全總統令,設立“綜合性國家網絡安全計劃”,該計劃以“曼哈頓”(二戰研製原子彈)命名,具體內容以“愛因斯坦”一、二、三組成,目的是全面建設聯邦政府和主要信息系統的防護工程,建立全國統一的安全態勢信息共享和指揮系統。
(二)美國網絡空間安全戰略進一步完善
2008年4月,布什總統發布了《提交第44屆總統的保護網絡空間安全的報告》,建議美國下一屆政府如何加強網絡空間安全。
2009年2月,奧巴馬政府經過全面論證後,公佈了《網絡空間政策評估——保障可信和強健的信息和通信基礎設施》報告,將網絡空間安全威脅定位為“舉國面臨的最嚴重的國家經濟和國家安全挑戰之一”,並宣布“數字基礎設施將被視為國家戰略資產,保護這一基礎設施將成為國家安全的優先事項”,全面規劃了保衛網絡空間的戰略措施。
2009年6月,美國國防部長羅伯特.蓋茨正式發布命令建立美國“網絡空間司令部”以統一協調保障美軍網絡安全和開展網絡戰等軍事行動。該司令部隸屬於美國戰略司令部,編制近千人, 2010年5月,美國網絡司令部正式啟動工作。
(三)網絡空間國際和戰爭戰略
2011年5月,美國白宮網絡安全協調員施密特發布了美國《網絡空間國際戰略》,其戰略意圖明顯,即確立霸主,制定規則,謀求優勢,控制世界;同年7月,美國國防部發布《網絡空間行動戰略》,提出5大戰略措施,用於捍衛美國在網絡空間的利益,使得美國及其盟國和國際合作夥伴可以繼續從信息時代的創新中獲益。
2012年10月,奧巴馬簽署《美國網絡行動政策》(PDD21),在法律上賦予美軍具有進行非傳統作戰權力,明確從網絡中心戰擴展到網絡空間作戰行動等。
2013年2月,奧巴馬發布第13636號行政命令《增強關鍵基礎設施網絡安全》,明確指出該政策作用為提升國家關鍵基礎設施並維護環境安全與恢復能力。
2013年4月,奧巴馬向國會提交《2014財年國防預算優​​先項和選擇》提出至2016年整編成133支網絡部隊,其中國家任務部隊68支,作戰任務部隊25支 ,網絡防禦部隊40支。
2014年2月,美國國家標準與技術研究所針對《增強關鍵基礎設施網絡安全》提出《美國增強關鍵基礎設施網絡安全框架》(V1.0),強調利用業務驅動指導網絡安全行動,並為四個等級,組織風險管理進程。按網絡安全風險程度不同分
2015年4月23日,美國五角大樓發布新版網絡安全戰略概要,首次公開要把網絡戰作為今後軍事衝突的戰術選項之一,明確提出要提高美軍在網絡空間的威懾和進攻能力。
不僅美國緊鑼密鼓執行網絡空間國際和戰爭戰略,最近頒布的北約網絡空間安全框架表明,目前世界上有一百多個國家具備一定的網絡戰能力,公開發表網絡安全戰略的國家達56家之多。
由此可見,網絡空間已經成為繼陸、海、空、天之後的第五大主權領域空間,也是國際戰略在軍事領域的演進,這對我國網絡安全提出了嚴峻的挑戰,我們應積極應對,加快建設我國網絡安全保障體系,捍衛我國網絡安全國家主權。
二、構建主動防禦的技術保障體系
(一)可信免疫的計算體系結構
現在使用的計算機體系結構在設計時只追求計算速度並沒有考慮安全因素,如係統任務難以隔離、內存無越界保護等,這直接導致了網絡化環境下的計算服務存在大量安全問題,如源配置可被篡改、惡意程序被植入執行、利用緩衝區(棧)溢出攻擊、非法接管系統管理員權限等。
可信計算是信息科學發展的結果,是一種新的可信免疫計算模式。可信計算採用運算和防禦並行的雙體系架構,在計算運算的同時進行安全防護,使計算結果總是與預期一樣,計算全程可測可控,不被干擾。
對比當前大部分網絡安全系統,其主要是由防火牆、入侵監測和病毒防範等組成,稱為“老三樣”。形象的說,這些消極被動的封堵查殺是治標不治本,而可信計算實現了計算機體系結構的主動免疫,與人體免疫一樣,能及時識別“自己”和“非己”成份,從而破壞與排斥進入機體的有害物質,使有缺陷和漏洞不被攻擊者利用。 。
雲計算、大數據、物聯網、工業系統移動互聯網、虛擬動態異構計算環境等新型信息技術應用都需要可信免疫體係作為其基礎支撐。構建可信安全管理中心支持下的三重防護框架能夠保障體系結構,確保操作行為、資源配置、數據存儲盒策略管理的可信,達到攻擊者進不去、非授權者重要信息拿不到、竊取保密信息看不懂、系統和信息篡改不了、系統工作癱不成和攻擊行為賴不掉的防護效果,如果有可信機制,“震網”、“火焰”、“心臟滴血”等惡意代碼可不殺自滅。
(二)中國可信計算技術創新
中國可信計算於1992年正式立項研究並規模應用,早於國際可信計算組織(TCG,2000年成立)。
研究TCG可信計算方案發現其體系存在的問題有:(1)密碼體制的局限性:TCG公鑰密碼算法只採用了RSA,雜湊算法只支持SHA1系列,迴避了對稱密碼,由此導緻密鑰管理、密鑰遷移和授權協議的設計複雜化,也直接威脅著密碼的安全;(2)體系結構不合理:TCG的TPM外掛調用是一種被動體系結構,無法執行動態主動度量。
中國可信計算經過長期攻關,不僅解決了TCG的上述問題,還形成了自主創新的體系,其創新點包括:
(1)可信計算平台密碼方案創新
採用國家自主設計的算法,提出了可信計算密碼模塊(TCM),以對稱密碼與非對稱密碼相結合體制,提高了安全性和效率;採用雙證書結構,簡化證書管理,提高了可用性和可管性。
(2)可信平台控制模塊創新
提出了可信平台控制模塊(TPCM),TPCM作為自主可控的可信節點植入可信源根,在TCM基礎上加以信任根控制功能,實現了以密碼為基礎的主動控制和度量;TPCM先於CPU啟動並對BIOS進行驗證,由此改變了TPM作為被動設備的傳統思路,實現了TPCM對整個平台的主動控制。
(3)可信主板創新
在可信平台主板中增加可信度量節點(TPCM+TCM),構成了宿主加可信的雙節點,實現到操作系統的信任傳遞,為上層提供可信硬件環境平台;對外設資源實行總線級的硬件可信控制,在CPU上電前TPCM主動對Boot ROM進行度量,使得信任鏈在“加電第一時刻”開始建立;並利用多度量代理建立信任鏈,為動態和虛擬度量提供支撐。
(4)可信基礎支撐軟件創新
採用宿主軟件系統+可信軟件基的雙系統體系結構,,可信軟件基是可信計算平台中實現可信功能的可信軟件元件的全體,對宿主軟件系統提供主動可信度量、存儲、報告等保障。
(5)可信網絡連接創新
採用基於三層三元對等的可信連接架構,進行訪問請求者、訪問控制者和策略仲裁者之間的三重控制和鑑別;對三元集中控管,提高架構的安全性和可管理性;並對訪問請求者和訪問控制者實現統一的策略管理,提高系統整體的可信性。
(三)解決核心技術受制於人問題
(1)中國可信計算產業化條件具備。 《國家中長期科學技術發展(2006-2020年)》明確提出“以發展高可信網絡為重點,開發網絡安全技術及相關產品,建立網絡安全技術保障體系”,“十二五”規劃有關工程項目都把可信計算列為發展重點,可信計算標準系列逐步製定,研究制定單位達40多家,參加人員達400多,標準的創新點都作了技術驗證,申報專利達40多項。不少單位和部門已按有關標準研製了芯片、整機、軟件和網絡連接等可信部件和設備,並在國家電網調度等重要係統中得到了有效的應用。 2014年4月16日,成立了中關村可信計算產業聯盟,大力推進產業化、市場化。
(2)為全面替代國外產品打基礎。 2014年4月微軟公司停止對Windows XP的服務支持,全國約2億台運行XP操作系統的終端將面臨無人服務的局面;​​而Windows 8和Vista(2006年政府明確不採購)是同類架構,升級為Windows8不僅耗費巨資,還會失去安全控制權和二次開發權。利用自主創新的可信計算加固XP系統可以方便的把現有設備升級為可信計算機系統,以可信服務替代打補丁服務,應用系統不用改動,便於推廣應用。
基於開源技術發展自主操作系統是現實選擇。經過20多年的攻關,我們在操作系統關鍵技術上有相當的積累和儲備,這些技術積累主要是在開源操作系統基礎上取得的突破。從繼承的角度,我們需要選擇開源作為技術路線;從發展的角度,目前也來不及重新編碼形成一套完全新的操作系統,要共享人類知識財富,開源依然是現實選擇。自主創新不是封閉起來搞安全,而是要充分繼承和發展。
要做到“五可”“一有”:
可知:對開源系統完全掌握其細節,不能有不可知代碼的困惑;
可編:要基於對開源代​​碼的理解,完全自主編寫代碼;
可重構:面向具體的應用場景和安全需求,對基於開源技術的代碼進行重構,形成定制化的新的體系結構;
可信:通過可信計算技術增強自主操作系統免疫性,防範自主系統中的漏洞影響系統安全性;
可用:做好應用程序與操作系統的適配工作,確保自主操作系統能夠替代國外產品。
有自主知識產權:要對最終的自主操作系統擁有自主知識產權,並處理好所使用的開源技術的知識產權問題。開源技術要受到GPL協議的約束,目前我國現有基於開源的操作系統尚未遇到知識產權方面的明顯糾紛,但這僅僅因為這些系統尚無規模應用,一旦我自主操作系統形成氣候,必然會面臨這方面的挑戰。
同時,在我國實施國產化替代戰略的過程中,可信防護體系全面支持國產化的硬件、軟件,儘管國產化產品存在更多的缺陷和漏洞,可信保障能使得缺陷和漏洞不被攻擊利用,確保比國外產品更安全,為國產化自主可控、安全可信保駕護航。
面對日益嚴峻的國際網絡空間形勢,我們要立足國情,創新驅動,解決受制於人的問題。堅持縱深防禦,構建牢固的網絡安全保障體系,為我國建設成為世界網絡安全強國而努力奮鬥!

Original Source: X

 

Aspects of Chinese Hacker Information Attacks //中國黑客信息攻擊手段面面觀

Aspects of Chinese Hacker Information Attacks

中國黑客信息攻擊手段面面觀

The so-called information attack is the integrated use of electronic, network, psychological, fire, force and other means, against the enemy’s weaknesses and key information systems, flexible to take appropriate tactics and actively interfere with or disrupt the enemy’s information acquisition, transmission, processing and utilization to maximize the information advantage and weaken the enemy command and control capabilities. It is a soft kill and hard to destroy, integrated use of physical and psychological attacks and other means of attack.

信息攻击手段面面观
1. Focus on information to deceive and mislead the enemy taking the wrong action
is to take the analog information to deceive, camouflage, feint and other means, implicitly shown true or false, to lure the enemy to take the wrong decisions and actions. Fair in war, deception winning information is an important aspect of the fight against the use of strategy. Recently several high-tech local wars shows that clever use of deception, high technology can effectively confuse enemy reconnaissance, reduce the value of the enemy’s use of information to achieve good move by the enemy, the shape, the enemy will result from.

信息攻击手段面面观 a

The main methods are:
1.1 electronic active enemy deception and confusion
is emitted through a conscious, forward, transform, absorb or reflect electromagnetic waves, so that the enemy misleading when you receive a message. The main take many forms and means of transmitting information, create a false impression, concealed the true fight one’s own intentions, so misjudged the enemy, command failure, operational deployment confusion, reached their ears, impaired nerve head and containment purposes. There are three main ways: First analog electronic deception by simulating forces or capabilities that do not exist, or the ability to simulate real forces or false position against enemy electronic warfare and information on intelligence activities. Secondly posing electronic deception, disinformation or the information directly into the temptation of the enemy communications network to send false commands, false information or indirectly acquire a variety of information needed. Third-induced electronic deception, namely the use of electromagnetic feint, feint and in some troops fit for me to attempt to combat, deployment and operations of implicit shown true or false, to confuse, to mobilize the enemy, both in the secondary direction suddenly the implementation of high-power electromagnetic radiation information can be maintained in a predetermined direction or the main area of fighter electromagnetic shielding, shift focus enemy reconnaissance, reducing stress my main deployment; when I transfer command post or maneuver command, the right amount of information should be organized network in place to continue to work, or the implementation of force, electromagnetic feint in the other direction, a small movable cover a great ship, contain information about the enemy reconnaissance and jamming systems.
1.2 camouflage tactics confuse deception
tactics’ deception, disguise is to use a variety of measures in combination, make full use of the terrain, vegetation, artificial barrier cover, camouflage, smokescreen, camouflage net, paint and other standard equipment or handy equipment and other favorable conditions, setting the anti radar, anti-infrared, anti-reconnaissance comprehensive three-dimensional photoelectric barrier cover, shielding the true position of one’s own goals and action, of no promising, its essence lies hidden truth; or by changing one’s own electronic technology features and changes may have been exposed to one’s own true intentions electromagnetic image, to achieve electronic camouflage deception. Tactical confuse deception, is through interference confuse enemy reconnaissance, surveillance and battlefield observation, direct access to weaken the enemy’s ability to battlefield information, resulting in information overload enemy, increasing the degree of fuzzy information, so that the enemy of true and false information contradictory the enemy, so that action indecision adversely affected by aircraft. Or electromagnetic interference may be implemented over the main direction of serving chaff interference wire, so that confuse enemy radar; the enemy can be infrared, night vision equipment, laser irradiation interfere with their work or make it blinding, can maneuver when the forces to carry out offensive fighter, I am scheduled to enter enemy fighter-zone general or special cast smokescreen to blind enemy interference observed visible and infrared, laser, microwave and other reconnaissance equipment; can also be man-made noise, vibration and magnetic interference such as enemy action plan.
2. Implementation of electromagnetic harassment, destruction of the enemy or prevent the effective use of electronic systems
is the use of electromagnetic harassment electromagnetic radiation, reflection, refraction, scattering or absorption of electromagnetic energy and other means to hinder and weaken the enemy’s effective use of the electromagnetic spectrum against information technology, aimed at preventing enemy electronic equipment and systems to obtain useful information, reduce the enemy’s combat efficiency.
2.1 electromagnetic shutoff
namely full use of electronic warfare units and equipment, flexible use of a variety of means, actively enemy command and communications facilities and weapons control systems implementation of electronic suppression, within a certain time and scope, to make the enemy and its internal and external interrupts radio contact causing chaos fighting each other. The motorized combat electronic warfare force, the number of targets, the location and nature of the use of formula or throwing placed jamming equipment, take aim and blocking interference formula, combining active and passive jamming methods utilize cutoff point, local interdiction, interdiction and other three-dimensional tactical means to actively suppress the enemy’s command and communications network. As I was entering the predetermined area when the enemy fighter electromagnetic shutoff embodiment, can be taken against electromagnetic dimensional and multi-point, internal disturbance outside the cut to form a local electromagnetic advantage, both inside and outside the enemy cut off contact, it is vulnerable to attack, limb, and actively cooperate offensive fighter operations.
2.2 electronic attacks
to electronic warfare as the main force, make full use of vehicle-mounted, knapsack, put style, throwing electronic countermeasure equipment, into a number of groups capable of swimming harassment, the use of flexible battlefield favorable conditions covert maneuvering, timely investigation avowed enemy electronic target location quickly expand to occupy a favorable terrain, choose the best time to implement strong sudden attack, immediately after the withdrawal of tasks; also capable of sending electronic warfare units deep into the enemy near the depth key targets, enemy firepower system, precision-guided systems, C3I systems, airborne electronic equipment such as the implementation of electronic interference.
3. Implementation of network sabotage, sudden attack enemy computer
network sabotage is the use of a variety of offensive and damaging computer software technology, computer systems into a variety of enemy interference, sabotage, or paralyzed by destroying the enemy’s computer as the core information network system to prevent enemy battlefield information acquisition, transmission and processing, they lost the ability to control the battlefield. Under modern conditions, computer technology has penetrated into all aspects of the military field, the computer has become almost all major high-tech and advanced weapons combat system platform. Destroy the enemy’s computer network system is one of the mobile operations of the information against the most critical action.Therefore, the use of professional and technical personnel, the use of a computer or other special equipment, under the unified organization, timing and selection of key key objectives, multiple penetration into the enemy’s computer network to find gaps, and its attack.
3.1 saturation attack
enemies despite widespread use of high-tech digital communications technology to transmit the battlefield information, fast, secure and strong, but its existing equipment more information nodes and the transmission capacity and real-time information sharing with all combat certain gap. For this feature, through various means pouring a lot of waste to the enemy information network, outdated information, false information or refuse to cast the program, manufacturing information flood, blocking, squeeze the enemy information channel, information flow hysteresis enemy, seize enemy cyberspace, it is a long time information network saturation, causing the enemy can not be timely and effective use of network access, transmission, processing and distribution of information, thus weakening the enemy network capabilities. In addition, since the proliferation of information also allows the enemy is hard to determine the authenticity, it is difficult to make valid judgments.
3.2 Virus surprise
that the use of computer information network implementation infiltrate enemy virus attacks. A computer virus is a special preparation, self-replicating computer program transmission, has a hidden, latent, infectious and destructive characteristics, separating a complex virus may take a long time. Therefore, the computer virus attack is to implement a network of the most effective weapons. Press the virus destroys the mechanism can be divided into: seize the resource-based, modify the file type, to eliminate the program type, type of data theft and destruction of hardware type. Its injection mode there are four:
First, directional electromagnetic radiation injection. Computer viruses coming modulated electromagnetic emissions from electronic equipment, the use of enemy radio receiver into the enemy’s weak points from the electronic information network system.
Second, the information network node injection. Namely the use of wireless or wired communication network, the virus injected into the enemy’s battlefield information from the user node network, terminal or device.
Third, the use of pre-latent curing equipment. Through special channels (agents into, instigation enemy programmers, etc.) will be pre-populated enemy virus computer hardware, software programs, operating system or repair tool, activate the remote control by radio during the war, the virus attack.
Fourth, the hacker Descent. Namely the use of computer hackers skilled technology, multiple protection system to bypass the secret enemy tight settings, sneak into enemy battlefield information network penetration attacks, the enemy can pretend superiors or subordinates instruction issued false information or steal confidential data online; and to be enemy implant false data and information networks harmful programs, or formatting the hard disk of a computer, causing the enemy’s information systems paralyzed.
4. The integrated use of a variety of combat forces, attack the enemy in combat node
fist to take measures to deal with the system, and actively enemy important device information system, the implementation of key objectives node hard to destroy, and depending on the location and nature of the different objectives, to take appropriate and flexible means of attack, undermine the overall function of their information systems to achieve the high limit, drop, high system purposes.
4.1 Accurate Fire pits
located on the important goal of the enemy is not easy to interfere with the depth and strength of attacks, taking a variety of means to identify the basis for its position, taking tactical missiles, long-range artillery, helicopter or Air Force rapid mobility, the implementation of pinpoint precision-strike . When circumstances permit, it can also infiltrate enemy reconnaissance squad depth to pinpoint the location of the enemy command posts and other important information node, aviation and other guidance to be destroyed by fire.
4.2 elite penetration attacks
against the enemy’s battlefield information network points, lines long, wide, weak protection features to scout and special operations forces capable grouping a plurality of synthetic penetration combat units in a variety of ways to penetrate the enemy in depth, flexible, arrived in the deployment of nearly enemy reconnaissance information system, in particular the choice is not easy to interfere with important goals and firepower, flexible to take surprise storm or other means to look for an opportunity sabotage enemy headquarters, communications hub, radar technology weapons firing positions and other targets, from fast attack fast, quick.
4.3 Damage commando unit
for the relative concentration of enemy electronic equipment, or high-energy laser weapons can EMP implementation area of damage, with a strong electromagnetic pulse, breakdown, burning enemy of electronic components, damage to protective measures weak radar, communications systems, data processing systems and other electronic equipment.
5. Extensive psychological attacks, the collapse of the morale of enemy combatants
in accordance with changes in the means of psychological warfare under high-tech conditions and the environment, fully aware of the merits of the mental status of the enemy confrontation, practical focus, find enemy weaknesses, psychological warfare plans to develop and maintain an effective psychological warfare resilience and implement effective psychological attacks. The main measures: dissemination of information through the manufacture of a psychological deterrent to the enemy; identify weaknesses in enemy psychology, to ascertain the enemy internal state of mind, constitute troops, personality religion, customs and commanders, hobbies, expertise and the people to fight the enemy attitude, launched various forms of psychological attack, destroyed the enemy psychological defense; using distance artillery, aviation emission leaflets to the enemy; the use of radio as a person or the use of defectors living textbook battlefield propaganda; for the enemy melee fear, fear of psychological casualties, I take full advantage of the effect of fire attack, close combat with the enemy stalemate, killing a large number of the enemy’s effective strength, defeat the enemy spirit, and with the hard-kill effect expand psychological offensive, the enemy accelerate psychological breakdown, for I have entered a predetermined zone of the enemy fighter, should take advantage of sounding political propaganda offensive, which tempts it to abandon unnecessary resistance.

Original Mandarin Chinese:

所謂信息攻擊,就是綜合運用電子、網絡、心理、火力、兵力等多種手段,針對敵信息系統的要害和薄弱環節,靈活採取相應戰法,積極干擾或破壞敵信息獲取、傳遞、處理和利用,最大限度地削弱敵信息優勢和指揮控制能力。它是軟殺傷與硬摧毀、物理攻擊與心理攻擊等多種手段的綜合運用。

信息攻击手段面面观

1.注重信息欺騙,誤導敵採取錯誤行動
信息欺騙就是採取模擬、偽裝、佯動及其他手段,隱真示假,誘敵採取錯誤的決策和行動。兵不厭詐、詭道製勝是信息對抗謀略運用的一個重要方面。近期幾場高技術局部戰爭表明,巧妙地運用欺騙手段,能有效迷惑敵高技術偵察,降低敵信息的利用價值,達到善動敵者,形之,敵必從之的效果。

信息攻击手段面面观 a

主要方法有:
1.1電子主動惑敵欺騙
就是通過有意識地發射、轉發、變換、吸收或反射電磁波,使敵方在收到信息時造成誤解。主要採取多種形式和手段傳輸信息,製造假象,隱蔽己方的真實作戰意圖,使敵判斷失誤,指揮失靈,作戰部署混亂,達到掩耳、障目和遏制神經的目的。其主要方式有三種:其一模擬式電子欺騙,通過模擬不存在的部隊或能力,或在假位置上模擬真實部隊或能力來對抗敵軍的電子戰和信息情報活動。其二冒充式電子欺騙,將假情報或誘惑信息直接插入敵通信網發送假命令、假信息或間接地獲取所需的各種信息。其三誘導式電子欺騙,即利用電磁佯動,並在部分兵力佯動的配合下,對我作戰企圖、部署和行動隱真示假,以迷惑、調動敵人,既可在次要方向上突然實施大功率電磁信息輻射,也可在主要方向或預定殲擊區保持電磁屏蔽,轉移敵方偵察的重心,減輕我主要部署的壓力;當我轉移指揮所或實施機動指揮時,應組織適量的信息網絡繼續在原地工作,或在其他方向上實施兵力、電磁佯動,以小動掩大謀,牽制敵方信息偵察和乾擾系統。
1.2戰術偽裝迷盲欺騙
戰術偽裝欺騙,就是結合使用多種偽裝措施,充分利用地形、植被、人工遮障、迷彩、煙幕、偽裝網、塗料等製式器材或就便器材及其他有利條件,設置反雷達、反紅外、反光電偵察的綜合立體遮障,屏蔽己方目標的真實位置和行動,化有為無,其實質就在於隱真;或通過改變己方電子技術特徵和變更可能已暴露己方真實意圖的電磁形象,來達成電子偽裝欺騙。戰術迷盲欺騙,就是通過迷盲干擾敵方的偵察、監視和戰場觀察,削弱敵直接獲取戰場信息的能力,造成敵信息氾濫,增加信息的模糊程度,使敵方對相互矛盾的情報真假難辨,以至於行動上猶豫不決而貽誤戰機。可實施電磁信號干擾或在主要方向上空投放乾擾箔條、干擾絲等,使敵雷達迷盲;可向敵紅外、微光夜視器材照射激光,干擾其工作或使其致盲,可在機動力量實施攻勢殲擊時,向進入我預定殲擊區之敵施放普通或特種煙幕,迷盲干擾敵可見光觀察和紅外、激光、微波等偵察器材;也可人為製造噪聲、震動和磁場等乾擾敵方行動計劃。
2.實施電磁襲擾,破壞或阻止敵有效使用電子系統
電磁襲擾是利用電磁波的輻射、反射、折射、散射或吸收電磁能等手段,阻礙和削弱敵方有效使用電磁頻譜的信息對抗技術手段,旨在阻止敵方電子設備和系統獲得有效信息,降低敵作戰效能。
2.1電磁遮斷
即充分利用電子對抗分隊和器材,靈活運用多種手段,積極對敵指揮通信設施和武器控制系統實施電子壓制,在一定時間和範圍內,使敵內部及其與外部的無線聯絡中斷,造成各自為戰的混亂狀態。根據機動作戰電子對抗力量、打擊目標數量、位置和性質,使用投擲式或擺放式乾擾器材,採取瞄準式與阻塞式乾擾、有源與無源干擾相結合的方法,靈活運用要點遮斷、局部遮斷、立體遮斷等戰術手段,積極壓制敵指揮通信網。如對進入我預定殲擊區之敵實施電磁遮斷時,可採取多維多點電磁打擊,內擾外割,形成局部電磁優勢,切斷敵內外聯絡,使其處於被動挨​​打、孤立無援的境地,積極配合攻勢殲擊行動。
2.2電子襲擊
以電子對抗力量為主體,充分利用各種車載式、背負式、擺放式、投擲式電子對抗器材,編成若干精幹的游動襲擾組,利用戰場有利條件靈活隱蔽機動,及時查明敵電子目標的位置,快速展開佔領有利地形,選擇最佳時機突然實施強烈的襲擊,完成任務後迅即撤離;還可派出精幹的電子對抗分隊深入敵縱深重點目標附近,對敵火力打擊系統、精確制導系統、C3I系統、機載電子設備等實施電子乾擾。
3.實施網絡破襲,對敵計算機進行突然攻擊
網絡破襲是指利用各種具有攻擊破壞作用的計算機軟件和技術,對敵計算機系統進各種干擾、破壞活動,通過破壞或癱瘓敵以計算機為核心的信息網絡系統,阻止敵戰場信息的獲取、傳遞與處理,使其喪失戰場控制能力。現代條件下,計算機技術已經滲透到軍事領域的方方面面,計算機已成為幾乎所有先進武器和作戰系統重要的高技術平台。破壞敵計算機網絡系統是機動作戰中信息對抗最關鍵的行動之一。因此,應使用專業技術人員,利用計算機或其他特種設備,在統一組織下,選擇關鍵時機和重點目標,多路滲透,尋找打入敵計算機網絡的缺口,並對其進行攻擊。
3.1飽和攻擊
儘管高技術強敵普遍採用數字化通信技術傳輸戰場信息,速度快,保密性強,但其現有裝備的信息節點數多,且在傳輸容量和信息實時共享方面均與實戰存在一定的差距。針對這一特點,通過各種途徑向敵信息網絡大量傾瀉廢信息、過時信息、假信息或施放垃圾程序,製造信息洪流,阻塞、擠占敵信息通道,遲滯敵信息流通,奪佔敵網絡空間,使其網絡長時間處於信息飽和狀態,造成敵無法利用網絡及時有效地獲取、傳輸、處理和分發信息,從而削弱敵網絡功能。另外,由於信息氾濫也可使敵難辨真偽,難以作出有效判斷。
3.2病毒奇襲
即使用計算機病毒對敵信息網絡實施滲透襲擊。計算機病毒是一種特殊編制的、能自我複制傳播的計算機程序,具有隱蔽性、潛伏性、傳染性和破壞性等特點,分離一種複雜的病毒可能需要很長時間。因此,計算機病毒是實施網絡攻擊的一種最有效的武器。按病毒破壞作用機理,可分為:搶占資源型、修改文件型、消除程序型、竊取數據型和破壞硬件型。其註入方式有四種:
第一,電磁定向輻射注入。即將計算機病毒調製到電子設備發射的電磁波中,利用敵方無線電接收機從電子系統的薄弱環節進入敵信息網絡。
第二,信息網絡節點注入。即利用無線通信或有線通信網絡,將病毒從敵戰場信息網絡的用戶節點、終端或設備註入。
第三,利用配套設備固化預先潛伏。通過特殊途徑(特工潛入、策反敵程序設計人員等)將病毒預先植入敵計算機硬件、軟件程序、操作系統或維修工具中,戰時通過無線電遙控方式激活,使病毒發作。
第四,黑客暗襲。即利用黑客嫻熟的計算機技術,秘密繞過敵嚴密設置的多重防護系統,潛入敵方戰場信息網絡進行滲透攻擊,可以冒充敵方的上級或部屬發出虛假的指令信息或竊取網上機密數據;也可以對敵信息網絡植入偽數據和有害程序,或對計算機硬盤格式化,造成敵信息系統癱瘓。
4.綜合運用多種作戰力量,對敵實施節點打擊
採取以拳頭對付體系的辦法,積極對敵信息系統的重要設備、關鍵目標等節點實施硬摧毀,並根據不同目標的位置和性質,靈活採取恰當的打擊手段,破壞其信息系統的整體功能,達到限高、降高、制高的目的。
4.1火力精確點穴
對位於敵縱深不便於乾擾和兵力襲擊的重要目標,在採取多種手段查明其位置的基礎上,以戰役戰術導彈、遠程砲兵、直升機或航空兵快速機動,實施點穴式精確打擊。情況許可時,還可以偵察小分隊滲透敵縱深準確查明敵指揮所等重要信息節點的位置,引導航空兵等火力予以摧毀。
4.2精兵滲透襲擊
針對敵戰場信息網絡點多、線長、面廣、防護能力弱的特點,以偵察兵和特種作戰力量編組多個精幹、合成的滲透打擊分隊,以多種方式滲入敵縱深,靈活機動,抵近偵察敵信息系統的部署情況,特別是選擇不易乾擾和火力打擊的重要目標,靈活採取奇襲或強攻等手段,尋機破襲敵指揮機構、通信樞紐、雷達站、技術兵器發射陣地等目標,快襲快離,速戰速決。
4.3特種兵器毀傷
對於敵相對集中的電子設備,可以激光武器或高能電磁脈衝武器實施面積毀傷,以強大的電磁脈衝,擊穿、燒毀敵電子元件,破壞防護措施較弱的雷達、通信系統、數據處理系統等電子設備。
5.廣泛開展心理攻擊,瓦解敵方作戰士氣
根據高技術條件下心理戰手段和環境的變化,充分認識敵我心理對抗的優劣地位,著眼實際,尋敵弱點,制定心理戰預案,保持有效的心理戰應變能力和實施有效的心理攻擊。主要措施:通過傳播信息給敵製造心理威懾;找准敵心理弱點,弄清敵內部思想狀況、兵員構成、宗教信仰、風俗習慣以及指揮官的個性特點、嗜好、專長和敵方民眾對作戰的態度等,展開多種形式的心理攻擊,摧垮敵心理防線;利用遠程砲兵、航空兵向敵發射傳單;利用廣播或利用投誠人員作為活教材進行戰場宣傳;針對敵懼近戰、怕傷亡的心理,充分利用我火力突擊效果,與敵近戰膠著,大量殺傷敵有生力量,挫敗敵銳氣,並藉助硬殺傷效果展開心理攻勢,加速敵心理崩潰,對於已進入我預定殲擊區之敵,應充分利用陣前宣傳的政治攻勢,誘使其放棄無謂的抵抗。

Original Source X

China Faces Challenge of Combat Interpretation of Latest US Military Information Warfare // 中國面臨美軍最新信息戰作戰解讀挑戰中國網絡戰能力

China Faces Challenge of Combat Interpretation of Latest US Military Information Warfare

中國面臨美軍最新信息戰作戰解讀挑戰

中國網絡戰能力

Soure: X

中國網絡戰

中國網絡戰能力

Reaching aspects during Chinese President Xi Jinping’s visit, the two countries to combat cybercrime and promote the development of codes of conduct in cyberspace consensus, developed a number of cooperation initiatives to maintain network security, the formation of some dispute settlement mechanism, it is intended to address global network security issues. However, the US military in cyber warfare, information warfare is a fight, and actively adjust operational concepts, organizational system, forms of organization, operational processes and information culture, accelerate the development of the field of information warfare capabilities to ensure the Navy to get in a confrontation with major combat rival China’s dominance.

First, information warfare establishment of institution-building

In 2013, the US Navy Intelligence and Communication Networks merged unit information superiority by a Deputy Minister of Naval Operations is responsible for matters related to information superiority, with seven officers and some senior civilian fleet, as well as many professionals engaged in information warfare work in the field of change exist between intelligence gathering and fleet operations during the Cold war barriers, the US Navy to ensure safe use of the network environment to support access to information among the various operations. US Navy Fleet at Fort Dmitry set up Cyber ​​Command, the merger of the former Naval Network Warfare Command in Norfolk, Virginia naval base, he served as deputy commander of the Chief of Naval Operations is responsible for the integration of capabilities and resources, is responsible for the network attack and defense, management, operation and defense of the Navy’s network, as well as other activities related to cyber war, as both the US Cyber ​​Command, the Navy branch, to provide information to the US military combat support.

In the army building, the US Navy established the first 10 Fleet responsible for information warfare, information superiority as the US Navy forces, the development and delivery of information superiority capability to support operational requirements of the US Navy and allies, has formed intelligence, surveillance and reconnaissance, full operational capacity of the network, command and control, communications, intelligence, electronic warfare, aerospace and other aspects of the transition to the information operations after the US Navy intelligence and cyber warfare important step.

From US Navy surface ships, submarines and aviation sector includes allocated funds to ensure the daily operation of the Ministry of information superiority, training, equipment and procurement, taking into account the construction and development of unmanned aerial systems and electronic warfare systems. Although electronic warfare department, said the electronic attack items (such as the next generation of jammers) transferred from the Air Operations Department to the Ministry of information superiority will weaken budgetary support for electronic attack system, but the Navy said it had recognized that strengthening the field of electronic warfare offensive the importance of strengthening investment in the field of electronic warfare.

Second, the “joint information environment” guarantee the right to information system at sea

According to the US Department of Defense in September 2013 issued a “joint information environment implementation strategies”, “joint information environment” (JIE) is by far one of the largest joint military information technology operations, with the goal of network integration within the DoD overall IT footprint and infrastructure costs of the construction of the Ministry of Defence, the “chimney” of information systems development for the flat network of dynamic information system, providing interoperability of cloud-based enterprise network infrastructure and services, reduce to ensure that the US military battlefield obtain control of information, enhance the capacity of the Ministry of Defence to deal with cyber threats in the field.

“Joint Information Environment” construction focus is to strengthen information sharing and cooperation, the establishment of enterprise-class shared security protocol for configuration standardization, optimizing the routing of data, at the time and place needed to deliver confidential voice, data and information, including almost all joint information DoD information technology work. “Joint information environment” universal, global, based on cloud properties, including network operations center, data center and cloud-based applications and services, identity management systems, based data storage and sharing capabilities cloud structure and review computer technical support, allows the use of any device to achieve the edge of the network operator, to accelerate the integration of command and control network nodes, can guarantee the daily operations and administration while reducing the cost of network operation and management.

Defense Information Systems Agency (DISA) is responsible for technical management of a joint information environment, the development of the overall architecture of the safety standards, access issues and identity management. July 2013, the US European Command in Stuttgart established its first enterprise-class Operations Center (EOC), responsible for managing the access management information environment within the Joint Command of the US system in Europe and Africa, dozens of command and control nodes under the jurisdiction of merger . In 2014, the US Pacific Command, and enterprise-class operations center in the United States have also launched joint information environment “Delta 1” have reached initial operational capability.

US Department of Defense Joint Information Environment has given a total of $ 239 million to ensure funding for the purchase of core routers, optical network equipment, fiber optic, network devices, storage devices, security tools and other infrastructure, management and maintenance of the Defense Information Systems Network. In the context of budget cuts, the US military had more dependent on commercial space field, planned in 2016 by the local company responsible for global broadband communications satellite (WGS) in daily operations. In the civil-military cooperation in space operations, DISA need to focus on the potential threat so bring, make up the vulnerability of the physical transmission layer.

Third, the face of major combat operations rivals Applications

Navy Information Warfare future construction operations targeting China and other major rivals, based on the field of cyberspace under serious threat in the Western Pacific battlefield environment construction and operation of information and operational deployment to focus on the formation of forward-deployed real deterrent. US military flexibility and emphasizes the use of reliable satellite communications, to support joint information environment physical transport layer, especially for mobile and forward-deployed forces, command and control and ISR equipment to deal with the growing threat of space.

The initial stage of “joint information environment” design applications, the US Navy had stressed in its response cyber threats using a single security architecture (SSA) to reduce the Navy’s networks “cyber attack surface,” the US military response in the face of network damage, theft data and other forms of cyber attacks, to ensure that the US military’s combat information through various channels to secure smooth transmission. If the intruder’s goal is simply to prevent or delay transmission of information, there is no need to pursue a unified security architecture and security code.

Optical Fiber Communication Security System Operation Command Decision Support System is another focus of attention Navy. Currently, 99% of international data traffic through submarine cable transmission, optical fiber communication is the US military’s “joint information environment” an important transport route for the United States to protect allies and overseas military bases of communication and contact. Naval activities is the greatest threat to the submarine cable, submarine cable on the other side of the attack is difficult to prevent, once destroyed will take a long time to repair. Therefore, the Defense Information Systems Agency “Network infrastructure requirements” (NIPR) requires operators to repair the damaged cable within three days, the US Navy underwater submarine cable project team is also responsible for the maintenance and repair tasks to ensure safe and smooth optical fiber communication .

Fourth, call our army building appropriate information warfare capabilities

Faced with aggressive information warfare against the US military posture, Chinese military information warfare must face the challenge to build offensive and defensive information warfare system. Recently, Chinese President Xi Jinping has said it will vigorously promote the revolution in military affairs, the development of “information warfare” new strategies, innovative new military doctrine to fulfill the mission requirements of the system and setup, system equipment, strategy and tactics, management mode. Specific to the field of information warfare is to aim at the US military weaknesses, focusing on the development of anti-satellite missiles, land-based electronic jamming of satellite monitoring and control, high-energy laser to attack satellites and space-based weapons killer weapons, improve the ability of information systems most vulnerable to attack opponents nodes, enhanced network integrated Defense level clouds and terminal element transport layer, dependent on the US military “joint information environment” to implement the most damaging effect, in order to gain the initiative in the local military confrontation or war.

Origianl Mandarin Chinese:

中国国家主席习近平访美期间,中美两国就打击网络犯罪、推动制定网络空间行为准则等方面达成共识,制定了维护网络安全的若干合作举措,形成了某些争端解决机制,意图共同解决全球网络安全问题。然而,美军在网络战、信息战方面正在大动干戈,积极调整作战概念、编制体制、组织形式、作战流程和信息文化,加快发展信息领域作战能力,确保海军能够在与主要作战对手中国的对抗中取得优势地位。

一、信息战编制体制建设

2013年,美国海军将情报部和通信网络部合并成立信息优势部,由一名海军作战部副部长负责信息优势相关事务,配备7名舰队军官和一些高级文职,以及众多的专业人员从事信息战领域的工作,改变了冷战时期情报搜集和舰队作战之间存在的壁垒,保证美国海军利用安全的网络环境获取信息支持各种作战行动之中。美国海军在梅德堡组建了舰队赛博司令部,合并了弗吉尼亚州诺福克海军基地的原海军网络战司令部,由负责能力和资源整合的海军作战部副部长任司令,主要负责网络进攻和防御,管理、运作和保卫海军的网络,以及与赛博作战相关的其它活动,同时作为美军赛博司令部的海军分支,向美军提供信息作战支持。

在部队建设方面,美国海军成立了第10舰队专门负责信息战,作为美国海军的信息优势部队,发展和投送优势信息能力,支援美海和盟军的作战需求,目前已经形成情报监视与侦察、网络、指挥控制、通信情报、电子战、航天等方面的完全作战能力,向信息作战转型之后成为美国海军情报和网络战的重要步骤。

美国海军从水面舰艇、潜艇和航空兵部门划拔经费,保障信息优势部的日常运行、训练、装备和采购,兼顾无人航空系统和电子战系统的建设发展。尽管电子战部门表示将电子攻击项目(如下一代干扰器)从空中作战部门转移到信息优势部将削弱对电子攻击系统的预算支持,但是美国海军表示已经认识到在电子战领域加强攻击性的重要性,加强电子战领域的投入。

二、“联合信息环境”保证海上制信息权

根据美国国防部2013年9月发布的《联合信息环境实施战略》,“联合信息环境”(JIE)是美军迄今为止最大的联合信息技术行动之一,其目标是在国防部范围内进行网络一体化化建设,将“烟囱式”的信息体系发展为扁平网络化的动态信息体系,提供互联互通的基于云的网络基础架构和企业级服务,减少国防部整体的信息技术占用空间和基础设施成本,确保美军获得战场制信息权,提高国防部应对赛博领域威胁的能力。

“联合信息环境”的建设重点是加强信息共享和合作,建立企业级的共享安全协议,实现配置标准化,优化数据路由,在需要的时间和地点交付保密的语音、数据和情报,包括了几乎所有的国防部信息技术工作的联合信息。“联合信息环境”具有通用性、全球性、基于云的特性,包括网络作战中心、数据中心和基于云应用程序和服务的身份管理系统,提供基于云结构的数据存储和共享能力和可回顾的计算机技术支持,允许使用任何设备实现边缘网络操作,加速网络指挥与控制节点的融合,能够保障作战行动和日常行政管理,同时减少网络运行管理成本。

国防信息系统局(DISA)负责联合信息环境的技管理,制定整体架构中的安全标准、准入问题和身份管理等。2013年7月,美军欧洲司令部在斯图加特建立了首个企业级作战中心(EOC),负责管理美国欧洲和非洲司令部内联合信息环境系统的访问管理,合并下辖的几十个指挥和控制节点。2014年,美军太平洋司令部和美国本土的企业级作战中心也相继展开,联合信息环境“增量1”陆续达到初始作战能力。

美国国防部对联合信息环境建设给予了总计2.39亿美元的经费保证,用于采购核心路由器、光网设备、光纤、网络设备、存储设备、安全工具等基础设施,管理维护国防信息系统网。在预算削减的背景下,美军不得不更加倚重商业空间领域,计划在2016年由地方公司负责宽带全球通信卫星(WGS)的日常运营。在军民合作的空间运营中,DISA需要关注因此带来的潜在威胁,弥补物理传输层的脆弱性。

三、面对主要作战对手展开作战应用

美国海军未来信息战建设瞄准中国等主要作战对手,立足赛博领域严重威胁下的西太平洋战场,进行信息环境建设运营和作战部署,以前沿部署为重点形成现实威慑。美军强调使用弹性和可靠的卫星通信,支持联合信息环境物理传输层,特别是对机动和前沿部署的部队、指挥控制和ISR装备,应对日益增加的空间威胁。

“联合信息环境”设计应用的最初阶段,美国海军就强调以其应对赛博威胁,利用单一安全架构(SSA)减少海军网络面临的“赛博攻击面”,应对美军面对的网络破坏、窃取数据等多种形式的赛博攻击,保证美军的作战信息通过各种渠道安全通畅地传输。如果入侵者的目标只是阻止或迟滞信息传输,就没有必要追求统一的安全架构和保密码。

作战指挥辅助决策系统的体系结构光纤通信安全是美国海军关注的另一个重点。目前,99%的国际数据通信通过海底光缆传输,美军的光纤通信是“联合信息环境”的重要传输途径,用来保障美国本土与盟国和海外军事基地的通信联络。舰艇活动对是海底光缆的最大威胁,对方的对海底光缆的攻击很难防范,一旦遭到破坏需要很长时候修复。因此,国防信息系统局的“网络基础设施需求”(NIPR)要求运营商在3天之内修复受损光缆,美国海军水下工程队也担负海底光缆的维护和抢修任务,保证光纤通信安全顺畅。

四、呼唤我军建设相应的信息战能力

面对美军咄咄逼人的信息战对抗姿态,中国军队的信息战也要直面挑战,建设攻防兼备的信息战体系。日前,习近平主席已经表示中国将大力推进军事变革,制定“信息化战争”新战略,创新履行使命要求的新的军事理论、体制编制、装备体系、战略战术、管理模式。具体到信息作战领域,就是要瞄准美军弱点,重点发展反卫星导弹、陆基电子干扰卫星测控、高能激光攻击和天基卫星武器等杀手锏武器,提高攻击对手信息系统最脆弱节点的能力,增强网络云和终端元件传输层的综合攻防水平,对美军依赖的“联合信息环境”实施最大效应的破坏,才能在军事对抗或局部战争中占据主动。

US Cyber ​​Command established to respond to future cyber war // 美軍建立網絡司令部應對未來網絡戰爭

US Cyber ​​Command established to respond to future cyber war //

美軍建立網絡司令部應對未來網絡戰爭

四星上将基斯·亚历山大将出任美国网络司令部的首位司令员

From Zhuhai Security Bureau, People’s Republic of China

May 21, 2010, the US Department of Defense announced that in order to fight hostile countries and hacker attacks, the US Cyber ​​Command was officially launched. The US Air Force Combat Command and the same level of the unit by a former intelligence officer Alexander Keith four-star general in charge. As early as June last month, US Defense Secretary Robert Gates ordered the formation of Cyber ​​Command, after a year of preparation, Cyber ​​Command is now fully operational. This initiative of the US, indicating that the network will be an important piece of the future war position, “cyberwarfare” This unconventional war will be inevitable.

US forces have been brewing for a long time

  The United States as a global network of organizers, was the first country to apply real network, the establishment and operation of its network warfare units already brewing for some time, media reports from the outside world can be roughly about 12.

  First, conventional offensive and defensive team growing. According to the US cyber war years of defense experts Joel Harding assessment, the US Department of Defense has more than 15,000 computer networks in more than 4,000 military bases in 88 countries and regions, a total of more than 5,000 information warfare specialists, 5 ~ 70,000 soldiers involved in cyber warfare, coupled with the original electronic warfare officer, the number of American combat troops should be in the network of about 88700 people, which means that the number of US network warfare units have been the equivalent of 7 101 airborne division, as the network commander establishing unit, I believe that this figure will surge. This force must not only bear the task of network defense, other countries will also network and electronic systems for covert attacks, the United States access to a variety of intelligence information needed, and can quickly invade the enemy in wartime network system paralyzed the enemy command networks and electronic weapons systems.

Second, the unified command superior forces continue to integrate. Currently, the US network warfare units formed by relatively scattered, the armed forces have a certain strength, and has long competition for the services network warfare dominance, competition has been fierce. Such as: in 2002 in Virginia, Naval Network Warfare Command was established, the preparation of 60 people, the Navy Fleet Command Information Warfare Center worldwide, Navy networks and space operations and the Navy Command, computer network defense commando teams cyber warfare units 7,000 officers and men. US Air Force Network Warfare Command Territories 4 NWW, including the famous 67th NWW. The wing has five intelligence brigade, 35 Intelligence Squadron, a total of more than 8000 soldiers, resident in more than 100 locations worldwide, personnel and equipment throughout the “other continents except Antarctica.” US Army from July 2008 officially launched the construction of army battalions network, currently distributed network operations personnel in Iraq, Afghanistan and other places, to assist the local US network warfare activities, cyber warfare experts have thousands of people. Now, the formal establishment of Network Warfare Command, these advantages is to be effective and reasonable integration of forces, the US network warfare units to improve the organizational system, to achieve a high degree of unity of command and management, improve the operational effectiveness.

The third is capable of practical tactics and equipment continue to improve. US troops have been developed more than 2,000 kinds of computer viruses weapons, such as “logic bombs” and “trap door”, etc., hardware, electromagnetic pulse bombs, infrasound weapon system, the kinetic energy interceptor and high-power microwave weapons, other countries can network physical attack vector. According to reports, the US military in 2008 bombed a facility in Syria, on the use of an airborne system, airborne invasion by the enemy and operate network sensors, so that the loss of the enemy early warning function. Over the years, the US military cyber warfare tactics and constantly enrich and improve, from the media point of view, the early offensive tactics “backdoor”, “bomb attack”, in recent years has studied the “botnet”, “cast a wide net” and other . Thus, it is easy to see the US network warfare units “tip of the iceberg”, and its emphasis on cyberwarfare.

Inspiration

US Cyber ​​Command to build us a profound revelation. We should speed up the pace of global military development to adapt to, and actively play and use network advantages, strengthen the network supervision and active defense, to build a network can attack and defend the shield.

A revelation: to clarify understanding. In recent years, not only the United States established a Cyber ​​Command, several countries Israel, Russia, Britain, Germany, France, Japan, South Korea and India have been established or are planning to set up a network command system and mechanisms of war. Allegedly, Taiwan in early 2001 formally established what is known as “Tiger Force” network information warfare units, the main task is to sneak through the network related sites, to collect all kinds of confidential information and intelligence collection and development of various secret computer virus, to create “electronic bomb” attack the target network. Faced with serious challenges, we can only turn pressure into motivation, the real renew our concept, calm response, rapid response, to explore with Chinese characteristics cyberspace to victory as soon as possible.”Scholars Sushi, fitters who cares Junjie,” the army as mighty undefeated division, should be thought of cyberwarfare have a clear understanding of height, to a set of effective countermeasures, have a professional reliable team to adapt to new changes in the new military confrontation in the new situation.

Revelation II: build a strong foundation. Anti-sense of confidentiality between laws and regulations and information security officers are doing the work of the foundation. Really good job between anti-army under the condition of information security work, and the headquarters of the Central Military Commission has formulated a series of laws and regulations of confidentiality from the “People’s Liberation Army Secrets Act” and “the rule of confidentiality ’10 allowed ” to ‘prevention crime Ordinance, “” military computers connected Internet regulations, “and” military regulations on the Internet, “and” strictly guard against network leak ‘ten ban,’ “and so on. Currently, the regulations should integrate our military resources, to build full list of information security regulations, while increasing by between anti-secrecy, to guide the officers and men “correct knowledge network, regulate online” really lay a solid foundation of information security from the end.

Revelation 3: Aggregate talent. In recent years, the CIA and the military attaches great importance to cultivate high-tech talent, and even recruit hackers for their own use, constantly stealing his country’s secret and are ready to do the vanguard of conventional forces, to combat damage other network systems. US National Defense University military historian Daniel Kool noted that the Pentagon’s interest in cyber warfare has reached a degree of “religious fanaticism” in this frenzy, groups of hackers amnesty, are trained to the new professional military hackers. Reserve personnel is a necessary condition to deal with high-tech development, at present, we should actively search for network technicians to build a formal, professional, the strength of the team to respond to current and future needs of the network security cyber war.

Inspiration Four: to strengthen the defense. “Art of War” said: “No it does not rely just sit on there is also pending; it does not rely attack, something I can not rely attack also.” Strong defense against foreign invasion is the most effective means of building a solid sturdy defense can keep the enemy thousands of miles away, which rely on the continuous development of network technology and improve. We should therefore innovation in the development of advanced and useful technology network protection efforts, as I hold up an umbrella network system to ensure the safety and combat consolidated.

Revelation five: as active. Although the US Department of Defense stressed that the main task of Cyber ​​Command is defensive operations, but its covert intelligence to steal his country under the surface rhetoric, his country’s intention to attack the essence of network information system, has long been self-evident. During the Iraq war, Iraq top-level domain “.iq” application and analytical work is terminated America, all URLs with “.iq” suffix from the Internet site all evaporated in the Internet can not see any information from Iraq, which the US military quickly and efficiently to win the war in Iraq provides an important prerequisite. Information age, cyber warfare has become a “bear the brunt, full use” in the true sense of the style of warfare, to national security has brought new and unprecedented challenges, we want to provide intellectual support for the safe and stable development of the country and the army, in order to conventional war wartime to provide “security win” a prerequisite for the battle ill-prepared to deal with future networks.

Original Mandarin Chinese:

四星上将基斯·亚历山大将出任美国网络司令部的首位司令员

2010年5月21日,美國國防部對外宣布,為了打擊敵對國家和黑客的網絡攻擊,美軍網絡司令部正式啟動。這一與美空軍作戰司令部平級的單位,由情報軍官出身的四星上將基斯·亞歷山大執掌。早在去年6月,美國防部長羅伯特·蓋茨就下令組建網絡司令部,歷經一年的籌備,網絡司令部現已全面開始運轉。美軍的這一舉措,預示著網絡將是未來戰爭中的一塊重要陣地,“網絡戰”這種非常規戰爭將在所難免。

美軍此舉已醞釀多時

美國作為全球網絡化的組織者,是最早將網絡運用於實戰的國家,其網絡戰部隊的建立與運轉早已醞釀多時,從外界媒體的報導大致能夠了解一二。
一是攻守兼備的常規隊伍不斷增強。根據研究美軍網絡戰多年的防務專家喬爾·哈丁評估,美國國防部在全球88個國家和地區的4000多個軍事基地內擁有超過1.5萬個電腦網絡,共有5000餘名信息戰專家,5 ~7萬名士兵涉足網絡戰,再加上原有的電子戰人員,美軍網絡戰部隊人數應該在88700人左右,這意味著美軍網絡戰部隊人數已相當於7個101空降師,隨著網絡司令部的建立,相信這個數字還將激增。這支部隊不但要承擔網絡防禦的任務,還將對別國的網絡和電子系統進行秘密攻擊,獲取美國所需要的各種情報信息,並能在戰時迅速侵入敵方網絡系統,癱瘓敵方的指揮網絡和電子武器系統。
二是統一指揮的優勢力量不斷整合。當前,美軍所形成的網絡戰部隊相對比較分散,在海陸空三軍都有一定的力量,而且長期以來各軍種為爭奪網絡戰的主導權,一直競爭激烈。如:於2002年在弗吉尼亞州成立的海軍網絡戰司令部,編制60人,指揮全球範圍內的海軍艦隊信息戰中心、海軍網絡和太空行動司令部及海軍計算機網絡防禦特攻隊等網絡戰單位的7000名官兵。美空軍網絡戰司令部管轄4個網絡戰聯隊,包括大名鼎鼎的第67網絡戰聯隊。該聯隊有5個情報大隊、35個情報中隊,總計超過8000名官兵,駐地分佈在全球100多個地點,人員和裝備遍及“除南極洲之外的其他大陸”。美陸軍從2008年7月正式啟動陸軍網絡作戰營建設,目前網絡戰人員分佈在伊拉克、阿富汗等地,協助當地美軍進行網絡戰活動,擁有的網絡戰專家也達數千人。現在,正式成立網絡戰司令部,就是要將這些優勢力量進行有效合理的整合,來完善美軍網絡戰部隊的建制,實現指揮和管理的高度統一,提高作戰效能。
三是精幹實用的裝備戰法不斷完善。美軍現已研製出2000多種計算機病毒武器,如“邏輯炸彈”和“陷阱門”等,硬件方面,有電磁脈衝彈、次聲波武器系統、動能攔截彈和高功率微波武器,可對別國網絡的物理載體進行攻擊。據報導,美軍在2008年轟炸敘利亞某設施時,就使用了一種機載系統,通過空降侵入並操作敵方網絡傳感器,使敵方喪失預警功能。這些年,美軍網絡戰戰術不斷豐富和完善,從媒體報導來看,早期的進攻戰術有“後門程序”、“炸彈攻擊”等,近年來又研究了“殭屍網絡”、“廣泛撒網”等。由此,不難看出美軍網絡戰部隊的“冰山一角”,及其對網絡戰的重視程度。

幾點啟示

美軍建立網絡司令部給我們帶來了深刻的啟示。我們應加快適應世界軍事發展的步伐,積極發揮和利用網絡優勢,加強對網絡的監管和主動防禦,構建可攻可守的網絡盾牌。
啟示一:釐清認識。近年來,不僅美國建立了網絡司令部,以色列、俄羅斯、英國、德國、法國、日本、韓國、印度等多個國家都已經建立或正在籌劃建立網絡戰爭的指揮體系和機制。據稱,台灣也早在2001年就正式建立了被稱為“老虎部隊”的網絡信息戰部隊,主要任務就是通過網絡潛入相關網站,蒐集各種機密信息與情報,秘密收集與研發各種電腦病毒,製造“電子炸彈”攻擊目標網絡系統。面對嚴峻挑戰,我們唯有變壓力為動力,真正解放思想、更新觀念、冷靜應對、迅速反應,盡快探索出有中國特色的網絡空間制勝之道。 “儒生俗士,識時務者,在乎俊傑”,我軍作為威武不敗之師,應從思想上對網絡戰有高度清晰的認識,要有一套行之有效的應對之策,要有一支專業的可靠隊伍,以適應新軍事對抗中的新情況新變化。
啟示二:築牢根基。法規制度和官兵的防間保密意識是做好信息安全工作的根基。為切實做好信息化條件下我軍防間保密工作,軍委和總部先後製定出台了一系列保密法規制度,從《中國人民解放軍保密條例》及“保密守則’十不准’”,到《預防犯罪工作條例》、《軍隊計算機連接國際互聯網管理規定》以及“軍人上互聯網的規定”,再到“嚴密防範網絡洩密’十條禁令’”等。當前,應當整合我軍法規資源,構建完整齊備的信息安全保密法規體系,同時通過加大防間保密教育,引導官兵“正確識網、規範上網”,真正從末端打牢信息安全的根基。
啟示三:聚合人才。近年來,美國中央情報局及軍方非常注重培養高科技人才,甚至招募黑客為自己所用,不斷竊取他國秘密並隨時準備為常規部隊做好先鋒隊,打擊破壞對方網絡系統。美國國防大學軍事史專家丹尼爾·庫爾指出,五角大樓對於網絡戰的興趣已經達到了“宗教狂熱”的程度,在這種狂熱下,一批批黑客被招安,被訓練成新的專業軍事黑客。人才的儲備是應對高科技發展的必要條件,當前,我們應積極搜尋網絡技術人才,構建一支正規、專業、有實力的隊伍,以應對現在網絡安全防範和未來網絡戰爭的需求。
啟示四:加強防禦。 《孫子兵法》曰:“無恃其不來,恃吾有以待也;無恃其不攻,恃吾有所不可攻也。”堅強的防範是抵禦外侵最有效的手段,築實一條堅固的防線可以御敵於千里之外,這就要靠網絡技術的不斷發展和提高。因此,我們應當在自主創新研發先進、有用的網絡防護技術上下功夫,為我網絡系統撐起一把保護傘,確保安全和戰鬥力鞏固。
啟示五:主動作為。雖然美國防部強調網絡司令部的主要任務是防禦作戰,但是其隱蔽於表面辭藻之下的竊取他國情報、攻擊他國網絡信息系統的實質意圖,早已不言自明。伊拉克戰爭期間,伊拉克頂級域名“.iq”的申請和解析工作被美國終止,所有網址以“.iq”為後綴的網站全部從互聯網蒸發,在互聯網無法看到來自伊拉克的任何信息,這為美軍迅速高效打贏伊戰提供了重要前提。信息化時代,網絡戰已經成為真正意義上的“首當其衝、全程使用”的作戰樣式,給國家安全帶來了嶄新的、空前的挑戰,我們要為國家和軍隊的安全穩定發展提供智力支撐,為戰時的常規戰爭提供“保打贏”的先決條件,為應對未來網絡攻防戰做足準備。

 

Original Source X

China Information Warfare – China’s Basic Form of a Future War //中國信息化戰爭—中國未來戰爭基本形態

中國信息化戰爭—中國未來戰爭基本形態

In the 21st century, the rapid development of high technology and extensive application, and promote the development and evolution of combat weapons and equipment, and promote the transformation and innovation and the development of institutional military doctrine, which triggered a new revolution in military affairs. Information warfare will eventually replace mechanized war, become the basic form of war. Information warfare refers to occur in the information age, information-based, using information technology as a tool of war weaponry of war. Information warfare does not change the nature of war, but the war must take into account the outcome of the mentor and the consequences of war, first in the pursuit of strategic guidance on how to achieve “the enemy without fighting the soldiers,” the strategic victory, the kind of large-scale physical destruction at the expense of traditional warfare will be greatly constraints and limitations.

Knowledge has become the main source of war to destroy the force  on the right in terms of information (quantity and quality) dependence, the past is not any war and information war. In conventional war, the two sides focus more on comprehensive contest on the basis of physical force. Such as mechanized war, mainly for steel contest, contest the whole country is full of large industrial machinery production capacity. Information war contest does not exclude physical force, but more important is the contest of knowledge, innovation ability and speed of innovation contest. Knowledge will become the main source of war to destroy force, “an ounce of effect of silicon computer generated perhaps more than a ton of uranium is also big.”

Firepower, mobility, information, constitute an important part of modern military combat capability, and the ability of information has become the primary indicator to measure the level of combat capability. Information capabilities, performance in terms of information acquisition, processing, transmission, and use of confrontation, to be manifested through information superiority and competition control. Information superiority, in essence, in the understanding of the enemy at the same time prevent the enemy to understand one’s own situation, confrontation is a dynamic process. It has become a fight for air supremacy, command of the sea, land control of the premise of a direct impact on the process and outcome of the war. Of course, people will always be the master of information warfare. Plan and organize and direct the war from people completely dominated increasingly dependent on technology to develop human-machine combination of military quality requirements are higher. Information from the advantages of competition to the final decision superiority into more competitive knowledge and wisdom.

War forces will move toward information, intelligence  forces of war are directly and indirectly referred to the various forces for war, to fight the information war, natural rely heavily on information, intelligence and information technology military weapons and equipment.

The most basic of war, the most significant feature is the use of the most advanced scientific and technological achievements to create the most advanced instruments of war. Information weapons and equipment is developed on the basis of mechanized equipment, such as C4ISR systems, precision-guided weapons, information warfare equipment and various high-tech combat platforms.They are highly knowledge-intensive tools of war, and thus can not be compared with the traditional tools of war performance, functionality, operational capabilities and effectiveness. At the same time, they play to the performance level and the operational level, directly restricted information, information systems and information capabilities.   The army is the army of information technology refers to using information technology to weapons armed with the information age. Its unprecedented level of integration will enhance the overall combat capability more powerful, emphasizing optimal combination of combat capability, the services are just part of joint combat forces. At the same time, the size of the forces become smaller, more flexible and diverse forms of grouping, vertical command structure will also benefit from the tree into a flat network architecture. From the subordinate command relationship changed multilayer horizontal communication, and down one command relationships, delayering, put as many combat units into the same level of information, information sharing, shorten the information flow to meet the real-time command decision Claim.

War mode will tend to systematic, precise  Technological development determines the evolution of tactics. With the development of weapons and equipment, the scale of war is also growing, the most prominent battlefield extended to three-dimensional space from the plane: from land to sea and air space, and then, from the visible to the invisible electromagnetic space and information space, it has formed armed day one dimensional, tangible and intangible space space Blending the new operational environment. This network battlefield is great depth, three-dimensional high, dilute the distinction between front and rear, major changes have taken place in time and space, both traditional air, naval, marine, electronic warfare, and more will be a new web-based attacks information warfare. Rely on the support of information networks, through the orderly flow of information, all combat operations within the space really blending together.

In the past, a new weapon tends to cause relatively large impact, obtain better operational effectiveness. But in the modern battlefield, the two sides are no longer hostile confrontation between a single or a few branches, but not a single weapon system confrontation, but confrontation between systems. In the information war, the extent of such a system of confrontation and even more will not emphasize the operational performance of tanks, aircraft, warships and other single combat platform, but rather to highlight the overall performance of information technology weaponry system, pay attention to multiple armed services, comprehensive combat effectiveness of a variety of weapons and equipment.

Destroy the enemy is an important part of the war. Mechanized warfare, anti-surface fire mostly destroyed, such as fire suppression, carpet bombing, saturation-type attacks. This operational mode corresponding to the extensive mode of production of the industrial age, reflecting the idea of a war of attrition, to victory in that time, space, energy, supplies and other aspects of continuous consumption and weaken the power of the enemy, and finally defeat the enemy. The precision strike in line with the characteristics and requirements of the information age, but also reflects the basic characteristics of information warfare. Intensive production model of the information age emphasizes effectiveness, efficiency, effectiveness. Weapons and equipment level of intelligence and combat accuracy was greatly improved, can be done “pinpoint” type of destroyed; also can be accurate, non-physical damage, such as psychological warfare and information warfare. In addition, the precision strike can also significantly reduce collateral damage, so that the development and the process of social civilization synchronization war, war means more conducive to play its unique role.

Course of the war would be short, controlled – the rhythm of information warfare significantly accelerated course of the war will become shorter and shorter, but the intensity is getting high, and humanity as a whole control of the war also significantly enhanced.   Army should pay more attention to the quality of the information age and effectiveness. Winning quality from quantity into winning, it is one of the significant change in the war. Such as the combination of high-tech precision-guided weapons and combat platforms used to enhance the ability of the enemy to combat the standoff embodiment, can greatly reduce the loss of one’s own operations; continually improve the accuracy of the attack, it can greatly reduce the number of weapons consumption. World War II in 9000 to use bombs to blow up a goal, now 1-2 as long as missiles or guided bombs can solve the problem, operational tempo and the natural process will be faster.

Layers of advancing successive war, set small victories, this contact, wire is typical of traditional methods of warfare combat visual feedback. In information warfare, from the contact, non-line operations will be the main form of combat operations will be launched simultaneously in all the whole depth of space combat and battlefield, the primary targets will point directly to the enemy center of gravity. Especially powerful information warfare, even in the enemy without the knowledge of the state, it is possible to make several hacker instant enemy paralyzed economic and social, to quickly achieve the purposes of war.

Source: http://www.china001.com/

Original Mandarin Chinese:

進入21世紀,高技術的迅猛發展和廣泛應用,推動了武器裝備的發展和作戰方式的演變,促進了軍事理論的創新和編制體制的變革,由此引發新的軍事革命。信息化戰爭最終將取代機械化戰爭,成為未來戰爭的基本形態。信息化戰爭是指發生在信息時代、以信息為基礎、以信息化武器裝備為戰爭工具的戰爭。信息化戰爭不會改變戰爭的本質,但戰爭指導者必須考慮到戰爭的結局和後果,在戰略指導上首先追求如何實現“不戰而屈人之兵”的全勝戰略,那種以大規模物理性破壞為代價的傳統戰爭必將受到極大的約束和限制。

知識成為戰爭毀滅力的主要來源

就對信息(數量和質量)的依賴程度而言,過去的任何戰爭都不及信息化戰爭。在傳統戰爭中,雙方更注重在物質力量基礎上的綜合較量。如機械化戰爭,主要表現為鋼鐵的較量,是整個國家機器大工業生產能力的全面競賽。信息化戰爭並不排斥物質力量的較量,但更主要的是知識的較量,是創新能力和創新速度的競賽。知識將成為戰爭毀滅力的主要來源,“計算機中一盎司矽產生的效應也許比一噸鈾還大”。

火力、機動、信息,是構成現代軍隊作戰能力的重要內容,而信息能力已成為衡量作戰能力高低的首要標誌。信息能力,表現在信息獲取、處理、傳輸、利用和對抗等方面,通過信息優勢的爭奪和控制加以體現。信息優勢,實質就是在了解敵方的同時阻止敵方了解己方情況,是一種動態對抗過程。它已成為爭奪制空權、制海權、陸地控制權的前提,直接影響著整個戰爭的進程和結局。當然,人永遠是信息化戰爭的主宰​​者。戰爭的籌劃和組織指揮已從完全以人為主發展到日益依賴技術手段的人機結合,對軍人素質的要求也更高。從信息優勢的爭奪到最終轉化為決策優勢,更多的是知識和智慧的競爭。

戰爭力量將走向信息化、智能化

戰爭力量是可直接和間接用於戰爭的各種力量的統稱,打信息化戰爭,自然離不開信息化、智能化的武器裝備和信息化軍隊。

戰爭最基本、最顯著的特徵,就是利用當時最先進的科學技術成果製造最先進的戰爭工具。信息化武器裝備是在機械化裝備基礎上發展起來的,如C4ISR系統、精確制導武器、信息戰裝備和各種高技術作戰平台等。它們都是知識高度密集型的戰爭工具,因而具備傳統戰爭工具無法比擬的性能、功能、作戰能力和效果。同時,它們作戰效能的高低和發揮程度,直接受到信息、信息系統和信息能力的製約。

信息化軍隊是指用信息化武器裝備武裝起來的信息時代的軍隊。其一體化程度將空前提高,整體作戰能力更強大,強調作戰能力的優化組合,各軍種都只是聯合作戰力量的一部分。同時,兵力規模將趨於小型化,編組形式更加靈活多樣,指揮體制也將從垂直樹狀結構轉變為扁平網絡結構。即從上下級多層指揮關係改為橫向溝通、上下一體的指揮關係,減少層級,把盡可能多的作戰單元納入同一個信息層次,實現信息共享,縮短信息流程,以滿足實時化指揮決策的要求。

戰爭模式將趨於體系化、精確化

技術的發展決定著戰術的演變。隨著武器裝備的發展,戰爭規模也在日益擴大,突出表現為戰場從平面向立體空間擴展:由陸地到海洋再到空中和太空,從有形空間到無形的電磁和信息空間,已形成了陸海空天四維一體、有形空間與無形空間相互交融的新型作戰環境。這種網絡化戰場是大縱深、高立體的,前後方區別淡化,時空觀都發生了重大變化,既有傳統的空戰、海戰、陸戰、電子戰,更會出現全新的以網絡攻擊為主的信息戰。依靠信息網絡的支撐,通過信息的有序流動,所有作戰空間內的作戰行動真正地融合為一體。

過去,一件新式武器往往會造成比較大的影響,獲得較好的作戰效果。但在現代戰場上,敵對雙方已不再是單一或少數軍兵種之間的對抗,更不會是單一武器系統的對抗,而是體係與體系的對抗。在信息化戰爭中,這種體系化對抗的程度更甚,將不再強調坦克、飛機、軍艦等單件作戰平台的作戰性能,而是突出信息化武器裝備體系的整體效能,注重發揮多個軍種、多種武器裝備的綜合作戰效能。

消滅敵人是戰爭的重要內容。在機械化戰爭中,火力摧毀主要是面殺傷,如火力壓制、地毯式轟炸、飽和式攻擊等。這種作戰方式對應於工業時代的粗放型生產模式,反映了消耗戰的思想,制勝之道在於從時間、空間、能源、補給等方面不斷消耗和削弱敵人的力量,最後戰勝敵人。而精確打擊符合信息時代的特徵和要求,也反映了信息化戰爭的基本特點。信息時代的集約型生產模式講求效能、效率、效益。武器裝備的智能水平和打擊精度也獲得極大的提高,可做到“點穴式”的摧毀;同時還可以進行精確的非物理性毀傷,如心理戰、信息戰等。另外,精確打擊還可以大幅度降低附帶毀傷,使戰爭的發展與社會文明進程同步,更有利於戰爭手段發揮其獨特作用。

戰爭進程將是短暫的、可控的

信息化戰爭的節奏明顯加快,戰爭進程將變得越來越短,但強度卻越來越高,而人類對戰爭的整體控制能力也在顯著增強。

信息時代的軍隊更注重質量和效能。由數量製勝轉變為質量製勝,是戰爭發生的顯著變化之一。如精確制導武器和高技術作戰平台的結合使用,增強了從敵人防區外實施打擊的能力,可大大降低己方的作戰損失;攻擊精度的不斷提高,可大大減少武器消耗數量。第二次世界大戰中要用9000枚普通炸彈才能炸毀一個目標,現在只要1-2枚導彈或製導炸彈就可以解決問題,作戰節奏和進程自然會越來越快。

層層推進,逐次交戰,集小胜為大勝,這種接觸式、線式作戰是傳統作戰方法的典型直觀反映。而在信息化戰爭中,脫離接觸式、非線式作戰將成為主要形式,作戰行動將在所有作戰空間和戰場全縱深同時展開,首要打擊目標將直接指向敵人重心。尤其是信息戰威力巨大,甚至在敵人毫不知情的狀態下,幾個黑客頃刻間就有可能令敵國經濟和社會陷入癱瘓,從而迅速達成戰爭目的。

2016 Development of China’s Network Security Law & Revised National Security Legislation // 中國今年制定网络安全法 修证券法

中國今年制定网络安全法 修证券法

2016年03月10日01:40 北京晨报

NPC Standing Committee work report of the Standing Committee Zhang Dejiang as the National People’s Congress. Xinhua News Agency issued

  Zhang Dejiang chairman of the NPC Standing Committee work report for

Second session of the Fourth Session of the 9th National People’s Congress held its second plenary meeting in the afternoon in the Great Hall, commissioned by the National People’s Congress, Zhang Dejiang chairman to report to the General Assembly. Conference and heard presentations on the draft law of charity. Xi Jinping, Li Keqiang, Yu Zhengsheng, Liu Yunshan, Wang Qishan, Zhang Gaoli, etc. on the rostrum. Executive meeting presided over by the President of the General Assembly, the Executive Chairman Zhang Ping.

2015

We have done what?

Zhang Dejiang said in the report, over the past year, the Standing Committee formulated five laws, and a decision to change the law on legal issues 37, decided to submit to the National People’s Congress for consideration a through decisions on legal issues 8 ; law enforcement inspection six cases heard and deliberated the State Council, the supreme people’s Procuratorate 17 report on the work carried out three times and three thematic inquiry special investigations by two resolutions; consideration of the motion on behalf of the outcome of the review by the special committee 8 report, the report of the Credentials Committee on behalf of the eligible individual representatives of six decided to approve the treaty between China and foreign states, international agreements and conventions to join 11, a number of decisions and approve the appointment and removal of state organs and the like.

In the area of ​​national security-related legislation, the Criminal Law Amendment (ix) by the five terrorist-related activities included in the Criminal Responsibility range.Legislation in the field of people’s livelihood, be revised Population and Family Planning Law, the implementation of “comprehensive two-child” policy since January 1, 2016.

Second session of the Third Session of the NPC Standing Committee to determine the tasks have been completed, the Standing Committee all aspects of work have made new progress, new results.

2016

General Rules of Civil developing market economy amend the Securities Act

Chairman Zhang Dejiang said in the report, 2016 will be legislation, supervision is the key. By 2016, the NPC Standing Committee will improve the socialist market economy legal system, including modifying the Securities Act, SME Promotion Law and the like. April 2015 and 12th National People’s Congress of the fourteenth session of the draft amendments to the Securities Act conducted the first consideration.

Report, focus of the market play a decisive role in the allocation of resources and better play the role of government, focus on improving the level of economic and social development of the rule of law and market economy. General Rules of Civil develop and improve basic civil legal system. Developing an environmental tax, tonnage tax, tobacco tax law, food law, asset valuation method, modify the Securities Act, SME Promotion Law and the like.

“Adhere to green development, promote the construction of ecological civilization, to build the most stringent environmental protection system, modify the Water Pollution Control Act, the Marine Environment Protection Law, Wildlife Law and other.” The report said.

Social and cultural development of network security law revision Red Cross Society

2016, the NPC Standing Committee will coordinate development of legislation in the field of social, cultural, etc., making medicine law, Community Corrections Act, modify Private Education Promotion Law, the Red Cross method.

Report, in terms of deepening the reform, the development of public cultural services security law, the promotion of the film industry and the like. To promote civil-military integration depth development, deepen reform of national defense and the armed forces, the development of national defense transportation law, amend law on military officers and so on. In promoting anti-corruption legislation, the development of international criminal judicial assistance law, revise study Administrative Supervision Law. Develop overseas NGO management method, network security law.

In addition, the report proposes reform of the authorization decision to do related work.

The implementation of the supervision and inspection of food safety inspection method

Zhang Dejiang said in the report, in 2016, the NPC Standing Committee will strengthen the supervision of the implementation of the law and check the implementation of the Food Safety Law and other six laws.

This six laws include: Food Safety Law, Water Law, promote scientific and technological achievements into law, the Environmental Protection Act, the Road Traffic Safety Law, Production Safety Law.

Meanwhile, the NPC Standing Committee will consider combining food safety law enforcement inspection report carried out three Environmental Protection Act, Production Safety Law and other topics upon request. Strengthen tracking supervision, to consider the report of the State Council to listen to feedback on research process rights of the elderly security law, food safety law enforcement inspection report and deliberations on the situation. Listen to consider the report of the State Council on the implementation of the Exit and Entry Management Law.Water Pollution Control Act to carry out the implementation of special investigations.

New initiative to review the filing and examination of administrative regulations

  By 2016, the NPC Standing Committee will strengthen the filing and examination of the development of new administrative regulations and judicial interpretations active review examined piece by piece.

Original Mandarin Chinese:

中國今年制定网络安全法 修证券法

2016年03月10日01:40 北京晨报

全国人大常委会委员长张德江作全国人民代表大会常务委员会工作报告。新华社发

张德江委员长作全国人大常委会工作报告

十二届全国人大四次会议9日下午在人民大会堂举行第二次全体会议,受全国人大常委会委托,张德江委员长向大会报告工作。会议并听取了关于慈善法草案的说明。习近平、李克强、俞正声、刘云山、王岐山、张高丽等在主席台就座。会议由大会主席团常务主席、执行主席张平主持。

2015年

都做了啥?

张德江在报告中说,一年来,常委会制定5部法律,修改37部法律和1个有关法律问题的决定,决定提请全国人民代表大会审议的法律案1件,通过有关法律问题的决定8个;检查6部法律实施情况,听取审议国务院、最高人民法院、最高人民检察院17个工作报告,开展3次专题询问和3项专题调研,通过2个决议;审议通过专门委员会关于代表议案审议结果的报告8个、代表资格审查委员会关于个别代表的代表资格的报告6个,决定批准我国与外国缔结的条约、协定以及加入的国际公约11件,决定和批准任免一批国家机关工作人员等。

在国家安全领域相关立法方面,通过的刑法修正案(九)中将五种恐怖相关活动列入刑事追责范围。在民生领域立法方面,及时修改人口与计划生育法,自2016年1月1日起实施“全面两孩”政策。

十二届全国人大三次会议确定的常委会各项任务已经完成,常委会各方面工作都取得了新进展、新成效。

2016年

将要做啥?

市场经济修改证券法制定民法总则

张德江委员长在报告中说,2016年将以立法、监督为重点。2016年,全国人大常委会将完善社会主义市场经济等方面法律制度,其中包括修改证券法、中小企业促进法等。2015年4月,十二届全国人大常委会第十四次会议对证券法修订草案进行了第一次审议。

报告提出,紧紧围绕使市场在资源配置中起决定性作用和更好发挥政府作用,着力提高经济社会发展和市场经济运行的法制化水平。制定民法总则,健全民事基本法律制度。制定环境保护税法、船舶吨税法、烟叶税法、粮食法、资产评估法等,修改证券法、中小企业促进法等。

“坚持绿色发展、促进生态文明建设,构建最严格的生态环境保护制度,修改水污染防治法、海洋环境保护法、野生动物保护法等。”报告中说。

社会文化制定网络安全法修改红十字会法

2016年全国人大常委会将统筹推进社会、文化等领域立法工作,制定中医药法、社区矫正法,修改民办教育促进法、红十字会法。

报告提出,在深化文化体制改革方面,制定公共文化服务保障法、电影产业促进法等。在促进军民融合深度发展、深化国防和军队改革方面,制定国防交通法,修改现役军官法等。在推进反腐败立法方面,制定国际刑事司法协助法,研究修改行政监察法。制定境外非政府组织管理法、网络安全法。

此外,报告提出做好改革试点授权决定相关工作。

监督检查检查食品安全法实施情况

张德江在报告中说,2016年,全国人大常委会将加强对法律实施情况的监督,检查食品安全法等6部法律的实施情况。

这6部法律包括:食品安全法、水法、促进科技成果转化法、环境保护法、道路交通安全法、安全生产法。

同时,全国人大常委会将结合审议食品安全法、环境保护法、安全生产法等3个执法检查报告开展专题询问。加强跟踪督办,听取审议国务院关于研究处理老年人权益保障法、食品安全法执法检查报告及审议意见情况的反馈报告。听取审议国务院关于出境入境管理法执行情况的报告。开展水污染防治法实施情况专题调研。

备案审查主动审查研究新的行政法规

2016年,全国人大常委会将加强备案审查工作,对新制定的行政法规、司法解释逐件进行主动审查研究。

中國今年制定网络安全法 修证券法

2016年03月10日01:40 北京晨报

People’s Republic of China Enters Global Governance Era

來源:中國信息安全

Source: China Information Security

China

Faced with a global network of new space, new areas, new home, how to learn the basis of Western Internet technology as the driving force of the traditional advantages of Internet governance model, to insist upon the sovereignty of the network, network security, network continue to promote economic prosperity and the need to fully reflect the General secretary Xi “four principles, five advocate” contains Chinese wisdom. For this reason, we face the reality of network threats, adherence to the “network of global governance China is entering the era of” road confidence is to make the network power of dreams and the vision to build a common destiny in cyberspace interconnection important ideological foundation.

Wuzhen successful conclusion of the summit, the global Internet governance is being used by Western values-based, rule the West as the main rule, Western Internet technology as the driving force of traditional Internet governance model, to insist on the sovereignty of the network, network security and economic prosperity as the basic network-oriented China mode steering. This shift was marked by the construction of the Internet learning General Secretary of the five propositions. These five ideas ranging from the physical aspects of China Unicom, cultural communication, trade exchange and network security, summed up in three fundamental characteristics, namely security, prosperity and globalization.

First, the general secretary Xi five ideas, to enhance network security and Internet freedom both status. This is a development of the Internet during ultra-liberal favorable correction of flooding. In human society entered the globalization and modernization of the historical background of a higher stage, the Internet has gone beyond the scope of technology, business and even exchange on the state of human life made for a global state. The living conditions of globalization try to mankind so far carried out in other areas, as both benefit from the freedom, innovation and diversity, but also trapped in dangerous disorder brought pluralism and deconstruction of the conflicts caused confusion . If in the early stages of development of the Internet, people can also use the price of liberty to defend the Internet out of order, then in this case, today’s Internet life is closely related to the direct and real life, it has been found that the “price of freedom “not only heavy and expensive, and in many cases even have constituted for economic security, political security and social security of all-round challenge.

Such challenges are mainly in three aspects, first, transnational crime is using Internet technology to achieve a new global distribution and the ability to upgrade the crime, and international judicial cooperation system is still unable to effectively respond to this challenge. In addition to traditional money laundering, smuggling, drug trafficking and other transnational criminal activities is the “Internet +” vision beyond the restructuring, the Internet itself is a breeding ground for its unique form of high-tech crime, such as hacking, virus, virtual currency black market, etc. . Although countries the judiciary had a hard struggle, but due to unity, flexibility, vastly more complex than the effectiveness of cooperation among countries of the Internet world, this fragmented country anchored to the Internet security system there are still serious failure. Second, among the increasingly fierce national competition, confrontation and ideological cultural conflict, so that the Internet has become a virtual battleground possible. If in reality, due to multiple brutal war mankind has accumulated a number of how much the bottom line with consensus, then in such a new field of Internet, the human consensus is still quite limited. Some countries and groups act in the Internet has been a serious violation of international rules and the reality of national sovereignty, and even loss of human ethics basic respect. The Internet has become the espionage, subversion and extreme battlefield behavior, the imperialists, hegemony, extremists and terrorists are turning to the name of freedom, the basic values ​​of human society and order challenge. Third, the Internet has brought economic opportunities are increasingly reflect the complex multi-faceted, excessive trade liberalization on economic security are new challenges. On the one hand, the “Internet +” is indeed able to promote the rational allocation of resources, to break the monopoly and information asymmetry, to facilitate transactions occur frequently, but on the other hand, the Internet economy has a serious impact on many traditional offline trading patterns, exacerbated protection of intellectual property rights dilemma, enlarged attention economy bubble. In this case, the security of the Internet has become the common interests of China and around the world essential.

Secondly, the development of the online world is inseparable from the real world support. E-commerce, network attention economy is becoming the world’s most important material basis, and this basis in fact. The stability is closely related to the real economy. In the world economy, there are many uncertainties, sluggish Western economies today, only continued prosperity of China’s economy can continue to provide opportunities for the development of the global Internet economy, only China is leading the world in order to build the basis for a global network to maximize. During the “Twelve Five”, China’s Internet industry to flourish. China Internet Network Information Center show that China’s industrial development of the Internet show a continued increase in industrial scale, “Twelve Five” period, expanding the audience, and gradually optimize the characteristics of technical facilities. “Twelve Five” period, the economic growth rate of China’s Internet significantly improved, the Internet economy in the proportion of GDP continues to rise. In 2014, the rate of contribution to the GDP of the Internet industry of 7% over the same period the United States. China is the world’s largest network of retail trading market, trading volume and user scale ranked first in the world.

And promote the common development of the global Internet economy in the West embarrassment structure of vested interests, to fully release the potential of the Internet can not be compared, the greater the intensity and commitment to reform, the reality of China’s Internet economy less bound themselves not only to achieve the turn to overtake, but already has strength.It is particularly worth mentioning is that, with the advancement of initiatives along the way, along the way to integrate e-commerce in global e-commerce is becoming a hot spot. Unicom physical, smooth e-commerce business will provide a vast space on the upgrade along the way.

Finally, the general secretary Xi five not trying to advocate a traditional concept of sovereignty to limit the development of the modern Internet, but on the basis of security, freedom and prosperity on both raised the times of global Internet governance ideas. This is because, on the one hand, the reform and opening up has always been China’s basic national policy, including any area, including the Internet field, it is impossible to challenge the policy. China’s Internet development in China’s economy as a result of integration into the world rather than isolated from the world. On the other hand, Internet issues facing China and local issues facing the global community as to promote closer cooperation of all concerned to build a just and rational order of the Internet, almost the only solution. The problem is that, for the purposes of some developed countries have technological advantages and disorderly state has given them much brought some problems, but it also brings technical advantages of the abuse of privilege. In this case, the responsibility and conditional responsibility, perhaps only China, which is the biggest beneficiary because on the one hand, China is both Internet freedom and prosperity, but also the largest Internet chaos and crime victims.

More importantly, the rise of China and indeed eager to have a field to lead the world to practice their own ideals. In the online world, the Chinese have the opportunity to turn to overtake. Indeed, in an increasingly global political unrest, economic stagnation appetite, the reality of an increasingly negative energy dispersive historical juncture, the online world has never been so urgently needs Chinese wisdom, Chinese programs and Chinese forces.China likely to extraordinary efforts to lead the world digital economy, out of the mire of stagnation. China advocates the concept may lead the online world hegemony from the digital world into the jungle community of destiny.The Chinese also need to grasp this opportunity, as compared to large countries, vested interest structure is highly curable realities of the international community, in the digital global society, China has more space and more opportunities to show himself as a modern powers to govern, to get a feeling of authority in the world should have a big country, and this authority will eventually radiated by the network to reality.

Original Mandarin Chinese:

面对全球一网的新空间、新领域、新家园,如何在汲取以西方互联网技术为动力的传统互联网治理模式优点的基础上,坚持网络主权、网络安全,持续推动网络经济繁荣,需要充分体现习总书记“四项原则、五大主张” 蕴含的中国智慧。为此,直面现实网络威胁,坚持“网络全球治理正在进入中国时代”的道路自信,是让网络强国梦想与构建网络空间命运共同体愿景互联互通的重要思想基础。

乌镇峰会顺利结束,全球互联网治理正在由以西方价值观为基础、以西方规则为主要规则、西方互联网技术为动力的传统互联网治理模式,向坚持网络主权、网络安全与网络经济繁荣为基本导向的中国模式转向。这个转向的标志就是习总书记提出的互联网建设五大主张。这五大主张涵盖了从物理联通、文化沟通、贸易互通以及网络安全等多个方面,归纳起来有三个根本的特征,即安全、繁荣与全球化。

首先,习总书记的五大主张,将网络安全提升到与网络自由并重的地位。这是对互联网发展过程中极端自由主义泛滥的有利纠治。在人类社会进入全球化、现代化更高阶段的历史背景下,互联网已经超越了技术、商务乃至交流上的范畴,而成为了一种人类全球化状态下的生活状态。这一生活状态与人类迄今为止在其他领域内进行的全球化尝试一样,既受益于自由、创新与多元,也受困于无序带来的危险、多元带来的冲突与解构带来的混乱。如果说在早期的互联网发展阶段,人们还可以用自由的代价来对互联网的失序进行辩护,那么在今天这种互联网生活直接与现实生活密切相关的情况下,人们已经发现这种“自由的代价”不仅沉重且昂贵,而且在很多时候甚至已经构成了对于经济安全、政治安全与社会安全的全方位挑战。

这种挑战主要表现在三个方面,其一,跨国犯罪正在利用互联网技术,实现全新的全球化布局与犯罪能力升级,而国际司法合作体系尚无法有效回应这一严峻挑战。除了传统的洗钱、偷渡、贩毒等跨国犯罪活动正在以“互联网+”的视野进行重组之外,互联网本身也滋生出其特有的高科技犯罪形态,比如黑客攻击、病毒传播、虚拟货币黑市等等。尽管各国司法机关进行了艰苦的斗争,但是由于互联网世界的一体性、灵活性、复杂性远远超过各国合作的有效性,这种以碎片状的国家为基点的互联网安全体制仍然存在着严重的失灵。其二,日益激烈的国家间竞争、意识形态对立以及文化冲突,让互联网有成为虚拟战场的可能。如果说在现实社会中,人类由于多次残酷的大战还多少积累了一些底线与共识,那么在互联网这样一个全新的领域中,人类的共识还相当有限。一些国家与群体在互联网中的行径已经严重侵犯了现实中的国际规则与国家主权,甚至丧失了对于人类道德伦理的基本尊重。互联网成为了间谍行为、颠覆行为与极端行为的战场,帝国主义者、霸权主义者、极端主义者与恐怖主义者正在借助自由的名义,对人类社会的基本秩序与价值进行挑战。其三,互联网带来的经济机遇正在越来越体现出复杂的多面性,过度的贸易自由正在对经济安全提出新的挑战。一方面,“互联网+”的确能够促进资源的合理配置,打破信息的垄断与不对称,便于交易的频繁发生,但是另一方面,互联网经济也严重冲击了许多传统的线下交易模式,加剧了知识产权保护的困境,放大了注意力经济中的泡沫。在这种情况下,互联网的安全已经成为中国与全球各国至关重要的共同利益。

其次,网络世界的发展离不开现实世界的支撑。电子商务、注意力经济正在成为网络世界最重要的物质基础,而这个基础的牢固与否其实与实体经济的发展密切相关。在世界经济存在诸多不确定因素、西方经济低迷不振的今天,只有持续繁荣的中国经济能够为全球互联网经济的发展提供持续的机遇,也只有中国的引领才能最大限度地构筑全球网络世界的基础。“十二五”期间,中国的互联网产业蓬勃发展。中国互联网络信息中心的报告显示,“十二五”期间我国的互联网产业发展呈现产业规模持续增加、受众群体不断扩大、技术设施逐步优化的特点。“十二五”期间,中国互联网对经济增长的贡献率显著提升,互联网经济在GDP中的占比持续攀升。2014年,互联网行业对GDP的贡献率达到7%,超过了美国的同期水平。中国更是拥有全球最大的网络零售交易市场,交易额和用户规模位居世界首位。

与西方困窘于既得利益集团结构,无法充分释放互联网潜力相比,改革决心与力度更大,现实束缚更少的中国互联网经济不仅自己实现了弯道超车,而且已经具备了带动全球互联网经济共同发展的实力。尤其值得一提的是,随着一带一路倡议的推进,电子商务在一带一路上的集成正在成为全球电子商务的热点。物理上的联通,贸易上的畅通将为电子商务在一带一路上的升级提供广阔的空间。

最后,习总书记的五项主张并不是试图以一种传统的主权观念去限制现代互联网的发展,而是在安全、自由、繁荣并重的基础上提出的与时俱进的互联网全球治理思路。这是因为,一方面,改革开放始终是中国的基本国策,包括互联网领域在内的任何领域,都不可能挑战这一政策。中国的互联网发展与中国的经济一样,是融入世界而非隔离于世界的结果。另一方面,中国所面临的互联网问题与当地全球社会面临的问题一样,推动有关各方的密切合作,构建一个公正、合理的互联网秩序,几乎是唯一的解决办法。问题在于,对于一些拥有技术优势的发达国家而言,无序的状态虽然给它们多少带来了一些困扰,但是也带来了滥用技术优势的特权。在这种情况下,能够负起责任的,有条件负起责任的,也许只有中国,这是因为一方面,中国既是互联网自由与繁荣的最大受益者,也是互联网混乱与犯罪最大的受害者。

更重要的是,崛起中的中国也的确渴望能有一块场域来实践自己对于引领世界的理想。在网络世界中,中国更有机会弯道超车。事实上,在全球政治日益动荡、经济停滞不振,现实中的负能量日益弥散的历史关口,网络世界从未如此迫切地需要中国智慧、中国方案和中国力量。中国不凡的努力有可能引领世界数字经济发展,走出发展停滞不前的泥潭中。中国倡导的理念可能引领网络世界从霸权的丛林世界变为数字化的命运共同体。而中国也同样需要把握这样一个机会,因为相比于大国林立、既得利益结构高度固化的现实国际社会,在数字化的全球社会中,中国拥有更大的空间与更多的机遇去展现自己作为一个现代化大国的治理才能,去获得一个具有天下情怀大国应有的权威,而这个权威也终将由网络辐射到现实之中。

來源:中國信息安全

Source: China Information Security

China’s National Network Security is in Their Own Hands

Source: China National Defense News

来源:中国国防报-国防特刊

Chinese “White Hat Hacker Corps” has become an important force in Chinese national cybersecurity”

習近平

◆ General Secretary Xi Jinping stressed that no network security is no national security, no information will be no modernization. Power network construction, China must have her own technology, excellent technology.

◆ Free security software “China model” to create a network security field, the “Chinese miracle.” The Chinese Dream…

◆ In the network security has risen to national security background, should consciously create a good development space for China’s own “white hat Legion” of hackers, while cautioning against a number of organizations or enterprises affected by outside forces controlled competition Chinese security market, and then to depth strategic goals of China’s core security.

After September 17, the US Senate Armed Services Committee issued a report called China network intrusion, causing great concern at home and abroad media.Chinese Foreign Ministry and the Defense Ministry spokesman, speaking one after another, the report noted that the United States is purely fabricated, deliberately fabricated entirely untenable. Defense Ministry spokesman Geng Yansheng solemnly pointed out that the Chinese government and armed forces have never engage in or support any network attacks and theft activities. China has always resolutely opposed and crack down on criminal activities related to network attacks. China faces a serious threat of cyber attacks is one of the world’s leading hacking victim. For network hacker attacks from abroad, we have sufficient evidence.

The United States is China’s largest Internet security threats

Geng Yansheng said that needs to be emphasized is that the “Prism” incident exposed more than a year, the United States should its foreign dignitaries, business, personal theft and network monitoring, monitoring the behavior of reflection to the Chinese side and the international community to make clear explanation . We urge the US to do more to contribute to peace and tranquility in cyberspace thing, rather than the opposite.

In fact, the attacks from the United States is China’s largest Internet security threats.

National Internet Emergency Center recently released “2013 China Internet Network Security Report” revealed that in 2013, China’s government websites frequently suffer outside hackers attacks, including national organized network attacks have increased significantly. China’s government websites, especially the local government website, is under attack “disastrous.”

According to monitoring, in 2013, our country has been tampered with the number of sites is 24,034, an increase of 46.7% compared with 2012, in which the number of government websites has been tampered with 2430, an increase of 34.9% compared with 2012; our territory to be implanted backdoors number of sites for the 76160, compared with 45.6% growth in 2012, has been tampered with and implanted in the back door of government websites, more than 90 per cent below the provincial and municipal local government Web site. Overseas hackers frequently attack government websites in China. In 2013, offshore “anonymous”, “Algerian hacker” and other hackers had attacked government websites in China. Among them, the “hacker anti-communist” organization more active, sustained launched against the territory of government agencies, universities, enterprises and institutions and well-known social organization site of the attack in 2013 on the organization of the territory of more than 120 government websites embodiment tampering. They use pre-implantation site vulnerability backdoor, then attacked the site after the implementation of control, at least the current invasion of the territory of more than 600 sites, an average of every three days publish tampering incident in their social networking sites.

In these networks from outside attacks, the national network of organized attacks increased significantly on China’s network security and information systems pose a serious threat and challenge. Since June 2013, Snowden exposure “Prism Plan” US National Security Agency and a number of network monitoring projects, the disclosure of US intelligence agencies in many countries and people in long-term implementation and monitor network penetration attacks, including multinational monitoring target politicians, diplomatic system, media networks, large enterprise networks and international organizations. Our focus on listening and belong to their targets, national security and Internet security is facing a serious threat to users’ privacy.

According to monitoring found only in 2013, there are 31,000 foreign hosts through a back door to China 61000 Website implement remote control, which ranks first in the United States hosts a total of 6215 hosts in control of our 15,349 sites. Phishing attacks against China in terms of attack from the United States the same primacy. Trojan zombie network connection, our country hosts more than 1090 are outside the control server control, which is located in the United States control server control our country hosts 448.5 million, accounting for 41.1% of the total, ranking the first place ……

Original mandarin Chinese:

核心提示

◆习近平总书记强调指出,没有网络安全就没有国家安全,没有信息化就没有现代化。建设网络强国,要有自己的技术,有过硬的技术。

◆免费安全软件的“中国模式”创造了网络安全领域的“中国奇迹”。

◆在网络安全已经上升到国家安全的大背景下,应当有意识地为中国自己的“白帽子军团”创造良好的发展空间,同时警惕一些受境外势力控制的组织或企业争夺中国安全市场,进而达到深入我国核心安全领域的战略目的。

9月17日,美国参议院军事委员会发表所谓中国网络入侵报告后,引起海内外媒体的高度关注。中国外交部和国防部新闻发言人相继发言,指出美方报告纯属无中生有,蓄意捏造,完全是站不住脚的。国防部新闻发言人耿雁生严正指出,中国政府和军队从未从事或支持任何网络攻击和窃密活动。中方一贯坚决反对并依法打击网络攻击等相关犯罪活动。中国面临着网络攻击的严重威胁,是世界上最主要的黑客攻击受害国之一。对于来自境外的网络黑客攻击行为,我们掌握有充分证据。

美国是中国网络安全最大的威胁

耿雁生表示,需要强调的是,“棱镜门”事件曝光一年多了,美方应就其对外国政要、企业、个人进行网络窃密和监听、监控的行为进行反思,向中方和国际社会作出清楚解释。我们敦促美方多做有利于网络空间和平与安宁的事,而不是相反。

实际上,来自美国的网络攻击是中国网络安全最大的威胁。

国家互联网应急中心最新发布的《2013年中国互联网网络安全报告》披露,2013年,我国政府网站频繁遭受境外黑客组织的攻击,其中国家级有组织网络攻击行为显著增多。我国的政府网站,尤其是地方政府网站,是遭受攻击的“重灾区”。

据监测,2013年,我国境内被篡改网站数量为24034个,较2012年增长46.7%,其中政府网站被篡改数量为2430个,较2012年增长34.9%;我国境内被植入后门的网站数量为76160个,较2012年增长45.6%,在被篡改和植入后门的政府网站中,超过90%是省市级以下的地方政府网站。境外黑客组织频繁攻击我国政府网站。2013年,境外“匿名者”“阿尔及利亚黑客”等多个黑客组织曾对我国政府网站发起攻击。其中,“反共黑客”组织较为活跃,持续发起针对我国境内党政机关、高校、企事业单位以及知名社会组织网站的攻击,2013年该组织对我国境内120余个政府网站实施篡改。他们利用网站漏洞预先植入后门,对网站实施控制后遂发起攻击,目前至少入侵600余个境内网站,平均每3天在其社交网站发布一起篡改事件。

在这些来自境外的网络攻击中,国家级有组织网络攻击行为显著增多,对我国的网络安全和信息系统带来严重威胁和挑战。2013年6月以来,斯诺登曝光“棱镜计划”等多项美国家安全局网络监控项目,披露美国情报机构对多个国家和民众长期实施监听和网络渗透攻击,监控对象包括多国政要、外交系统、媒体网络、大型企业网络和国际组织等。我国属于其重点监听和攻击目标,国家安全和互联网用户隐私安全面临严重威胁。

据监测发现,仅在2013年,境外有3.1万台主机通过植入后门对我国6.1万个网站实施远程控制,其中位于美国的主机居首位,共有6215台主机控制着我国15349个网站。在针对中国的网络钓鱼攻击方面,来自美国的攻击同样居于首位。在网络木马僵尸方面,我国境内1090万余台主机被境外控制服务器控制,其中位于美国的控制服务器控制了我国境内448.5万余台主机,占总数的41.1%,仍居首位…

Who will guard China’s network security?

China ushered in the Internet age is the tide of reform and opening up.Chinese Internet users surf the initial means of the Internet, whether hardware or software, mostly imported from overseas to domestic.

八一解放軍

This “borrowed boat” mode, while promoting the development of China’s high-speed network, but also to China’s network security left a great security risk. We use the Internet browser is someone else’s, you’ve seen what page, others see that; our search engine to find the problem is someone else’s, for what you are interested in something, it will be automatically recorded in a database outside in ……

We use the operating system as others in the system hidden “back door” through overseas. After the United States, according to media reports, the world’s largest user coverage Microsoft “Windows” operating system, found loopholes in the system, it will first notify the US intelligence agencies, will then inform the user, provide patches fix vulnerabilities. This means that, in someone else’s “window”, we almost “transparent”. Even more serious is that Microsoft in order to protect its own commercial interests, has designed a mandatory upgrade marketing strategy.For example, in order to promote Win8 operating system, on April 8 to forcibly stop the official service XP system, the millions of Chinese users directly discarded in molar sucking blood before hackers. Domestic media pointed out in a review of Microsoft XP stop taking event, which is an important event once the impact of China’s Internet security. This is not only related to the large number of individual users, but also is related to the key sectors involved in the national economy. Network security system, China must rely on its own security vendors innovation and action.

Network security experts pointed out that China’s current network security system is set up in technology research and development on the basis of the United States, not to mention technology, cloud security technology in the field of key technologies such as a CPU, communications and data transmission encryption and decryption system in the field art networking technology and so on. If you play a very appropriate analogy, just as the Chinese network security gate, he stood an American security.

Network security is a core protection capability of the modern state in cyberspace, the party and state leaders highly concerned about network security issues. February 27, the central network security and information technology leading group was established. CPC Central Committee General Secretary and State President and CMC Chairman Xi Jinping himself as a centralized network security and information technology group leader, he delivered an important speech at the first meeting of the leading group, pointed out that China has become a big country network, network security and information technology is a matter of national security and national development, major strategic issues related to the broad masses of working life, starting from the domestic and international trend, the overall layout of the parties to co-ordinate, innovation and development, and strive to build China into a powerful network.

General Secretary Xi Jinping stressed that no network security is no national security, no information will be no modernization. Power network construction, have their own technology, excellent technology.

General Secretary earnest expectation, explicit requirements for China’s domestic network security vendors, it is the direction of future efforts.

Original Mandarin Chinese:

谁来守护中国的网络安全?

中国是在改革开放大潮中迎来网络时代的。中国网民最初冲浪国际互联网的手段,无论是硬件还是软件,大多是从海外进口到国内的。

这种“借船出海”的模式,在促进中国网络高速发展的同时,也给中国的网络安全留下了极大的安全隐患。我们上网用的浏览器是别人的,你看过什么网页,别人一看就知道;我们查找问题的搜索引擎是别人的,你对什么东西感兴趣,会被自动记录在境外的数据库里……

我们用的操作系统也是别人的,系统中暗藏的“后门”直通海外。据美国媒体披露,全球覆盖用户最多的微软“视窗”操作系统,发现系统漏洞后,会首先通知美国的情报部门,而后才会告知用户,提供修补漏洞的补丁。这就意味着,在别人的“视窗”里,我们几乎是“透明”的。更为严重的是,微软为了保护自身的商业利益,设计了一套强制升级的营销战略。例如为了促销Win8操作系统,于4月8日强行停止XP系统的官方服务,把无数中国用户直接丢弃在磨牙吮血的黑客面前。国内媒体在评论微软XP停服事件时指出,这是一次影响中国网络安全的重要事件。这不仅关系到为数众多的个人用户,更是关系到涉及国计民生的关键行业。网络系统的安全保障,必须依靠中国自己的安全厂商的创新与行动。

网络安全专家指出,我国当前的网络安全体系,是在美国研发的技术基础上建立起来的,更不要说CPU等核心关键技术,通信数据传输方面的加密和解密系统领域技术,云安全技术领域和物联网技术领域技术等等。如果打一个不太恰当的比喻,就如同中国网络安全的大门前,站了一个美国保安。

网络安全是现代国家网络空间的核心防护能力,党和国家领导人高度关注网络安全问题。2月27日,中央网络安全和信息化领导小组成立。中共中央总书记、国家主席、中央军委主席习近平亲自担任中央网络安全和信息化领导小组组长,他在领导小组第一次会议上发表重要讲话,指出中国已成为网络大国,网络安全和信息化是事关国家安全和国家发展、事关广大人民群众工作生活的重大战略问题,要从国际国内大势出发,总体布局,统筹各方,创新发展,努力把我国建设成为网络强国。

习近平总书记强调指出,没有网络安全就没有国家安全,没有信息化就没有现代化。建设网络强国,要有自己的技术,有过硬的技术。

总书记的殷殷期望,是对中国本土网络安全厂商的明确要求,更是未来努力的方向。

“China model” to create a “China miracle”

Rivers and lakes of the network can be divided into decent and Xiepai.Commonly known as “black hat” hackers manufactured by Trojan, the use of computers, mobile phone operating system vulnerabilities to attack, steal private data, illegally obtained personal interests. The guardian of network security “white hat” on the contrary, they take the initiative to find a computer, mobile phone operating system vulnerabilities, provide technical repair programs, research and development of security software and hardware products, build a firewall against hackers, for individuals, society and the country’s network security add a layer of protective cover, active in the first line of network security guard.

China’s domestic network security vendors are on their market growth and competition from foreign giants up security. Rely on a strong sense of social responsibility and familiarity with national conditions, China’s network security vendors gradually grow from a little foreign magnates recapture market, has won vitality. Many users still remember those familiar names: Kingsoft, Rising, Jiangmin ……

China’s network security vendors not only by virtue of their own efforts to win the market, but also creatively launched the network security field, “China model” completely rewritten the pattern of China’s network security industry.Traditional network security software are used charging mode, charge more than $ 200 a year on average. Because of the higher price threshold, resulting in many who do not want to use security software. The absence of security software, also led to the Trojan virus on the network as a scourge, such as CIH, panda, etc., hundreds of millions of infected computers, sensational news events.

Introduced in 2005, 360 free security software, once the user uses the threshold down to zero. Along with other local network security vendors follow-up, only less than 10 years, Chinese security software PC penetration rate has risen to 99%. In 2013, Microsoft released a security report, the Chinese computer malware infection index of 0.6 per thousand, the global average is only 1/10 of the world’s countries with the lowest infection rates of malware. In 2014, Microsoft re-released a report, a detailed summary of the data in the world’s more than 100 countries and regions, more than 10 million computers after malware statistics pointed out that China is the world’s lowest 4.4, far below the world average of 18.

360 free security software model, Wall Street interpreted as “Chinese model”: the core layer on the basis of free goods and services, to build browser applications open platform and two basic platforms, and refine the site navigation, buy navigation, navigation games, search, open platform and mobile open platform and other services, these services through advertising and internet value-added services realized profits. Such an innovative “China model” will not only China’s network security software penetration is significantly improved, and the R & D investment by increasing safety, security personnel and gather technical team, making China’s network security technology continues to improve and is widely used by foreign counterparts and learn from the followers of the world’s security technology security technology leader, but also created the Eastern Hemisphere strongest Chinese “white hat Legion.”

In this sense, the free security software “China model” to create a network security field, “Chinese miracle.”

Original Mandarin Chinese:

“中国模式”创造“中国奇迹”

网络的江湖中也分正派和邪派。俗称“黑帽子”的网络黑客靠制造木马病毒、利用电脑、手机操作系统漏洞等进行攻击,窃取隐私、数据,非法获得个人利益。而守护网络安全的“白帽子”正好相反,他们主动发现电脑、手机操作系统的漏洞,提供技术修补方案,研发安全软件硬件产品,对黑客的攻击建立防火墙,为个人、社会乃至国家的网络安全加上一层防护罩,活跃在守护网络安全的第一线。

中国本土的网络安全厂商,是在自己的市场上与国外安全巨头的竞争中成长起来的。依靠强烈的社会责任感和对国情的熟悉,中国网络安全厂商逐步发展壮大,从外国巨头手中一点点夺回市场,赢得了生机。很多网民都还记得那些熟悉的名字:金山、瑞星、江民……

中国的网络安全厂商不但凭借自己的努力赢得了市场,还创造性地推出网络安全领域的“中国模式”,彻底改写了中国网络安全行业的格局。传统的网络安全软件都采用收费模式,平均一年收费超过200元。由于较高的价格门槛,导致很多用者不愿使用安全软件。安全软件的缺位,也导致了网络上的木马病毒像洪水猛兽,如CIH、熊猫烧香等,动辄感染上千万台电脑,成为轰动一时的新闻事件。

2005年推出的360免费安全软件,一下子把用户使用门槛降到了零。随着其他本土网络安全厂商的跟进,只用了不到10年的时间,中国个人电脑的安全软件普及率已经上升至99%。2013年,微软发布安全报告称,中国电脑的恶意软件感染率指标为千分之零点六,仅是全球平均水平的1/10,是全球恶意软件感染率最低的国家。2014年,微软再度发布报告,在汇总了全球100余个国家和地区10亿余台计算机的详尽数据后,指出中国恶意软件统计数据为世界最低的4.4,远低于世界平均水平的18。

360的免费安全软件模式,被华尔街解读为“中国模式”:在核心免费产品服务层基础上,构建浏览器平台与应用开放两大基础平台,然后细化为网址导航、团购导航、游戏导航、搜索、应用开放平台和移动开放平台等服务,将这些服务通过广告与互联网增值服务变现实现盈利。这样一个创新的“中国模式”不但将中国的网络安全软件普及率大幅提高,而且通过不断增加安全研发投入,集聚安全人才和技术团队,使得中国网络安全技术不断提升,被国外同行所广泛应用和借鉴,从安全技术的追随者成为世界安全技术的领先者,也造就了东半球最强的中国“白帽子军团”。

从这个意义上说,免费安全软件的“中国模式”创造了网络安全领域的“中国奇迹”。

Chinese “White Hat Hacker Corps” has become an important force in Chinese national cybersecurity

June 2013, “Prism” incident broke out. Former National Security Agency employee Edward Snowden would disclose secret documents US intelligence agencies monitor the project to the media, in one fell swoop depth reflection triggered a global information security issues. April 2014, suffered more than the major global Internet exploits of attacks: Open SSL “heart bleeding loophole”, IE browser’s “zero-day vulnerabilities”, Struts vulnerability, Flash vulnerability, Linux kernel vulnerability, Synaptics Touchpad Driver Vulnerability and other important vulnerabilities have been found to be. An attacker can exploit to achieve complete control of the target computer, steal confidential information.

The current world, hacking has become the most important network security threats, and network security threats has become a major threat to social security, national security. Cyber ​​attacks not only can disrupt the normal operation of enterprises and social institutions, but also can easily destroy a country’s operational command system and livelihood facilities, network security has become an important part of a national security defense system.

The current network security situation simmering, a turbulent, especially the “prism door” incident has exposed a series of deep-seated problems, showing security threats overseas hostile forces in the formation of China’s network security is growing. After the “Prism” incident, security products and related overseas smartphone products through the back door to steal the core data set of events repeatedly been exposed, and other international security software giant Symantec is also exposed the existence of a backdoor, domestic users lose confidence, exclusion in addition to government procurement list.

At these foreign security software lose confidence forced to withdraw from the Chinese market, the Chinese “white hat Legion” With long-term accumulation of technology and product innovation, and take up more than 600 million Internet users security guard duties. China’s domestic network security vendors have become a priority in government procurement national security products. Information security person in charge of a large state-owned enterprises, said they not only many major projects builders, but also the construction of a number of the world’s top-class large-scale projects. For such a large state-owned enterprises, each security flaw is thrilling security risks. Select the security products must be cautious, not only in respect of corporate security, national interests even more solidarity and public safety. In this context, they would prefer to secure key, handed the hands of their own people.

The rapid development of the network economy, so China’s network security is facing new challenges. The grim reality requires Chinese “white hat Corps” must quick response, China’s network security as a good “gatekeeper.”

The current domestic network ecosystem is very complex, a lot of important Internet companies have the background of foreign capital, which also makes the competitive Internet market, often there will be some market factors outside.Recently, for example, 360 to prosecute the “Daily Economic News” reported a case of alleged false in Shanghai Xuhui District People’s Court formally sentenced.Commenting on the domestic public opinion at the time of the court, and not just limited to commercial disputes, but through the appearance of the event, focusing on national cybersecurity issues. Many network security field and legal experts pointed out that, in the network security has risen to national security background, should be conscious of China’s own “white hat Corps” to create a good development space, while cautioning against a number of foreign forces in control of the organizations or enterprises for China’s security market, thus achieving further core areas of our strategic security purposes.

China’s network security depends on our own. This is not just a question of national pride, not just a confidence issue, but a matter of extreme cases, if there are areas of our security problems backdoor planted by hostile forces.Therefore, we should focus on in recent years in areas such as security, foreign hostile forces controlled by Chinese companies through the acquisition of M & I and other ways to penetrate the security field behavior.

Original Mandarin Chinese:

中国“白帽子军团”成为国家网络安全的重要力量

2013年6月,“棱镜门”事件爆发。美国国家安全局前雇员爱德华·斯诺登将美国情报机构监听项目的秘密文档披露给了媒体,一举引发了全球对于信息安全问题的深度反思。2014年4月,全球互联网遭遇多起重大漏洞攻击事件袭击:Open SSL的“心脏出血漏洞”、IE浏览器的“零日漏洞”、Struts漏洞、Flash漏洞、Linux内核漏洞、Synaptics触摸板驱动漏洞等重要漏洞被相继发现。攻击者利用漏洞可实现对目标计算机的完全控制,窃取机密信息。

当前世界范围内,黑客攻击已经成为最主要的网络安全威胁,而网络安全威胁成为社会安全、国防安全的重要威胁。网络攻击不仅能够破坏企业和社会机构的正常运行,还能够轻易地摧毁一个国家的作战指挥系统和民生设施,网络安全已经成为一个国家安全防御体系的重要组成部分。

当前网络安全形势暗流涌动、波谲云诡,尤其是“棱镜门”事件暴露出的一系列深层次问题,显示境外敌对势力在网络安全领域对中国形成的安全威胁越来越大。“棱镜门”事件之后,境外相关安全产品和智能手机类产品通过设置后门窃取核心数据的事件屡屡被曝光,赛门铁克等国际安全软件巨头也被曝光存在后门,失去国内用户信任,被排斥在政府采购名单之外。

就在这些国外的安全软件失去信任被迫退出中国市场之际,中国的“白帽子军团”凭借长期技术积累和产品创新,担负起守护6亿多网民安全的职责。中国本土网络安全厂商也成为国家政府采购安全产品的优先考虑。一家大型国有企业的信息安全负责人表示,他们不但是国内许多重大工程的建设者,还承建了世界上多个顶尖级大型工程项目。对于这样的大型国有企业来说,每个安全漏洞都是惊心动魄的安全隐患。选择安全产品必须慎之又慎,这不但关乎企业的安全,更与公共安全甚至国家利益休戚相关。在这种背景下,他们更希望把安全的钥匙,交到自己人手上。

网络经济的飞速发展,使中国网络安全面临着全新的挑战。严峻的现实要求中国“白帽子军团”必须快速反应,为中国的网络安全当好“守门人”。

当前国内的网络生态十分复杂,很多重要的互联网企业都有境外资金的背景,这也使得网络市场的竞争中,往往会出现一些市场之外的因素。例如近日360起诉《每日经济新闻》涉嫌虚假报道一案在上海徐汇区人民法院正式宣判。国内舆论在评论这次法院判决的时候,并不仅仅局限于商业纠纷,而是透过事件的表象,关注国家网络安全的问题。多位网络安全领域的专家和法律专家指出,在网络安全已经上升到国家安全的大背景下,应当有意识地为中国自己的“白帽子军团”创造良好的发展空间,同时警惕一些受境外势力控制的组织或企业争夺中国安全市场,进而达到深入我国核心安全领域的战略目的。

中国的网络安全要靠我们自己。这不仅仅是一个民族气节问题,也不仅仅是一个信心问题,而是一个关乎极端情况下,我们的安全领域是否存在敌对势力安插的后门问题。因此,应重点关注近年来在安全等领域,敌对势力通过外资控制中国公司,通过收购并购等方式向我安全领域渗透的行为。

Original Source URL

Can the People’s Republic of China be Deterred in Cyber Space?

02FEB1200Z2016

Originally posted on EastWest.NGO HERE

DSC_4244

This article on the concept of deterring China in the binary battlefield was written by Mr. Joseph Nye – a gentleman I wholly respect. Joseph S. Nye, Jr. is University Distinguished Service Professor and former Dean of Harvard’s Kennedy School of Government.

By Joseph Nye

If we look at the cyber realm, the effectiveness of deterrence depends on who (state or non-state) one tries to deter and which of their behaviors.  Ironically, deterring major states like China from acts of force may be easier than deterring non-state actors from actions that do not rise to the level of force. The threat of a bolt from the blue attack by a major state may have been exaggerated. Major state actors are more likely to be entangled in interdependence than are many non-state actors, and American declaratory policy has made clear that deterrence is not limited to cyber against cyber but can be cross domain with any weapons of our choice.

Along with punishment and denial, entanglement is an important means of making an actor perceive that the costs of an action will exceed the benefits.  Entanglement refers to the existence of  interdependences which makes a successful attack simultaneously impose serious costs on the attacker as well as the victim. This is not unique to cyber. For example, in 2009, when the People’s Liberation Army urged the Chinese government to dump some of China’s massive holdings of dollar reserves to punish the United States for selling arms to Taiwan, the Central Bank pointed out that this would impose large costs on China as well and the government decided against it. Similarly, in scenarios which envisage a Chinese cyber attack on the American electric grid imposing great costs on the American economy, the economic interdependence would mean costly damage to China as well. Precision targeting of less sweeping targets might not produce much blowback, but the increasing importance of the Internet to economic growth may increase general incentives for self restraint. At the same time,  entanglement might not create significant costs for a state like North Korea which has a low degree of interdependence with the international economic system.

Even among major powers, there may be situations, such as August 1914 where various actors believe that the benefits of attack exceed the costs to entanglement. European states were heavily entangled in trade and finance, but still chose to go to war. Most incorrectly envisaged a short war with limited costs, and it is doubtful that the Kaiser, the Czar and the Austro-Hungarian emperor would have made the same decision if they had foreseen the loss of their thrones and dismemberment of their empires.  Norman Angell who wrote that war had become too costly because of entanglement was correct in that sense, but miscalculation can affect any type of deterrence. Trade between the U.S. and Japan did not prevent the Japanese attack on Pearl Harbor, but in part that was caused by the American embargo that manipulated the interdependence in a way that led the Japanese to fear that failure to take a risky action would lead to their strangulation.

Deterring state actors from attacks that do not reach the level of force is more difficult. For example, deterring China from cyber theft of intellectual property for competitive commercial advantage has proven more difficult than deterring an attack on the electric grid. Yet even here, the American threat of economic sanctions seems to have changed the declaratory policy of Chinese leaders at the time of the September 2015 summit between presidents Xi and Obama. The American indictment of five PLA officers for cyber theft of intellectual property in 2014 initially seemed counter-productive when China used it as a pretext to boycott a previously agreed bilateral cyber committee. But the costs of naming and shaming plus the threat of further economic sanctions seems to have changed Chinese declaratory behavior. Previously, China had not recognized the American distinction of espionage for competitive commercial purposes as a distinct category, but they accepted it in 2015.

Whether the threat of sanctions and loss of face will deter actual behavior of the complex organization we summarize as “China” remains to be seen. Skeptics argue that the declaratory policy change did not alter behavior of cyber theft originating from some actors in China. Optimists point out that deterrence requires clarity about what one is trying to deter, and the Chinese president’s declaration at last provides a clear baseline for behavior that China can be held to.

If there is no progress, further sanctions with credible consequences could include using the dispute settlement mechanism of the World Trade Organization, but such cross domain deterrence can be problematic if it involves issue-linkage which is resisted by trade bureaucracies and corporate groups that do not wish to see their interests damaged by reprisals.  Options such as naming and shaming corrupt officials by disclosing hacked information about their behavior can attack a country’s soft power but it sometimes resisted as over escalatory. The jury is still out on the extent to which China can be deterred in cyber space, but the evidence suggests it would be mistaken to totally discount the possibilities.

Original Source on EastWest.NGO