Category Archives: China Cyber Dilemma in the 21st Century

Maintaining Chinese Cyber & Network Security Launching the People’s Fifth Space War //维护中國网络安全,打响第五空间人民战争

Maintaining Chinese Cyber & Network Security Launching the People’s Fifth Space War

//维护中國网络安全,打响第五空间人民战争

President Xi clearly pointed out at the symposium on cybersecurity and informatization: “Network security is for the people, network security depends on the people, and maintaining network security is the common responsibility of the whole society. It requires the government, enterprises, social organizations, and the majority of netizens to participate together. Network security defense. ” 
Maintening China’s network security is an important measure to coordinate and promote the comprehensive construction of a well-off society, comprehensively deepen reforms, comprehensively govern the country according to law, and comprehensively and strictly manage the party’s strategic layout. It is to achieve the goal of “two hundred years” and achieve The important guarantee for the great rejuvenation of the Chinese dream of the Chinese nation.Please pay attention to the report of the “Liberation Army Daily” today –

 

Breaking through the online and offline boundaries, the security situation is severe and complicated

An inconspicuous “worm” has caused an uproar in the world – in May this year, cyberattacks initiated by criminals through tampering with the “eternal blue” program in the National Security Agency arsenal made most of Europe Countries and regions have successively recruited and affected important infrastructures including government, banks, power systems, communication systems, energy companies, airports, and other computer systems in many hospitals in the United Kingdom, resulting in some patients not being able to undergo surgery in time.

Behind this ransomware incident is the escalating confrontational conflict in cyberspace. Zhao Zhiguo, director of the Network Security Administration of the Ministry of Industry and Information Technology, said that only this year, the Ministry of Industry and Information Technology organized the industry forces and coordinated the handling of many attacks against the network and important systems, covering viruses, Trojans, vulnerabilities, traffic attacks and other types, involving network infrastructure public. Systems, important information systems and terminals. “It can be said that cyberattacks are still in a high-risk situation, showing that the threshold is constantly decreasing, the objects are more extensive, and the means are more diverse.”

The data shows that as of the first half of this year, the number of Internet users in China reached 751 million, and the Internet penetration rate reached 54.3%. “When the scale of the Internet is getting bigger and bigger, the challenges facing network security are becoming more and more serious.” In the view of Wu Jianping, an academician of the Chinese Academy of Engineering and a professor at Tsinghua University, the field of network security is constantly expanding. From a global perspective, the threat of cyberattacks is infiltrating into the industrial Internet sector, and industrial Internet security incidents are frequent. In December 2015, a large-scale organized and premeditated directed cyber attack in Ukraine caused a continuous power outage in nearly one-third of the territory. At present, the key infrastructure of various countries has become the target of cyber attacks. Once attacked, it will cause immeasurable damage to national security and social stability.

“The tentacles of cyber attacks extend to all aspects of society, and they are highly integrated online and offline. Network security is becoming the core issue of global security.” Zhou Hongyi, chairman of Qihoo 360, believes that after more than 20 years of development, the Internet is no longer An industry that is increasingly integrated with society as a whole. Coupled with the development of the Internet of Things, the Internet of Vehicles, and the Industrial Internet, the boundaries between the real physical world and the virtual world of the Internet are broken, and the online and offline are integrated. In this context, the attacks in the online world begin to spread to our real world. .

To be sure, the forms of cyber attacks are diverse and complex, and the cyber security situation is still grim. Global cybersecurity has gradually entered a era of security involving national security, national defense security, social security, industrial security, infrastructure security and even personal security.

There is no battlefield for smoke, and cyber war has never died.

There is a term in the software development industry called “Thousand Line Code Defect Rate”, which means the vulnerability rate in a thousand lines of code. There is probably a vulnerability in every thousand lines of code in most software companies. According to calculations, the code size of the most commonly used Windows operating system is about 50 million lines, and the Android system is about 12 million lines. The loopholes can be imagined.

“There are only two systems in the world, one is a system that has been known to be broken, and the other is a system that has been broken but not yet known.” The first US Army commander Alexander at the 2015 China Internet Security Conference The speech was impressive, and his point was that there was no safe system in front of the attackers.

“Any network system in the real world, even if the design is more sophisticated, the structure is more complicated, there will be loopholes without exception.” Zhou Hongyi pointed out that the 360 ​​community patching vulnerability response platform discovered more than 80,000 holes a year. These vulnerabilities may become the soft underbelly of the system suffering from cyber attacks.

The 360 ​​Threat Intelligence Center found that among the many advanced sustainable threats they monitored, the attackers had mostly infiltrated or lurked for a long time and concealed themselves through various means.

There are examples to prove. The Bushehr nuclear power plant, located 100 kilometers south of the Iranian capital Tehran, was a secret target guarded by the National Defence Force. In July 2010, it was attacked by a new type of network virus called “Seismic Network”. The 8000 centrifuges working in the nuclear power plant suddenly In the event of a failure, computer data was lost in a large area, and thousands of units were physically damaged. In 2014, internal documents of two nuclear power plants in South Korea were leaked, including personal information of nearly 10,000 employees of nuclear power plants, operating instructions for nuclear power plants, air conditioning and cooling systems. Design drawings, valve design drawings, etc. A US government report said that since May this year, hackers have been infiltrating the computer networks of US nuclear power plants and other energy equipment companies.

Unlike traditional warfare, which has a clear beginning and end, cyber warfare is constantly being declared. In this sense, the world has entered the era of cyber warfare. On the battlefield where there is no smoke, the planes and artillery that people paid attention to in the past have disappeared, and the new network virus has already appeared on the scene.

“The cyberattacks on critical infrastructure can even surpass the war in the traditional sense. It is almost impossible for nuclear states to use nuclear weapons, but cyber attacks are currently close to being unconstrained.” Cyberspace Security and Security Liu Weijun, a professor at the Center for Rule of Law, said that even worse than the destruction of the Ukrainian power system, nuclear power plants were attacked, directly threatening national security.

Relying on the people is the key path to building a network power

In September this year, with the theme of “Network Security for the People, Network Security Relying on the People”, a feature film “Fifth Space” became popular.

“People are always the most important factor. Network security is not a matter of purchasing and deploying a batch of network security equipment and stacking some products. It also requires a large number of professionals to analyze, judge, respond and dispose of.” Zhou Hongyi said It is necessary to play every network user so that everyone can actively play their role.

It is understood that since 2014, China has continuously held national network security publicity activities, popularized network security knowledge, strengthened network security education, and promoted a good atmosphere in which the whole society attaches importance to network security. “National cybersecurity propaganda should enhance the awareness of cyber security among all people, pay attention to the improvement of cyber security prevention capabilities, and let the broad masses of people have the awareness and ability to maintain their own network security. They can use the network like water, electricity, and fire. Qin An, director of the China Cyberspace Strategy Institute and director of the Internet Policy and Law Research Center of Tianjin University, said that cybersecurity depends on the people. Only relying on the people is the key path to building a network power.

“To maintain network sovereignty, it is necessary to strengthen the construction of defense forces in cyberspace and enhance the self-defense capabilities of cyberspace.” Qin An pointed out that the “Network Security Law” was officially implemented on June 1 this year, and one of its core objectives is to maintain cyber sovereignty. At the same time, the “International Cooperation Strategy for Cyberspace” promulgated on March 1 this year, in the third chapter of the strategic objectives to maintain sovereignty and security, for the first time to define the national definition of defensive forces in cyberspace, the construction of cyberspace defense forces as China’s national defense and military modernization Important content of construction.

The national defense white paper “China’s Military Strategy” clearly states that it is necessary to speed up the construction of cyberspace forces, improve the cyberspace situational awareness, cyber defense, support national cyberspace struggles and participate in international cooperation, curb major cyberspace crisis, and safeguard national networks and Information security, safeguarding national security and social stability.

Safety is the premise of development, and development is the guarantee of security. Building a network power, the nation’s awareness of improving network security is the foundation. At present, China is accelerating its march from a big network country to a network power. More than 1.3 billion Chinese people really enjoy the new achievements brought about by the development of the Internet. For the realization of the goal of “two hundred years”, the strategy of network power will play a role. More and more important support.

Construct an unbreakable security line

■ Li Yang

In the report of the 19th National Congress of the Communist Party of China, President Xi proposed to strengthen the application of basic research, expand the implementation of major national science and technology projects, highlight key common technologies, leading-edge technologies, modern engineering techniques, and subversiveness. Technological innovation provides strong support for building a strong country in science and technology, a country with strong quality, a strong country in space, a network power, a powerhouse, a digital China, and a smart society. Among them, the strategy of network power is once again mentioned, exciting and inspiring. In line with the development trend of the times, comprehensive maintenance of cyberspace security is the only way to build a network power.

The Cong listened to the silence, and the Ming was seen in the shape. With the rapid development of the information revolution, the network space consisting of the Internet, communication networks, computer systems, automation control systems, digital devices and their applications, services and data has profoundly affected the historical development of human society and comprehensively changed people’s production. lifestyle. Especially in the current global economic integration and internationalization of professional division of labor, cyberspace security is characterized by soft activity, border flexibility, diversification of means, domain widening and diversification of power, and is increasingly expanding to The mixed complex confrontation between the state, the military, and various purpose-oriented organizations and individuals implies a mixed risk of defamation of productivity, culture, and combat effectiveness.

The person in charge of the relevant department of the Central Network Office said that the five years since the 18th National Congress of the Communist Party of China was the fastest five years of cyberspace security development and five years of brilliant achievements in the field of cyberspace security. The “China Internet Station Development Status and Safety Report (2017)” shows that the tampering websites and government websites in China fell by 31.7% and 47.9% respectively last year. The overall level of government website security protection has been greatly improved; DDoS attacks of more than 1G have dropped by 60%.

The results are gratifying, but they should also be soberly aware that there are still many problems in the actual work that cannot keep up with the ideological concepts, and that there are consensuses that are difficult to implement. The implementation of cyberspace security measures is not in place or even “hanging the gap”. Cyberspace security is a holistic security. If a link is broken, it may lead to the collapse of the entire network. We can’t be lucky and slack, we must start from the various aspects of technology, equipment, personnel, management, etc., and build and deploy according to the road map of “laying up positions, deploying capabilities, and forming systems”. Practice, actively discover vulnerabilities, eliminate potential threats, continuously improve the security of cyberspace, and achieve new developments at a new starting point.

The construction of cyberspace security is a long-term, complex system engineering, which is not easy to beat and drum. To achieve this goal, there is not only a slap in the face, but also the tenacity of “do not relax”. It must be step by step, gradually promoted and implemented. Only in this way can we build an unbreakable security line.

Original Mandarin Chinese:

习主席在网络安全和信息化工作座谈会上明确指出:“网络安全为人民,网络安全靠人民,维护网络安全是全社会共同责任,需要政府、企业、社会组织、广大网民共同参与,共筑网络安全防线。”
维护我国网络安全,是协调推进全面建成小康社会、全面深化改革、全面依法治国、全面从严治党战略布局的重要举措,是实现“两个一百年”奋斗目标、实现中华民族伟大复兴中国梦的重要保障。请关注今日《解放军报》的报道——

维护网络安全,打响第五空间人民战争

■何楚洋

突破线上线下界限,安全形势严峻复杂

一只不起眼的“蠕虫”,竟然在全球引起了轩然大波——今年5月,由不法分子通过篡改美国国家安全局武器库中的“永恒之蓝”程序而发起的网络攻击,使大多数欧洲国家和地区相继中招,波及到包括政府、银行、电力系统、通信系统、能源企业、机场等重要基础设施,如英国多家医院的电脑系统瘫痪,导致部分病人无法及时接受手术。

这起勒索病毒事件的背后,是网络空间日益升级的对抗冲突。工信部网络安全管理局局长赵志国表示,仅今年工信部就组织行业力量,相继协调处置多起针对网络和重要系统的攻击事件,涵盖病毒、木马、漏洞、流量攻击等多种类型,涉及网络基础设施公共系统、重要信息系统和终端。“可以说网络攻击仍处于高发态势,呈现出门槛不断降低,对象更加广泛,手段更加多样。”

数据显示,截至今年上半年,我国网民规模达7.51亿,互联网普及率达54.3%。“当互联网的规模越来越大,网络安全面临的挑战也是日趋严峻的。”在中国工程院院士、清华大学教授吴建平看来,网络安全的领域正在不断延伸。从全球角度来看,网络攻击威胁正向工业互联网领域渗透,工业互联网安全事件频发。2015年12月,乌克兰发生了一次影响巨大的有组织、有预谋的定向网络攻击,致使乌境内近三分之一的地区持续断电。目前各国的关键基础设施已成为网络攻击的对象,一旦被攻击导致瘫痪,将给国家安全、社会稳定造成不可估量的伤害。

“网络攻击的触手延伸到社会各个方面,线上与线下高度融合,网络安全正在成为全球安全的核心问题。”奇虎360公司董事长周鸿祎认为,经过20多年的发展,互联网已经不再是一个行业,它与整个社会的结合越来越紧密。加上现在物联网、车联网、工业互联网的发展,真实物理世界和网络虚拟世界的界限被打破,线上线下连成一体,在这样的背景下,网络世界的攻击开始蔓延到我们的真实世界。

可以肯定的是,网络攻击形式多样复杂,网络安全形势依然严峻,全球网络安全逐渐进入到涉及国家安全、国防安全、社会安全、产业安全、基础设施安全甚至人身安全的大安全时代。

没有硝烟的战场,网络战从未偃旗息鼓

软件开发行业里有个名词,叫“千行代码缺陷率”,意思是一千行代码中的漏洞率。绝大部分软件公司的每一千行代码就有可能存在一个漏洞。据计算,最常使用的Windows操作系统的代码量是5000万行左右,安卓系统大概是1200万行,其中的漏洞可想而知。

“世界上只有两种系统,一种是已知被攻破的系统,一种是已经被攻破但自己还不知道的系统。”美国首任网军司令亚历山大在2015年的中国互联网安全大会上的发言让人印象深刻,他的观点是,在攻击者面前,没有任何安全的系统。

“现实世界中的任何网络系统,即使设计再精巧,结构再复杂,无一例外都会有漏洞。”周鸿祎指出,360社区补天漏洞响应平台一年发现的漏洞数就超过了8万个。这些漏洞,都有可能成为系统遭受网络攻击的软肋。

360威胁情报中心发现,他们监测到的多个高级可持续威胁事件中,攻击者大都已经渗透或者潜伏了很长时间,并且通过各种手段隐匿自己。

有例为证。位于伊朗首都德黑兰以南100公里的布什尔核电站是由国防军守卫的机密目标,在2010年7月被一种名为“震网”的新型网络病毒侵害,核电站里正在工作的8000台离心机突然出现故障,电脑数据大面积丢失,上千台被物理性损毁;2014年,韩国2座核电站的内部文件遭到泄露,包括核电站近万名员工的个人信息、核电站程序运行说明、空调和冷却系统设计图、阀门设计图等。美国政府的一份报告称,自今年5月以来,黑客一直在渗透美国核电站和其他能源设备公司的计算机网络。

不同于传统战争有明显的开始和结束,网络战时时刻刻都在不宣而战。从这层意义上说,全世界已经进入网络战时代。而在这片不见硝烟的战场上,过去人们关注的飞机、大炮不见踪影,新型的网络病毒就已经粉墨登场了。

“对关键基础设施的网络攻击,其破坏效果甚至能超越传统意义上的战争。有核国家几乎不可能动用核武器,但是网络攻击在目前却接近于不受任何约束。”公安大学网络空间安全与法治协创中心教授刘为军表示,与乌克兰的电力系统遭到破坏相比,更可怕的是核电站遭到攻击,直接威胁着国家安全。

依靠人民,才是建设网络强国关键路径

今年9月,以“网络安全为人民,网络安全靠人民”为主题的第四届网络安全周上,一部专题片《第五空间》迅速走红成为人们热议的焦点。

“人永远是最重要的因素,网络安全不是购买并部署一批网络安全设备、堆砌一些产品就能防得住的,还需要大量的专业人员来做分析、研判、响应和处置。”周鸿祎说,要把每一个网络用户发挥起来,让每一个人都能积极发挥自己的作用。

据了解,我国自2014年起,开始连续举办国家网络安全宣传活动,普及网络安全知识,加强网络安全教育,推动形成全社会重视网络安全的良好氛围。“国家网络安全宣传要在提升全民网络安全意识的同时,重视网络安全防范能力的提升,让广大人民群众既有意识又有能力维护自身网络安全,能够像用水、用电、用火一样用好网络。”中国网络空间战略研究所所长、天津大学互联网政策与法律研究中心主任秦安表示,网络安全依靠人民,只有依靠人民,才是建设网络强国关键路径。

“维护网络主权,就要加强网络空间国防力量建设,提升网络空间的自卫能力。”秦安指出,《网络安全法》于今年6月1日起正式实施,其核心目标之一就是维护网络主权。同时,今年3月1日颁布的《网络空间国际合作战略》在第三章战略目标维护主权与安全部分,首次明确网络空间国防力量的国家定义,将网络空间国防力量建设作为我国国防和军队现代化建设的重要内容。

国防白皮书《中国的军事战略》明确提出,要加快网络空间力量建设,提高网络空间态势感知、网络防御、支援国家网络空间斗争和参与国际合作的能力,遏控网络空间重大危机,保障国家网络与信息安全,维护国家安全和社会稳定。

安全是发展的前提,发展是安全的保障。建设网络强国,全民提升网络安全意识是基础。当前,我国正在加速从网络大国向网络强国迈进,13多亿中国人民实实在在享受到互联网发展带来的新成果,为着“两个一百年”奋斗目标的实现,网络强国战略将发挥着越来越重要的支撑作用。

构筑牢不可破的安全防线

“善其谋而后动,成道也。”习主席在党的十九大报告中提出,加强应用基础研究,拓展实施国家重大科技项目,突出关键共性技术、前沿引领技术、现代工程技术、颠覆性技术创新,为建设科技强国、质量强国、航天强国、网络强国、交通强国、数字中国、智慧社会提供有力支撑。其中,网络强国战略再次被提及,令人振奋,鼓舞人心。顺应时代发展趋势,全面维护网络空间安全,就是建设网络强国的必由之路。

聪者听于无声,明者见于未形。伴随信息革命的飞速发展,由互联网、通信网、计算机系统、自动化控制系统、数字设备及其承载的应用、服务和数据等组成的网络空间,深刻影响人类社会历史发展进程,全面改变人们的生产生活方式。尤其是在当前全球经济一体化、专业分工国际化的大环境下,网络空间安全呈现出活动软性化、边境弹性化、手段多样化、范畴全域化和力量多元化的特征,并且日益扩展为国家、军队及各种目的性组织和个人之间的混合复杂对抗,蕴含着毁瘫生产力、文化力、战斗力的混合风险。

中央网信办相关处室负责人表示,党的十八大以来的五年,是网络空间安全发展最快的五年,也是网络空间安全领域取得辉煌成绩的五年。《中国互联网站发展状况及其安全报告(2017)》显示,去年我国境内被篡改网站与政府网站分别下降31.7%和47.9%。政府网站安全防护水平整体得到了很大提高;1G以上DDoS攻击事件下降60%。

成绩固然喜人,但也应当清醒地看到,实际工作中还存在着思想观念跟不上、有共识难落实等诸多问题,网络空间安全措施执行不到位甚至“挂空挡”情况依然存在。网络空间安全,是整体性安全,一个环节被攻破,就可能导致全网的崩溃。我们不能心存侥幸和懈怠,必须扎扎实实地从技术、装备、人员、管理等各个环节入手,按“布设阵地、配置能力、形成体系”的路线图进行建设和部署,真刀真枪地开展演练,主动发现漏洞,消除潜在威胁,不断提升网络空间安全保障能力,在新的起点上实现新发展。

网络空间安全的构建是一项长期、复杂的系统工程,绝非敲锣打鼓、轻轻松松实现的。实现这一目标,既少不了一鸣惊人的霹雳手段,更需要有“咬定青山不放松”的韧劲,必须一步一个脚印,逐步推进,落地落实。惟有如此,才能构筑牢不可破的安全防线。

Original referring URL:  http://www.81.cn/jskj/2017-11/29/

China analysis for winning mechanisms of victory on the cyberspace battlefield // 中國對網絡空間戰場胜利機制的分析

China analysis for winning mechanisms of victory on the cyberspace battlefield //

中國對網絡空間戰場胜利機制的分析

2017年04月17日 15:xx:xx

If the First World War was a chemist’s war and the Second World War was a physicist’s war, then the 21st century war would undoubtedly become a game between informatics. The cyberspace war has moved from the background to the front. From the supporting role to the protagonist, become a new battlefield and combat platform. With the gradual emergence of the cyber warfare deterrent effect, countries have introduced network strategies and formed “cyber warfare forces”. The global network arms race has shown its tempo. At present, more than 20 countries have established “cyber warfare forces”. Committed to the application of network technology to war, the “seismic network” incident and the “hacker door” incident fully proved the remarkable power of cyber warfare in the new generation of war mode.

    We must profoundly understand the new forms of war reflected by these events and actively respond to the threats and challenges brought by cyber sovereignty, network defense, network frontiers, and cyber warfare, because whoever masters the new war winning mechanism will be able to Win the initiative in the round of war.

Network Sovereignty: A New Dimension

  

  The world today is moving rapidly toward informationization, and cyberspace has become the “fifth largest territory” beyond land, sea, air and sky. The original sovereignty is the sovereignty of physical space, while the network sovereignty is the sovereign space of network electromagnetic space; national sovereignty is a concept that expands with the expansion of human activity space. Network sovereignty is a new content and an important part of national sovereignty.

    (1) Cyber ​​sovereignty has become the “commanding height” of national sovereignty. The network carries a large amount of content such as politics, economy, military, culture, transportation and social, and becomes the basic platform for the efficient operation and accelerated progress of the entire society. Once the cyber sovereignty is lost, the network public opinion orientation will be out of control. The national industrial, transportation, energy and other national economic lifeline industry control systems and military information networks will be out of control, just as sea power challenges land rights and air rights challenges sea power and land rights. The latecomers of cyber sovereignty have become the “commanding heights” of national sovereignty, directly affecting the security and stability of all areas of the country.

    (2) The violation of cyber sovereignty will directly affect the “heart” of the country. Compared with traditional physical space, the existence and defense of cyberspace sovereignty is not only easily overlooked, but also vulnerable to violations. The network hinges the information nodes on the earth that are thousands of miles apart. Through it, it can be easily and easily moved from one country to the heart of another country to the heart. A keystroke can surround the Earth for two weeks in a period of 0.3 seconds, and the attack is difficult to locate.

    (3) The use of “combination boxing” is required to defend the cyberspace sovereignty. In the Google turmoil in 2010, the Chinese government categorically rejected Google’s request for “freedom” beyond Chinese legal management, which is a firm defense of cyber sovereignty. For any violation of the cyber sovereignty of our network, we must not only resist and counterattack in the cyberspace, but also play a “combination boxing” of politics, economy, and diplomacy to counterattack if necessary.

Network Frontiers – A New Border of National Security

    China’s Internet users have reached 731 million. In this context, the network frontier far surpasses the status of the Great Wall in history and has become an important “warning line” for national security in the information age.

    (1) Fully recognize the “new situation” of the network frontier. The first is the lack of network protection awareness among the people. Many systems have the same firewall, the network security problem is serious, and the cyber crime is increasing. Secondly, the network security products and security equipment in key areas rely on imports. The mainstream firewall technology and anti-virus technology are mostly from abroad, and they can control themselves independently. The lack of high-tech network security products; the third is that as China is increasingly connected to the world, the introduction of technology and equipment network remote services increases, the foreign party can monitor the operation and production of the equipment in real time, making me “portal opening”; finally In actual network operations, Western network powers monopolize a large number of network resources. For example, most of the world’s online information comes from or passes through the United States.

    (2) Accurately define the “new boundary” of cyberspace. On the one hand, we must correctly understand the essential meaning of the network frontier. A country’s network infrastructure, state-specific Internet domain names and their domains, as well as financial, telecommunications, transportation, energy and other national core network systems in the national economy and the people’s livelihood should be regarded as an important part of the national network frontier, and no vandalism is allowed. On the one hand, we must correctly understand the importance of guarding the network frontier. Watching the network frontier is actually an authorization relationship, that is, it must meet the requirements and be allowed to enter. Otherwise, it cannot enter. For example, national financial, power, transportation and other systems of protection measures, firewalls and bank card cryptosystems are the “watchers” of the network frontier.

    (3) Focus on creating a “new sword” that guards the frontiers of the network. The frontiers of guarding the network must be supported by powerful technical means. Various firewalls, cryptosystems, etc. are equivalent to building thick lines on the frontiers of the network, but this is not enough to resist external “invasion”, but also requires “patrol sentinels” and “frontier forces” to detect “intrusion” in a timely manner. In 2003, the US Einstein Plan for monitoring abnormal traffic at government agencies and institutional networks was the world’s first intrusion detection system. By the end of 2008, the Einstein system had been deployed in 600 government agency website systems, forming an intrusion detection system that supports dynamic protection.

Network Defense – The New Great Wall of National Defense

    Sovereignty without armed protection is a fragile sovereignty, and frontiers without defense and defense are endangered frontiers. Therefore, people have a strong sense of border defense, coastal defense, and air defense.

    (1) Firmly establishing a network defense concept is a “premise.” The countries of the world, especially the western developed countries, have not only woke up early, got up early, but also ran fast in the construction of network defense. Among them, the United States is both the creator of the Internet and the country that first paid attention to the construction of network security protection. The United States not only took the lead in formulating a series of policy documents such as the National Strategy for Ensuring Cyberspace Security, but also established a strong “net army” and a strong network defense.

    (2) Vigorously building the network’s national defense force is a “trend.” The United States, Britain, Japan, Russia and other countries, as well as Taiwan, have formed cyber warfare units and command agencies. Strengthening the construction of cyber security forces and improving the national cyber defense capabilities are both the general trend and the successful practices of all countries in the world. They are also an urgent task for safeguarding China’s national security.

    (III) Overall planning of network defense construction is “key”. The overall strategic concept should be proposed for the current cyberspace struggle, and the “three hands” should be highlighted in the top-level design: that is, to compete as a “flag-bearer” in public opinion, to select “hands-on” in the construction focus, and to stay on the struggle strategy. There is a “backhand”.

Cyber ​​Warfare: A New Battlefield for the Game of Great Powers

    In today’s world, the globalization of network battlefields, the normalization of network attack and defense, and the white-hotness of network attacks have made it possible to scientifically and effectively control cyberspace and occupy cyberspace, and become a new battlefield for strategic games of big countries.

    The first is to regard the cyberspace situational awareness as the core of the power system. The four capabilities of “network security, situational awareness, network defense, and network deterrence” are the core capabilities for comprehensively promoting the construction of the cyberspace capability system. The war first requires the commander to grasp and understand the enemy’s and his own situation, make correct decisions based on the real-time situation, and the ever-changing characteristics of the network situation determine the success or failure of the network operation. Therefore, network situational awareness has become the primary capability of the cyberspace combat confrontation system.

    The second is to use offensive operations as the main way to seize the initiative of cyberspace. The US military has strategically considered the cyberspace attacks as aggression in real space and has been attacked by the military. At present, the US military has built 100 teams to operate in cyberspace. In cyberspace operations, the offensive and defensive subjects have a certain degree of separation, and the offensive and defensive effects have asymmetry. The key to seizing the initiative in cyberspace operations is to use the offensive action to contain enemy attacks and ensure my stability.

    The third is to establish a cyberspace defense force system with national co-ordination and military-civilian integration. To attack and defend, not to ignore the defense. Therefore, in accordance with the idea of ​​“optimizing the overall existing strength, developing the gap to fill the gap, and building a new mechanism to protect the forces”, the company will build a professional, support and reserve based on the requirements of “moderate scale, structural optimization, integration of technology and warfare, and complementary functions”. The new cyberspace security defense force system composed of other forces will enhance the national network counterattack capability and form a network deterrent. (Li Yiyang: School of Secondary School Affiliated to Renmin University of China; Li Minghai: Deputy Director, Network Space Research Center, National Defense University) 

Original Mandarin Chinese:

如果說第一次世界大戰是化學家的戰爭,第二次世界大戰是物理學家的戰爭,那麼,21世紀的戰爭無疑將成為信息學家之間的博弈,網絡空間戰已從後台走向前台,從配角轉向主角,成為新的戰場和作戰平台隨著網絡戰威懾效果的逐步顯現,各國紛紛出台網絡戰略,組建“網絡戰部隊”,全球網絡軍備競賽呈燎原之勢 – 目前已有20多個國家組建了“網絡戰部隊”,各國都致力於將網絡技術運用於戰爭“震網”事件,“黑客門”事件充分證明了網絡戰在新一代戰爭模式中的顯著威力。

我們必須深刻認識這些事件所折射出來的新的戰爭形態,積極應對網絡主權,網絡國防,網絡邊疆,網絡戰爭帶來的威脅和挑戰,因為,誰掌握新的戰爭制勝機理,誰就能在下一輪戰爭中贏得主動。

網絡主權 – 國家主權的新維度

當今世界正在向著信息化快速邁進,網絡空間成為繼陸,海,空,天之外的“第五大疆域”原有的主權均為物理空間的主權,而網絡主權是網絡電磁空間主權。國家主權是一個隨著人類活動空間的拓展而不斷拓展的概念,網絡主權是國家主權的全新內容和重要組成部分。

(一)網絡主權已成為國家主權的“制高點”。網絡承載了政治,經濟,軍事,文化,交通和社交等大量內容,成為整個社會高效運轉和加速進步的基本平台。一旦喪失網絡主權,網絡輿情導向將會失控,國家工業,交通,能源等國民經濟命脈行業控制系統和軍事信息網絡都將會失控,如同海權挑戰陸權,空權挑戰海權與陸權一樣,網絡主權後來者居上,成為國家主權的“制高點”,直接影響國家各領域的安全穩定。

(二)網絡主權的侵犯將直逼國家的“心臟”。與傳統實體空間相比,網絡空間主權的存在與捍衛不僅易被忽視,而且易遭侵犯。網絡把地球上相距萬里的信息節點鉸鏈為一體,通過它可以悄無聲息,輕而易舉地從一國進入另一國腹地直至心臟部位。一次擊鍵0.3秒時間內即可環繞地球兩週,而且,攻擊很難被定位。

(三)捍衛網絡空間主權需用“組合拳”。2010年谷歌風波中,中國政府斷然拒絕谷歌要求超越中國法律管理的“自由”,就是對網絡主權的堅決捍衛。對於任何侵犯我網絡主權的行為,不僅要在網絡空間予以抵制和反擊,必要時還可打出政治,經濟,外交等“組合拳”給予還擊。

網絡邊疆 – 國家安全的新邊界

中國網民已達7.31億,在這個背景下,網絡邊疆遠超歷史上萬里長城的地位,成為信息時代國家安全的重要“警戒線”。

(一)充分認清網絡邊疆的“新形勢”首先是民眾缺乏網絡防護意識,很多系統的防火牆形同虛設,網絡安全問題嚴重,網絡犯罪日益增加;其次是網絡安全產品和關鍵領域安全設備依賴進口,主流防火牆技術和殺毒技術大都來自國外,自主可控,高技術含量的網絡安全產品匱乏;第三是隨著我國日益與世界接軌,引進技術設備的網絡遠程服務增加,外方能實時監控設備運轉和生產情況,令我自身“門戶洞開”;最後是在實際網絡運營上,西方網絡大國壟斷著大量網絡資源,比如,全球大多數網上信息發自或經過美國。

(二)準確界定網絡空間的“新邊界”。一方面,要正確理解網絡邊疆的本質內涵。一個國家的網絡基礎設施,國家專屬的互聯網域名及其域內以及金融,電信,交通,能源等關係國計民生領域的國家核心網絡系統都應視為國家網絡邊疆的重要組成部分,不允許肆意破壞;另一方面,要正確認識值守網絡邊疆的重要性值守網絡邊疆,其實是一種授權關係,即必須符合要求,得到允許才能進入,否則,不能進入。比如,國家金融,電力,交通等系統的防護措施,防火牆以及銀行卡密碼系統等都是網絡邊疆的“值守者”。

(三)著力打造守護網絡邊疆的“新利劍”。守護網絡邊疆必須以強大的技術手段為支撐。各種防火牆,密碼系統等相當於在網絡邊疆上建起了粗線條的籬笆,但這不足以抵禦外來“入侵”,還需要“巡邏哨兵”和“邊防部隊”及時檢測“入侵”行為。2003年,美國用於監測政府部門和機構網絡關口非正常流量的“愛因斯坦計劃”,就是世界上第一個入侵檢測系統。到2008年年底,愛因斯坦系統已部署在600個政府機構網站系統中,形成了一個支撐動態保護的入侵檢測系統。

網絡國防 – 國家防禦的新長城

沒有武裝保護的主權是脆弱的主權,沒有國防捍衛的邊疆是瀕危的邊疆。因此,人們才產生了強烈的邊防,海防,空防意識。

(一)牢固樹立網絡國防理念是“前提”。世界各國,尤其是西方發達國家在網絡國防建設上,不僅醒得早,起得早,而且跑得快。其中,美國既是互聯網的締造者,也是最早關注網絡安全防護建設的國家。美國不僅率先制定了“確保網絡空間安全的國家戰略”等一系列政策文件,而且建立了強大的“網軍”和強大的網絡國防。

(二)大力建設網絡國防力量是“勢趨”。美國,英國,日本,俄羅斯等國以及中國台灣地區,紛紛組建了網絡戰部隊和指揮機構。加強網絡安全力量建設,提高國家網絡防衛能力,這既是大勢所趨,也是世界各國的成功做法,更是維護我國國家安全的一項緊迫任務。

(三)整體統籌網絡國防建設是“關鍵”應針對當前網絡空間鬥爭實際提出總體戰略構想,並在頂層設計上突出“三手”:即在輿論造勢上爭當“旗手”,在建設重點上選好“抓手”,在鬥爭策略上留有“後手”。

網絡戰爭 – 大國博弈的新戰場

當今世界,網絡戰場的全球化,網絡攻防的常態化,網絡攻心的白熱化等突出特點,使得科學高效地管控網絡空間,佔領網絡空間,成為大國戰略博弈的新戰場。

一是把網絡空間態勢感知能力作為力量體系建設核心。“網絡安全保障,態勢感知,網絡防禦,網絡威懾”四大能力,是全面推進網絡空間能力體系建設的核心能力。戰爭首先需要指揮員能夠掌握和理解敵方,己方態勢,根據實時態勢作出正確決策,網絡態勢瞬息萬變的特點決定了網絡作戰的成敗。因此,網絡態勢感知能力就成為網絡空間作戰對抗體系的首要能力。

二是將攻勢作戰作為奪取網絡空間主動權的主要方式。美軍在戰略上已將網絡空間的攻擊行為視為現實空間的侵略行為,並予以軍事打擊。目前美軍已建成100個小組在網絡空間活動。網絡空間作戰,攻防主體具有一定的分離性,攻防效果具有不對稱性。奪取網絡空間作戰的主動權,關鍵在於以攻勢行動遏制敵攻擊,保證我穩定。

三是建立國家統籌,軍民融合的網絡空間防禦力量體系。以攻助防,不是忽視防禦。因此,需要按照“優化整體現有力量,發展填補空白力量,組建新機理防護力量”的思路,依據“規模適度,結構優化,技戰一體,功能互補”的要求,構建由專業,支援和預備役等力量構成的新型網絡空間安全防禦力量體系,提升國家網絡反擊能力,形成網絡威懾力(李昊洋:中國人民大學附屬中學分校;李明海:國防大學網絡空間研究中心副主任)

Original Referring URL:  http://www.cac.gov.cn/2017-04/

Chinese Military Cyber Warfare Capacity Building Achieving Situational Awareness in Cyberspace // 中國軍事網絡戰能力建設在網絡空間實現態勢感知

Chinese Military Cyber Warfare Capacity Building Achieving Situational Awareness in Cyberspace //

中國軍事網絡戰能力建設在網絡空間實現態勢感知

2017/05/20

Cyberspace has become a new territory alongside land, sea, air and space, and it is also the most extensive territory. Since the birth of the computer, computer and network-based information systems have gradually developed, and the software and resources on it have been continuously enriched, eventually forming a network space.

With the continuous development of the US military’s weapons and equipment and combat theory, the “cyberspace warfare” began to move from reality to reality. Compared with the traditional “platform center warfare”, the role of the command and control system “combat multiplier” in “cyberspace warfare” will be more prominent, and the impact on combat will be even greater. In the future modern war, in cyberspace Command and control should have its own characteristics and concerns.

In theory, cyberspace is synonymous with the digital society of all available electronic information and networks. The United States “National Security Presidential Decree No. 45 and General Homeland Security Order No. 23” defines cyberspace as: information technology infrastructure and interdependent networks, including the Internet, telecommunications networks, computer systems, and processors in key industries. And the controller, usually also includes the information virtual environment and the interaction between people.

Cyberspace has four elements: communication devices and lines; computers; software; data communication and resource sharing. Communication equipment and lines: It is one of the infrastructures of network space, including routing/switching equipment, wired/wireless communication equipment, cables, and so on. Computer: One of the infrastructures of cyberspace with computing, storage, and data processing capabilities. Software: It is the core supporting part of cyberspace, and software systems running various functions in communication devices and computers. Data communication and resource sharing: It is the basic capability of cyberspace, providing the required information for users at all levels.

Commanding operations in the vast new territory of cyberspace will inevitably require the linkage of multiple arms and services. First, it should have security protection capabilities, provide multiple levels of security, and secondly must master the battlefield situation. In addition, it must have resource scheduling capabilities, etc. Provide support for integrated joint operations.

Security protection refers to the protection of data in the hardware, software and systems of network systems by using various technologies and management measures so that they are not damaged, falsified or leaked due to accidental or malicious reasons, so that the system can continue Reliable and normal operation, network services are not interrupted.

In the cyberspace command operation, the whole process of generating, storing, transmitting and using all kinds of allegations is faced with one or the other security threats. The traditional form of conflict has been extended to cyberspace.

Security protection technology and attack technology have been developing together. The contest between “spear” and “shield” has existed since ancient times. Although the US military has consistently expressed its position through various channels, it claims that the “core of the US military’s cyberspace operations is to defend against cyberattacks, and defensive capabilities are the basis of all other combat capabilities.” However, a little analysis shows that the US military must achieve this in cyberspace. The goal is to combine attack and defense, build a network deterrent system, and consolidate its own “networking rights” in the military. US Deputy Defense Secretary Lynn has made it clear that the US will retain the right to respond to serious cyber attacks and will make a commensurate and legitimate military response at the time and place we choose. Former Defense Secretary Panetta has pointed out: “Now we live in a completely different world and face the cyberspace attack that can be compared with Pearl Harbor.” “We must be prepared to deal with it. In cyberspace, we have to Have a good network attack and network defense capabilities.” These speeches fully demonstrate that the US military pays attention to the deterrent effect of cyberspace, emphasizes the combination of attack and defense in cyberspace, and takes the initiative to launch cyberattacks when necessary. Its military goal is not only to ensure its own network security, but to discourage by improving its cyber attack capabilities. And deterrence all cyberattacks that are not conducive to oneself, to achieve its absolute freedom, absolute superiority and absolute security in cyberspace.

In the cyberspace, the offensive and defensive drills between the state and the country have never stopped. In July 2008, Russia used a covert injection of attack software to launch a comprehensive cyberattack against Georgia, causing the network to collapse. In December 2011, Iran declared that its “electronic warfare force” used a “hacker hijacking” method to cause an American RQ-170 stealth drone to leave the route and land in Iran. The “super flame” virus discovered in May 2012 spread widely in the Middle East, hiding in the computer and stealing data. In March 2014, the official website of the Russian president suffered a cyber attack. From the previous cyberattacks, the cyber attack is as good as the fire of conventional weapons. The security of cyberspace is the security of the country, and cyberspace has become a space in the field of national sovereignty.

Security protection in cyberspace should employ multiple levels of security mechanisms. At the national strategic level, it is a national-level network security protection; in key areas, there are network security protections in the military, government, and economic fields; in large enterprises, there are network security protections of state-owned and private enterprises and institutions; There are network security protections for individuals and families. Among them, the national level of security protection mainly includes border network security and backbone network security; enterprise-level (and military) security protection mainly includes border network security and intranet security; personal computer security protection mainly includes computer terminal security, terminal software security and terminal Data Security. At different levels of security, the content of protected information varies from national strategic planning to development routes to personal privacy and bank passwords. The leakage of information will undoubtedly have a blow and negative impact on the survival and development of the country, enterprises and individuals, and even undermine the security and stability of the country.

Situational awareness is the perception, understanding and prediction of environmental factors under certain time and space conditions. In 1988, Endsley divided situational awareness into three levels of information processing: perception, understanding, and prediction. In 1999, TimBass first proposed the concept of network situational awareness, and pointed out that “convergence-based network situational awareness” will become the development direction of network management.

“Know yourself and know each other, there is no war.” In the new battle space of cyberspace, how can we be confidant and know each other? It is necessary to grasp the situation of the battlefield and have the ability to sense the situation, that is, to acquire, understand and present the key factors that can cause changes in the state of the enemy and the enemy, and to predict the future development trend.

The battlefield situation in cyberspace has the characteristics of wide coverage, huge amount of information, and extremely complicated conditions. For all levels of commanders, they hope to clearly understand and master the current cyberspace operations from the situation map, so that they can make decisions quickly and issue correct command orders.

To gain insight into the state and situation of cyberspace battlefield development, it must have the ability to collect, transmit, store, monitor, analyze, and present state data. In the key position of the network space, the detection points are laid, the network running status is detected, and the state data is collected. Based on various state data, network posture, security situation, spectrum situation, etc. are formed. Then, it is transmitted to the node with data analysis and processing capability through various communication means to analyze the situation data, including situational integration, situation assessment and situation prediction. The results of the analysis and processing are transmitted to the command posts at all levels, and the battlefield situation is presented to the commanders at all levels in a layered, multi-dimensional, on-demand manner. The basic process of situational awareness is consistent with the traditional approach, but each process is different.

The battlefield situation of cyberspace should be layered, global, and partial, which puts higher demands on the situation. With the continuous development of rendering technology, simple planar situational maps can no longer meet the operational needs, especially in the cyberspace combat environment, the demand for stereoscopic and multidimensional situations is prominent. Even if you are in the command post, the commander should be able to understand the battlefield situation and face the real opponent through the situation map. In the American war movie, you can often see the stereoscopic, touchable electronic sandbox, and the multi-dimensional display of the real-time battlefield situation enables the commanding function to make quick and accurate decisions and improve command and control capabilities. The battlefield environment of cyberspace is extremely complex, network environment, equipment operation, software operation… Many places need to have clear and intuitive display. In order to improve the user experience and shorten the decision time, the cyberspace situation should have multi-dimensional dynamic characteristics, and can support multi-screen display, multi-screen linkage and so on. From the top-level situation map, you can understand the whole picture of the war. From the local situation map, you can understand the status of the combat units at all levels. The commanders at different levels can view different situation maps as needed based on their own authority.

As a new type of combat space, cyberspace has objective differences with traditional physical space, and there are special requirements for command and control of cyberspace. However, cyberspace command and control still faces many other problems, such as how to integrate cyberspace command and control with traditional physical space command and control systems, and how to conduct cyberspace command and control effectiveness evaluation.

Original Mandarin Chinese:

網絡空間已成為與陸地、海洋、空中、太空並列的一片新疆域,也是覆蓋面最廣的疆域。從計算機誕生之日起,以計算機和網絡為基礎的信息系統就逐漸發展起來,其上的軟件和資源也不斷豐富,最終形成了網絡空間。

隨著美軍武器裝備和作戰理論的不斷發展,“網絡空間戰”從設想開始走向現實。與傳統的“平台中心戰”相比,在“網絡空間戰”中指揮控制系統“戰鬥力倍增器”的作用將更加突出,對作戰的影響也更加巨大’在未來的現代化戰爭中,網絡空間中的指揮控制應有它自身的特點和關注點。

從理論上講,網絡空間是所有可利用的電子信息、網絡構成的數字社會的代名詞。美國《第45號國家安全總統令暨第23號國土安全總令》中將網絡空間定義為:信息技術基礎設施和相互依存的網絡,包括互聯網、電信網、電腦系統以及重要產業中的處理器和控制器,通常還包括信息虛擬環境以及人與人之間的互動。

網絡空間具有四個要素:通信設備和線路;計算機;軟件;數據通信與資源共享。通信設備和線路:是網絡空間的基礎設施之一,具體包括路由/交換設備、有線/無線通信設備、線纜等。計算機:是網絡空間的基礎設施之一,具有計算、存儲和數據處理等能力。軟件:是網絡空間的核心支撐部分,通信設備和計算機中均運行著各種功能的軟件系統。數據通信與資源共享:是網絡空間具備的基本能力,為各類各級用戶提供所需的信息。

在網絡空間這一遼闊的新疆域中指揮作戰,必然需要多個軍兵種聯動,首先應當具備安全防護能力,提供多級安全保障,其次必須掌握戰場態勢,另外還必須具有資源調度能力等,能夠為一體化聯合作戰提供支撐。

安全防護是指通過釆用各種技術和管理措施,保護網絡系統的硬件、軟件及系統中的數據,使其不因偶然的或者惡意的原因而遭受到破壞、篡改、洩露,使得系統能夠連續可靠正常地運行,網絡服務不中斷。

網絡空間指揮作戰中,各類指控信息的產生、存儲、傳輸和使用的全過程,均面臨著這樣或那樣的安全威脅,傳統的衝突形式已擴展到網絡空間。

安全防護技術和攻擊技術一直在共同發展著,“矛”與“盾”的較量自古就有。雖然美軍不斷通過各種渠道表態,宣稱美軍網絡空間行動的“核心是防禦網絡攻擊行為,防禦能力是其他一切作戰能力的基礎”,但稍加分析即可看出,美軍在網絡空間要達成的目標是:攻防結合,構建網絡威懾體系,在軍事上鞏固自己的“製網權”。美國國防部副部長林恩曾明確表示,美方將保留回應嚴重網絡攻擊的權利,會在“我們選擇的時間和地點做出相稱且正當的軍事回應”。前任國防部長帕內塔曾指出:“現在我們生活在一個完全不同的世界裡,要面對可與珍珠港比擬的網絡空間攻擊”,“我們必須做好應對準備,在網絡空間,我們要同時擁有良好的網絡進攻與網絡防禦能力”。這些講話充分顯示了美軍注重網絡空間威懾效應、在網絡空間強調攻防結合、必要時不惜主動發動網絡攻擊的心態,其軍事目標絕不僅僅是保證自身網絡安全,而是要通過提升網絡攻擊能力勸阻和威懾所有不利於己的網絡攻擊行為,實現其在網絡空間的絕對自由、絕對優勢和絕對安全。

在網絡空間中,國家與國家之間的攻防演練也從來沒有停止過。 2008年7月,俄羅斯利用攻擊軟件的隱蔽注入,對格魯吉亞實施了全面的網絡攻擊,導致網絡癱瘓。 2011年12月,伊朗宣稱其“電子戰部隊”用“黑客劫持”的方法使得美國的一架RQ-170隱形無人機脫離航線,降落在伊朗境內。 2012年5月被發現的“超級火焰”病毒在中東大範圍傳播,在計算機內隱蔽駐留、竊取數據。 2014年3月,俄羅斯總統官網遭遇網絡攻擊。從歷次的網絡攻擊事件來看,網絡攻擊效果不亞於常規武器的火力打擊。網絡空間的安全,就是國家的安全,網絡空間已成為國家主權領域空間。

網絡空間中的安全防護應採用多級安全保障機制。在國家戰略層面,是國家級網絡安全防護;在關鍵部位,有軍隊、政府、經濟等領域的網絡安全防護;在大型企業中,有國有、私有等企事業單位的網絡安全防護;在局部,有個人、家庭等範圍的網絡安全防護。其中,國家層面的安全防護主要包括邊界網絡安全和骨幹網絡安全;企業級(及軍隊)安全防護主要包括邊界網絡安全和內網安全;個人計算機安全防護主要包括計算機終端安全、終端軟件安全及終端數據安全。在不同的安全級別上,保護的信息內容各不相同,大到國家戰略規劃、發展路線,小到個人隱私、銀行密碼等。信息的洩漏,無疑會對國家、企業、個人的生存和發展帶來打擊和負面影響,甚至會破壞國家的安全和穩定。

態勢感知是在一定的時間和空間條件下,對環境因素的感知、理解以及對其發展趨勢的預測。 1988年,Endsley把態勢感知分為感知、理解和預測三個層次的信息處理。 1999年,TimBass首次提出了網絡態勢感知的概念,並且指出,“基於融合的網絡態勢感知”必將成為網絡管理的發展方向。

“知己知彼,百戰不殆。”在網絡空間這一新型作戰空間中,如何才能做到知己和知彼?必須掌握戰場態勢,具有態勢感知能力,即對能夠引起敵我狀態發生變化的關鍵因素進行獲取、理解和呈現,並能夠預測未來的發展趨勢。

網絡空間中的戰場態勢具有覆蓋面廣、信息量巨大、情況異常複雜等特點。對於各級指揮員來說,都希望能夠從態勢圖上清晰地了解和掌握當前網絡空間作戰狀況,以便能夠快速地進行決策,下達正確的指揮作戰命令。

要洞察網絡空間戰場發展的狀態和形勢,必須具備狀態數據釆集、傳輸、存儲、監控、分析處理和展現的能力。在網絡空間的關鍵位置,佈設檢測點,對網絡運行狀態進行檢測,並採集狀態數據。基於各類狀態數據,形成網絡態勢、安全態勢、頻譜態勢等。再通過各種通信手段傳輸到具有數據分析處理能力的節點上,進行態勢數據分析,主要包括態勢融合、態勢評估和態勢預測等。分析處理的結果再傳輸到各級指揮所,並以分層、多維、按需等方式將戰場態勢呈現給各級指揮員。態勢感知的基本流程與傳統方式一致,但每個處理環節都有不同之處。

網絡空間的戰場態勢應該是分層的,有全局的,也有局部的,這對態勢呈現效果提出了更高的要求。隨著呈現技術的不斷發展,簡單的平面態勢圖已不能滿足作戰需求,尤其是在網絡空間作戰環境下,立體、多維的態勢呈現需求凸顯。就算身在指揮所內,通過態勢圖,指揮員也應能洞悉戰場態勢,直面真正的對手。在美國戰爭大片中,經常能夠看到立體的、可觸控的電子沙盤,實時的戰場態勢多維展現,使得指揮官能快速準確決策,提高指揮控制能力。網路空間的戰場環境異常複雜,網絡環境、設備運行情況、軟件運行情況……很多地方都需要有清晰直觀的展現。為了提高用戶體驗,縮短決策時間,網絡空間態勢呈現應具有多維動態特性,並能支持多屏顯示,多屏聯動等。從頂層態勢圖能了解戰爭全貌,從局部態勢圖能了解各級作戰部隊的狀態;不同級別的指揮員基於自身的權限,能夠按需查看不同的態勢圖。

網絡空間作為一種新型的作戰空間,存在和傳統物理空間的客觀差異,網絡空間的指揮控制也存在特殊的需求。然而,網絡空間指揮控制還面臨著其他諸多問題,t匕如如何將網絡空間指揮控制與傳統物理空間指揮控制的體系互相融合、以及如何進行網絡空間指揮控制的效能評估等,這些都是有待進.

Referring url:  http://www.81.cn/

 

 

China’s One Belt One Road Justification for PLA Expeditionary Deployment // 中國解放軍遠征部署的一帶一路理由

China’s One Belt One Road Justification for PLA Expeditionary Deployment // 中國解放軍遠征部署的一帶一路理由

By National Defense University Professor Lieutenant General Qiao Lang 責任編輯︰姜紫微

“One Belt, One Road” cannot open up safety awareness

The Chinese have a problem, they like to talk about strategy, they don’t like to talk about strategies; they like to talk about goals, they don’t like to talk about indicators, so the final result is big and big. If there is no strategy, there is no possibility that this strategy will be realized. If there are targets and no indicators, then to what extent is this goal achieved? This time, the “One Belt and One Road” was proposed. The most worrying thing is that the thunder is loud and the rain is small. The talk is vigorous and vigorous, and finally it is gone. We have done this kind of thing many times, I hope this time is not. Because if the “Belt and Road” fails, it can be a very heavy blow to the revival of the Chinese economy and even the Chinese nation.

Many officials now talk about the “Belt and Road” without talking about security issues, nor about political issues, and no one talking about military issues. Some officials even emphasized that the “Belt and Road” has no political appeals and no ideological appeals. It is entirely an economic behavior. This kind of statement, if it is propaganda to countries along the line, is ok, because strategic intentions always have to be concealed. You say to others that I came with political intentions, with ideological intentions, who? Still accepting you? This is very necessary from the external publicity. However, if this becomes the consciousness of our officials, it is a big mistake. External propaganda said that we have no political demands, no ideological appeals, no military appeals, no geopolitical demands. Our only consideration is to develop the economy, mutual benefit and win-win. It is not wrong to use it as a propaganda, but it must not become our own consciousness. . 

Now I feel that some officials really want to exclude these things. When he says these words, he has already excluded the political demands that are inevitable in the “One Belt, One Road” strategic concept in his own consciousness, especially geopolitics. Appeals, as well as security claims and ideological appeals. In fact, no matter whether you are prepared to “export revolution”, President Xi has repeatedly said that China does not export revolutions, but since we now emphasize Chinese values, there is no doubt that you will export your values ​​through the “Belt and Road”. Then, this value output is actually an ideology output. In addition, in the process of advancing the “Belt and Road”, if you do not have political appeals, you do not have political binding with countries along the route, which will put you in an insecure state. In particular, the “one belt” of the land is accompanied by a very complicated factor, the so-called “Ottoman Wall”. That is, in the 15th century, the Ottoman Empire conquered the Byzantine capital of Constantinople, and its enormous empire became the “Ottoman Wall” that blocked the East and West. 300 years later, with the end of the First World War, the Ottoman Empire disintegrated, and the “Ottoman Wall” collapsed, but if you follow this path, the places along the way are all Islamic worlds. This means that the implied “Ottoman Wall” is still there. How to break through this invisible wall? Your values ​​are different from those of the Islamic world. Don’t expect that you can completely tie everyone together by simply bundling economic interests. You know, those Islamic countries may just want to make a profit, and then take advantage of it before you open it. What should I do at that time? The biggest lesson for Chinese companies to go out is that after economic cooperation with those countries, people will open us after they have benefited, or they may not open our intentions subjectively, but the objective situation has changed. For example, in Sudan, we invested in it.

The West has to give us trouble. Then there are people in the local area who messed up with us. We bite our heads and start to fail to make a big impact on us. We should earn the money we earned. At this time, the Americans are paying their salaries and turning the Sudan into a North and South Sudan. We are dumbfounded. Your investment is in North Sudan, and the oil field is in South Sudan. At this time, you must suffer losses. However, we Chinese have a very strong ability, which is the ability to “engage” relations. Although the Sudan has split, we have “taken the way” to win South Sudan. It is said that the North and South Sudan will let you take it, should it be able to settle? But the United States has provoked the civil war in South Sudan, and the final goal is to make your investment in this place squander. This is just one example. In fact, our cooperation with all countries, the United States that the United States does not participate in, must oppose. The final outcome is that we have lost in many places, which is why we lacked the necessary security awareness from the beginning.

Original Mandarin Chinese :

“一帶一路”不能甩開安全意識

中國人有一個毛病,喜歡談戰略,不喜歡談策略;喜歡談目標,不喜歡談指標,這樣談來談去最後的結果就都是大而化之。有戰略沒有策略,這個戰略就沒有實現的可能性,有目標沒有指標,那這個目標實現到什麼程度算是實現?這次提出“一帶一路”,最擔心的就是雷聲大、雨點小,談得轟轟烈烈,最後不了了之。這樣的事情我們已經干過多次,但願這次不是。因為如果“一帶一路”失敗的話,那對于中國經濟甚至中華民族的復興都可能是非常沉重的打擊。

現在有很多官員談“一帶一路”都不談安全問題,也不談政治問題,更沒有人談軍事問題。甚至有些官員專門強調,“一帶一路”沒有政治訴求,沒有意識形態訴求,完全是一種經濟行為。這種說法,如果是對沿線國家的宣傳,是可以的,因為戰略意圖總是要有隱蔽性的,你對人家說我是帶著政治意圖來的,帶著意識形態意圖來的,那誰還接受你?這從對外宣傳上講是非常必要的。但是,假如這成了我們官員的自身意識,就大錯特錯了。對外宣傳說我們沒有政治訴求,沒有意識形態訴求,沒有軍事訴求,沒有地緣訴求,我們唯一的考慮就是發展經濟,互利共贏,把它作為一個宣傳口徑沒有錯,但是絕對不能變成我們自身的意識。現在感覺有些官員是真的要排除這些東西,當他說出這些話的時候,就已經在自己的意識中排除“一帶一路”戰略構想中不可避免地內含著的政治訴求,特別是地緣政治訴求,以及安全訴求、意識形態訴求。實際上,不管你準不準備“輸出革命”,習主席多次講到,中國不輸出革命,可是既然我們現在強調中國價值觀,毫無疑問你會通過“一帶一路”輸出自己的價值觀。那麼,這個價值觀輸出其實就是一種意識形態輸出。另外,在推進“一帶一路”的進程中,如果你沒有政治訴求,你沒有與沿線國家的政治綁定,這將使你處于不安全狀態。尤其是陸路的“一帶”,幾乎全程伴有一個非常復雜的因素,就是所謂的“奧斯曼牆”。即15世紀奧斯曼帝國攻克拜佔庭首都君士坦丁堡,使其龐大的帝國之軀成了阻斷東西方的“奧斯曼牆”。300年後,隨著第一次世界大戰的結束,奧斯曼帝國解體,“奧斯曼牆”轟然倒塌,但是如果你沿這條路走下去,沿途所經之地,全都是伊斯蘭世界。這就意味著隱含的“奧斯曼牆”還在。如何去突破這個隱形之牆?你的價值觀和伊斯蘭世界的價值觀不同,不要指望僅僅靠經濟利益的捆綁,就能把大家完全拴在一起。要知道,那些伊斯蘭國家也可能只想獲利,獲了利之後再把你踹開。那個時候怎麼辦?中國企業走出去,我們最大的教訓,就是跟那些國家進行經濟合作之後,人家得利後把我們甩開,或者人家主觀上可能並沒有甩開我們的意圖,但是客觀情況發生了變化。比如蘇丹,我們投資進去了,西方要給我們搗亂,然後當地也有人給我們搞亂,我們硬著頭皮頂住,開始沒給我們造成太大的影響,我們該掙的錢還是掙到了。這時美國人釜底抽薪,把蘇丹變成南北蘇丹,我們傻眼了,你的投資在北蘇丹,而油田在南蘇丹,這個時候,你肯定要受損失。但我們中國人有一項很強的能力,就是攻無不克的“搞關系”的能力,雖然蘇丹分裂了,但是我們“想辦法”把南蘇丹也拿下。按說,南北蘇丹都讓你拿下,應該能擺平了吧?可美國又挑起了南蘇丹的內戰,最後的目標就是讓你在這個地方的投資打水漂。這只是其中一例。實際上我們與所有國家的合作,凡是美國沒有參與的美國都要反對。最後的結局是我們在很多地方都鎩羽而歸,這是我們一開始就缺乏必要的安全意識所致。

“One Belt” is the main one, and “One Road” is the supplement.

Now, we have started a new round of “going out” strategic action. I have suffered so much in the past. Should I accept some lessons?

How to go “One Belt, One Road”? The author believes that we should take a multi-pronged approach, and we should let politics and diplomacy go ahead and the military back. Rather than letting the company go out on its own, it is almost impossible for the company to go out alone. 

From now on, the “Belt and Road” seems to be a two-line attack, both sides. In fact, the “band” is the main one, and the “road” is secondary. Because you want to take the “road” as the main direction, you will die. Because of the sea route, a scholar from the American War College recently wrote an article saying that they have found a way to deal with China, that is, as long as the sea passage is cut off, China will die. Although this statement is somewhat large, it cannot be said that there is absolutely no reason at all, because the United States now has this capability from the military. This also confirms from the opposite side that in the choice of the primary and secondary direction of the “Belt and Road”, we should determine who is the main road and who is the auxiliary road. If the “Belt and Road” is likened to a combat operation, then “all the way” is the auxiliary direction, and the “one belt” is the main direction.

Therefore, for us, what really matters in the future is how to manage the “one area” problem, rather than the “one way” problem. Then, the operation of the “Belt” will first face a relationship with the countries along the route, that is, how to first open up the relationship with the countries along the route. Judging from our current practice, it is obviously not enough to ensure the smooth and smooth operation of the “Belt and Road”. why? We used to always like to deal with the government, like to deal with the ruling party, like to deal with the rich people in this country, who is dealing with who is in position, who has money to deal with who. In this case, it will be difficult to succeed. In fact, what is the work we are going to do? It is necessary to deal with the government, with the ruling party, with the opposition party, and more importantly, with the tribal elders in the entire “Belt”. These tribal elders are often much more influential than the opposition parties and the ruling party. What we can do in the Taliban-occupied areas of Afghanistan and Pakistan is almost always achieved through tribal elders, and basically nothing can be done through the government. Therefore, our foreign ministry and our enterprises cannot ignore the important relationships in these regions.

Why not Latin America and Japan “take in”?

“One Belt, One Road” has another problem that no one has touched until today. It is the question in some people’s hearts. Does China want to use the “Belt and Road” to exclude the United States? There is no doubt that the United States plays a chaotic role in almost all international organizations and international operations in which it does not participate. As long as it doesn’t play a leading role, even if it’s not the initiator, it will give you trouble. Take a look at APEC. Why is there a TPP after APEC? It is because the United States finds itself unable to play a leading role in APEC, it must do another set and start a new stove. If the “Belt and Road” completely excludes the United States, it will make the United States spare no effort to suppress it, and since the United States is not in it, it will not be scrupulous if it is suppressed, because it has no interest in it, so it will be unscrupulous and unscrupulous when it is suppressed. Soft hands.

Therefore, the author believes that China’s “Belt and Road” should skillfully include the United States. It should allow US investment banks, US investment institutions, and American technology to play a role in the “Belt and Road” to complete the “Belt and Road” approach to the United States. Bundle. After completing this bundle, the United States will vote for it when it starts. Take a look at China and the United States to fight for economic shackles and trade, why do they end up every time? It is because the economic interests of China and the United States are very closely tied to each other. Every time the United States wants to impose sanctions or punishment on a certain industry or enterprise in China, there must be a related out-of-hospital system in which the United States and our enterprise are bound together. The group went to Congress to lobby and finally let it die. Therefore, we must let the United States enter this interest bundle. In terms of capital and technology, the “Belt and Road” should not only exclude the United States, but also pull it in and complete the bundling of it.

From this I think that we can’t even exclude Japan. Can’t think that who is not good with us, make trouble with us, I will set aside to open you up. In fact, this is not good for the other side, and it is not good for yourself. Once you open it, it will be unscrupulous when you hit it. Only when its interests are in it, it will only be scrupulous when it hits you, and it will be careful to protect its interests. And if the benefits are completely tied, it can’t be picked up, so I think this is something we must consider.

“One Belt, One Road” to lead the reform of the Chinese army

Up to now, there is no precise strategic positioning for our country, and the national strategy is somewhat vague. As a result, various so-called “strategies” emerge in an endless stream. What is most screaming in 2014 is not the “Belt and Road”. What is it? It is China’s desire to become a major ocean power and to launch China’s marine development strategy. What kind of marine development strategy do you want? Some people say that they have to break through the three island chains and go out to the Pacific. What are you going to the Pacific Ocean? Have we thought about it? Think through it? If you don’t think through it, you shouldn’t put forward a strategy that is extremely hard to burn and has no results. Now that we have proposed the “Belt and Road”, we suddenly discovered that what we need more is the Army’s expeditionary ability. So what is our Army today? The Chinese closed their doors and thought that the Chinese Army was the best in the world. The British military leader Montgomery said that whoever wants to play against the Chinese army on land is a fool. The Americans’ conclusion from the War to Resist US Aggression and Aid Korea is that the Chinese must not tolerate the military boots of American soldiers on the land of China. This is no problem. The Chinese Army has no problem with its existing capabilities to protect the country. However, once faced with the “Belt and Road”, the task of the Chinese Army is not to defend the country, which requires you to have the ability to display the land expedition along the way. Because the light is on land, there are 22 countries that can count. This requires us to have to go to the sword. Instead of invading others, we must be able to protect our own national interests across borders.

The last point is how to focus on the development of military power. If we have made it clear that the “one belt” is the main direction, it is not just an effort to develop the navy. The Navy must of course develop according to the needs of the country, and the problem that is now emerging is precisely how to strengthen the Army’s expeditionary capabilities. There are no more problems in China’s more than one million army, and there is no problem in defending the country. Is there any problem in going abroad to fight? Are we now in the right direction for the Army? Is it reasonable? When the world is now abandoning heavy tanks, we are still proud of the heavy tanks we have just produced. In what areas will these things be used in the future? In the entire “one belt” road, heavy tanks have no room for development. The heavy tanks of the former Soviet Union allowed the guerrillas to knock casually in Afghanistan. Why? Where can you go in all the ravines? The tank can’t fly anymore. In the end, the people take the rocket launcher and aim at one. It is all one, and it will kill you all. Therefore, the Army’s combat capability must be re-enhanced, that is, to strengthen its long-range delivery capability and long-range strike capability. In this regard, the author thinks that we are far from realizing it, and it is even more impossible. If the Army does not have the ability to go abroad, in the future, in any “one area”, if there is civil strife or war in any country, China needs support, and we need to protect our facilities and interests along the way, the Army can go, Is it useful? This is a question we must think about today.

So what should the Army do? The author believes that the Chinese Army must fly and must achieve aviation aviation, which means a revolution in the entire Chinese Army. Today, when we talk about the reform of the military system, if you don’t know the country’s strategy at all, don’t know the country’s needs, and close the door to reform, what kind of army will you reform? What is the relationship between this army and national interests? If you don’t start from the national interests and needs, just draw your own scoops like the US military’s gourd, take it for granted that you should be an army, but the country does not need such an army, but needs a development demand with the country. Match the army, what do you do then? Therefore, if we don’t understand what the country’s needs are, and don’t know where the country’s interests are, we will close the door to carry out reforms. What kind of army will this change? The author believes that the “Belt and Road” is a huge drag on the reform of the Chinese military with national interests and needs. It is through the strategic design of the “Belt and Road” that the country has determined its strategic needs for the military. The conclusion is: China must have a stronger army, and a navy and air force that can work together and act in concert, an army, navy, and air force that can cross the country’s expedition, and still have thousands of miles away. With sufficient support and combat capability of the Expeditionary Force, we can make the “Belt and Road” truly secure in terms of security, thus ensuring the ultimate realization of this ambitious goal.

Original Mandarin Chinese:

“一帶”為主,“一路”為輔

現在,我們又開始新一輪的“走出去”戰略行動了,前面吃了那麼多苦頭,總該接受點教訓吧?

“一帶一路”怎麼走? 筆者認為應該多管齊下,應該讓政治、外交先行,軍事做後盾。而不是讓企業自己單打獨斗走出去,凡是企業單獨走出去的幾乎就沒有能夠全身而退的。

從現在來看,“一帶一路”好像是兩線出擊,雙路並舉。其實,“帶”是主要的,“路”是次要的。因為你要是以“路”為主攻方向,你就死定了。因為海路這一條,美國戰爭學院的一個學者最近專門撰文,說他們已經找到了對付中國的辦法,就是只要掐斷海上通道,中國就死定了。這話雖然說的有些大,但也不能說完全沒有一點道理,因為美國眼下從軍事上講確有這個能力。這也從反面印證,在“一帶一路”主次方向的選擇上,我們應確定誰為主路,誰為輔路。如果把“一帶一路”比喻成一次作戰行動,那麼,“一路”是輔攻方向,“一帶” 則是主攻方向。

所以說,對于我們來講,將來真正重要的是如何經營“一帶”的問題,而不是經營“一路”的問題。那麼,經營“一帶”首先就面臨一個與沿途國家的關系問題,即如何先把與沿途國家的關系全部打通。從我們現在的做法來看,顯然不足以保證“一帶一路”的順利通暢和成功。為什麼呢?我們習慣上總是喜歡跟政府打交道,喜歡跟執政黨打交道,喜歡跟這個國家的有錢人打交道,誰在位跟誰打交道,誰有錢跟誰打交道。這樣的話,要想成功就很難。實際上我們要做的工作是什麼呢?既要跟政府、跟執政黨打交道,還要跟在野黨打交道,而更重要的是,跟整個“一帶”上的部落長老們打交道。這些部落長老往往比在野黨和執政黨的影響力大得多。我們在阿富汗、巴基斯坦的塔利班佔領地區能辦成什麼事,幾乎都是通過部落長老去實現,通過政府基本上干不成什麼事情。所以,我們的外交部、我們的企業,都不能忽略這些區域內的重要關系。

何不拉美日“入伙”?

“一帶一路”還有一個到今天都沒有人去觸及的問題,就是一些人心中的疑問︰中國是否想用“一帶一路”排斥美國?毫無疑問,美國幾乎在所有它沒能參與的國際組織和國際行動中,都會扮演搗亂的角色。只要它起不了主導作用,甚至只要它不是發起人,它就會給你搗亂。看一看APEC。APEC之後為什麼會出現TPP?就是因為美國發現自己在APEC中不能起主導作用,它就一定要另搞一套,另起爐灶。如果“一帶一路”完全排斥美國,那將使美國不遺余力地打壓它,而且由于美國不在其中,它打壓起來就沒有顧忌,因為它沒有利益在里邊,所以它打壓起來就會無所顧忌、毫不手軟。

所以筆者認為,中國的“一帶一路”應該巧妙地把美國納入進來,應該讓美國的投行、美國的投資機構,以及美國的技術,在“一帶一路”中發揮作用,完成“一帶一路”對美國的捆綁。完成了這個捆綁之後,美國在它下手的時候就會投鼠忌器。看一看中國和美國打經濟仗、打貿易仗,為什麼每一次都無疾而終?就是因為中國和美國的經濟利益互相捆綁得非常緊密,每一次美國要對中國的某一個行業或企業進行制裁或者是懲罰的時候,一定會有美國和我們這個企業綁定在一起的相關的院外集團跑到國會去游說,最後讓其胎死腹中。所以,一定要讓美國進入這個利益捆綁。“一帶一路”在資金上、技術上,不但不應排斥美國,還要把它拉進來,完成對它的捆綁。

由此筆者想到,我們甚至也不能排斥日本。不能認為誰不跟我們好,跟我們鬧,我就另外搞一套把你甩開,其實這于對方不利,對自己同樣不利。你一旦甩開了它,它打你也就無所顧忌,只有當它的利益也在其中的時候,它打你才會有所顧忌,它才會小心翼翼,保護它那一份利益。而如果利益完全捆綁的話,它想摘都摘不清,所以筆者覺得這一點也是我們必須考慮的。

“一帶一路”牽引中國軍隊改革

到現在為止,就是對我們國家沒有精確的戰略定位,國家戰略有些模糊。結果,各種所謂的“戰略”層出不窮。2014年喊得最響的不是“一帶一路”,是什麼呢?是中國要成為海洋大國,要推出中國的海洋發展戰略。你要什麼樣的海洋發展戰略?有人說要突破三條島鏈,走出去,走向太平洋。到太平洋去干什麼?我們想過嗎?想透了嗎?如果沒想透,就不宜提出那些遠水不解近渴的極度燒錢又不見成果的戰略。現在提出“一帶一路”,我們突然發現,我們更需要的是陸軍的遠征能力。那今天我們的陸軍究竟如何?中國人關起門來認為中國陸軍天下第一。英國人蒙哥馬利說,誰要在陸上跟中國的陸軍交手,誰就是傻瓜。而美國人由抗美援朝戰爭得出的結論是︰中國人絕對不能容忍美國大兵的軍靴踏到中國的陸地上。這都沒問題,中國陸軍以它現有的能力保家衛國一點問題都沒有。可是一旦面對“一帶一路”,中國陸軍擔負的任務就不是保家衛國,這就需要你具備在沿途展示陸上遠征的能力。因為光是陸上,能夠數出來的就有22個國家。這就需要我們必須劍到履到。不是去侵略別人,而是要有能力跨境保護我們自己的國家利益。

最後一點,就是如何有側重地發展軍事力量的問題。如果我們明確了以“一帶”為主攻方向,那就不僅僅是要努力發展海軍的問題。海軍當然要根據國家的需求去發展,而現在凸現的問題,恰恰是如何加強陸軍的遠征能力。中國100多萬陸軍,保家守土沒有問題,跨出國門去作戰有沒有問題?我們現在陸軍的發展方向正確嗎?合理嗎?當現在全世界都開始放棄重型坦克的時候,我們卻還在以剛剛生產出來的重型坦克為榮,這些東西將來準備用在什麼地區作戰?在整個“一帶”這條路上,重型坦克根本沒有施展余地。前蘇聯的重型坦克在阿富汗讓游擊隊隨便敲,為什麼?在所有的山溝溝里,你還能往哪走?坦克又不能飛,最後人家拿火箭筒瞄準一輛就是一輛,全部給你干掉。所以說,陸軍的作戰能力必須重新提升,就是加強它的遠程投送能力和遠程打擊能力。這方面,筆者覺得我們遠遠沒有認識到,更不可能做到。如果陸軍沒有能力走出國門,將來在這“一帶”上,任何一個國家發生了內亂或戰爭,需要中國的支援,而且更需要我們出手保護自己在沿途的設施和利益時,陸軍能走得出去、派得上用場嗎?這是我們今天必須思考的問題。

那麼,陸軍要怎麼辦?筆者認為中國陸軍必須飛起來,必須實現陸軍航空化,這意味著整個中國陸軍的一場革命。今天,當我們談軍隊編制體制改革的時候,如果你根本不知道國家的戰略,也不知道國家的需求,關起門來搞改革,你會改革出一支什麼樣的軍隊來?這支軍隊和國家利益有什麼關系?如果你不從國家利益和需求出發,僅僅比照美軍的葫蘆畫自己的瓢,想當然地認為自己應該是怎樣一支軍隊,可是國家不需要這樣一支軍隊,而是需要一支與國家的發展需求相匹配的軍隊,那時你怎麼辦?所以說,不了解國家的需求是什麼,不知道國家的利益在哪里,就關起門來搞改革,這將會改出一支什麼樣的軍隊?筆者認為,“一帶一路”就是國家利益和需求對中國軍隊改革的一個巨大牽引。國家正是通過“一帶一路”的戰略設計,確定了對軍隊的戰略需求。結論是︰中國必須有一支更強大的陸軍,以及一支能與之聯合作戰、協同行動的海軍和空軍,一支能夠跨出國門遠征的陸軍、海軍和空軍,組成在千里萬里之外仍然有足夠的保障和戰斗能力的遠征軍,我們才可能使“一帶一路”真正在安全上獲得可靠的保障,從而確保這一宏偉目標的最終實現。

Referring url: http://www.81.cn/big5/

Chinese Military Analysis of Cyber Space Deterrence – Important Strategic Points // 淺析網絡空間威懾的特徵、類型和運用要點

Chinese Analysis of Cyber Space Deterrence – Important Strategic Points

淺析網絡空間威懾的特徵、類型和運用要點

Chinese People’s Liberation Army Academy of Military Sciences Yuan Yi

January 04, 2016    

Editor’s note: When both opposing parties have the ability to ensure intrusion and damage to the other party’s network, they can bring about two-way network containment, making the two parties obliged to comply with the game rules that do not attack each other’s network under certain conditions, forming an invisible safety valve. Even international conventions or conventions that do not attack each other’s networks will be formed. The cyberspace has thus become a strategic area that can produce a huge deterrent effect. After the deterrence of cyberspace followed by nuclear deterrence, it began to enter the strategic vision of big country politicians and military strategists. Studying the characteristics, types, and points of use of cyberspace deterrence must be taken into consideration and necessary action by the Internet powers and the cyber force.

With the increasing dependence of human society on cyberspace, cyberspace has become the “second type of living space” for human production and life and the “fifth-dimensional combat space” for military confrontation. Countries around the world have fiercely competed for the dominant rights, control rights, and discourse power of cyberspace. The competition in the cyberspace has reached the level of human survival, national destiny, and success or failure of military struggles. Thinking about cyberspace deterrence capacity building has great practical and theoretical value.

First, analysis of the advantages and disadvantages of cyberspace deterrence

Cyberspace deterrence refers to the actions and actions taken in the cyberspace to demonstrate and control enemy cyberspace, and to control the enemy’s physical space through cross-domain cyberspace, so as to achieve the goal of destroying enemy forces, stopping the enemy, blocking the enemy, and preventing deterrence. A form of strategic deterrence for the enemy’s purpose. Compared with the physical space, the “virtual and real duality” of network space and the uniqueness of network warfare compared with traditional combat styles have determined that the advantages and disadvantages of cyberspace deterrence are very obvious.

(A) The advantages of cyberspace deterrence

The advantages of cyberspace deterrence are mainly reflected in the following: First, the deterrence approach has become more civilized and humane. Compared with nuclear, chemical, and chemical weapons based on physical, biological, and chemical killing mechanisms, the direct killing and destructive effects of cyber warfare weapons are much smaller than the former. Normally, they will not cause permanent damage and pollution to the natural environment, nor will they cause large numbers of people. Casualties and humanitarian disasters. Second, deterrence costs are inefficient. The network warfare weapons are dominated by viruses, Trojans and other software. The costs are relatively low, and the technical threshold is low. The destructive effects are rather alarming. The network defense points are multi-faceted, and they are hard to prevent. To increase the level of network security by one level, the input cost will increase exponentially. The contrast between the low cost of cyber offense and the high cost of cyber defense makes the offensive and defensive performance of the network a feature of “spirit shield”, and the cyber warfare weapon is thus called “the atomic bomb of the poor country”. The third is that deterrence methods are diverse and practical. The variety of cyber warfare weapons and the multiple goals of cyber attacks have determined that there are diversified cyberspace deterrent methods to choose from. The effects of cyberattacks are recoverable to a certain extent. As long as the application is properly implemented, the risk of causing war and escalating the war is relatively small. In a sense, the deterrence value of nuclear weapons is far greater than the value of actual combat, and cyber warfare weapons are both practical values ​​and deterrence values. Fourth, the use of repeatability and deterrence is strong. Once the “nuclear threshold” crosses, a full-scale nuclear war will erupt, and the two sides at the nuclear balance will fall into a state of mutual destruction. The easy implementation of nuclear deterrence, especially nuclear deterrence against non-nuclear countries, will also be condemned by international public opinion. These factors are all The use of nuclear deterrence is greatly limited. The deterrence of software and hardware and the controllable characteristics of cyberspace deter- mine the flexibility and control of deterrence in light of the changes and needs of the military struggle. It can be used in advance, used throughout, and used repeatedly. It has strong flexibility.

(B) Defects in cyberspace deterrence

The deterrence of cyberspace is mainly reflected in: First, the credibility of the deterrence effect has not been fully verified. The credibility of nuclear deterrence has been verified in actual combat. However, as of now, the real network war has not really exploded. People’s astonishing destructive power over cyber warfare is more of a speculation and worry. The real power of cyber warfare can only be convincing after being tested by actual combat. Second, the reliability of deterrence measures is not very high. Network warfare is a dynamic process of continuous offensive and defensive interaction between the two sides of the enemy and me. The characteristics of network confrontation and technicality determine that the network warfare attack has greater uncertainty and may not achieve the desired operational objectives, which will greatly reduce the effectiveness of deterrence. . For example, when the enemy performs cyberspace deterrence, if the enemy takes various effective defense measures in a timely manner, it will increase the difficulty of its own cyber attack and reduce the damage, and even lead to the failure of the attack. Third, the controllability of deterrence scope needs further improvement. As one of the important weapons of cyber warfare, viral weapons have strong dissemination, poor controllability, and a wide range of influence. It is difficult to launch targeted and targeted attacks on enemy computers and networks. If it can’t control its effective scope, it will spread to third-party neutral countries and even make itself a victim. As a result, the use of virus weapons suffers from the use of “imposed rats.” The fourth is the selective limitation of deterrence objects. Nuclear deterrence is clear and effective for any country, and the effectiveness of cyberspace deterrence has a lot to do with the level of informatization of enemy countries. Cyberspace deterrence is extremely effective for countries with a high degree of informatization, and for those underdeveloped countries with weak information infrastructure and weak network dependence, it is difficult for them to exert results, or even completely ineffective. Fifth, the organization of deterrence is relatively complicated. All nuclear powers in the world implement centralized and unified management of strategic nuclear forces. Command and control powers are highly centralized. When organizations implement nuclear deterrence operations, they can accurately control each combat unit, and the organization is well-executed. The implementation of the deterrence of cyberspace involves many forces such as investigation, control, defense, and control. It has many personnel and large scales and is scattered among different departments and units in the military and the military. It is very complicated to organize and it is difficult to form a synergy.

Second, the main types of cyberspace deterrence

The cyberspace deterrence includes four types: cyberspace technology test deterrence, cyberspace equipment demonstration deterrence, cyberspace operational deterrence deterrence, and cyberspace operational deterrence. Among them, the first three are demonstrative deterrence, and the latter is actual deterrence.

(A) Cyberspace Technology Test Deterrence

The cyberspace technology test deterrence is a field in the field of cyber warfare. It constantly conducts preliminary exploratory experiments on new concepts of warfare, new experiments on the effectiveness of attack mechanisms and tactics, and practical experiments on the weaponization of new technologies. The outside world is disclosed to demonstrate its strong strength in the basic research of information technology and its enormous potential for transforming it into a cyber warfare capability to achieve deterrence. At present, network offensive and defensive technology is still developing rapidly. A breakthrough in a key technology will often have a significant impact on cyberspace security and operations, and even lead to revolutionary changes. Whoever preempts the strategic commanding heights of the network offensive and defensive technology, who will be able to achieve a clear advantage in the future of network warfare.

(B) Cyberspace Equipment Demonstration

The demonstration of cyberspace equipment deterrence is the development of network warfare equipment development planning, technology development, target testing, stereotyped production and other development stages. According to the needs of the appropriate disclosure of network warfare equipment models, performance, characteristics, parameters and development schedule, etc. Reach the purpose of deterring opponents. There are two main ways: one is through public disclosure in official media such as national defense white papers, diplomatic bulletins, and newspapers, periodicals, and large-scale websites; and the other is through online social media or other unofficial. The channel has deliberately leaked equipment-related information and implemented hidden deterrence. The cyber space equipment demonstrates deterrence. On the one hand, it can invent new cyber-warfare equipment with new mechanisms and new concepts and render its unique combat capabilities. On the other hand, it can deliberately exaggerate the operational effectiveness of existing cyber warfare equipment. There are facts in the virtual reality, there is something in the real, and the implementation of fuzzy policies, so that the other party can not understand their true situation and strength, resulting in fear and jealousy. For example, the U.S. military’s “Shuute” on-board network power system has been put into practical use several times and poses a serious threat to the air defense systems of its hostile countries. However, its basic principles, working mechanisms, and combat technical indicators have not been publicly disclosed. It has not been completely mastered by other countries and has remained in a state of secrecy. It is difficult to distinguish between reality and reality and has played a very good deterrent effect.

(3) Deterrence in cyberspace operations exercises

The deterrence of cyberspace operations exercises is to conduct drills in cyberspace through virtual or virtual methods, and use various media channels to show potential war opponents their own cyber warfighting capabilities, strengths and determinations in order to achieve deterrence. Cyberspace operations can be divided into two kinds: actual drills and virtual exercises. The former is usually carried out nationwide or in alliance with allies, and is generally based on the joint exercise of military space and space defense operations. In recent years, the United States and its allies have held “Network Storm” series of cyber warfare exercises and “Shriver” series of space-network space exercises, which have demonstrated the mobilization strength, overall defense level, and the implementation of cyber warfare. Determination. The latter is usually held at the national large-scale network integrated shooting range, and is generally based on the offensive actions of the military professional cyber warfare forces.

(D) Deterrence in cyberspace operations

The deterrence of cyberspace operations is the actual deterrence of attacking specific opponents by deterring opponents with certain attacks. There are two opportunities for its use: First, when one’s own side is aware that the enemy is about to wage a war on one’s own side, one’s own choice of the key cyber targets of the enemy’s key defenses will be targeted to combat them, and preventive and deterrent deterrence will be implemented; When the Party initiates a tentative cyber attack on its own side and implements cyberspace deterrence, it must immediately conduct effective retaliatory and disciplinary deterrence. There are many types of cyber warfare operations that have deterrent effects. For example, infiltrate the enemy’s telecommunications network, send a large number of anti-war messages to the enemy’s citizens, and attack the enemy’s power grid, resulting in a short-term blackout of major cities in the enemy’s power; attacking the enemy’s broadcast television networks and inserting their own broadcasts during prime time. Special video programs; etc.

Third, the use of cyberspace deterrence points

The general requirements for the use of cyberspace deterrence are: combination of wartime and warfare, with strength, actual display capability, and determination, strive to demonstrate deterrence with small battles, ensure deterrence with strikes, and achieve deterrence with a small price. Specifically, the following points should be achieved.

(A) Combination of peacetime and long-term preparation

“Frozen feet, not a cold day.” Successful implementation of cyberspace deterrence requires a combination of peacetime and warfare, and we must fully and carefully prepare for peacetime. The first is to conduct comprehensive and thorough network reconnaissance. Requires the combination of spying, reconnaissance and technical reconnaissance, wireless reconnaissance, and cable reconnaissance. Conduct long-term and continuous network reconnaissance of enemy network targets, gradually understand the basic conditions of the enemy’s network, draw a picture of its network topology, and in particular analyze and find all kinds of soft enemies. Hardware system vulnerabilities. The second is to conduct a large number of effective strategic presets. Using hacking methods, secretive infiltrate all types of networks through the use of system vulnerabilities or password cracking, leaving the back door, setting up a springboard machine, and laying down logic bombs and Trojans to set a breakthrough for launching cyber attacks in the future. The third is to conduct pre-prepared cyber defenses. When deterring cyberspace deterrence against the enemy, one must adjust the deployment of network defenses in advance, make the enemy’s pre-designed attack path, anticipate the use of system loopholes, and plan to implement an attack plan that is difficult to implement, or the effect of implementation is greatly reduced to minimize the enemy’s Losses caused by cyber retaliation.

(B) careful decision-making, control strength

Sun Tzu said: “The Lord must not anger and raise a teacher. Cyberspace deterrence is a strategic game behavior between countries, especially with deterrence and sensitivity. It must be rational, beneficial, and tangible. It must not be abused because of the low threshold of deterrence. Otherwise, its effect may be counter-productive. . Cyberspace deterrence has a high requirement for combat intensity control. On the one hand, if the intensity is too small, the enemy’s government and people will not have fear and will not achieve the deterrent effect they deserve. The other party may also use the same methods to implement anti-deterrence, eventually leading to confrontational escalation and deterring one’s own deterrence. On the other hand, if it is too strong, it will cause huge economic losses and casualties to the enemy countries. This will cause the condemnation of the international community and the hatred of the enemy governments and people. It may trigger the enemy’s use of conventional forces to carry out large-scale revenge. Nuclear countries may even Nuclear power may be used. This will not only stop the war but will also play a role in warfare.

(III) Unified command and careful organization

The implementation of the deterrence of cyberspace requires centralized command, unified planning, and good coordination. The first is meticulous organization of strength. Uniformly organize the four forces of military investigation, attack, defense, and control, and actively coordinate the strength of the cyber warfare forces of all parties to form a joint force. In particular, it is necessary to organize and coordinate the strength of civil non-professional cyber warfare, especially patriotic hacking, so that there can be no phenomenon of “blindness” so as to avoid triggering friction, escalating fire, causing an escalation of cyber warfare, or prematurely exposing attack intentions and giving people a handle. , leading to uncontrollable situations or failure of operations. The second is to select the target. Should choose a wide range of influence, easy to produce a clear deterrent effect of the goal. For example, broadcast television channels with the highest ratings, portals with a large number of visitors, and wireless communication networks with numerous users. It is not possible to choose attacks that are irrelevant, insignificant, and indifferent to the target. They can easily be mistaken for cybersecurity incidents created by ordinary hackers and do not achieve the desired deterrent effect. In addition, we must also consider the constraints of international law and war laws. We must not choose targets that are easy to cause humanitarian disasters. We should try our best not to select the network goals of railways, aviation, finance, and medical departments so as not to arouse condemnation and resentment from the international community and the people of the other side. The third is the precise control of the process. Prior to the deterrent strikes in cyberspace, it is necessary to publicize the momentum through extensive public opinion, issue warnings to the enemy countries, and declare the justice of their actions to the world in order to gain the understanding and support of international public opinion. In order to highlight the deterrent effect, one can highly announce the target of the enemy’s network to be attacked, break through the enemy’s layered network defenses, and implement a resolute and effective cyber attack. If necessary, the network attack effect can be resumed regularly to show its superiority. The cyber attack technology and means make the enemy’s decision makers and the public have a sense of frustration that is hard to defend and difficult to parry, thus forming a strong shock effect.

(4) Combining actual situation with actual situation, focusing on strategy

The grandson said that “it is not possible to show and not to use it,” and it is used to deter online space. Its main points are summarized as “showing without propaganda, advocating without showing.” “Indicating nothing” means that it is difficult to track and locate using cyber attacks and conduct cyber attacks on specific targets. However, it is not done for others to announce that they are doing their own thing. It not only demonstrates their own capabilities, but also makes the enemy’s suspicion of doing their own thing. However, there is no evidence and it cannot be pursued. “Proclaiming but not showing” is the publicity or inadvertent disclosure of the type, performance, and characteristics of the advanced cyber warfare equipment developed or fabricated by the company, deliberately exaggerating its combat effectiveness, falsifying facts, and integrating facts and facts, so that the enemy can’t understand its true strength. , resulting in a deterrent effect. The cyber warfare operations have the characteristics of difficulty in tracking and traceability and complexity in forensics. The initiating party can either admit or deny it, or push the responsibility to civil hacker organizations. (Source: China Information Security).

Original Communist Mandarin Chinese:

編者按:當敵對雙方都具有確保侵入破壞對方網絡的能力時,就可以帶來雙向網絡遏制,使得雙方不得不在一定條件下,遵守互不攻擊對方網絡的遊戲規則,形成一個無形的安全閥,甚至國際上也會形成互不攻擊對方網絡的慣例協議或公約,網絡空間由此成為可以產生巨大威懾效應的戰略領域。網絡空間威懾繼核威懾之後,開始進入大國政治家和軍事家的戰略視野。研究網絡空間威懾的特徵、類型和運用要點,成為網絡強國、網絡強軍的必須考量和必要行動。

隨著人類社會對網絡空間依賴程度的不斷加深,網絡空間成為人類生產生活的“第二類生存空間”和軍事對抗的“第五維作戰空間”。世界各國圍繞網絡空間的主導權、控制權、話語權展開了激烈的爭奪,網絡空間的競爭已達到與人類生存、國家命運和軍事鬥爭成敗休戚相關的程度。思考網絡空間威懾能力建設,具有重大現實和理論價值。

一、網絡空間威懾的優劣分析

網絡空間威懾,是指在網絡空間採取各種行動,展示癱瘓控制敵方網絡空間,並通過網絡空間跨域控制敵方實體空間的決心和實力,從而達到懾敵、止敵、阻敵、遏敵目的的一種戰略威懾形式。網絡空間與實體空間相比所具有的“虛實二相性”,網絡戰與傳統作戰樣式相比所具有的獨特性,決定了網絡空間威懾的優缺點都非常明顯。

(一)網絡空間威懾的優點

網絡空間威懾的優點,主要體現在:一是威懾方式更趨文明和人道。與基於物理、生物、化學殺傷機理的核生化武器相比,網絡戰武器的直接殺傷和破壞效應要遠小於前者,通常不會對自然環境造成永久性破壞和污染,也不會造成大量的人員傷亡,並引發人道主義災難。二是威懾成本低效費比高。網絡戰武器以病毒、木馬等軟件為主,成本相對低廉,技術門檻較低,而造成的破壞效果卻相當驚人。網絡防禦點多面廣,防不勝防,要網絡安全程度每提高一個等級,投入成本會呈指數級增加。網絡進攻的低成本與網絡防禦的高成本對比鮮明,使得網絡攻防呈現“矛尖盾薄”的特點,網絡戰武器因而被稱為“窮國的原子彈”。三是威懾手段多樣實用性強。網絡戰武器多種多樣,網絡攻擊目標多元,決定了有多樣化的網絡空間威懾手段可供選擇。網絡攻擊效果在一定程度上是可恢復的,只要運用實施得當,引發戰爭和促使戰爭升級的風險相對較小。從某種意義上講,核武器的威懾價值遠大於實戰價值,而網絡戰武器則是實戰價值與威懾價值兼具。四是威懾運用可重複靈活性強。 “核門檻”一旦跨過就會爆發全面核戰爭,處於核均勢的雙方將陷入相互摧毀狀態,輕易實施核威懾特別是對無核國家進行核威懾,還會招致國際輿論的譴責,這些因素都極大地限制了核威懾手段的使用。而網絡空間威懾軟硬結合、威力可控的特點,決定了其可根據軍事鬥爭形勢的變化和需要,適時調控威懾強度,先期使用、全程使用、反複使用,具有很強的靈活性。

(二)網絡空間威懾的不足

網絡空間威懾的不足,主要體現在:一是威懾效果的可信性未得到充分驗證。核威懾的可信度已在實戰中得到了驗證。然而,截止目前,真正意義上的網絡大戰還沒有真正爆發過。人們對網絡戰驚人的破壞力,更多的只是一種猜測和擔憂,網絡戰的真實威力只有經過實戰檢驗後,才能真正令人信服。二是威懾手段的可靠性不太高。網絡戰是敵我雙方網絡攻防持續互動的動態過程,網絡對抗複雜、技術性強的特點,決定了網絡戰攻擊效果具有較大的不確定性,有可能達不到預期作戰目的,使威懾效果大打折扣。例如,對敵實施網絡空間實戰威懾時,敵方若及時採取各種有效防御手段,就會增加己方網絡攻擊的難度和降低破壞效果,甚至導致攻擊行動的失敗。三是威懾範圍的可控性需進一步改善。病毒武器作為網絡戰的重要武器之一,其傳播性強、可控性較差、影響範圍比較廣,很難針對敵國計算機和網絡發動專門性、針對性極強的攻擊。如果不能控制其有效作用範圍,就會波及第三方中立國家,甚至使自身也成為受害者,因而病毒武器的使用有“投鼠忌器”之患。四是威懾對象的可選擇性受限。核威懾對任何國家都是明確而有效的,而網絡空間威懾的效果與敵國的信息化程度有很大關係。網絡空間威懾對信息化程度高的國家極為有效,而對那些信息基礎設施薄弱,網絡依賴性不強的不發達國家,則很難發揮效果,甚至完全不起作用。五是威懾實施的組織相對複雜。世界各個核國家無不對戰略核力量實施集中統管,指揮控制權高度集中,組織實施核威懾行動時可以準確控製到每一個作戰單元,組織實施十分周密。而網絡空間威懾的組織實施,要涉及偵、控、防、控等多支力量,人員多、規模大,且分散在軍地不同部門和單位,組織起來非常複雜,形成合力不易。

二、網絡空間威懾的主要類型

網絡空間威懾主要有網絡空間技術試驗威懾、網絡空間裝備展示威懾、網絡空間作戰演習威懾和網絡空間作戰行動威懾四種類型。其中,前三種是示形威懾,後一種是實戰威懾。

(一)網絡空間技術試驗威懾

網絡空間技術試驗威懾,是在網絡戰領域,經常性地進行新作戰概念的先期探索性試驗、新攻擊機理和戰術的效果印證性試驗、新技術的實用化武器化試驗等,並通過媒體向外界披露,以展現本國雄厚的信息技術基礎研究實力,以及轉化為網絡戰能力的巨大潛力,以達到威懾對手的目的。當前,網絡攻防技術仍在快速發展,一項關鍵性技術的突破,往往會對網絡空間安全和作戰產生重大影響,甚至引發革命性變化。誰搶先佔領了網絡攻防技術的戰略制高點,誰就能在未來網絡戰中取得明顯優勢。

(二)網絡空間裝備展示威懾

網絡空間裝備展示威懾,是在網絡戰裝備發展規劃制定、技術開發、打靶試驗、定型生產等各個發展階段,根據需要適當披露網絡戰裝備的型號、性能、特點、參數以及研製進度等情況,以達到威懾對手的目的。其方式主要有兩種:一種是通過在國防白皮書、外交公報以及報紙、期刊、大型網站等權威媒體從官方渠道公開披露,實施顯性威懾;另一種是通過網絡社交媒體或其他非官方渠道,刻意洩露裝備相關情況,實施隱性威懾。網絡空間裝備展示威懾,一方面可以虛構新機理、新概念的新型網絡戰裝備,並渲染其獨特的作戰能力;另一方面可以刻意誇大已有網絡戰裝備的作戰效能。虛中有實、實中有虛,實施模糊政策,使對方摸不清己方真實情況和實力,產生恐懼和忌憚心理。例如,美軍的“舒特”機載網電一體攻擊系統已多次投入實戰使用,對其敵對國家的防空體系構成了嚴重威脅,但其基本原理、工作機制、戰技指標既沒有公開披露,也沒有被他國完全掌握破解,一直處於保密狀態,令人虛實難辨,起到了很好的威懾作用。

(三)網絡空間作戰演習威懾

網絡空間作戰演習威懾,是以實兵或虛擬的方式在網絡空間展開演習活動,並藉助各種媒體渠道,向潛在作戰對手展現本國網絡戰能力、實力與決心,以達到威懾對手的目的。網絡空間作戰演習可分為實兵演習和虛擬演習兩種。前者通常在全國范圍內或與盟國聯合進行,一般以演練軍地聯合網絡空間防禦行動為主。近幾年來,美國及盟國多次舉行“網絡風暴”系列網絡戰演習,以及“施里弗”系列太空-網絡空間演習,很好展現了網絡戰的動員實力、整體防禦水平,以及實施網絡戰的決心。後者通常在國家大型網絡綜合靶場舉行,一般以演練軍隊專業網絡戰力量的進攻行動為主。

(四)網絡空間作戰行動威懾

網絡空間作戰行動威懾,是指對特定的網絡目標實施攻擊,以確信的攻擊效果來威懾作戰對手的一種實戰性威懾。其運用的時機有兩個:一是當己方覺察敵方即將對己方發動戰爭時,己方選擇敵方重點防禦的關鍵性網絡目標進行針對性打擊,進行預防性、遏制性威懾;二是當敵方通過對己方發起試探性網絡攻擊,實施網絡空間威懾時,己方應立即進行有效的報復性、懲戒性威懾。具有威懾效果的網絡戰行動有多種。例如,對敵電信網滲透破壞,向敵國民眾手機大量發送宣傳反戰短信;對敵電力網進行攻擊,造成敵重要城市短時間的大面積停電;對敵廣播電視網進行攻擊,在黃金時段插播己方特製的視頻節目;等等。

三、網絡空間威懾的運用要點

網絡空間威懾總的運用要求是:懾戰結合,以實力、實戰展示能力和決心,力求以小戰體現威懾、以精打確保威懾,以較小的代價實現威懾目的。具體說來,應做到以下幾點。

(一)平戰結合,長期準備

“冰凍三尺,非一日之寒”。成功實施網絡空間威懾,需要平戰結合,在平時就要進行充分細緻的準備。一是要進行全面周密的網絡偵察。要求諜報偵察與技術偵察、無線偵察與有線偵察相結合,對敵網絡目標進行長期持續的網絡偵察,逐步摸清敵網絡基本情況,繪製其網絡拓撲結構圖,尤其是分析查找出敵各種軟硬件系統的漏洞。二是要進行大量有效的戰略預置。採用黑客手段,通過利用系統漏洞或口令破譯等辦法,秘密滲透進入敵各類網絡,留下後門,設置跳板機,埋設邏輯炸彈和木馬,為未來發動網絡攻擊預留突破口。三是進行預有準備的網絡防禦。在對敵實施網絡空間威懾時,己方應提前調整網絡防禦部署,使敵預先設計的攻擊路徑,預期利用的系統漏洞,預定執行的攻擊方案難以實施,或實施效果大打折扣,最大限度地降低敵網絡報復造成的損失。

(二)慎重決策,控制強度

孫子曰:“主不可以怒而興師,將不可以慍而致戰”。網絡空間威懾是國家之間的戰略博弈行為,尤其是實戰威懾,敏感性強,必須做到有理、有利、有節,決不能因為威懾“門檻”較低而濫用亂用,否則其效果可能會適得其反。網絡空間實戰威懾對作戰強度控制的要求很高。一方面,若強度太小,敵國政府和民眾不會產生畏懼心理,起不到應有的威懾效果,對方還可能採取同樣的手段實施反威懾,最終導致對抗升級,使己方威懾失效。另一方面,若強度過大,給敵國造成巨大的經濟損失和人員傷亡,引起國際社會的譴責和敵國政府、民眾的仇恨心理,就可能引發敵國運用常規力量進行大規模報復,有核國家甚至可能會動用核力量,這樣不但不能懾止戰爭,反而會起到戰爭導火索的作用。

(三)統一指揮,周密組織

網絡空間威懾的組織實施,要集中指揮,統一籌劃,搞好協同。一是精心組織力量。統一組織軍隊偵、攻、防、控四支力量,積極協調軍地各方網絡戰力量形成合力。尤其是要組織和協調好民間非專業網絡戰力量特別是愛國黑客,不能出現“盲動”現象,以免引發磨擦,擦槍走火,引起網絡戰的升級,或過早暴露攻擊意圖,授人以柄,導致局勢不可控或行動失敗。二是精當選擇目標。應選擇影響面廣,易產生明顯威懾效果的目標。例如,收視率排名靠前的廣播電視頻道、訪問量巨大的門戶網站、用戶眾多的無線通信網絡等。不能選擇無關痛癢、影響面小、民眾漠不關心的目標進行攻擊,易被誤認為是普通黑客製造的網絡安全事件,起不到應有的威懾效果。此外,還要考慮國際法和戰爭法約束,不能選擇易造成人道主義災難的目標,盡量不選取鐵路、航空、金融、醫療等部門的網絡目標,以免激起國際社會和對方民眾的譴責和反感。三是精確控制進程。實施網絡空間威懾性打擊之前,要通過廣泛的輿論宣傳造勢,向敵國發出打擊警告,並向全世界宣告己方行動的正義性,以爭取國際輿論的理解和支持。為突出威懾效果,己方可以高調宣布要攻擊的敵國網絡目標,再突破敵方層層網絡防禦,實施堅決有效的網絡攻擊,必要時最後還可對網絡攻擊效果進行定時恢復,以展現己方高超的網絡攻擊技術和手段,讓敵方決策者和民眾產生防不勝防、難以招架的心理挫折感,從而形成強烈的震懾效果。

(四)虛實結合,注重謀略

孫子所說的“能而示之不能,用而示之不用”,運用到網絡空間威懾,其要點概括起來就是“示而不宣、宣而不示”。 “示而不宣”,就是利用網絡攻擊難以追踪定位這一點,對特定目標實施網絡攻擊,但不對外宣布是己方所為,既展示了己方能力,又使得敵方雖然懷疑是己方所為,但沒有證據,無法追究。 “宣而不示”,就是公開宣傳或不經意透露己方研製或虛構的先進網絡戰裝備的型號、性能、特點,刻意誇大其作戰效能,虛虛實實,虛實結合,使敵摸不清己方真實實力,從而產生威懾效果。網絡戰行動具有追踪溯源困難、取證複雜的特點,發起方既可以承認,也可以矢口否認,或把責任推給民間黑客組織。 (來源:中國信息安全)

Original URL:

Informationized Warfare : Chinese Military to Focus on Winning the Whole War via A New People’s War // 信息化作战政治工作:着眼整体制胜打造人民战争升级版

信息化作战政治工作:着眼整体制胜打造人民战争升级版

Informationized Warfare : Chinese Military to Focus on Winning the Whole War via A New People’s War

The military field is the most dynamic field. Innovation is the most important and the most conservative. Facing the transformation of war formation, combat methods, command mode, and winning mechanism under informatized conditions, the in-depth exploration of the mechanism of the informatized warfare political work is not only an important content and concrete embodiment of the theme of practicing political work, but also a focus on playing the role of lifeline. Reality needs and urgent tasks.

The Practical Challenges in the Political Work of Informatization Warfare

With the rapid development of information technology, modern warfare has accelerated to “information + intelligence”, and the battlefield environment, combat strength, and combat methods have undergone profound changes. Our military’s political work has embraced a broad arena of innovation and development, and has also encountered many new era issues.

The purpose of the strategic game is limited, and there are more political considerations. In today’s era, the multipolarization of the world, economic globalization, and the development of social informatization have made in-depth development. The international community has increasingly become the community in which you and I have you. Restricted by multiple factors such as international conventions, international public opinion, and moral norms, conflicts and confrontations that occur worldwide are tend to be decentralized and localized. Information-based warfare is no longer a “zero-sum” game in which you died in the past. The center of strategic guidance is to control the war situation and achieve political goals; it is no longer the same as the mechanized war that uses all the armed forces to accomplish one battle, fight or not, and when to fight. How to fight, to what extent, must be subordinated to serving political needs.

Deep application of information technology, the connotation of quality requirements is more extensive. The use and development of information technology does not and can not change people as the decisive factor of war, and the quality of the personnel involved in the war is increasing. The adversary’s high-tech weapons are even more advanced, and there will be “dead spots” on their own. How to accurately find their “Achilles’ heel” and strike the system’s vitals requires the commander to have superb strategic wisdom. The informationization of weapons and equipment is even higher, and it is impossible for them to spontaneously display their abilities. How to realize the integration of man-machine and the maximum effectiveness of the weapons in their hands requires the combatants to have excellent information literacy. High-intensity confrontation and high-intensity damage have brought great shocks to the mind and body of the combatants. How to deal with calmness and countermeasures, and the need for officers and soldiers to have a stable psychological quality.

The use of diversity in the strength of participating in the war is aggravating the task of concentrating on God. The “platform center” for future operations gives way to the “system center,” and integrated joint operations have become the basic form. Only when all combat elements, units, and systems are “finished by fists” can the system’s operational effectiveness be exerted. The “physical space” of land, sea, and air and the “intangible space” of the network’s electromagnetic cognition coexist and coexist, presenting a “multidimensional space + point battlefield” form. Only with the overall situation and linkage between the two cities, can localized advantage be the battlefield. It is difficult and difficult to coordinate the military, operational elements, and command levels. Only by enhancing the “adhesion” between combat modules can a comprehensive performance of 1+1>2 be achieved.

The belligerence of warring targets is even harder to achieve. Under the conditions of informatization, an important symbol of victory in war is to conquer the will of the opponent. This is not only a confrontational contest in the morale of the military, but also a struggle for the influence of political opinion and public opinion. No one, no sound, and intangible are becoming the main forms of informatized warfare. Unmanned combat forces gradually replace the living forces on the battlefield. Invisible weapons such as electromagnetic guns and laser bombs gradually replace traditional firearms that use chemical gunpowder energy as a damage mechanism. Far away from long-range strikes, they gradually replaced near-meeting fighters, and the two sides of the battle rarely saw face to face. It can be foreseen that in the future battles, public opinion contests, psychological confrontation, and jurisprudential competition will increasingly become the “second battlefields” in real terms, and both the importance and the difficulty will be increased.

Accurate and quick combat operations, follow-up service requirements are higher. Breakthroughs in major technologies such as big data, cloud computing, the Internet of Things, and quantum cryptography have enabled combat to evolve from a “technical decision tactic” to a “technical decision strategy.” Under the support of intelligence, reconnaissance, and communications, “one missile Destruction of a command building system breaks into reality; “attack window” or “engagement opportunity” sensitivity is measured in minutes and seconds. “1 minute decides the battle outcome, 1 hour decides the outcome of the battle, and 1 day determines the national destiny” . In the past, the tactics of “human sea tactics”, “melee night warfare” and “permanent warfare” that were often used in warfare were difficult to display, and the corresponding traditional methods of wartime political work were not improved. There is no way out.

The Inherent Requirements for the Implementation of Informationized Political Work Organization

Compared to mechanized warfare, informatized warfare, the most significant and most fundamental change in the win-win mechanism lies in the informatization of technological forms, the combat warfare systemization, and the convergence of information flow to dominate the energy flow of material flows. As an integral part of the military system, our military’s political work must adapt to the objective needs of the change in the winning mechanism of war, and carry out innovative changes from the concept of command, organizational form to operational mechanisms, methods and means, and promote the highly integrated traditional advantages and information technology, and use data. The chain reinforces the lifeline and strengthens vitality with information.

To adapt to the characteristics of information-based operations and political constraints and multi-party linkages, political work must take care of the overall situation and the control bureau in planning guidance. The political attributes of war fundamentally restrict the military objectives, the scale of forces, the choice of strategies, and the development of the war situation. Our military’s political work in wartime is the ideological work and organization work of the Party during its military operations. The fundamental task is to ensure the implementation of the strategic intentions of the Party Central Committee and the Central Military Commission in combat operations. The first thing in organizing political work is to strengthen the political consciousness, overall awareness, command awareness of the officers and men, especially the commanders at all levels, and insist on the realization of the strategic intentions of the Party Central Committee, the Central Military Commission, and the Chairman Xi as the highest goals, and implement the Chairman of the Executive Committee. The command orders of the Central Military Commission and the Central Military Commission are fundamental requirements, and are resolutely obeying the strategic goals of serving the party and the country. They call the fight, stop, and stop. They do not blindly pursue pure military results, open a good game, control a good game, and collect a good game.

To adapt to the characteristics of confrontation and element integration in the informationized combat system, political work must be integrated into the system and implemented as one. Information warfare relies on information networks to integrate all types of combat elements, units, and systems, and its ability to form depends on the degree of coupling of the architecture. Only when the political work is integrated into the big system and combines, permeates, and penetrates into the entire process of warfare, can it play a better role. It is necessary to strengthen the “combination” of structural functions, adapt to the requirements of the flat modularization synthesis, and achieve convergence with the joint operations command organization; strengthen the “combination” of decision-making and commanding, and change the decision of relatively independent and self-contained systems in the past. Command mode, synchronized with the military command research, deployment and deployment; strengthen the organization’s implementation of the “melting”, close to combat tasks and processes, so that the task is released, the situation together feedback, plans to adjust together, performance one And assess it to ensure that it interacts and interacts with military operations and complements each other.

To adapt to the characteristics of information-based combat information leadership and network integration, political work must be based on networks and data support. The core of successful informatization operations is to seize the right to information. In the era of big data, we must explore the formation of a new model of “political work + information network” and strive to achieve a transformation from “under the net political work” to “online political work”, occupy the main position of the information network, and seize the commanding heights of the network political work; “Transformation to “Information and Political Work”, good at relying on information means to carry out political work, with the help of information network automatic retrieval, intelligent identification, auxiliary decision-making and other functions to quickly obtain, analyze and process ideological information; from “extensive political work” to “precise political work”, Emphasize the development and application of combat data in political work, dynamically update and improve the operational database, real-time understanding of the ideological and psychological responses of officers and men, supplementation of battle wounds, and implementation of battlefield disciplines, so as to provide a scientific and reliable reference for decision-making and commanding.

To adapt to the three-dimensional, intangible, and unbounded nature of information-based operations, political work must expand its scope and leverage efficiency in content and means. The warfare space for informatized warfare has changed from “three-dimensional” to “multi-dimension,” and the scope of the battlefield has expanded from the “physical domain” to the “cognitive domain.” It is necessary to intensify the idea of ​​big political work, and to establish an organic unified, full-dimensional global coverage of the dot and line surface. Political work network. It is necessary to form a joint force for the main body and open up the link of political work command, organization, and coordination at all levels and levels to achieve vertical penetration, horizontal interaction, and overall linkage; to form a joint force for all personnel, to exert the “adhesion” role of the joint command mechanism, and to launch action battles. The Party, cadres and other elements of intelligence, reconnaissance, early warning, and safeguarding work together to carry out ideological and political work; form a joint force between the military and the land, and link forces, families, and society through sound policy systems, clear responsibilities in the military, and perfect coordination mechanisms. Gather the positive energy of the same direction.

To adapt to the characteristics of instantaneous warfare and rapidity in informationized operations, political work must be changed from time to time in time and effect. The combat under mechanized conditions is “big eating,” and the battle in the information age is “fast eating.” Future operations, especially the sea-air battles, will have fast time-to-space transitions, rapid changes in offensive and defensive rhythms, and rapid development of the battlefield. The key to “winning and winning” lies in “first-in-class” and the opportunity to seize opportunities. It is necessary to fully pre-research the premise, analyze the complex and difficult situations that may occur in the trial and combat operations according to the overall operational objectives, study and formulate countermeasures for prevention and decisive treatment, optimize the work flow, use the command network platform function, and strengthen the up-and-down linking and left-right contact. Reducing the level and streamlining the texts and electricity; paying attention to the command of the front, the political cadres deep in the battle position, in-depth officers and soldiers, the integration of zero, see the pin, timely and effective disposal of critical situations, resolve contradictions.

Informationized Warfare Political Work Service to Guarantee the Fighting Force

By interpreting the winning mechanism of modern warfare, we can more clearly recognize that the excellent tradition of political work that our army has formed in the war years and the practice of building the military is still an important guarantee for winning the victory of informationized operations; at the same time, we must follow the characteristics of informationized warfare. We must seize the key factors that affect the ability to control the system’s operations, identify the path of action, and give meaning to the times, strengthen the unique political advantage of our party and our army, and increase the contribution rate to combat effectiveness.

Focus on the joint victory to enhance the leadership of the party committee. The leadership of party committees is not only a concrete embodiment of the party’s absolute leadership over the army in combat, but also an important guarantee for winning the battle. The key to adhering to and exerting this institutional advantage lies in transforming information into decision-making power, cohesion into systemic power, and innovating ways and means of improvement. To strengthen the authority of unified leadership, all major issues concerning the directionality and overall orientation of warfare must be collectively studied and decided by the party committee. In particular, the joint party committee should be given leadership over all actions and personnel in the war to ensure that the order of military order is unimpeded. Strengthen the scientific nature of the deliberative decision-making, pay attention to improving the party members’ information literacy, fully absorb the opinions and suggestions of the commanders and technical experts of the armed forces, and in particular, strengthen the dynamic control of military affairs, public opinion, and public opinion so as to ensure that the decision-making conforms to the combat operations and the actual conditions of the army. Strengthen the timeliness of implementation, the first time to organize the transmission of higher order instructions, follow up the implementation of the armed forces to implement the situation, in particular, according to operational needs to give front-line commanders the right to dispose, to ensure that in case of accidents can respond quickly and properly.

Focus on the will to win the battle to improve the effectiveness of the incentive. “One is not afraid of suffering and the other is not afraid of death” is the revolutionary background and spiritual business card of our military. To win informatized warfare, we must reflect on the mental and physical characteristics and realistic thinking of the new generation of officers and men and work hard to build an inseparable “spiritual Great Wall.” Concerning the quality of connotation, we adhere to the unity and unity of unconsolidated operations, focusing on strengthening the education of revolutionary heroism and inspiring the bloody nature of the “one man, one shot, and fighting in the end.” They also pay attention to guiding officers and men to strengthen their awareness of intellect, scientific attitudes, and collaborative concepts. The wisdom and enthusiasm to play the maximum effectiveness of system operations. In terms of behavioral norms, we insist on unification of education counseling and discipline, not only focusing on well-targeted education and ideological work on one person but one thing, but also on strict battlefield rules and regulations to ensure that all parties, regardless of adversity or adversity, can be loyal and dedicated. Policy-oriented, adhere to the unity of spiritual rewards and material comfort, not only focus on activities such as the creation of meritorious service, fire line into the party and other activities, stimulate the sense of responsibility of defending national interests, but also pay attention to solve the actual problems of officers and soldiers to lift the worries of the future.

Focus on intelligence to improve the accuracy of manpower deployment. Adhere to the individual allocation and group deployment, commanding key and technical experts, both internal potential and leveraging local complementary, so that ahead of the pre-positioning, positioning positioning, rapid supplementation, in order to win the battle to provide a strong support of personnel. Focusing on the needs of the system’s operational capability, in accordance with the principle of matching people’s positions, we attach importance to the backbone of operational forces and front-line military cadres, and also attach importance to the essential elements of safeguard elements and reserve force cadres to ensure that each combat system, operational unit, and operational element are fully occupied. member. Focusing on the needs of key combat elements, we will continue to focus on focusing on key forces. In particular, we must match the combatants and technical backbones of some key and critical positions and use the best steel in cutting edge. Focusing on the needs of combat support, we will use well-reserved talents around the joint deployment of forces, and focus on the integration of military and civilian security personnel as needed. We will use local intelligence to effectively leverage local high-end talents to achieve the integration of wartime military and human resources.

Focus on moral accomplishment and make a good political attack. Public opinion warfare The psychological warfare legal war runs through every aspect of strategy, battle, and battle, permeates all aspects of politics, economy, and diplomacy, and becomes a special combat style for the confrontation of the informatized war system. In the future operations, we must carry forward the good traditions of our military’s essay attacking and fighting against the armed forces. We must emphasize both the will to convey and the moral interpretation in terms of content. We must focus on both the heavy blows and the people’s hearts to fight for the target. We must take the initiative and make heavy moves in the tactics. In order to fully publicize the just legitimacy of our military operations, we should create a world-famous international and domestic public opinion situation, use war laws and international laws to guide the international public opinion and public opinion, actively seize public opinion, morality, and legal system, ensure the military There is no point in political victory.

Focus on the overall victory to build an upgraded version of the People’s War. The people’s war has always been an important magic weapon for our army to defeat the enemy. Under the new situation, we should focus on the characteristics of the intensification of large-scale informatization and warfare, and based on all-dimensional support, we must do a good job of mobilizing for participation in the war. Change from spontaneous support to legal support, coordinate local party committees and governments, supervise agencies at all levels, social organizations, economic entities, and citizens, fulfill their obligation to participate in warfare in accordance with the law, and do a good job of recruiting people, collecting materials, and expropriation of equipment and facilities. . From direct support to forward network transformation, China will have hundreds of millions of Internet users, mobile Internet users, and Weibo users. We will organize the masses to carry out economic warfare and cultural warfare in information warfare, and invite relevant experts to conduct long-distance consultations on technical support. . From material support to advance science and technology support, and around combat support requirements such as operational reconnaissance and early warning, command communications, and meteorological and hydrological resources, mobilize all kinds of scientific and technological forces to cooperate with information operations, assist in the maintenance of weapons and equipment, and military installations, and lay a strong science and technology potential in the private sector. Turn into war power. (General Political Department Organization Department)

Original Mandarin Chinese:

军事领域是最具活力的领域,最需创新,最忌保守。面对信息化条件下战争形态、作战方式、指挥模式和制胜机理的嬗变,深入探究信息化作战政治工作作用机理,既是践行政治工作时代主题的重要内容和具体体现,也是聚焦打仗发挥生命线作用的现实需要和紧迫任务。

  信息化作战政治工作面临的现实挑战

随着信息技术迅猛发展,现代战争加速向“信息化+智能化”演进,战场环境、作战力量和作战方式发生深刻变化。我军政治工作既迎来创新发展的广阔舞台,也遇到许多新的时代课题。

战略博弈目的有限,政治考量因素更多。当今时代,世界多极化、经济全球化、社会信息化深入发展,国际社会日益成为你中有我、我中有你的命运共同体。受国际公约、国际舆论、道德准则等多重因素制约,世界范围内发生的冲突与对抗趋于分散化、局部化。信息化战争不再是过去你死我活的“零和”博弈,战略指导的重心在于控制战局、达成政治目的;不再像机械化战争那样动用全部武装力量毕其功于一役,打还是不打、什么时候打、怎么打、打到什么程度,都要服从服务于政治需要。

信息技术深度应用,素质需求内涵更广。信息技术的运用和发展,没有也不可能改变人是战争的决定性因素,而对参战人员的素质需求越来越高。对手的高新武器再先进,自身也会存在“死穴”,如何准确找到其“阿喀琉斯之踵”、击其体系要害,需要指挥员具有高超的谋略智慧。武器装备信息化程度再高,也不可能自发其能、自显其威,如何实现人机一体、发挥手中武器的最大效能,需要战斗员具有过硬的信息素养。高强度对抗、高烈度毁伤,给参战人员身心带来巨大震撼,如何做到冷静应战、不自乱阵脚,需要官兵具有稳定的心理素质。

参战力量运用多元,凝神聚力任务更重。未来作战“平台中心”让位于“体系中心”,一体化联合作战成为基本形式。只有把各作战要素、单元和系统“攥指成拳”,才能发挥体系作战效能。陆海空天“有形空间”与网络电磁认知“无形空间”交织并存,呈现出“多维空间+点战场”形态,只有整体布势、联通联动,才能化局部优势为战场胜势。参战军种、作战要素、指挥层级之间协同要求高、难度大,只有增强作战模块之间的“粘合度”,才能实现1+1>2的综合效能。

交战对象隐身遁形,攻心夺志致效更难。信息化条件下,战争制胜的重要标志就是征服对方意志,不仅是军心士气的对抗较量,还体现在对政情民意和社会舆论的影响争取。无人、无声、无形正在成为信息化战争的主要形态,无人化作战力量逐步取代战场上的有生力量,电磁炮、激光炸弹等隐形兵器逐步取代以化学火药能为毁伤机理的传统火器,超视距远程打击逐步取代近战搏击,作战双方几乎见不到面。可以预见,未来作战中舆论较量、心理对抗、法理争夺日益成为名副其实的“第二战场”,重要性与艰难度都空前加大。

作战行动精准快捷,跟进服务要求更高。大数据、云计算、物联网、量子密码等重大技术的突破,使作战由“技术决定战术”发展为“技术决定战略”;在情报、侦察、通信等各要素的支撑下,“1枚导弹摧毁1栋指挥大楼”式体系破击成为现实;“攻击窗口”或“交战机会”时敏性以分秒计算,“1分钟决定战斗结局,1小时决定战局胜负,1天决定国家命运”。过去战争中经常运用的“人海战术”“近战夜战”“持久作战”等战法难以施展,相应形成的战时政治工作传统做法不加以改进,未来作战中就可能陷入融不进、跟不上、够不着的困境。

信息化作战政治工作组织实施的内在要求

信息化战争相对机械化战争,制胜机理最显著最本质的变化在于技术形态信息化、作战对抗体系化,信息流聚合主导物质流能量流。我军政治工作作为军事系统的有机组成部分,必须适应战争制胜机理变化的客观需要,从指挥观念、组织形式到运行机制、方法手段等进行创新变革,推动传统优势与信息技术高度融合,用数据链加固生命线,以信息力强化生命力。

适应信息化作战政治制约、多方联动的特点,政治工作在筹划指导上必须关照全局、把向控局。战争的政治属性,从根本上制约着军事目的、力量规模、策略选择和战局发展。我军战时政治工作是党在军队作战期间的思想工作和组织工作,根本任务是保证党中央、中央军委战略意图在作战行动中的贯彻落实。组织开展政治工作第一位的是,强化官兵尤其是各级指挥员的政治意识、全局意识、号令意识,坚持把实现党中央、中央军委和习主席战略意图作为最高目的,把贯彻执行习主席和军委命令指示作为根本要求,坚决服从服务于党和国家战略目标,叫打就打、叫停就停,不盲目追求单纯军事效果,开好局、控好局、收好局。

适应信息化作战体系对抗、要素集成的特点,政治工作在组织指挥上必须融入体系、一体实施。信息化作战依托信息网络融合各类作战要素、单元和系统,其能力的形成依靠于体系结构的耦合度。政治工作只有融入大体系,结合、贯穿、渗透到作战各领域全过程,才能更好地发挥作用。要强化结构功能上的“融”,适应扁平化模块化合成化要求,做到与联合作战指挥机构相契合相衔接;强化决策指挥上的“融”,改变以往相对独立、自成体系的决策指挥模式,做到与军事指挥同步研究、部署和展开;强化组织实施上的“融”,紧贴作战任务和进程,做到任务一并下达、情况一并反馈、计划一并调整、绩效一并评估,保证与军事行动交融交互、相辅相成。

适应信息化作战信息主导、网聚效能的特点,政治工作在运行方式上必须基于网络、数据支撑。信息化作战制胜的核心在于夺取制信息权。在大数据时代,必须探索形成“政治工作+信息网络”的新模式,努力实现由“网下政工”向“网上政工”转变,占领信息网络主阵地,抢占网络政治工作制高点;由“传统政工”向“信息政工”转变,善于依托信息手段开展政治工作,借助信息网络自动检索、智能识别、辅助决策等功能快速获取、分析和处理思想信息;由“粗放政工”向“精确政工”转变,重视政治工作作战数据开发运用,动态更新完善作战数据库,实时掌握官兵思想心理反应、战伤战损补充、战场纪律执行等情况,为决策指挥提供科学可靠参考。

适应信息化作战全维立体、无疆无界的特点,政治工作在内容手段上必须拓展领域、借力增效。信息化战争作战空间由“三维立体”向“多维一体”转变,战场范围由“物理领域”向“认知领域”延伸,需要强化大政工理念,构建点线面有机统一、全维全域覆盖的政治工作网络。要形成主体合力,打通各层级各部位政治工作指挥、组织、协调等环节链路,实现纵向贯通、横向交互、整体联动;形成全员合力,发挥联合指挥机制“粘合”作用,发动作战、情报、侦察、预警、保障等各要素党员干部,齐心协力开展思想政治工作;形成军地合力,通过健全政策制度、明确军地职责、完善协调机制等方式,把部队、家庭、社会衔接起来,汇聚同心同向的强大正能量。

适应信息化作战瞬时交战、以快制快的特点,政治工作在时机时效上必须因时而动、以变应变。机械化条件下的作战是“大吃小”,信息化时代的作战则是“快吃慢”。未来作战特别是海空交战,时空转换快,攻防节奏变化快,战场态势发展快,“胜一筹”关键在于“先一筹”,把握良机重在抢占先机。应当充分预研预置,根据总体作战目标,分析研判作战中可能发生的复杂困难情况,研究制定预防和果断处置的对策措施;优化工作流程,利用指挥网络平台功能,加强上下贯通、左右联系,减少层级、精简文电;注重靠前指挥,政治干部深入战位、深入官兵,化整为零、见缝插针,及时有效地处置危急情况、化解矛盾问题。

信息化作战政治工作服务保证战斗力的实现途径

透析现代战争制胜机理,可以更加清晰地认识到,我军在战争年代和建军实践中形成的政治工作优良传统,仍然是赢得信息化作战胜利的重要保证;同时要遵循信息化作战的特点规律,抓住影响制约体系作战能力的关键因素,找准作用路径、赋予时代内涵,强固我党我军特有政治优势,提高对战斗力的贡献率。

着眼联合制胜增强党委领导驾驭力。党委领导作战,既是党对军队绝对领导在作战中的具体体现,也是夺取作战胜利的重要保证。坚持和发挥这一制度优势,关键是围绕信息力转化为决策力、内聚力转化为体系力,创新改进方式方法。强化统一领导的权威性,凡属有关作战方向性、全局性的重大问题,必须由党委集体研究决定,尤其要赋予联合党委对作战中一切行动和人员的领导权,确保政令军令畅通。强化议事决策的科学性,注重提高党委成员信息化素养,充分吸纳部队指挥员和技术专家的意见建议,尤其要加强对军情、民意和社会舆论的动态掌握,确保决策符合作战行动和部队实际。强化贯彻执行的时效性,第一时间组织传达上级命令指示,跟进掌握部队贯彻落实情况,尤其要根据作战需要赋予一线指挥员临机处置权,确保遇有意外情况能够快速反应、妥善应对。

着眼意志制胜提高战斗激励实效性。“一不怕苦、二不怕死”,是我军的革命底色和精神名片。打赢信息化战争,必须针对新一代官兵身心特征和现实思想反映,着力构筑牢不可摧的“精神长城”。内涵特质上,坚持孤胆作战与团结协作相统一,既注重加强革命英雄主义教育,激发“一人一枪、战斗到底”的军人血性,又注重引导官兵强化智谋意识、科学态度、协同观念,靠集智聚力发挥体系作战的最大效能。行为规范上,坚持教育疏导与纪律约束相统一,既注重搞好针对性教育和一人一事的思想工作,又注重严明战场法纪,确保无论顺境还是逆境都能忠贞不渝、献身使命。政策导向上,坚持精神奖励与物质抚慰相统一,既注重通过开展立功创模、火线入党等活动,激发捍卫国家利益的责任感荣誉感,又注重关心解决官兵实际问题,解除后顾之忧。

着眼智力制胜提升人力配置精确度。坚持个体配置与群体调配相适、指挥骨干与技术专家并重、内部挖潜与借力地方互补,做到超前预置、定岗定位、快速补充,为赢得作战胜利提供强有力的人才支持。紧盯体系作战能力需求,按照人岗相宜的原则,既重视作战部队、一线部队干部骨干配备,也重视保障要素、后备力量干部骨干配备,确保每个作战系统、作战单元、作战要素齐装满员。紧盯关键作战要素需求,坚持重点力量重点配备,尤其要把一些关键要害岗位的战斗员、技术骨干配强,把好钢用在刀刃上。紧盯伴随作战保障需求,围绕力量联动编配使用好预备役人才,着眼军地联保按需引进综合保障人才,立足智力联用有效借力地方高端人才,实现战时军地人才资源一体共享。

着眼道义制胜打好政治攻势主动仗。舆论战心理战法律战,贯穿于战略、战役和战斗各个层面,渗透到政治、经济、外交各个方面,成为信息化战争体系对抗的一种特殊作战样式。未来作战中,要发扬我军文攻武战的好传统,内容上既重意志传达又重道义阐释,对象上既重兵心打击又重民心争取,战法上既重主动出招又重见招拆招,全面宣传我军事行动的正义性合法性,营造师出有名的国际与国内舆论态势,巧用战争法、国际法,引导国际民心和舆论走向,积极抢占舆论、道义和法理制高点,确保军事上打得赢、政治上不失分。

着眼整体制胜打造人民战争升级版。人民战争始终是我军克敌制胜的重要法宝。新形势下,应着眼信息化战争大体系大纵深大消耗的特点要求,立足全维支援抓好参战支前动员。由自发支前向依法支前转变,协调地方党委政府,督导各级机关、社会组织、经济主体和公民,依照法律规定履行参战支前义务,做好人员征召、物资征集、装备设施征用等工作。由直接支前向网络支前转变,发挥我国拥有几亿网民、手机网民和微博用户的庞大资源,组织人民群众开展信息战中的经济战文化战,邀请有关专家对技术保障进行远程难题会诊。由物质支前向科技支前转变,围绕作战侦察预警、指挥通信、气象水文等战斗力保障需求,动员各种科技力量配合信息作战、协助维修武器装备和军事设施,把蕴藏在民间的强大科技潜力转化为战争实力。(总政治部组织部)

Original Post Here:

http://military.people.com.cn/n/2015/1113/

Communist China Giving Priority to Development of Military Network Strategy // 中共優先發展網絡戰略力量

Communist China Giving Priority to Development of Military Network Strategy

中共優先發展網絡戰略力量

Cyberspace has become the national comprehensive security of the door. Network warfare reality, the network battlefield globalization, network confrontation normalization, network attack heart white hot, the network to build the army of the general trend, no one can block. Give priority to the development of network strategy, and actively seize the commanding heights of network strategy, for my army building is of great significance.

  The main features of network strategy

Network strategic strength refers to the ability to achieve the desired results through cyberspace. From the current development and possible future trends, mainly with the following characteristics.

Composed of multiple. In recent years, the major network events in the world have shown that the strategic power of the military network is the main force of cyberspace competition. The strategic power of the government departments and the private sector is an important part of the cyberspace competition. The “cyber warrior” An important addition.

Strong professionalism. Network strategy strength has a strong latent and difficult to predict, and the speed of light, instantaneous effect, monitoring and early warning is difficult; once the action is effective, damage effect superimposed amplification or non-linear step, with a typical “butterfly effect.” In 2010, the “shock net” virus attacked the centrifuges of the Iranian Bushehr nuclear power plant and the Natanz uranium enrichment plant, resulting in nearly a thousand centrifuge scrapped, forcing Iran’s nuclear capacity building to delay 2 to 3 years, opened the network attack soft means Destroy the country’s hard facilities.

Destructive. The strategic power of the network is no less than the weapons of mass destruction. Russia and Georgia in 2008, “the five-day war”, the Russian military to Georgia’s television media, government websites and transportation systems as the goal, to carry out a comprehensive “bee group” type network paralysis attacks, leading to grid government agencies operating chaos, Logistics and communication system collapse, much-needed war materials can not be delivered in a timely manner, the potential of the war has been seriously weakened, a direct impact on the grid of social order, operational command and troop scheduling. The Russian military doctrine has identified cybercrime as a weapon of mass destruction and has retained the right to use weapons of mass destruction or nuclear weapons to counterattack.

Advanced technology and phase. Network strategy strength development speed, replacement fast, technical materialization for the equipment cycle is short. At present, the speed of the microprocessor doubles every 18 months, the backbone bandwidth doubled every six months, a variety of new electronic information equipment after another, all kinds of application software dizzying. Cyber ​​space confrontation is the field of information in the field of offensive and defensive struggle, the use of network strategy forces in the confrontation of the phase with grams, constantly renovated. The development of the firewall and the information monitoring technology makes the software of the anti-wall software upgrade continuously. The development of the firewall and the information monitoring technology is the development of the firewall and the information monitoring technology. , Can be described as “a foot high, magic high ten feet.”

  The Developing Trend of Network Strategic

From the subordinate force to the development of key forces. In the past, the network strategic power is mainly for other forces to provide information security, in a subordinate position; with the development of network information technology, network system control of other rights, network strategic forces from the subordinate status to the dominant position to accelerate into the maintenance of national The key to safety. There is no network security there is no sovereign security, “no net” to become a new law of war, the world’s major countries around the network space development rights, dominance and control of a new round of competition, especially the United States and Russia adhere to the practice In the use and continue to develop.

From the maintenance of force to the development of specialized forces. In the past, the network strategy is mainly to maintain the network information system and all kinds of network transmission system, network attack and defense attributes are not clear. At present, all areas of the network space in depth, the world’s major countries are hard to build cyberspace offensive and defensive capabilities, the main military power of the network strategy has become a network of reconnaissance, network attacks, network defense and other clear division of labor, professional regular military forces. The United States has so far built the world’s most complete and powerful network of the army, and held a series of “network storm” series of exercises. The new “cyberspace strategy” in the United States, the first public to cyberspace combat as one of the tactical options for future military conflict, clearly proposed to improve the US military in the cyberspace of deterrence and offensive capability. In order to adapt to the new strategy, the US Department of Defense proposed 2018 to build a offensive and defensive, flexible form, with full combat capability of the network forces construction goals.

From the military to the integration of military and civilian development. The development of the strategic power of the military network started relatively late compared with the civil field, and because of the confidentiality of military confrontation and the specificity of the operational objectives, it is often developed independently. With the development of network technology, the military’s own network strategic strength is difficult to meet the needs of diversified tasks, we must learn from local folk technical means, integrate local network resources, realize the integration of military and civilian development. Network space capacity building on the talent, intelligence, experience and other software environment is extremely high, coupled with the local convergence of a wealth of network resources, military and civilian forces to promote the development of cyberspace capabilities become the strong tone of the times.

From a single model to the “network integration” development. At present, the network includes both the computer IP system network and the non-computer IP system network including a large number of complex early warning detection network, satellite communication network and tactical data link. The traditional single network confrontation model is difficult to meet the challenge of cyberspace. With the development of information technology, especially the Internet of Things technology, the relationship between the network and the power of the battlefield network more and more closely, which for the “network integration” in the technical means to provide the possibility. The use of electronic warfare and network warfare means, for different systems around the open bow, broken chain broken network, to achieve complementary advantages, system damage, as the latest guidance on the construction of network space. Data show that the US military typical network of integrated attack equipment “Shu special” system has been from the “Shu-1” to the current development of “Shu-5”. According to reports, “Shute” system through the enemy radar antenna, microwave relay station, network processing nodes to invade the enemy air defense network system, real-time monitoring of enemy radar detection results, even as a system administrator to take over the enemy network, Control of the sensor.

From non-state actors to state actors. At present, the network attack has developed from a single hacker behavior for the national, political, military confrontation, the attack object has been developed from the personal website to the country, the army’s important information system, attack “unit” has grown from stand-alone to tens of thousands Hundreds of thousands of terminals, and can instantly release the amazing attack energy. Although many of the intentions of malicious acts of non-State actors are non-state, the consequences are national, whether they are espionage, political opinions, or personal discontent, or terrorist activities , Have a direct impact on social stability, disrupt the economic order, endanger the stability of state power. Once the relevant reaction is made, the subject of the act must be the state and the army, and not the non-state actors themselves.

  The Construction of Network Strategic Strength

Strengthen strategic planning. Cyberspace competition is the first strategic battle of the contest. From the national level, the network strategy of the power of the main function is to reduce the risk of cyberspace, maintaining the normal operation of the country. We must understand the extreme importance and realistic urgency of cyberspace security from the perspective of national security, raise the focus of cyberspace capacity building to the strategic level, and try to solve the problem of how to make good use of cyberspace while trying to reduce the national cyberspace security Risk, so that cyberspace security has become an important support for national prosperity and security. From the military level, the network strategy is mainly to seize the system of network power. We must expand the military vision, the cyberspace as an important area of ​​action, to seize the system as the core, change the military ideas and ideas, adjust the structure and composition of armed forces, the development of weapons and equipment and take a new tactics.

Speed ​​up the construction of the power system. Maintain cyberspace security in the final analysis depends on the strength. We must base ourselves on the characteristics and laws of cyberspace capacity building, focus on the core elements of network capability system and the overall layout of network strategy strength, and systematically design the system structure which conforms to the law and characteristics of cyberspace confrontation in our country, and perfect the system of leadership and command Functional tasks, straighten out the relationship between command and management. We should take the network strategic power as an important new combat force, from the organization construction, personnel training, equipment development, elements of training and other aspects, to take extraordinary measures to give priority construction, focus on protection. To normalize the national network of offensive and defensive exercises, test theory, tactics, equipment and technology effectiveness, and comprehensively enhance the comprehensive prevention of cyberspace capabilities.

Promote technological innovation. The essence of cyberspace confrontation is the competition of core technology, and it is necessary to accelerate the independent innovation of network information technology. We should focus on improving the capability of independent innovation as a strategic basis, relying on the national innovation system as the basic support, concentrating on breaking the frontier technology of network development and the key core technology with international competitiveness, ahead of deployment and focusing on the development of information technology and information industry. To speed up the process of localization of key core technologies, strengthen the construction of safety testing and active early warning means, and gradually improve the equipment system of cyberspace in China, and comprehensively improve our network space capability. To follow the basic laws of cyberspace confrontation, in accordance with the “asymmetric checks and balances” strategy, increase the quantum technology, Internet of things and cloud computing and other new technology research and development efforts to create unique combat capability, master the initiative of cyberspace security development The

Promote the integration of military and civilian development. The integration of military and spatial ability of military and civilian development is not only the overall situation of national security and development strategy, but also the objective fact that cyberspace security can not be avoided by the overall planning of national defense and economic and social development. We must actively promote the deep integration of military and civilian development, to promote China’s network space capacity supporting the construction. It is necessary to formulate top-level planning in the form of policies and regulations, clarify the objectives and tasks, methods, organizational division and basic requirements of the deepening development of cyberspace in the form of policies and regulations, and make the integration of military and civilian development into law enforcement and organizational behavior; To establish a sound military coordination, demand docking, resource sharing mechanism, through a unified leadership management organization and coordination of military needs and major work, to achieve risk sharing, resource sharing, and common development of the new situation. We should pay attention to the distinction between the boundaries of military and civilian integration, clear the concept of development-oriented people and the main idea of ​​the army-based, and actively explore the military and the people, the advantages of complementary channels.

 

Original Communist Mandarin Chinese 🙂

網絡空間成為國家綜合安全的命門。網絡戰爭現實化、網絡戰場全球化、網絡對抗常態化、網絡攻心白熱化、網絡建軍正規化的大勢,無人可擋。優先發展網絡戰略力量,積極搶占網絡戰略制高點,對於我軍隊建設具有重要意義。

網絡戰略力量的主要特點

網絡戰略力量,是指通過網絡空間來實現預期結果的能力。從當前發展及未來可能的走勢看,主要有以下特點。

組成多元。近年來發生在全球範圍內的重大網絡事件表明,軍隊網絡戰略力量是網絡空間競爭的主力軍,政府部門、私營機構網絡戰略力量是網絡空間競爭的重要部分,民間“網絡戰士”是網絡空間競爭的重要補充。

專業性強。網絡戰略力量具有極強的潛伏性和難預測性,且以光速進行、瞬時產生效果,監測預警難度大;一旦行動奏效,損害效果疊加放大或非線性階躍,具有典型的“蝴蝶效應”。 2010年,“震網”病毒攻擊了伊朗布什爾核電站和納坦茲鈾濃縮廠的離心機,造成近千台離心機報廢,迫使伊朗核能力建設延遲2至3年,開啟了網絡攻擊軟手段摧毀國家硬設施的先河。

破壞性大。網絡戰略力量破壞力不亞於大規模殺傷性武器。 2008年俄國與格魯吉亞“五日戰爭”中,俄軍以格方的電視媒體、政府網站和交通系統等為目標,開展全面的“蜂群”式網絡阻癱攻擊,導致格政府機構運作混亂,物流和通信系統崩潰,急需的戰爭物資無法及時投送,戰爭潛力受到嚴重削弱,直接影響了格的社會秩序、作戰指揮和部隊調度。俄羅斯軍事學說已將網絡攻擊手段定性為大規模毀滅性武器,並保留了運用大規模毀滅性武器或核武器反擊的權利。

技術先進且相生相剋。網絡戰略力量發展速度快、更新換代快,技術物化為裝備的周期短。當前,微處理器的速度每18個月翻一番,主幹網帶寬每6個月增加一倍,各種新型電子信息設備層出不窮,各種應用軟件目不暇接。網絡空間對抗是信息領域的攻防鬥爭,網絡戰略力量使用的手段在對抗中相生相剋、不斷翻新。常規通信受干擾催生了跳、擴頻通信體制,跳、擴頻通信的出現又催生了頻率跟踪干擾、相關信號干擾等新型電子乾擾手段;防火牆、信息監控技術的發展,使翻牆軟件不斷升級,可謂“道高一尺,魔高一丈”。

網絡戰略力量的發展趨勢

由從屬性力量向關鍵性力量發展。以往網絡戰略力量主要是為其他力量提供信息保障,處於從屬地位;隨著網絡信息技術的發展,製網權統攬其他制權,網絡戰略力量由從屬地位向主導地位加速轉進,成為維護國家安全的關鍵。沒有網絡安全就沒有主權安全,“無網不勝”成為戰爭的新定律,世界各主要國家圍繞網絡空間的發展權、主導權和控制權展開了新一輪的角逐,特別是美俄堅持在實踐中運用並不斷發展。

由維護型力量向專業化力量發展。以往網絡戰略力量主要是維護網絡化信息系統和各類網絡傳輸系統,網絡攻擊和防禦屬性均不鮮明。當下各領域對網絡空間深度依賴,世界主要國家無不竭力打造網絡空間攻防能力,主要軍事強國的網絡戰略力量業已成為集網絡偵察、網絡攻擊、網絡防禦等分工明確、專業化的正規軍事力量。美國迄今已建成全球編制最齊全、力量最龐大的網軍,並多次舉行“網絡風暴”系列演習。美國新版《網絡空間戰略》,首次公開把網絡空間作戰作為今後軍事衝突的戰術選項之一,明確提出要提高美軍在網絡空間的威懾和進攻能力。為適應新戰略,美國防部提出2018年建成一支攻防兼備、形式靈活,具備全面作戰能力的網絡部隊的建設目標。

由軍地自主向軍民融合發展。軍隊網絡戰略力量的發展相對於民用領域起步較晚,且由於軍事對抗的保密性和作戰目標的特定性,往往自主發展。隨著網絡技術的發展,軍隊自身的網絡戰略力量難滿足多樣化任務的需要,必須學習借鑒地方民間技術手段,整合地方網絡資源,實現軍民融合發展。網絡空間能力建設對人才、智力、經驗等軟件環境要求極高,加上地方匯聚了豐富的網絡資源,軍民聯手推進網絡空間能力發展成為時代的強音。

由單一模式向“網電一體”發展。現階段,網絡既包括計算機IP體製網絡,更包含大量複雜的預警探測網、衛星通信網、戰術數據鍊等非計算機IP體製網絡,傳統的單一網絡對抗模式難以應對網絡空間的挑戰。隨著信息技術特別是物聯網技術的發展,戰場網中網與電的關係越來越緊密,這為“網電一體”在技術手段上提供了可能。綜合運用電子戰與網絡戰手段,針對不同體制的網絡左右開弓、斷鍊破網,實現優勢互補、體系破擊,成為網絡空間能力建設的最新指導。有資料顯示,美軍典型網電一體攻擊裝備“舒特”系統已從“舒特-1”發展到目前的“舒特-5”。據報導,“舒特”系統可通過敵方雷達天線、微波中繼站、網絡處理節點入侵敵方防空網絡系統,能夠實時監視敵方雷達的探測結果,甚至以系統管理員身份接管敵方網絡,實現對傳感器的控制。

由非國家行為體向國家行為體發展。目前,網絡攻擊已從單個的黑客行為發展為國家、政治、軍事上的對抗行為,攻擊對像已從個人網站發展到國家、軍隊的重要信息系統,攻擊“單元”已從單機發展到數万乃至數十萬台終端,且能在瞬時釋放驚人的攻擊能量。儘管非國家行為體的惡意網絡行為目的許多是非國家的,但由此所造成的後果卻是國家的,無論是進行間諜活動,還是發表政治主張,或是發洩個人不滿情緒,或是進行恐怖活動,都直接影響社會穩定、擾亂經濟秩序、危及國家政權穩固。一旦因之作出相關反應,其行為主體一定是國家和軍隊,而不再是非國家行為體本身。

網絡戰略力量的建設指向

加強戰略統籌謀劃。網絡空間競爭首先是戰略運籌的較量。從國家層面看,網絡戰略力量的職能主要是降低網絡空間的風險,維護國家正常運轉。必須從國家安全的視角認清網絡空間安全的極端重要性和現實緊迫性,將網絡空間能力建設的著眼點上升到戰略層面,在著力解決如何利用好網絡空間的同時,努力降低國家網絡空間安全風險,使網絡空間安全成為國家繁榮與安全的重要支撐。從軍隊層面看,網絡戰略力量主要是奪取製網權。必須拓展軍事視野,把網絡空間作為製權行動的一個重要領域,以奪取製網權為核心,變革軍事思想和觀念,調整武裝力量結構與構成,發展武器裝備並採取新的戰法。

加快力量體系構建。維護網絡空間安全說到底要靠實力。必須立足於網絡空間能力建設的特點、規律,圍繞我國網絡能力體系核心要素和網絡戰略力量建設總體佈局,以系統思維設計符合我國網絡空間對抗規律和特點的體系架構,健全領導指揮體制機制,明確職能任務,理順指揮管理關係。要把網絡戰略力量作為重要的新型作戰力量突出出來,從組織建設、人才培養、裝備發展、要素演訓等各方面,採取超常舉措,給予重點建設、重點保障。要常態化開展國家級網絡攻防演練,檢驗理論、戰法、裝備及技術的有效性,全面提升網絡空間綜合防範能力。

推進技術自主創新。網絡空間對抗的實質是核心技術的比拼,必須加快推進網絡信息技術自主創新。要把提高自主創新能力作為戰略基點,以國家創新體係為基本依托,集中力量突破網絡發展的前沿技術和具有國際競爭力的關鍵核心技術,超前部署和重點發展信息技術和信息產業。要加速關鍵核心技術的國產化進程,加強安全測試和主動預警手段的建設,逐步完善我國網絡空間的裝備體系,全面提高我國網絡空間能力。要遵循網絡空間對抗的基本規律,按照“非對稱制衡”方略,加大對量子科技、物聯網和雲計算等新技術的研發力度,以獨創技術塑造實戰能力,掌握網絡空間安全發展的主動權。

推動軍民融合發展。網絡空間能力的軍民融合式發展,既是站在國家安全與發展的戰略全局,對國防和經濟社會發展統籌謀劃,也是網絡空間安全不能迴避的客觀事實。必須積極推動軍民深度融合發展,全力推進我國網絡空間能力配套建設。要綜合軍民需求制定頂層規劃,以政策法規的形式明確網絡空間軍民融合深度發展的目標任務、方法路徑、組織分工和基本要求等關係全局的重大問題,變軍民融合發展為執法行為、組織行為;要建立健全軍地協調、需求對接、資源共享機制,通過統一的領導管理機構組織協調軍地的各類需求和重大工作,達成風險共擔、資源共享、共同發展的新局面。要注重軍民融合的界限區分,明確以民為主的發展理念和以軍為主的作戰理念,積極探索軍民一體、優勢互補的可行性渠道。

Referring URL:

http://theory.people.com.cn/n1/2016/1226/c40531-28977153.html

Chinese Military Applications & Use of Bitcoin in Future Wars // 中國軍事應用與比特幣在未來戰爭中的應用

Chinese Military Applications & Use of Bitcoin in Future Wars //

中國軍事應用與比特幣在未來戰爭中的應用

Can you imagine that Bitcoin can show up in military applications? Recently, Estonia and NATO are trying to use block-chain technology to develop next-generation systems to modernize NATO’s network defense platform. In order to collect effective information against terrorists, the US military is trying to “reward” the bit as a reward for intelligence providers. Such as “brain hole open” block chain technology military applications, gradually “Starfire can start a prairie fire” trend. In the future, the block chain technology can not only be used for intelligence personnel performance performance incentives, but also for weapons and equipment life tracking, military human resources management, military supplies procurement, intelligent military logistics and many other aspects. Block chain of this future war “alternative dancers”, most likely quietly subvert the future war. Detailed explanation Please pay attention to today’s published “Liberation Army Daily”

How does the block chain create “currency” for the world?

If you want to read the block chain in the future battlefield on the “unique dance”, have to start from the bit currency. The name of the bit as much as the earliest in 2009, once launched quickly set off the Internet platform investment and trading boom, and thus become the most typical block block technology applications.

Despite the fact that people are mixed, but the block chain technology behind it has shown great interest. Block-chain technology is a decentralized digital book system that contains a complete transaction record for Bitcoin since the start-up of the bitcoin system. It is based on the new de-centricization of the block chain. People can safely store or trade bitmaps. The relevant information can not be forged or tampered with. It can automatically execute smart contracts without any central agency.

The birth of block chain technology, derived from the name of “Byzantine General” computer science problem solving. In layman’s terms, it is a question of how to achieve a credible consensus in a network of nodes that lack trust. By introducing the dynamic cycle of “competition-verification-synchronization-competition” to solve the problem, the block chain technology eventually becomes a new technology platform that allows individuals to carry out effective and credible cooperation without third party certification.

In the Bitcoin system, the generation and trading of “money” is closely related to the block chain. The dynamic process of the block chain is the process of generating and circulating the new currency, which is the basis for the safe, orderly and credible operation of the whole bitcover system. Need to constantly update and maintain the block chain, such as “Mint”, you can package the latest transaction records loaded into the end of the chain, and then the formation of new blocks.

Block chain technology is the technical support behind Bitcoin, which itself consists of multiple connected blocks, each of which is like a page in the book, records the relevant transactions for a period of time, and through different areas Block before and after the point of the relationship between all the blocks are connected in order to form a block chain. At present, the block chain technology uses P2P technology, such as P2P data transmission, file sharing, asymmetric encryption and distributed storage technology, which is accelerating the development of technology bottlenecks and application popularization.

你能想象到比特币可以在军事应用上大显身手吗?日前,爱沙尼亚和北约正尝试使用区块链技术开发下一代系统,以实现北约网络防御平台的现代化。美军为了收集打击恐怖分子的有效情报,正尝试向情报提供者“打赏”比特币作为酬劳。诸如此类“脑洞大开”的区块链技术军事应用,渐有“星星之火可以燎原”之势。未来,区块链技术不仅可用于情报人员工作绩效激励,还可用于武器装备全寿命跟踪、军事人力资源管理、军用物资采购、智能军事物流等诸多方面。区块链这个未来战争的“另类舞者”,极有可能悄无声息地颠覆未来战争。详细解读请关注今日出版的《解放军报》——

石破天惊——

区块链如何为世界“造货币”

若想读懂区块链在未来战场上的“独特舞姿”,得先从比特币开始。名噪一时的比特币最早于2009年提出,一经推出便迅速掀起了互联网平台投资和交易热潮,也因此成为区块链技术当下最为典型的应用。

尽管人们对比特币褒贬不一,但对其背后的区块链技术却表现出极大兴趣。区块链技术是一个去中心化的数字账簿系统,包含了比特币系统开始运行以来比特币的完整交易记录。正是基于区块链这种新型去中心化协议,人们才能安全地存储或交易比特币,相关信息不可伪造和篡改,可自动执行智能合约,无需任何中心化机构的审核。

区块链技术的诞生,源自对名为“拜占庭将军”的计算机科学问题的求解。通俗地讲,就是在一个由相互缺乏信任的节点组成的网络中,各节点如何达成可信共识的问题。通过引入“竞争-验证-同步-竞争”的动态循环解决该问题,区块链技术最终成为允许个体不经过第三方认证而开展有效可信合作的新型技术平台。

在比特币系统中,“货币”的产生和交易与区块链紧密相关。区块链的动态变化过程就是新币生成和流转的过程,是支撑整个比特币系统安全、有序和可信运行的基础。需要不断更新和维护的区块链,好比“造币机”,可以将最新的交易记录打包加载到链的末端,进而形成新的区块。

区块链技术正是比特币背后的技术支撑,它本身由多个相连的区块构成,每个区块好比“账本”中的一页,记录了一段时间内相关交易情况,并通过不同区块之间的前后指向关系,将所有区块按序相连构成区块链。目前,区块链技术综合运用了P2P数据传输、文件共享、非对称加密和分布式存储等技术,正向着技术底层化和应用普及化方向加速发展。

Of course, the block-chain technology, which has long been implemented on the algorithm, is somewhat difficult to understand because of its abstraction. In fact, the block chain is similar to a “trust manufacturing machine”, it is the emergence of mutual understanding for both sides to create trust. Block-chain technology can generate a set of record time, can not be tampered with a trusted database, through this technology, even if there is no neutral third-party institutions, between the nodes can also achieve cooperation. At present, the block chain technology has been from a single digital currency, and gradually extended to the intelligent contract, Internet of things, authentication, e-commerce, social communications, file storage and other fields.

Among them, the international financial giants have begun to try to use the block chain technology to deal with complex accounting business, IBM and other companies claim that the block chain is to solve the Internet of things information security, data storage, interactive processing of the core technology. Block chain technology is designed to achieve cross-network distribution, which makes it an ideal choice for cross-organizational business networks. Block chain to trust the characteristics of its bring scalability, data encryption standards to ensure that the content can not be tampered with the decentralization of data processing to further enhance the security of the data. In addition, the block chain can also encourage people to get out of the firewall protection circle, sharing data. It is the block chain technology “maverick” characteristics, it makes it seem so different.

The successful use of Bitcoin, fully demonstrated the block chain technology open and transparent, safe and trustworthy, distributed sharing and other excellent features. Inspired by the fact that dozens of international technology giants are jointly developing the “super books” project, trying to create a transparent, open, decentralized distributed books, so that more applications can be more easily built in the block Chain technology. In the future, “trust manufacturing machine” will also bring us, including basic applications, upgrade applications and extended applications and many other “surprise.”

The basic application mainly relies on the existing bit coin system, with the exchange of money for the intermediary, as the value of the carrier between the users to pass. Including shopping, payment, transfer, liquidation and other network transactions can take the block chain technology “ride” to further enhance the safety of financial life. The upgrade application is the transplantation, upgrading and transformation of the block chain technology, and then fully exploits the technical advantages of the block chain to realize the secure storage of the data. The future, personal electronic file management, charitable donation registration, data permanent curing and disaster recovery can see the block chain technology figure. Expanded application is the innovation, generalization and popularization of the block chain technology. The “trust manufacturing machine” will reconstruct the existing network rules, establish a perfect network credit system, and then in the future world of things to show their talents.

Of course, the block chain technology, although the prospects are broad, but still need to address information security and confidentiality, network construction and regulatory control and many other issues. Although you can use asymmetric encryption technology to obtain a strong information security, but does not mean that the security of the block chain technology on the “impregnable”. How to build a decentralized peer-to-peer network, how to achieve effective monitoring of user information is an urgent need to solve the problem.

犹抱琵琶——

“信任制造机”原来如此与众不同

当然,早已在算法上实现的区块链技术由于过于抽象,理解起来有些困难。其实,区块链类似一台“信任制造机”,它的出现就是为互不相识的双方制造信任。区块链技术可以生成一套记录时间先后、不可篡改的可信任数据库,通过这项技术,即便是没有中立的第三方机构,各节点之间也能实现合作。目前,区块链技术已经从单一的数字货币,逐步延伸到智能合约、物联网、身份验证、电子商务、社交通讯、文件存储等各个领域。

其中,国际金融巨头已经开始尝试使用区块链技术处理繁杂的记账业务,IBM等公司宣称区块链是解决物联网信息安全、数据存储、交互处理的核心技术。区块链技术的设计初衷就是实现跨网络分布,这就让它成为了跨组织业务网络的理想选择。区块链去信任化的特点为其带来了可扩展性,数据加密标准确保了不可实现内容篡改,对数据的分散化处理进一步提升了数据的安全性。此外,区块链还能鼓励人们走出防火墙的保护圈,共享数据。正是区块链技术“特立独行”的特征,才让它显得如此与众不同。

比特币的成功使用,充分展示了区块链技术公开透明、安全可信、分布共享等优良特性。受此启发,目前已有数十家国际科技巨头正在联合开发“超级账本”项目,试图打造一个透明、公开、去中心化的分布式账本,让更多的应用能更容易地建立在区块链技术之上。未来,“信任制造机”还将为我们带来包括基础应用、升级应用和扩展应用等诸多“惊喜”。

基础应用主要依托现有的比特币系统,以有价币为交换中介,作为价值载体在用户之间进行传递。包括购物、支付、转账、清算等网络交易都可搭上区块链技术的“顺风车”,进一步增强金融生活的安全性。升级应用是对区块链技术的移植、升级和改造,进而充分发掘区块链的技术优势,实现数据的安全可信存储。未来,个人电子档案管理、慈善捐赠登记、数据永久固化和容灾备份等都可见到区块链技术的身影。扩展应用是对区块链技术的革新、泛化和推广,“信任制造机”将重构现有网络规则,建立起完善的网络信用体系,进而在未来的物联网世界中大显身手。

当然,区块链技术虽然前景广阔,但依旧需要解决信息安全保密、网络构建和监管控制等诸多问题。尽管可以使用非对称加密技术获得较强的信息安全保障,但并不意味着区块链技术的安全性就“固若金汤”。如何构建去中心化的对等网络,如何实现用户信息的有效监管都是亟须解决的难题。

In the field of military applications, “natural” with information integrity and many other features of the block chain technology, from the beginning to achieve the data storage and data encryption of the organic combination, will be in the military field flex its muscles.

Battlefield information protection. No matter how the war form changes, information integrity and confidential information protection are the key to determine the outcome of the war. Although the modern military system has established a number of verification, separate preservation, multiplayer operation and a series of security initiatives, but directly break the existing system issued a fake command is not impossible. With the block chain technology, to a certain extent, to enhance the security of battlefield information protection. At present, the US Department of Defense Advanced Research Projects Agency is through the block chain technology to create a secure information platform to study the block chain can protect the highly sensitive data to help and study its military satellites, nuclear weapons and other scenes Of the potential of the application, the future is likely to be used to support the forces of combat.

Weapon and Equipment Management. Weapons and equipment from the project demonstration, development and production, delivery service to retirement retirement, the need for the entire life cycle, including design, test results, technical status and other large data records for the record. The current use of paper and electronic media security is difficult to protect, transfer transfer difficulties, the lack of effective supervision and other security risks. Through the introduction of block chain technology, can form a party can participate in the preservation of the distributed, supervised file registration network, to further improve the safety of weapons and equipment management, convenience and credibility. Similarly, in the process of military human resources management, but also through the block chain records of each soldier’s resume, the formation of electronic files can not be tampered with, technically completely solve the problem of archives management system.

Intelligent military logistics. Modern military logistics is moving towards the intelligent era, intelligent warehousing, intelligent packaging, intelligent transportation and intelligent distribution and other intelligent network will cover the whole process of military logistics. The use of block chain technology can effectively solve the intelligent military logistics network communication, data preservation and system maintenance and other problems, to further improve the viability of the logistics system to achieve free exchange of information to ensure the orderly and efficient operation of the system. With the block chain technology, it will realize the qualitative change from free transmission to free notarization, which is very likely to become the “subversive” technology of the future network infrastructure agreement and credit paradigm.

Information hidden incentive. In recent years, the US military fully excavated the block chain in the record of the anonymous characteristics of the transaction, and its application to the field of intelligence gathering, to achieve information to provide incentives for the incentive to pay gold. As we all know, intelligence providers or “informants” need a secret identity and whereabouts, the traditional transfer, cash and other payment methods can easily be tracked locked. Through Bitcoin as a payment intermediary, you can cleverly break the payment channel, so that information flow is difficult to trace, and thus effectively protect the security of intelligence personnel. Among them, the bit currency trading platform in the entire payment process plays a “black box” role, to achieve the hidden information between the two sides of the transaction hidden.

在军事领域应用前景广阔

在军事应用领域,“天生”拥有信息完整性等诸多特性的区块链技术,从一开始就实现了数据存储和数据加密的有机结合,将在军事领域大展拳脚。

战场信息保护。不论战争形态如何改变,信息完整性和机要信息保护都是决定战争胜败的关键。虽说现代军事体系中已建立了多重验证、分开保存、多人操作等一系列安全举措,但直接突破现有体系下达假命令并不是没有可能。借助区块链技术,能在一定程度上提升战场信息保护的安全性。目前,美国国防部高级研究计划局正通过区块链技术创造一个安全的信息平台,研究区块链能否在保护高度敏感数据上提供帮助,并研究其在军用卫星、核武器等数个场景中的应用潜力,未来极有可能用来支持部队作战。

武器装备管理。武器装备从立项论证、研制生产、交付服役到退役报废,需要对全寿命周期内包括设计方案、试验结果、技术状态等大量数据资料进行记录备案。目前采用的纸质和电子媒介存在安全难以保障、转移交接困难、缺乏有效监管等安全隐患。通过引入区块链技术,可以形成一个各方均可参与保存的分布式、受监督的档案登记网络,进一步提高武器装备管理的安全性、便利性和可信度。同样,在军事人力资源管理过程中,也可通过区块链记录每名军人的任职履历,形成无法篡改的个人电子档案,从技术上彻底解决档案管理系统存在的问题。

智能军用物流。现代军用物流正向智能时代迈进,智能仓储、智能包装、智能运输和智能配送等智能化物联网络将涵盖军事物流全过程。利用区块链技术可有效解决智能化军用物流面临的组网通信、数据保存和系统维护等难题,进一步提高物流系统的生存能力,实现信息自由交互,保证了系统的有序高效运转。借助区块链技术,将实现信息从自由传输到自由公证的质变,极有可能成为未来网络基础协议和信用范式的“颠覆性”技术。

情报隐蔽激励。近年来,美军充分挖掘区块链在记录交易时的匿名性特征,并将其应用到情报收集领域,实现情报提供激励金的隐蔽定向支付。众所周知,情报提供者或“线人”需要隐秘的身份和行踪,传统的转账、现金等支付方式极易被跟踪锁定。通过比特币作为支付中介,就可巧妙断裂支付通路,让情报资金流转难以追溯,进而有效保护情报人员的安全。这其中,比特币交易平台在整个支付流程中扮演了“黑箱”的角色,实现了交易双方关键信息的隐藏。

The concept of Bitcoin was originally proposed by Nakamoto in 2009, according to the idea of ​​the open source of the open source software and the construction of its P2P network. Bitcoin is a digital currency in the form of P2P. Point-to-point transmission means a decentralized payment system.

Unlike most currencies, Bitcoin does not rely on a specific currency institution, which is generated by a large number of calculations based on a particular algorithm. The bit currency economy uses a distributed database of many nodes in the entire P2P network to confirm and record all transactions, And the use of cryptographic design to ensure that all aspects of currency circulation security. P2P de-centricity and the algorithm itself can ensure that the currency can not be manipulated by a large number of manufacturing bits. A cryptographic-based design allows a bit currency to be transferred or paid only by the real owner. This also ensures that the ownership of money and the anonymity of circulation transactions. Bitcoin is the biggest difference from other virtual currencies, and its total quantity is very limited and has a strong scarcity. The monetary system has had no more than 10.5 million in four years, and the total number will be permanently limited to 21 million.

Bitcoin can be used to cash, can be converted into the currency of most countries. Users can use some coins to buy some virtual items, such as online games among the clothes, hats, equipment, etc., as long as someone accepts, you can also use the bitcover to buy real life items.

比特币的概念最初由中本聪在2009年提出,根据中本聪的思路设计发布的开源软件以及建构其上的P2P网络。比特币是一种P2P形式的数字货币。点对点的传输意味着一个去中心化的支付系统。

与大多数货币不同,比特币不依靠特定货币机构发行,它依据特定算法,通过大量的计算产生,比特币经济使用整个P2P网络中众多节点构成的分布式数据库来确认并记录所有的交易行为,并使用密码学的设计来确保货币流通各个环节安全性。P2P的去中心化特性与算法本身可以确保无法通过大量制造比特币来人为操控币值。基于密码学的设计可以使比特币只能被真实的拥有者转移或支付。这同样确保了货币所有权与流通交易的匿名性。比特币与其他虚拟货币最大的不同,是其总数量非常有限,具有极强的稀缺性。该货币系统曾在4年内只有不超过1050万个,之后的总数量将被永久限制在2100万个。

比特币可以用来兑现,可以兑换成大多数国家的货币。使用者可以用比特币购买一些虚拟物品,比如网络游戏当中的衣服、帽子、装备等,只要有人接受,也可以使用比特币购买现实生活当中的物品。

Block chain technology, also known as distributed book technology, is an Internet database technology, which is characterized by decentralized, open and transparent, so that everyone can participate in database records.

Interpretation

The earliest is the basic technology of Bitcoin, the world is in the study, can be widely used in various fields such as finance.

Fundamental

The basic principles of block chains are not difficult to understand. The basic concepts include:

A transaction that causes a change in the state of the book, such as the addition of a record;

Block: record a period of time transactions and status of the results of the current state of the book is a consensus;

Chain: by a block in the order of occurrence in series, is the state changes in the log records.

If the block chain is used as a state machine, each transaction is an attempt to change the state once, and each time the consensus is generated, the participant confirms the result of the change in the status of all the transactions in the block.

区块链技术,也被称之为分布式账本技术,是一种互联网数据库技术,其特点是去中心化、公开透明,让每个人均可参与数据库记录。

释义

最早是比特币的基础技术,目前世界各地均在研究,可广泛应用于金融等各领域。

基本原理

区块链的基本原理理解起来并不难。基本概念包括:

交易:一次操作,导致账本状态的一次改变,如添加一条记录;

区块:记录一段时间内发生的交易和状态结果,是对当前账本状态的一次共识;

链:由一个个区块按照发生顺序串联而成,是整个状态变化的日志记录。

如果把区块链作为一个状态机,则每次交易就是试图改变一次状态,而每次共识生成的区块,就是参与者对于区块中所有交易内容导致状态改变的结果进行确认。

Original referring URL: http://www.81.cn/jmywyl/2017-06/02

網絡空間治理的力量博弈、理念演變與中國戰略 // Power Game of Network Space Governance, Evolution of Ideas & China’s Strategy

網絡空間治理的力量博弈、理念演變與中國戰略

Power Game of Network Space Governance, Evolution of Ideas & China’s Strategy

Introduction
The global cyberspace governance process involves not only the complex game of information developed countries and information developing countries in the fields of Internet key resources, network power and network security, but also the mutual game between government, private sector and civil society. “Prism door incident” in the intensification of cyberspace governance game at the same time, but also to promote the policy position of the parties continue to adjust to increase the possibility of governance cooperation. At the same time, the cyberspace game also reflects the Internet governance and cyberspace governance and other related governance concepts of mutual conflict and integration trend. At present, China’s participation in global cyberspace governance still faces many challenges. China needs to be based on the development trend of network space game and the evolution of governance concept. Combining with the strategy of network power in the “13th Five-Year Plan”, this paper constructs long-term, complete and comprehensive aspects of international mechanism shaping, talent cultivation and technology development as the core Participation strategy.
In June 2013, former US National Security Agency (NSA) former employee Edward Snowden disclosed the council’s “prism” monitoring program. The event [1] made cyberspace governance in the international agenda in the priority of the re-ascension, but also exacerbated the differences in the position of the parties, leading to cyberspace governance in trouble, for the network space management system to create a great challenge The In addition, the international community on the complexity of cyberspace and its governance lack of clear, unified awareness, resulting in one-sided position and a single policy to further exacerbate the governance dilemma. In the face of the complex situation, Joseph Nye tries to explain the practice of cyberspace governance by referring to the theory of mechanism complex in the field of environmental governance, and analyzes the cyberspace management through the loosely coupled complex composed of many different governance mechanisms The [2] This provides a useful perspective for the analysis of cyberspace governance, that is, cyberspace governance is composed of multiple rather than a single governance mechanism, the interaction between the various mechanisms have an impact on governance. This paper intends to examine the development of cyberspace governance from a more macro perspective, and try to explore the evolution of the concept behind cyberspace game, and analyze the complex relationship between government, private sector and civil society in international and domestic levels The On this basis, to explore China’s response measures and participate in cyberspace governance strategy.

First, the power of cyberspace governance Game

network space management process with the government between the game process. According to the situation of network technology, network capacity and network utilization, governments can be divided into three categories: information developed countries, information developing countries and information undeveloped countries. [③] There are also international organizations to use the network readiness (Readiness) as an indicator to measure the degree of information technology. This ranking basically overlaps with the traditional developed, developing and underdeveloped countries, and of course there is also the level of informationization in individual developing countries rising to the ranks of developed countries, or the level of information in some developing countries The level of the developed countries. Therefore, in accordance with the information developed countries, developing countries and underdeveloped countries to divide the three points in the academic more accurate. There are three aspects of the power game of cyberspace governance: one is the game between the developed countries and the information developing countries in the network ownership, the network resource allocation; the second is the non-governmental actors and the government on the Internet key resource control, network security And freedom and other issues of the game; Third, as the dominant space in cyberspace, the US government in its own private sector, civil society and other countries in the Internet between the key resources and other issues on the game (Figure 1).

First of all, information between developed countries and information-developing countries around the network space between the key infrastructure and network technology between the game. According to the behavior, the topic and the characteristic of the power game in cyberspace management, it can be divided into three stages.
The first stage is the early period of Internet governance, which is roughly from the beginning of the formation of the Internet to the United Nations World Summit on Information Society (World Summit on Information Society, WSIS), which is divided into two phases: the Geneva Conference in 2003 and the Tunis Agenda in 2005. The World Summit on the Information Society appears to be a struggle between governments and the private sector and civil society, in essence, the game between the United States and other countries on Internet control.
This period is the stage of rapid development of the Internet, a large number of new technical and technical standards have been created, the US government took the opportunity to vigorously promote the development of information technology, and developed a series of international technical standards, industry and industry norms. And information developing countries are still in the study, learn from the stage, which makes the United States and other developed countries in the field in an absolute strong position. [4] This stage of Internet governance mainly around the Internet domain name registration and analysis and its corresponding 13 root server control, Internet Protocol (IP) address allocation and other key resources to compete. The United States has almost controlled all international organizations and core businesses that have developed and managed Internet standards and refused to internationalize the relevant management functions or to the United Nations specialized agencies. [⑤] Therefore, at the World Summit on the Information Society, despite the pressure from the United Nations, the developing countries and even the European countries, the United States still refused to hand over the Internet management rights. Into the 21st century, the information represented by China’s developing countries to enhance the network technology, they have the domain name, users and other Internet resources have exceeded the information developed countries, but the representation in the Internet governance is far from enough, So the existing Internet governance reflects the legitimacy of the questioned.
The second stage is the stage of political competition and sovereignty competition of cyberspace governance, which is called the “return” stage of the government in cyberspace. This stage from the Information Society World Summit to 2011. In 2011, China, Russia and other countries to the 66th session of the General Assembly to submit the “International Code of Conduct for Information Security”, advocated the United Nations in cyberspace governance play a leading role. In the same year, the United States and Britain and other governments dominated the global network space management conference (Global Cyberspace Conference), also known as the London process (London Process) was held. <A The network space has become the “fifth strategic space” of human society. With the continuous breakthrough of network technology and its disruptive transformation of real society, cyberspace has become the fifth strategic space of human society. The distribution of order, power and wealth in cyberspace, the developed countries and information developing countries have serious differences on the following issues: whether the cyberspace attribute is “global public domain” or “sovereignty”; governance is government-led “Multilateral governance”, or a multi-stakeholder model dominated by non-governmental actors; governance culture is a “multicultural” or “multicultural” that is dominated by the West. [⑥] The focus of this period is also reflected in the free flow of information content in the field, when Hillary Clinton took the US Secretary of State, the Internet for the freedom of many speeches, advocating the US Internet freedom strategy. The role of the US government and social media sites in the wake of the turbulence in North Africa, which began at the end of 2010, has aroused widespread concern in the developing countries and strengthened the management of the Internet. [⑦] The third stage from the “Prism Gate incident” until now, this stage of the competition more focused on cyberspace security governance. “Prism door incident” to the United States in the field of cyberspace governance moral high ground questioned, leadership decline, forcing it to promote cyberspace governance in the low posture. At the same time, cyberspace security situation is further deteriorating, and the security threats facing countries are further increased. After experiencing the fierce confrontation of the “prism gate incident”, the developed countries and the information developing countries are aware that the maintenance of cyberspace requires the participation of all countries, and no country can lead the cyberspace governance process alone. Information developed countries and information development countries in the cognitive level of the gap gradually narrowed, the reduction of confrontational initiatives, cooperation began to grow space. Second, the “prism gate incident” caused the government and the private sector, civil society between the network security, privacy and other issues on the fierce game. Former US National Security Agency former employee Edward Snow led to expose a including “prism”, “X key points” (X-Keyscore), “Fair” (Fairview), “core” (Main Core) and other monitoring systems, including 10 monitoring systems, the monitoring system by the National Security Agency, the Central Intelligence Agency, the Federal Bureau of Investigation and other intelligence agencies to participate in almost cover the cyberspace of social networks, e-mail, instant messaging, Web pages, videos, photos, and so on. [8] National Security Agency requires Microsoft, Google, Facebook and other nine major global Internet companies to open the database to monitor the project to carry out data monitoring. In the “Prism Gate incident” exposure, Microsoft, Google, Facebook and other companies to the court to prosecute the federal government. [⑨] civil society have also acted against large-scale data monitoring. The American Civil Society Alliance launched a “Stop Watch Us” action on the Internet, putting pressure on the US government to get tens of thousands of Internet users’ signatures, messages and responses from hundreds of civic groups by organizing parades Demonstrations, petition to Congress, launch network initiatives, etc. to cooperate with the action. [⑩] In the “prism door incident” triggered the other countries with the US government to carry out monitoring projects ICT enterprises dissatisfaction, countries have taken new measures to protect cyberspace security. For example, the Chinese government has accelerated the process of legalization of cyberspace and began to discuss the guiding ideology of cybersecurity equipment, and formulated the network security review method. After the introduction of the “national security law”, “anti-terrorism law” “Network Security Law (Draft)” and “Criminal Law Amendment (9)” have significantly increased the terms involved in network security. These initiatives have aroused serious concern about US ICT companies and lobbyed the US government to put pressure on China to require the Chinese government to cancel the relevant provisions, such as Article 18 of the Anti-Terrorism Act provides that “telecom operators, Internet services Providers should be for the public security organs, the state security organs in accordance with the law to prevent and investigate terrorist activities to provide technical interface and decryption technical support and assistance. [11] Although from the government point of view, these initiatives help to maintain network security and national security, but in the private sector, the above-mentioned initiatives will not only increase the technical input, but also a substantial increase in costs. As long as cyberspace governance does not achieve a breakthrough, the government and the private sector, civil society between the game will continue to exist, and to a certain extent, will evolve into a national game. <A Finally, the US government and its private sector, civil society alliance with other countries in the Internet key resources on the issue of the game. Internet key resources include: IP address allocation, protocol parameter registration, gTLD system management, ccTLD system management and root server system management and time zone database management. Some scholars use the “cyberspace” in cyberspace to describe the status of Internet Corporation for Assigned Names and Numbers (ICANN) in cyberspace governance. [12] For historical reasons, these resources have been by the National

Telecommunications and Information Administration (National Telecommunication and Information Administration, NTIA) under the Internet Digital Distribution Agency (Internet Assigned Numbers Authority, IANA) is responsible for managing, and NTIA authorizes its management of IANA functions through regular engagement with ICANN. Therefore, it can be argued that the US government controls the key resources of the Internet. The United Nations-appointed Working Group on Internet Governance (WGIG) noted in its report that the US government unilaterally controls the Internet’s key resources, such as root zone documents. [13] The international community has been dissatisfied with this situation, and the WGIG report has proposed four options to replace the existing structure, hoping to take over the Internet’s critical resources through intergovernmental organizations or global institutions. [14] For ICANN, although it has been seeking independence from the US government and has repeatedly contested it, it is more concerned with how to avoid other intergovernmental organizations or institutions to take over or replace their status. Milton Muller described the phenomenon as “some network liberals even eventually turned into secret supporters of nationalism, because as long as the challenged countries were their motherland, they turned to defend the United States, allowing Its control, leading the Internet. “[15] Thus, in some cases, ICANN chooses to” align “with the US government to prevent other countries or intergovernmental organizations from influencing their governance structures. In ICANN’s organizational structure and decision-making system, the Government Advisory Committee (Government Advisory Committee, GAC) is eligible to nominate a liaison who does not have the right to vote. Information developing countries believe that as an international mechanism for Internet governance, the lack of representation in ICANN from information developing countries should reflect government responsibilities and powers in their future management structures and increase the authority of the Governmental Advisory Committee The But ICANN has repeatedly said it will not accept this change. In this case, the US government representatives are highly consistent with ICANN’s official position, both in the government advisory committee and at ICANN’s plenary meetings. Until the “Prism Gate Event” broke out, the US government was forced to restart the process of internationalization of ICANN’s efforts to guide the cyberspace governance game to a new stage. Second, the future development of cyberspace management trend With the advancement of the network space management process, the parties to the understanding of the spatial properties of the network gradually reached a consensus, and thus in the governance approach, the path of the differences narrow. Especially at the cognitive level, the cognition of cyberspace from various countries is based on different political, economic and cultural backgrounds, emphasizing their uniqueness to objective properties and laws based on cyberspace, emphasizing the integration between different views. [16] Internet space interconnection, sharing attributes determine the zero-sum game does not apply to cyberspace, cyberspace security, development, freedom is the government, the private sector and civil society to pursue the common goal. At the same time, the mutual restraint of the three issues of security, development and freedom makes it impossible for either party to ignore the interests of other actors and pursue their own absolute interests. As President Xi Jinping on December 16, 2015 at the Second World Internet Conference (World Internet Conference, WIC) said: “There is no double standard in the field of information, countries have the right to maintain their own information security, not a national security while other countries are not safe, part of the national security and another part of the country is not safe, but not Sacrifice the security of other countries to seek their own so-called absolute security. ” [17] This position reflects the above special properties of cyberspace governance. As a result, the international community has gradually realized that no one can dominate the process of cyberspace governance. First, the US cyberspace strategy adjustment and ICANN internationalization will drive a major transformation of the cyberspace governance architecture. Facing the pressure, the United States by part of the Internet to give up the key resources of direct control, for its network space to adjust the international strategy to prepare. [18] On March 14, 2014, NTIA, a subsidiary of the US Department of Commerce, announced that it would give up control of ICANN and pointed out in its transfer statement that ICANN’s management would organize global multi-stakeholder discussions on receiving issues, but explicitly United Nations or other intergovernmental organizations. [19] ICANN has been seeking its own independent position since its inception, and ICANN’s internationalization goal is not only to get rid of the constraints of the US government, but also to ensure that the US government will not be taken over by other countries and intergovernmental organizations. Therefore, ICANN needs to reach an agreement with the US government to ensure their independence, but also with other governments to start a game, to avoid its internationalization was strongly opposed. Second, the role of the United Nations in cyberspace governance continues to improve, will effectively promote the network space management structure and norms of the pace of construction. Through the efforts of the United Nations Group of Governmental Experts on Information Security (GGE), the international community has also made important breakthroughs in cyberspace codes of conduct and confidence-building measures. In June 2013, the United Nations published a report of the Group of Experts, composed of representatives of 15 countries. The report clarifies for the first time that “national sovereignty and sovereign international norms and principles apply to national communications technology activities and the jurisdiction of the State in its territory for communications technology infrastructure.” At the same time, the report further recognizes the Charter of the United Nations In the applicability of cyberspace “. [20] “While efforts to address the security of communications technology, States must respect the human rights and fundamental freedoms contained in the Universal Declaration of Human Rights and other international instruments.” [21] Compared with the 2010 expert group report, the above contents were presented as sections 20 and 21 of the 2013 report, which is a significant improvement in the compatibility of information developed countries and information developing countries in cyberspace governance Sex continues to improve.
In July 2015, the United Nations Group of Governmental Experts on the Development of Information and Telecommunications from the Perspective of International Security published a third report on the Code of Conduct for Cyberspace. This report has reached a consensus on the protection of cyberspace-critical infrastructure, confidence-building measures, and international cooperation. The network sovereignty of the developing countries is further clarified, and the application of international law, especially the law of armed conflict, which is advocated by the developed countries, is also included in the application of cyberspace. [22] Finally, the competition and cooperation model between government and non-state actors in cyberspace governance will undergo a major change, and multi-level game will become the “new normal” of cyberspace governance. In terms of governance and path, countries’ policy positions in cyberspace governance also place greater emphasis on reality, especially in dealing with the relationship between government and other actors. All parties are aware that the responsibilities of the government and other actors should be divided according to the problems in cyberspace governance. For the multi-stakeholder governance model, the information developed countries and information development countries gradually unified awareness, the government and the private sector, civil society according to their respective functions to participate in cyberspace governance. The narrowing of cognition means that one party is more aware of the concerns of the other party. The game between the developed countries and the developing countries in cyberspace governance will be more targeted, and competition and cooperation will be carried out synchronously to promote cooperation through competition. Of course, this has increased the investment in cyberspace, and the increase in the right to speak on cyberspace governance. Brazil, China has established a network space multi-stakeholder meeting (NetMundial) and the World Internet Conference mechanism to explore the network and national security, network sovereignty and other core issues, the voice of developing countries will be more and more, more and more Big. Third, the evolution of the concept of cyberspace governance <a In the information developed countries and information development countries, governments, the private sector and civil society around the network space governance game from conflict to integration behind, reflecting the continuous evolution of the concept of cyberspace governance. Although the game around cyberspace governance is mainly to compete for the power and wealth of cyberspace, the different cognition of actors, objects and methods of governance has had an important influence on the conflict and fusion of governance. Craig Mundie, Microsoft’s chief research and strategy officer, pointed out at the 7th China-US Internet forum that “the misunderstanding of cyberspace in both China and the United States is largely due to ‘Internet governance’ and ‘ ‘Cyberspace governance’ caused by the confusion of the two concepts. [23] Similarly, cyberspace governance game and conflict also reflect the conflict between the two governance concepts. Internet governance is considered to be a multi-stakeholder governance model that is dominated by non-governmental actors, but cyberspace governance also requires the participation and coordination of government and intergovernmental organizations. Internet Governance Project (Internet Governance Project, IGP) defines Internet governance as a network-related decision that is linked by an Internet protocol, including the establishment of a dispute resolution mechanism for policies, rules, and technical standards that are common to the owner, operator, developer, and user. Distribution and global Internet standards of human behavior. “[24] The above definition includes three aspects, namely the acceptance and recognition of technical standards and agreements, the allocation of Internet resources such as domain names and IP addresses, spam generated by human Internet behavior, Cybercrime, copyright and trademark disputes, consumer protection issues, public sector and private security issues, rules and policies. Laura DeNardis (Laura DeNardis) proposed to be in accordance with the Internet transmission TCP / IP protocol level, and according to different levels of different functions to build Internet mode, based on the function, tasks and actors were discussed Internet resource control, standard settings , Network access, network security management, information flow, intellectual property protection and other six levels of Internet governance content. [25] Cyberspace governance has shifted from the professional and technical fields that have been emphasized by the original Internet governance to a wider range of political, security and economic sectors, and the importance of government and intergovernmental organizations in cyberspace governance has become increasingly prominent. Cyberspace is a broader field that includes not only the Internet, but also the data that is transmitted in the network, the users of the network, and the interaction between real society and virtual society. The corresponding cyberspace governance is a broader concept, which is “a category of cyberspace infrastructure, standards, law, social culture, economy, development and so on.” [26] It contains more diverse governance issues and challenges that are increasing. Such as the “Prism Gate Incident”, the government’s high-level threat (APT) due to network action in cyberspace, the Digital Divide and Data Poverty ), Cyber ​​terrorism, online business theft and more and more governance issues have gone beyond the scope of the traditional concept of Internet governance. <A The conflict between “global public domain” and “network sovereignty”, “network autonomy” and “state dominance” in cyberspace governance game reflects that people can not understand “Internet governance” and “network Space governance “between the different governance subjects, objects and methods, trying to use a single governance approach to solve the multiple issues. The bottom-up, open and transparent governance model, which is advocated by the Internet governance subject represented by ICANN, is concerned with the high risk of cyber warfare, large-scale data monitoring and theft, and cyber terrorism. Lack of effectiveness and relevance. At the same time, the state-centered, top-down cyberspace governance philosophy can not effectively deal with the real problems of the current Internet governance and can not replace the dominance of Internet international organizations in the field. With the advance of the network space management process, the two governance ideas and methods in the collision also began to integrate. Joseph Chennai believes that cyberspace is composed of multiple governance mechanisms, in which Internet governance focuses on the technical level and is a subset of cyberspace governance. Should be based on different governance issues, to build a different governance mechanism, so that different actors to play a leading role. [27] The integration of governance concepts is also reflected in the increasing consensus among the parties on the multi-stakeholder governance model. ICANN uses a bottom-up, consensus-based decision-making process that advocates a governance model that limits the role of government. [28] Many developing countries initially opposed the multi-stakeholder governance model, stressing that government-led multilateral governance models should be adopted. With the deepening of the governance process, the information-developing countries have gradually accepted the multi-stakeholder governance model, which is gaining more and more consensus in the private sector and civil society as long as the role of the government is well reflected. The government, the private sector and the civil society participate in the decision-making process according to their respective functions and responsibilities, do not deliberately exclude other actors, nor deliberately pursue the leadership of individual actors, reflecting a more objective and balanced approach to cyberspace governance. Fourth, China’s strategic response <a The Chinese government has put forward the two goals of global governance of cyberspace, namely, to build a peaceful, safe, open and cooperative cyberspace and to establish a multilateral, democratic and transparent international Internet governance system. Important strategic objectives into the “thirteen five” plan recommendations. The former advocates foreign participation in the international network space management process, in order to establish a favorable international governance system; the latter advocates the development of network technology, nurture the network industry, enhance the national network strength. The mutual support and mutual promotion between the two requires an international strategy that can co-ordinate internal and external situations in response to complex cyberspace. Although the Chinese government has not published a specific international cyberspace strategy document, but by analyzing the existing relevant policies, can still be found in China’s international strategy of cyberspace is still in the exploratory stage. Therefore, it is necessary to analyze and discuss the international strategy of cyberspace in China according to the characteristics of cyberspace power game and the strategy of network power. (A) China’s cyberspace international policy practice Since 1994 access to the Internet, China has developed a variety of forms of international network policy into the international network space system. This aspect is to expand the needs of opening up, hope that through international cooperation in learning, the introduction of foreign advanced technical standards; the other is the driving force of information technology, integration into the globalization must be all-round participation in the international system. [29] In addition, with China’s growing influence in international affairs and increased dependence on the network, active participation in cyberspace governance is also an important way to maintain national interests and ways. China’s network policy is largely influenced by the situation of international cyberspace governance and developed and promoted in the interaction with the international cyberspace management system, showing the characteristics of multi-domain, multi-level and multi-subject. <A First, the international policy of the Chinese government network covers international cooperation in international technical standards, information and communication technology industry cooperation, global Internet governance, combating cybercrime, network economy, digital divide and other fields, and the development trend of global network governance Generally consistent. First of all, from the early technology, industry and Internet standards to gradually expand the cooperation to a wider range of network-related policy cooperation, many policy areas in fact beyond the scope of the Internet itself, and international economic, political and security. Secondly, after the “prism door incident”, with the cyberspace security governance become the main issue in governance, the focus of China’s network policy is also focused on the network security governance, and based on the establishment of national security, political security, Safety and social security. China not only vigorously oppose large-scale network monitoring in the international arena, advocate the maintenance of national network sovereignty, but also pay more attention to the legislative work related to cybersecurity in domestic policy and maintain national security and sovereignty in practice. Second, China’s cyberspace international policy covers bilateral, regional, multilateral and international levels. From the bilateral level, China has established intergovernmental dialogue and cooperation mechanisms with countries such as South Korea, Britain and Australia. These cooperation not only covers the contents of network security, digital economy and development, but also become an important content and support for bilateral diplomatic relations. In addition, China and the United States, between China and Russia in the field of network security to carry out a different degree of confidence-building measures (Confidence Building Measures, CBMs). [30] At the regional level, China and ASEAN, the SCO, the European Union, the Arab League and other regional organizations and countries to establish a variety of forms of network dialogue and cooperation mechanism. In 2009, the Chinese government signed the Cooperation Framework of the China-ASEAN Telecommunications Regulatory Commission on Network Security and the Intergovernmental Agreement on Safeguarding International Information Security of Member States of the Association of Southeast Asian Nations (ASEAN) and ASEAN Member States. [31] China also actively participated in the work of the ASEAN Regional Network Security Working Group, and in September 2013 held in Beijing, the ASEAN Regional Forum “to strengthen the network security measures seminar – legal and cultural perspective.” Conference development The development of the Internet requires the guidance of legal rules and the need to promote and respect cultural diversity. All parties should strengthen exchanges in the field of cybersecurity, promote mutual trust, promote cooperation and jointly build peace, security, openness and cooperation. [32] Finally, China is also actively involved in the multilateral and international level of cyberspace governance mechanisms, both within the United Nations Framework for Information Security, the International Telecommunication Union, the World Summit on the Information Society, the Internet Governance Forum, or the United Nations Framework London process, cyberspace multi-stakeholder meetings and other mechanisms, China is the main participant; in addition, China also through the World Internet Conference to carry out cyber space home diplomacy. China has also submitted two versions of the International Code of Conduct for Information Security to the United Nations General Assembly, together with representatives of OECD countries such as Russia and Uzbekistan. [33] China is also a major participant in the Global Internet Governance Consortium, where the head of the National Internet Information Office (NYSE), Lu Wei and Alibaba Group Chairman Ma, was elected as a member of the Alliance. <A Third, with the cyberspace governance covered by more and more widely, China’s cyberspace international policy to participate in the main body from the traditional Ministry of Foreign Affairs, Ministry of Industry and further expanded to the Ministry of Public Security, Ministry of Commerce, Ministry of Finance and the new The establishment of the network letter Office, the Ministry of Foreign Affairs set up a “network affairs office” to deal with cyberspace of foreign affairs. Among them, the Ministry of Foreign Affairs is mainly responsible for bilateral, regional, multilateral and international level of network diplomacy, it is China’s docking under the framework of the United Nations network governance mechanism of the main forces, especially from the Ministry of Foreign Affairs arms control officials throughout the four United Nations information security Working Group of Experts. Net letter office as the central network security and information leading group of permanent institutions, China is to co-ordinate the network security and information management of the newly established important institutions. Since the role of network management as a co-ordination and coordination of China’s network affairs is becoming more and more important in the international policy of the network, it has not only carried out multi-level international network security and digital economic cooperation, but also established the governance mechanism of the World Internet Conference.
In addition, the Ministry of Public Security in the fight against cyber security crime, network anti-terrorism, the Ministry of Commerce in the information and communication technology market access, the Ministry of Finance in the network infrastructure external assistance and other areas of work will be China’s future implementation of cyberspace international strategy a solid foundation. It can be seen that China has formed a more comprehensive and in-depth international strategic framework of cyberspace, including pluralistic participant, wide-ranging problem coverage and multi-level participation path, which laid a good foundation for the international strategic construction of cyberspace governance basis. With the development of China from the network power to the network power, China will establish a comprehensive and perfect international strategy of cyberspace. (2) Challenges in the international strategy of cyberspace The evolution of cyberspace governance has brought many challenges to China’s cyberspace international strategy: First, the information developed countries will continue to dominate the network space governance game, which is the network of China The international strategy of space poses a challenge; the second is due to the lack of advanced Internet governance talent, leading to China’s Internet international organization in the serious shortage of the third is the network space governance game to emphasize capacity building (Capacity Building), best practice (Best Practice) And so on, will bring competitive pressure to China. These issues and challenges will have a greater impact on China’s cyberspace international strategy, if handled properly, will have a negative impact on the implementation of the network strategy. <A I = 35> First, the information developed countries continue to dominate the network space governance game direction on China’s international strategic challenges. The global governance of cyberspace is played through various forms of governance, and the construction of the mechanism depends on the negotiation between the actors. The bargaining of the negotiations depends not only on the size of the powers of the actors, but also on the global governance of cyberspace In the agenda set the ability to be closely related. [34] According to Joseph Nye’s definition, the former can be called “hard power”, the latter is “soft power”. [35] The advantages of the developed countries in these two areas are obvious, especially in the mechanism of selective or prioritizing the discussion of cyberspace governance. For example, in cybersecurity governance, the United States relies on its agenda setting capacity to prevent the international community from making large-scale data monitoring a governance agenda, while setting its network economy to focus on priority agendas. In addition, the information developed countries in the establishment of the network of human rights agenda, will focus on the field of freedom, and democracy (one country one vote), equality (the size of the country has the same discourse) and other equally important issues are excluded from the agenda. Not only that, for countries in the “prism door incident” after the request to strengthen the exercise of network sovereignty trend, the United States put forward the “data localization” (Data Localization) this agenda to circumvent the global governance mechanism to discuss network sovereignty. Compared with the information developed countries, information development countries in the agenda setting capacity there is still a big gap, the lack of initiative to set the agenda. In recent years, with China, Brazil, India and other countries have established a variety of cyberspace governance mechanism, emerging powers in the global management of cyberspace in the agenda set the ability to continue to increase. But in general, the gap between China and the information developed countries in governance capacity still exists, and will affect China through international mechanisms to safeguard their own national interests, as well as express their concerns. <
Secondly, due to the lack of advanced cyberspace governance talent, leading to China in the Internet international organizations in the representation of a serious shortage. The trend of cyberspace governance game shows that the control of Internet key resources by international organizations such as ICANN, IETF and other international organizations will not be challenged by government and intergovernmental organizations. As the US government abandons its control over ICANN, the latter will have greater independence. Network space is built on the basis of the Internet, the basis of cyberspace governance is also Internet governance. Therefore, China’s cyberspace international strategy must be in the field of Internet governance to achieve a breakthrough, while enhancing the international organizations in the Internet in the influence and representation. For the majority of developing countries, including China, it is necessary to increase the representation in international organizations such as ICANN, so that more voices from China and other developing countries appear in ICANN. Third, the network space governance game to emphasize the ability to build, best practice and other direction, which will bring China’s severe competitive pressure. The convergence of the cyberspace governance game concept has led to the international community’s focus on cyberspace governance to operational and enforceable areas such as capacity building, best practices, including the provision of network infrastructure to information developing countries and underdeveloped countries; Training in technology, law, and policy related to cyberspace governance; and providing best practices for solving specific problems in cyberspace governance. This is China’s participation in cyberspace governance of the international strategy put forward higher requirements, information developed countries in the field of resources, talent advantage is difficult to shake in the short term, which not only requires the Chinese government to invest more resources, but also China’s Internet companies , Industry associations, legal experts of the common and active participation. (C) China’s strategic thinking of cyberspace governance The basic path of China’s cyberspace international strategy is consistent with the overall macro strategy of China’s integration into the international system and the reform of the international system. [36] In response to the complex cyberspace governance game, China on the one hand to strengthen capacity-building, and focus on the ability to participate in the global control of cyberspace influence; the other hand, between the network security and openness to seek a balance, International cyberspace to establish their own legitimate rights and interests, to avoid the negative impact of excessive security; and strengthen the network strategy and cyberspace international strategy between the strategic interaction, the formation of mutually supportive cyberspace strategy system. <A I = 40> First, combined with the new and future development of cyberspace governance, to strengthen the shaping of international mechanisms. In the cyber space global governance level, the struggle around the governance platform is becoming increasingly fierce. Including the Internet forum, the International Telecommunication Union, the London process, the Brazilian cyberspace multi-stakeholder meeting and China’s World Internet Congress, all platforms have their dominant forces, actors involved in the subject matter and the impact of the play Are not the same. China should explore ways to enhance its own capacity-building programs to the international community in the areas of cybersecurity, cybercrime, capacity building, network economy, cyber culture and the digital divide, in conjunction with the World Internet Forum and other cyberspace governance mechanisms involved. Good practice and solutions such as the ability of public goods. Second, focus on training to participate in cyberspace governance of international talent.
Internet governance organizations are mostly non-governmental organizations, and their multi-stakeholder governance model usually requires the selection of senior management personnel from the Internet community, and the corresponding high-level management, based on the contribution of the selection object to Internet technology and governance Management positions, rather than a traditional intergovernmental organization of a country or vote in accordance with the population, economic ratio to allocate places. In the case of ICANN, its existing management structure is comprised of the Board of Directors and three support organizations, three advisory committees and two technical advisory bodies. The Board consists of 16 voting members and 5 non-voting liaison officers, with the exception of the ICANN President, the remaining 15 places from the Supporting Organizations, the General Members Advisory Committee, the Regional General Membership Organization and the Nominating Committee. To be elected as a member of the voting, must pass the bottom-up nomination and election. Therefore, China should rationalize the system and mechanism, and actively to ICANN and other international non-governmental organizations to transport talent to encourage Internet companies, industry organizations and academic institutions to actively participate in ICANN, IETF, Internet Architecture Board (Internet Architecture Board, IAB) and other institutions to select the talent in order to enhance the international organizations in the Internet in the representation and voice, and to improve China’s influence on Internet governance. Third, to strengthen the network strategy and cyberspace international strategy between the strategic interaction. China has put forward the strategy of strengthening the network power in the “13th Five-Year Plan”, and proceeded from five aspects: technological innovation, network culture, network infrastructure, network security and information construction and international cooperation. [37] Network power strategy has repeatedly referred to the opening up, and actively participate in the Internet governance, and even international cooperation as a separate chapter. This shows that the international strategy of cyberspace and network power strategy between the integration of mutual support. The effective interaction between the two is related to China’s openness to cyberspace, the relationship between security and development. From the perspective of the two-tier game, any country’s strategy is faced with the external situation and the internal interests of the double constraints, excessive emphasis on openness or security are not conducive to the overall national security and interests. Strengthening the interaction between the network strategy and the international strategy of cyberspace helps to improve the awareness of the decision-makers on the security and opening of cyberspace, the security of cyberspace, the development and the relationship between opening and breaking, Consistent with the objective laws of the policy. From a technical level, the network strategy can better support China’s participation in global cyberspace governance. The main competition in the current cyberspace governance has shifted from the cognitive, conceptual level of the game to the provision of solutions, best practices, capacity building and other specific areas of cooperation. Lack of effective support, cyberspace international strategy is difficult to sustain, and won the recognition of the international community. At the same time, cyberspace international strategy will also help to create a favorable external environment for the network power strategy, providing external advanced experience and lessons to the domestic ICT enterprises to provide a broad international market. Finally, we can learn from the field of foreign aid experience, through foreign aid in the field of ICT to ease or even eliminate the digital divide in cyberspace governance issues, on the one hand can contribute to the network space management of Chinese power, on the other hand also contribute to China’s ICT enterprises Internationalization strategy. At the technical level, the network strategy can better support China’s participation in global cyberspace governance. The main competition in the current cyberspace governance has shifted from the cognitive, conceptual level of the game to the provision of solutions, best practices, capacity building and other specific areas of cooperation. Lack of effective support, cyberspace international strategy is difficult to sustain, and won the recognition of the international community. At the same time, cyberspace international strategy will also help to create a favorable external environment for the network power strategy, providing external advanced experience and lessons to the domestic ICT enterprises to provide a broad international market. Finally, we can learn from the field of foreign aid experience, through foreign aid in the field of ICT to ease or even eliminate the digital divide in cyberspace governance issues, on the one hand can contribute to the network space management of Chinese power, on the other hand also contribute to China’s ICT enterprises Internationalization strategy. At the technical level, the network strategy can better support China’s participation in global cyberspace governance. The main competition in the current cyberspace governance has shifted from the cognitive, conceptual level of the game to the provision of solutions, best practices, capacity building and other specific areas of cooperation. Lack of effective support, cyberspace international strategy is difficult to sustain, and won the recognition of the international community. At the same time, cyberspace international strategy will also help to create a favorable external environment for the network power strategy, providing external advanced experience and lessons to the domestic ICT enterprises to provide a broad international market. Finally, we can learn from the field of foreign aid experience, through foreign aid in the field of ICT to ease or even eliminate the digital divide in cyberspace governance issues, on the one hand can contribute to the network space management of Chinese power, on the other hand also contribute to China’s ICT enterprises Internationalization strategy. At the technical level, the network strategy can better support China’s participation in global cyberspace governance. The main competition in the current cyberspace governance has shifted from the cognitive, conceptual level of the game to the provision of solutions, best practices, capacity building and other specific areas of cooperation. Lack of effective support, cyberspace international strategy is difficult to sustain, and won the recognition of the international community. At the same time, cyberspace international strategy will also help to create a favorable external environment for the network power strategy, providing external advanced experience and lessons to the domestic ICT enterprises to provide a broad international market. Finally, we can learn from the field of foreign aid experience, through foreign aid in the field of ICT to ease or even eliminate the digital divide in cyberspace governance issues, on the one hand can contribute to the network space management of Chinese power, on the other hand also contribute to China’s ICT enterprises Internationalization strategy. At the technical level, the network strategy can better support China’s participation in global cyberspace governance. The main competition in the current cyberspace governance has shifted from the cognitive, conceptual level of the game to the provision of solutions, best practices, capacity building and other specific areas of cooperation. Lack of effective support, cyberspace international strategy is difficult to sustain, and won the recognition of the international community. At the same time, cyberspace international strategy will also help to create a favorable external environment for the network power strategy, providing external advanced experience and lessons to the domestic ICT enterprises to provide a broad international market. Finally, we can learn from the field of foreign aid experience, through foreign aid in the field of ICT to ease or even eliminate the digital divide in cyberspace governance issues, on the one hand can contribute to the network space management of Chinese power, on the other hand also contribute to China’s ICT enterprises Internationalization strategy.
At the technical level, the network strategy can better support China’s participation in global cyberspace governance. The main competition in the current cyberspace governance has shifted from the cognitive, conceptual level of the game to the provision of solutions, best practices, capacity building and other specific areas of cooperation. Lack of effective support, cyberspace international strategy is difficult to sustain, and won the recognition of the international community. At the same time, cyberspace international strategy will also help to create a favorable external environment for the network power strategy, providing external advanced experience and lessons to the domestic ICT enterprises to provide a broad international market. Finally, we can learn from the field of foreign aid experience, through foreign aid in the field of ICT to ease or even eliminate the digital divide in cyberspace governance issues, on the one hand can contribute to the network space management of Chinese power, on the other hand also contribute to China’s ICT enterprises Internationalization strategy. At the technical level, the network strategy can better support China’s participation in global cyberspace governance. The main competition in the current cyberspace governance has shifted from the cognitive, conceptual level of the game to the provision of solutions, best practices, capacity building and other specific areas of cooperation. Lack of effective support, cyberspace international strategy is difficult to sustain, and won the recognition of the international community. At the same time, cyberspace international strategy will also help to create a favorable external environment for the network power strategy, providing external advanced experience and lessons to the domestic ICT enterprises to provide a broad international market. Finally, we can learn from the field of foreign aid experience, through foreign aid in the field of ICT to ease or even eliminate the digital divide in cyberspace governance issues, on the one hand can contribute to the network space management of Chinese power, on the other hand also contribute to China’s ICT enterprises Internationalization strategy.

 

Original Mandarin Chinese:

簡介
全球網絡空間治理進程不僅涉及信息發達國家與信息發展中國家在互聯網關鍵資源、網絡權力和網絡安全等領域的複雜博弈,還包括政府、私營部門和市民社會等行為體之間的相互博弈。 “棱鏡門事件”在加劇網絡空間治理博弈的同時,也推動各方政策立場持續調整,增加了治理合作的可能性。與此同時,網絡空間領域的博弈也反映出互聯網治理與網絡空間治理等相關治理理念的相互衝突與相互融合趨勢。目前,中國在全球網絡空間治理上的參與仍面臨諸多挑戰。中國需要以網絡空間博弈的發展趨勢和治理理念的演進為基礎,結合“十三五”規劃提出的網絡強國戰略,以國際機制塑造、人才培養及技術發展等為核心建構長遠、完備和全面的參與戰略。
正文
2013年6月,美國國家安全局(NSA)前僱員愛德華·斯諾登披露了該局的“棱鏡”監聽項目。該事件[①] 使網絡空間治理在國際議程中的優先次序再度提升,但也加劇了各方立場的分化,導致網絡空間治理陷入困境,為網絡空間治理的建章立制帶來極大挑戰。另外,國際社會對網絡空間及其治理的複雜性缺乏清晰、統一的認知,由此而造成的片面立場和單一政策進一步加劇了治理困境。面對上述複雜情勢,約瑟夫·奈(Joseph Nye)試圖通過借鑒環境治理領域的機制複合體理論來解釋網絡空間治理的實踐,通過多個不同的治理機制組成的鬆散耦合複合體來分析網絡空間治理。 [②] 這為分析網絡空間治理形勢提供了一個有益的視角,即網絡空間治理是由多個而非單一的治理機制組成,各種機制之間的相互作用對治理產生影響。本文擬從更加宏觀的視角來審視網絡空間治理髮展的進程,並試圖探索網絡空間博弈背後的理念演變,同時分析政府、私營部門、公民社會等治理行為體在國際、國內兩個層面的複雜關係。在此基礎之上,探討中國的應對措施和參與網絡空間治理的戰略。

一、網絡空間治理的力量博弈

網絡空間治理的進程伴隨著各國政府之間的博弈過程。根據各國政府在網絡技術、網絡能力和網絡使用度等方面的情況,可以將其劃分為信息發達國家、信息發展中國家和信息不發達國家三類。 [③] 也有國際組織以網絡就緒度(Readiness)為指標衡量各國的信息化程度。這種排名基本上與傳統的發達、發展中以及不發達國家的三分法相重疊,當然也存在個別發展中國家的信息化水平上升到發達國家行列,或部分發展中國家的信息化水平跌落到不發達國家的水平。因此,按照信息發達國家、發展中國家和不發達國家的三分法來劃分在學術上更加精確。網絡空間治理的力量博弈主要有三個方面:一是信息發達國家與信息發展中國家在網絡權歸屬、網絡資源分配方面的博弈;二是非政府行為體與政府之間就互聯網關鍵資源控制、網絡安全與自由等問題的博弈;三是作為網絡空間中的主導國家,美國政府聯合其境內的私營部門、市民社會與其他國家之間在互聯網關鍵資源歸屬等問題上的博弈(圖1)。

首先,信息發達國家與信息發展中國家圍繞著網絡空間的關鍵基礎設施和網絡技術之間的博弈。根據網絡空間治理領域力量博弈的行為體、議題和特點,可以將其劃分為三個階段。
第一階段是早期的互聯網治理時期,這大致從國際互聯網的形成初期到聯合國召開信息社會世界峰會(World Summit on Information Society, WSIS)為止;該峰會分為2003年日內瓦會議和2005年突尼斯議程兩個階段。信息社會世界峰會表面上表現為各國政府與私營部門和市民社會之間的鬥爭,實質上則是美國與其他國家就互聯網控制權而展開的博弈。
這一時期是互聯網快速發展的階段,大量新的技術及技術標準被創造出來,美國政府藉機大力推動信息技術發展,並製定了一系列國際技術標準、行業和產業規範。而信息發展中國家還處於學習、借鑒階段,這使美國等發達國家在該領域處於絕對強勢地位。 [④] 這一階段的互聯網治理主要圍繞互聯網域名註冊與解析及其相應的13台根服務器控制權、互聯網協議(IP)地址分配等關鍵資源展開爭奪。美國幾乎控制了互聯網標準制定和管理的所有國際組織和核心企業,並拒絕將相關管理職能國際化或交由聯合國專門機構管理。 [⑤] 因此,在信息社會世界峰會上,儘管面臨來自聯合國、信息發展中國家甚至歐洲國家的壓力,美國依然拒絕交出國際互聯網管理權。進入21世紀後,以中國為代表的信息發展中國家的網絡科技力量不斷提升,它們所擁有的域名、用戶等互聯網資源已經超過了信息發達國家,但在互聯網治理中的代表性遠遠不足,因此對現有互聯網治理體現的合法性提出了質疑。
第二階段是網絡空間治理的政治競爭和主權競爭階段,有人稱之為政府在網絡空間的“回歸”階段。這一階段從信息社會世界峰會到2011年。 2011年,中國、俄羅斯等國向第66屆聯大提交了“信息安全國際行為準則”,主張聯合國在網絡空間治理中發揮主導作用。同年,美英等國政府主導的全球網絡空間治理大會(Global Cyber​​space Conference),又稱倫敦進程(London Process)正式召開。
這一階段網絡空間治理博弈的特點是,隨著網絡技術的不斷突破及其對現實社會的顛覆性變革,網絡空間已經成為人類社會的“第五戰略空間”。圍繞網絡空間中秩序、權力與財富的分配,信息發達國家與信息發展中國家在下列問題上產生了嚴重分歧:網絡空間屬性是“全球公域”還是“主權領域”;治理手段是政府主導的“多邊治理”,還是非政府行為體主導的多利益攸關方(Multi-stakeholder)模式;治理文化是西方主導的“一元文化”,還是平等協商的“多元文化”。 [⑥] 這一時期的矛盾焦點還集中體現在信息內容的自由流通領域,希拉里·克林頓就任美國國務卿時,針對互聯網自由發表了多次講話,鼓吹美國的互聯網自由戰略。在始於2010年年底的西亞北非動蕩之中,美國政府與社交媒體網站在背後所扮演的角色引起了信息發展中國家的廣泛關注,並加強了對互聯網的管理。 [⑦]
第三階段從“棱鏡門事件”之後一直到現在,這一階段的競爭更加聚焦網絡空間的安全治理。 “棱鏡門事件”使美國在網絡空間治理領域的道德製高點遭受質疑、領導力下降,迫使其在推動網絡空間治理中放低姿態。與此同時,網絡空間安全形勢進一步惡化,各國面臨的安全威脅進一步加大。在經歷了“棱鏡門事件”初期的激烈對抗之後,信息發達國家與信息發展中國家均意識到維護網絡空間的安全需要各國的共同參與,沒有任何國家可以單獨主導網絡空間治理進程。信息發達國家與信息發展中國家在認知層面的差距逐漸縮小,對抗性舉措減少,合作的空間開始增長。
其次,“棱鏡門事件”引起了政府與私營部門、市民社會之間在網絡安全、公民隱私等問題上的激烈博弈。美國國家安全局前僱員愛德華·斯諾登揭露了一個包括“棱鏡”、“X關鍵分”(X-Keyscore)、“美景”(Fairview)、“核心”(Main core)等近10個監控項目在內的監控體系,該監控體係由國家安全局、中央情報局、聯邦調查局等多個情報機構參與,幾乎覆蓋了網絡空間的社交網絡、郵件、即時通訊、網頁、影片、照片等所有信息。 [⑧] 國家安全局要求微軟、谷歌、臉譜等9家主要全球互聯網企業向監控項目開放數據庫以便開展數據監控。在“棱鏡門事件”曝光後,微軟、谷歌、臉譜等企業向法院公開起訴聯邦政府。 [⑨] 市民社會也紛紛行動起來,反對大規模數據監控。美國市民社會聯盟在網上發起“停止監視我們”(Stop Watch Us)的行動,向美國政府施加壓力,得到數万網民在網站上的簽名、留言及數百個公民團體的響應,他們通過組織遊行示威、向國會請願、發起網絡倡議等方式配合該行動。 [⑩]
在“棱鏡門事件”引發了其他國家對與美國政府合作開展監控項目ICT企業的不滿,各國紛紛採取新的措施保障網絡空間安全。例如,中國政府加快了網絡空間的法制化進程,並開始討論網絡安全設備自主可控的指導思想、制定了網絡安全審查辦法,在先後出台的《國家安全法》、《反恐怖主義法》、 《網絡安全法(草案)》和《刑法修正案(九)》中都大幅增加了涉及網絡安全的條款。這些舉措引起了美國信息通信技術企業的嚴重關切,並遊說美國政府對中國施壓,要求中國政府取消相關規定,如《反恐怖主義法》第十八條中規定“電信業務經營者、互聯網服務提供者應當為公安機關、國家安全機關依法進行防範、調查恐怖活動提供技術接口和解密技術支持和協助”。 [11] 儘管從政府角度看,這些舉措有助於維護網絡安全和國家安全,但在私營部門看來,上述規定的舉措不僅將增加技術上的投入,也會大幅度增加成本。只要網絡空間治理未實現突破,政府與私營部門、市民社會之間的博弈會繼續存在,並在一定程度上將演變為國家間博弈。
最後,美國政府與其境內的私營部門、市民社會之間結盟與其他國家在互聯網關鍵資源歸屬問題上的博弈。互聯網關鍵資源包括:IP地址分配、協議參數註冊、通用頂級域名(gTLD)系統管理,國家和地區頂級域名(ccTLD)系統的管理及根服務器系統的管理和時區數據庫管理等。有學者形像地用掌握網絡空間中的“封疆權”來形容互聯網名稱與數字地址分配機構(Internet Corporation for Assigned Names and Numbers, ICANN)在網絡空間治理中的地位。 [12]

由於歷史的原因,這些資源一直由美國國家通信與信息管理局(National Telecommunication and Information Administration, NTIA)下屬的互聯網數字分配機構(Internet Assigned Numbers Authority, IANA)負責管理,NTIA通過定期與ICANN簽訂合同,授權其管理IANA的職能。因此,可以認為美國政府控制著互聯網的關鍵資源。聯合國任命的互聯網治理工作組(WGIG)在報告中指出,美國政府單方面控制著如根區文件在內的互聯網關鍵資源。 [13] 國際社會對這種情況一直不滿,WGIG報告中提出了四種方案以取代既有架構,希望通過政府間組織或全球性機構來接管互聯網關鍵資源。 [14] 對於ICANN來說,雖然一直尋求獨立於美國政府之外並與之開展了多次爭奪,但它更關注的是如何避免其他政府間組織或機構接管或取代其地位。彌爾頓·穆勒將這種現象描述為“一些網絡自由主義者甚而最終轉變成了國家主義的秘密支持者,因為只要被挑戰的國家是他們的祖國,他們就轉而為美國辯護,允許其控制、主導互聯網。”[15]
因此,在一些情況下,ICANN選擇與美國政府“結盟”共同阻止其他國家或政府間組織影響其治理結構。在ICANN的組織架構和決策體制中,各國政府代表所在的政府諮詢委員會(Government Advisory Committee, GAC)只有資格提名一名不具有表決權的聯絡員。信息發展中國家認為,作為一種互聯網治理的國際機制,在ICANN中來自信息發展中國家的代表性不足,在其未來的管理架構中,應當體現政府的職責和權力,增加政府諮詢委員會的權限。但ICANN多次表示不會接受這種改變。對於這種情況,無論是在政府諮詢委員會中,還是在ICANN的全體會議上,美國政府代表與ICANN的官方立場高度一致。直到“棱鏡門事件”爆發,美國政府才迫於多方面壓力宣布重啟ICANN的國際化進程,這將網絡空間治理博弈導向了新的階段。

二、網絡空間治理未來的發展態勢

隨著網絡空間治理進程的推進,各方對網絡空間屬性的認知逐漸達成共識,並由此使其在治理方法、路徑上的分歧縮小​​。特別是在認知層面,各國對網絡空間的認知由基於不同的政治、經濟、文化背景,強調各自的獨特性轉向基於網絡空間的客觀屬性和規律,強調不同觀點之間的融合。 [16] 網絡空間的互聯、共享屬性決定了零和博弈不適用於網絡空間,網絡空間的安全、發展、自由是政府、私營部門和市民社會所追求的共同目標。同時,安全、發展、自由這三個議題的相互制約關係,使得任何一方都不能忽視其他行為體的利益,而追求自身的絕對利益。正如習近平主席2015年12月16日在第二屆世界互聯網大會(World Internet Conference, WIC)開幕式的主題演講中指出:“在信息領域沒有雙重標準,各國都有權維護自己的信息安全,不能一個國家安全而其他國家不安全,一部分國家安全而另一部分國家不安全,更不能犧牲別國安全謀求自身所謂絕對安全”。 [17] 這一立場反映了網絡空間治理的上述特殊屬性。由此,國際社會也逐步意識到,沒有任何一方可以主導網絡空間治理進程。
首先,美國的網絡空間戰略調整與ICANN國際化進程將推動網絡空間治理架構的重大轉型。面臨重重壓力,美國通過部分放棄互聯網關鍵資源的直接控制權,為其網絡空間國際戰略的調整做準備。 [18] 2014年3月14日,美國商務部下屬的NTIA宣布將放棄對ICANN的控制,並在移交聲明中指出,將由ICANN管理層組織全球多利益攸關方討論接收問題,但明確拒絕由聯合國或其他政府間組織接管。 [19] ICANN自成立以來一直在尋求自己的獨立地位,ICANN國際化的目標不僅是要擺脫美國政府的製約,同時還要確保在美國政府放權後,不會被其他國家和政府間組織接管。因此,ICANN既需要與美國政府達成協議以保證自己的獨立性,也要與其他國家政府展開博弈,避免其國際化遭到強烈反對。
其次,聯合國在網絡空間治理中的作用持續提升,將有力地推動網絡空間治理架構和規範的建設步伐。通過聯合國信息安全政府專家組(GGE)的努力,國際社會在網絡空間的行為規範和建立信任措施等方面也取得了重要突破。 2013年6月,聯合國發表了一份由15個國家的代表組成的專家組的報告。報告首次明確了“國家主權和源自主權的國際規範及原則適用於國家進行的通信技術活動,以及國家在其領土內對通信技術基礎設施的管轄權。”同時,報告進一步認可了“聯合國憲章在網絡空間中的適用性”。 [20] “各國在努力處理通信技術安全問題的同時,必須尊重《世界人權宣言》和其他國際文書所載的人權和基本自由。”[21] 與2010年的專家組報告相比,上述內容分別作為2013年報告的第20和21條款出現,這是一個巨大的進步,表明信息發達國家和信息發展中國家在網絡空間治理認知理念的兼容性不斷提高。 2015年7月,聯合國關於從國際安全的角度看信息和電信領域的發展政府專家組公佈了第三份關於網絡空間國家行為準則的報告。這份報告在保護網絡空間關鍵基礎設施、建立信任措施、國際合作等領域達成了原則性共識。信息發展中國家關心的網絡主權進一步得到明確,信息發達國家主張的國際法特別是武裝衝突法在網絡空間中的適用也寫入其中。 [22]
最後,政府與非國家行為體在網絡空間治理中的競爭與合作模式將發生重大轉變,多層次博弈將成為網絡空間治理的“新常態”。在治理方式和路徑方面,各國在網絡空間治理中的政策立場也更強調從實際出發,特別是在處理政府與其他行為體的關係上。各方都意識到應當根據網絡空間治理中的問題來劃分政府與其他行為體的職責。對於多利益攸關方治理模式,信息發達國家與信息發展中國家的認知逐步統一,政府與私營部門、市民社會根據各自的職能參與網絡空間治理。認知縮小意味著一方對另一方的關切更加了解,信息發達國家與信息發展中國家在網絡空間治理中的博弈將更具針對性,表現為競爭與合作同步進行,以競爭促進合作。當然,這與信息發展中國家加大了對網絡空間建章立制的投入,在網絡空間治理的話語權上的增長有關。巴西、中國先後建立了網絡空間多利益攸關方會議(NetMundial)和世界互聯網大會機制,探討網絡與國家安全、網絡主權等核心問題,信息發展中國家的聲音將越來越多、越來越大。

三、網絡空間治理的理念演變

在信息發達國家與信息發展中國家,政府、私營部門和市民社會等圍繞網絡空間治理的博弈從衝突轉向融合的背後,反映了網絡空間治理理念的持續演變。儘管圍繞網絡空間治理的博弈主要是為了爭奪網絡空間的權力與財富,但行為體對治理的主體、客體和方法的不同認知對治理的衝突與融合產生了重要影響。微軟首席研究及戰略官克瑞格·蒙迪(Craig Mundie)在第七屆中美互聯網論壇上就曾指出,“中美雙方在網絡空間的誤解很大程度上是由於對’互聯網治理’和’網絡空間治理’兩個概念的混淆所導致”。 [23] 同樣,網絡空間治理博弈和衝突也反映了上述兩種治理概念之間的衝突。
互聯網治理被認為屬於一種由非政府行為體主導的多利益攸關方治理模式,但網絡空間治理也需要政府和政府間組織的參與和協調。互聯網治理項目(Internet Governance Project, IGP)將互聯網治理定義為“所有者、運營商、開發者和用戶共同參與的一個由互聯網協議所聯接起來的與網絡相關的決策,包括確立政策、規則和技術標準的爭端解決機制,制定資源分配和全球互聯網中人類行為的標準。”[24] 上述定義包括三個方面,即技術標準和協議的接受和認可,域名和IP地址等互聯網資源的分配,人類的互聯網行為產生的垃圾郵件、網絡犯罪、版權和商標爭議、消費者保護問題、公共部門和私人的安全問題等相關的規定、規則和政策等。勞拉·迪娜尼斯(Laura DeNardis)提出要按照互聯網傳輸的TCP/IP協議的層級,並根據不同層級的不同功能構建互聯網模式,依據功能、任務和行為體分別討論互聯網資源控制、標准設定、網絡接入、網絡安全治理、信息流動、知識產權保護等六個層面的互聯網治理內容。 [25]
網絡空間治理從原先互聯網治理所強調的專業性、技術性領域轉向更廣泛的政治、安全和經濟範疇,政府和政府間組織在網絡空間治理中的重要性也日益凸顯。網絡空間是一個更廣泛的領域,它不僅包括互聯網,還包括網絡中傳輸的數據,網絡的用戶以及現實社會與虛擬社會的交互等。相對應的網絡空間治理則是一個更加寬泛的概念,它是“包括網絡空間基礎設施、標準、法律、社會文化、經濟、發展等多方面內容的一個範疇”。 [26] 它所包含的治理議題更加多元,面臨的挑戰也在不斷增加。如“棱鏡門事件”引發的對大規模數據監控的關注、政府在網絡空間開展的網絡行動導致的高持續性威脅(APT)、全球範圍內的數字鴻溝(Digital Divide)與數據貧困(Data Poverty )、網絡恐怖主義、網絡商業竊密等越來越多的治理議題已經超越了傳統的互聯網治理理念的範疇。
網絡空間治理博弈中涉及的“全球公域”與“網絡主權”、“網絡自治”與“國家主導”等衝突反映出人們未能客觀、正確地理解“互聯網治理”與“網絡空間治理”之間不同的治理主體、客體和方法,試圖用單一的治理方法去解決其中的多元議題。以ICANN為代表的互聯網治理主體所推崇的自下而上、公開透明的治理模式,對於國家在應對網絡戰、大規模數據監控、竊密等高可持續性威脅、網絡恐怖主義等問題而言,缺乏有效性和針對性。與此同時,以國家為中心、自上而下的網絡空間治理理念也無法有效應對當前國際互聯網治理的現實問題,不能取代互聯網國際組織在該領域的主導地位。
隨著網絡空間治理進程的推進,上述兩種治理理念和方法在碰撞中也開始不斷融合。約瑟夫·奈認為,網絡空間是由多個治理機制組成,其中互聯網治理聚焦於技術層面,是網絡空間治理的一個子集。應當根據不同的治理議題,構建不同的治理機制,讓不同的行為體來發揮主導作用。 [27] 治理觀念的融合還表現在各方對多利益攸關方治理模式共識的增加。 ICANN採用的是一種自下而上、基於共識基礎的決策過程,並主張限制政府作用的治理模式。 [28] 很多信息發展中國家最初對多利益攸關方治理模式持反對態度,強調應當採用政府主導的多邊治理模式。隨著治理進程的深入,信息發展中國家逐步接受多利益攸關方治理模式,只要政府的作用得到合理體現,這種觀點也在私營部門和市民社會代表中獲得越來越多的共識。政府、私營部門和市民社會根據各自的功能與責任來參與決策過程,不刻意將其他行為體排除在外,也不刻意追求個別行為體的領導權,體現出更加客觀和平衡的網絡空間治理理念。

四、中國的戰略應對

中國政府提出了網絡空間全球治理的兩大目標,即共同構建和平、安全、開放、合作的網絡空間和建立多邊、民主、透明的國際互聯網治理體系,同時還將網絡強國戰略作為重要戰略目標納入“十三五”規劃建議中。前者主張對外參與國際網絡空間治理進程,以此來建立有利的國際治理體系;後者主張發展網絡技術力量,培育網絡產業,增強國家網絡實力。兩者之間的相互支持和相互促進需要有一個能夠統籌內外、應對複雜網絡空間形勢的國際戰略。儘管中國政府並未公佈具體的網絡空間國際戰略文件,但通過分析現有的相關政策,仍可以發現中國的網絡空間國際戰略還處於摸索階段。因此,有必要對照網絡空間力量博弈的特點和網絡強國戰略來分析和探討中國的網絡空間國際戰略。
(一)中國網絡空間國際政策實踐
自1994年接入國際互聯網起,中國就制定了各種形式的網絡國際政策融入國際網絡空間體系。這一方面是擴大開放的需要,希望通過國際合作學習、引進國外先進的技術標準;另一方面是信息技術的驅動,融入全球化必須要全方位參與國際體系。 [29] 此外,隨著中國在國際事務中的影響力越來越大以及對網絡的依存度上升,主動參與網絡空間治理也是維護國家利益的重要路徑和方式。中國的網絡政策在很大程度上受到國際網絡空間治理形勢的影響,並在與國際網絡空間治理制度的互動中得到發展和提升,呈現出多領域、多層次和多主體的特點。
第一,中國政府網絡國際政策覆蓋了國際技術標準合作、信息通信技術產業合作、全球互聯網治理、打擊網絡犯罪、網絡經濟、數字鴻溝等多個領域,與全球網絡治理的發展趨勢總體上保持一致。首先,從早期的技術、產業和互聯網標準的合作逐步拓展至更加廣泛的網絡相關政策合作,很多政策領域實際上已經超出了互聯網本身的範疇,與國際經濟、政治、安全相結合。其次,“棱鏡門事件”之後,隨著網絡空間安全治理成為治理中的主要議題,中國網絡政策的關注點也相應聚焦於網絡安全治理,及建立在此基礎上的國家安全、政治安全、經濟安全和社會安全。中國不僅在國際上大力反對大規模網絡監控,提倡維護國家網絡主權,而且在國內政策上也更加註重與網絡安全相關的立法工作,在實踐中維護國家安全和主權。
第二,中國的網絡空間國際政策覆蓋了雙邊、地區、多邊和國際等多個層級。從雙邊層面來看,中國與韓國、英國、澳大利亞等國家建立了政府間對話合作機制,這些合作不僅覆蓋網絡安全、數字經濟和發展等內容,還成為雙邊外交關係的重要內容和支撐。此外,中美、中俄之間在網絡安全領域開展了不同程度的建立信任措施(Confidence Building Measures, CBMs)。 [30] 在地區層面,中國與東盟、上合組織、歐盟、阿盟等地區組織和國家之間建立了多種形式的網絡對話合作機制。 2009年中國政府分別與東盟和上合組織成員國簽訂了《中國—東盟電信監管理事會關於網絡安全問題的合作框架》和《上合組織成員國保障國際信息安全政府間合作協定》。 [31] 中國還積極參與東盟地區論壇網絡安全工作組的工作,並於2013年9月在北京召開了東盟地區論壇“加強網絡安全措施研討會——法律和文化視角”。會議倡議互聯網的發展需要法律規則的引領,也需要促進和尊重文化多樣性,各方應在網絡安全領域加強交流、增進互信、推進合作,共同構建和平、安全、開放、合作的網絡空間。 [32] 最後,中國還積極參與多邊和國際層面的網絡空間治理機制,無論是聯合國框架下的信息安全政府專家組、國際電信聯盟、信息社會世界峰會、互聯網治理論壇,還是聯合國框架之外的倫敦進程、網絡空間多利益攸關方會議等機制,中國都是主要參與者;此外,中國還通過召開世界互聯網大會來開展網絡空間的主場外交。中國還與俄羅斯、烏茲別克斯坦等上合組織成員國共同向聯合國大會提交了兩個版本的“信息安全國際行為準則”。 [33] 中國也是全球互聯網治理聯盟的主要參與方,國家互聯網信息辦公室(網信辦)主任魯煒和阿里巴巴集團董事局主席馬雲當選為該聯盟的委員。
第三,隨著網絡空間治理所覆蓋的內容越來越廣泛,中國網絡空間國際政策參與的主體也從傳統的外交部、工信部進一步擴展到公安部、商務部、財政部以及新成立的網信辦,外交部專門設立了“網絡事務辦公室”來應對網絡空間的外交事務。其中,外交部主要負責雙邊、地區、多邊和國際層面的網絡外交工作,它還是中國對接聯合國框架下網絡治理機制的主要力量,特別是來自外交部軍控司的官員全程參與四屆聯合國信息安全專家組的工作。網信辦作為中央網絡安全與信息化領導小組的常設機構,是中國為了統籌應對網絡安全與信息化新設立的重要機構。網信辦作為統籌、協調中國網絡事務的機構在網絡國際政策中的角色越來越重要,不僅開展了多層級的國際網絡安全與數字經濟合作,還建立了世界互聯網大會治理機制。此外,公安部在打擊網絡安全犯罪、網絡反恐,商務部在信息通信技術市場准入,財政部在網絡基礎設施對外援助等領域的工作都將是中國今後實施網絡空間國際戰略的堅實基礎。
由此可見,中國已經形成了一個較為全面、深入的網絡空間國際戰略架構,包括多元的參與主體、寬領域的議題覆蓋和多層級的參與路徑,這為網絡空間治理的國際戰略構建奠定了良好基礎。伴隨著中國從網絡大國向網絡強國的發展,中國將會建立一個全面、完善的網絡空間國際戰略。
(二)網絡空間國際戰略面臨的挑戰
網絡空間治理的力量博弈變化給中國的網絡空間國際戰略帶來了多重挑戰:一是信息發達國家將繼續主導網絡空間治理博弈的方向,這對中國的網絡空間國際戰略構成挑戰;二是由於缺乏高級互聯網治理人才,導致中國在互聯網國際組織中的代表性嚴重不足;三是網絡空間治理博弈轉向強調能力建設(Capacity Building)、最佳實踐(Best Practice)等方向,將給中國帶來競爭壓力。這些問題和挑戰對中國網絡空間國際戰略將產生較大衝擊,若處理不當,會對網絡強國戰略的實施造成負面影響。
第一,信息發達國家繼續主導網絡空間治理博弈方向對中國國際戰略構成的挑戰。網絡空間全球治理是通過各種形式的治理機制發揮作用,機制的構建取決於各行為體之間的談判,談判的籌碼不僅取決於各行為體的權力大小,還與各方在網絡空間全球治理中的議程設置能力息息相關。 [34] 按照約瑟夫·奈的定義,前者可稱之為“硬權力”,後者是“軟權力”。 [35] 信息發達國家在這兩個領域的優勢明顯,特別是在通過選擇性或者優先設置議程左右網絡空間治理的機制構建。比如在網絡安全治理中,美國依靠其議程設置能力阻止國際社會將大規模數據監控列為治理議程,同時將其重點關切的網絡經濟竊密設置為優先議程。此外,信息發達國家在設置網絡人權議程時,將重點置於自由領域,而民主(一國一票)、平等(大小國家擁有同等話語權)等同樣重要的議題則被排除在議程之外。不僅如此,對於各國在“棱鏡門事件”後要求加強行使網絡主權的趨勢,美國則提出“數據本地化”(Data Localization)這一議程以規避在全球治理機制中討論網絡主權。與信息發達國家相比,信息發展中國家在議程設置能力上還存在較大差距,缺乏主動設置議程的能力。近年來,隨著中國、巴西、印度等國先後建立了各種網絡空間治理機制,新興大國在網絡空間全球治理中的議程設置能力不斷增強。但總體而言,中國與信息發達國家在治理能力方面的差距依舊存在,並將影響中國通過國際機制維護自身國家利益,以及表達自身關切。

第二,由于缺乏高级网络空间治理人才,导致中国在互联网国际组织中的代表性严重不足。网络空间治理博弈的趋势表明,ICANN、IETF等国际组织对互联网关键资源的控制权不会受到政府和政府间组织的挑战。随着美国政府放弃对ICANN的控制权,后者将具有更大的独立性。网络空间建立在互联网基础之上,网络空间治理的基础也是互联网治理。因此,中国的网络空间国际战略必须要在互联网治理领域实现突破,同时提升在互联网国际组织中的影响力和代表性。对包括中国在内的广大信息发展中国家而言,必须增加在ICANN等国际组织中的代表性,让更多来自中国和其他发展中国家的声音出现在ICANN中。
第三,网络空间治理博弈转向强调能力建设、最佳实践等方向,这将给中国带来严峻的竞争压力。网络空间治理博弈理念的融合使得国际社会对网络空间治理的焦点转向了能力建设、最佳实践等可操作和可落实的领域,包括向信息发展中国家和信息不发达国家提供网络基础设施;提供与网络空间治理相关的技术、法律、政策等人才的培训;提供网络空间治理中遇到的解决各种具体问题的最佳实践。这对于中国参与网络空间治理的国际战略提出了更高的要求,信息发达国家在上述领域的资源优势、人才优势短期内难以撼动,这不仅需要中国政府投入更多资源,也需要中国的互联网企业、行业协会、法律专家的共同和积极参与。
(三)中国参与网络空间治理的战略思路
确立中国网络空间国际战略的基本路径与中国整体对外战略强调的融入国际体系,并推动改革国际体系的宏观目标相一致。[36] 为应对复杂的网络空间治理博弈,中国一方面要加强能力建设,并注重将能力转化为参与网络空间全球治理的影响力;另一方面在网络安全与开放之间寻求平衡,通过参与国际网络空间建章立制来维护自己的合法权益,避免过度安全化带来的负面影响;并加强网络强国战略与网络空间国际战略之间的战略互动,形成相互支持的网络空间战略体系。
第一,结合网络空间治理的新近和未来发展态势,强化对国际机制的塑造能力。在网络空间全球治理层面,围绕治理平台的斗争日趋激烈。包括互联网论坛、国际电信联盟、伦敦进程、巴西网络空间多利益攸关方会议以及中国的世界互联网大会在内,各个平台都有其主导力量,参与的行为体所关注的议题和发挥的影响力均不相同。中国应结合世界互联网论坛以及参与的其他网络空间治理机制,在网络安全、网络犯罪、能力建设、网络经济、网络文化、数字鸿沟等议题中,探索如何提升自身向国际社会提供能力建设方案、最佳实践和解决方案等公共产品的能力。
第二,着重培养参与网络空间治理的国际化人才。国际互联网治理组织多为非政府组织,其采用的多利益攸关方治理模式通常要求从互联网社群中选拔高级管理人才,根据选拔对象对互联网技术、治理所作出的贡献来来担任相应的高级管理职务,而非传统政府间组织的一国一票或按照人口、经济比例来分配名额。以ICANN为例,其现有的管理架构是由董事会和3个支持组织、3个咨询委员会及2个技术咨询机构组成。董事会由16名具有表决权的成员和5名不具有表决权的联络员组成,除ICANN总裁之外,其余15个名额分别来自支持组织、一般会员咨询委员会、区域一般会员组织和提名委员会。要想当选为有投票权的委员,必须要通过自下而上的提名和选举。因此,中国应当理顺体制和机制,积极向ICANN等国际非政府组织输送人才,鼓励互联网企业、行业组织和学术机构积极参与ICANN、IETF、互联网架构委员会(Internet Architecture Board, IAB)等机构的人才选拔,以此来提升在互联网国际组织中的代表性和发言权,并提高中国对互联网治理的影响力。
第三,加强网络强国战略与网络空间国际战略之间的战略互动。中国在“十三五”规划建议中正式提出网络强国战略,并从技术创新、网络文化、网络基础设施、网络安全和信息化建设、国际合作五个方面着手,推进网络强国建设。[37] 网络强国战略中多次提到了对外开放、积极参与国际互联网治理,甚至将国际合作作为单独一章。由此可见,网络空间国际战略与网络强国战略之间相互融合、相互支撑。两者的有效互动,关系到中国对网络空间的开放、安全与发展关系的处理。从双层博弈的角度来看,任何一个国家的战略都面临外部形势和内部利益集团的双重约束,过度强调开放或者安全都不利于整体国家安全和利益。强化网络强国战略与网络空间国际战略之间的互动,有助于提高决策者对于网络空间的安全与开放,网络空间的安全、发展、与开放之间关系的认知,打破双重约束,制定更加符合客观规律的政策。
从技术层面来说,网络强国战略可以更好地为中国参与全球网络空间治理提供支撑。当前网络空间治理的主要竞争已经从认知、理念层面的博弈,转向提供解决方案、最佳实践、能力建设等具体的议题合作领域。缺乏有效的支撑,网络空间国际战略难以持续,并赢得国际社会的认可。与此同时,网络空间国际战略也有助于为网络强国战略营造有利的外部环境、提供外部先进的经验和教训,向国内的ICT企业提供广阔的国际市场。最后,还可借鉴对外援助领域的经验,通过ICT领域的对外援助缓解甚至消除网络空间治理中的数字鸿沟问题,一方面可以为网络空间治理贡献中国力量,另一方面也有助于中国ICT企业的国际化战略.

Original URL: http://www.siis.org.cn/Research/Info/629

 

中央網信辦發布《國家網絡安全事件應急預案》Communist Chinese Party issues National Network Security Incident Contingency Plans

中央網信辦發布《國家網絡安全事件應急預案》

Communist Chinese Party issues National Network Security Incident Contingency Plans

2017年06月27日 17:16中国网信网

Notice of the Central Network Office on Printing and Distributing the Emergency Plan for National Network Security Incidents

China Network Office issued a document [2017] No. 4

Provinces, autonomous regions and municipalities, Xinjiang Production and Construction Corps Party Committee Network Security and Information Leading Group, the central and state organs of the ministries, the people’s organizations:

“National network security incident contingency plans” has been the central network security and information leading group agreed, is now issued to you, please carefully organize the implementation.

Central Network Security and Information Leading Group Office

January 10, 2017

National network security incident contingency plans

table of Contents

1 General

1.1 Purpose of preparation

1.2 Preparation basis

1.3 Scope of application

1.4 Event rating

1.5 working principle

Organizational Structure and Responsibilities

2.1 Leadership and Responsibilities

2.2 offices and responsibilities

2.3 Responsibilities of various departments

2.4 duties of provinces (autonomous regions and municipalities)

3 monitoring and early warning

3.1 Early warning classification

3.2 Early warning monitoring

3.3 Early warning judgment and release

3.4 Early warning response

3.5 warning release

4 emergency treatment

4.1 Event report

4.2 Emergency response

4.3 Emergency end

5 Investigation and evaluation

6 to prevent work

6.1 Daily management

6.2 Walkthrough

6.3 Advocacy

6.4 Training

Precautions during important events

7 safeguards

7.1 Institutions and personnel

7.2 technical support team

7.3 expert team

7.4 Social resources

7.5 base platform

7.6 Technology research and development and industry promotion

7.7 International cooperation

7.8 material security

7.9 Funds protection

7.10 Responsibility and rewards and punishments

8 Annex

8.1 Project Management

8.2 Explanation of the plan

8.3 Implementation time of the plan

1 General

1.1 Purpose of preparation

Establish and improve the national network security incident emergency mechanism to improve the ability to deal with network security events, prevent and reduce network security incidents caused by the loss and harm, protect the public interest, safeguard national security, public safety and social order.

1.2 Preparation basis

“People’s Republic of China Incident Response Law”, “People’s Republic of China Network Security Law”, “National General Public Emergency Plan”, “Emergency Emergency Plan Management Measures” and “Information Security Technology Information Security Event Classification Classification Guide “(GB / Z 20986-2007) and other relevant provisions.

1.3 Scope of application

The cybersecurity incident referred to in this plan refers to events that cause adverse effects to the society due to human causes, hardware and software defects or failures, natural disasters, etc., which cause harm to the network and the information system or the data in it, Network attack events, information corruption events, information content security incidents, device facility failures, catastrophic events, and other events.

This plan applies to the work of network security events. Among them, the information content security incident response, to develop a special plan.

1.4 Event rating

Network security events are divided into four levels: particularly significant network security events, major network security incidents, larger network security events, and general network security events.

(1) meets one of the following scenarios for a particularly significant cyber security incident:

① Significant network and information systems suffer from particularly serious system losses, resulting in large paralysis of the system and loss of business processing capacity.

② State secret information, important sensitive information and key data loss or theft, tampering, counterfeiting, constitute a particularly serious threat to national security and social stability.

③ other network security incidents that pose a particularly serious threat to national security, social order, economic construction and public interest, causing particularly serious impact.

(2) meets one of the following scenarios and does not meet significant network security incidents for significant network security incidents:

① important network and information systems suffered serious system losses, resulting in a long time the system interrupted or partial paralysis, business processing capacity has been greatly affected.

② State secret information, important sensitive information and key data loss or theft, tampering, counterfeiting, posing a serious threat to national security and social stability.

③ other serious threats to national security, social order, economic construction and public interest, causing serious impact on network security incidents.

(3) meet one of the following conditions and does not meet significant network security incidents for larger network security events:

① important network and information systems suffer from greater system loss, resulting in system interruption, significantly affect the system efficiency, business processing capacity is affected.

② State secret information, important sensitive information and key data loss or theft, tampering, counterfeiting, posing a serious threat to national security and social stability.

③ other on the national security, social order, economic construction and public interests constitute a more serious threat, resulting in more serious impact of network security incidents.

(4) In addition to the above, the national security, social order, economic construction and public interests constitute a certain threat, resulting in a certain impact on the network security incidents for the general network security incidents.

1.5 working principle

Adhere to the unified leadership, grading responsibility; adhere to the unified command, close coordination, rapid response, scientific treatment; adhere to the prevention of prevention, prevention and emergency combination; adhere to who is responsible for who, who is responsible for running, give full play to all forces together Prevention and disposal of network security incidents.

Organizational Structure and Responsibilities

2.1 Leadership and Responsibilities

Under the leadership of the Central Network Security and Information Leading Group (hereinafter referred to as the “Leading Group”), the Office of the Central Network Security and Information Leading Group (hereinafter referred to as the “Central Network Office”) coordinates the organization of national network security incident response, Establish and improve the cross-sectoral linkage mechanism, the Ministry of Industry and Information Technology, the Ministry of Public Security, the State Secrecy Bureau and other relevant departments in accordance with the division of responsibilities responsible for the relevant network security incident response. If necessary, the establishment of national network security incident emergency headquarters (hereinafter referred to as “the headquarters”), responsible for the special major network security incident handling organization and coordination and coordination.

2.2 offices and responsibilities

National Network Security Emergency Office (hereinafter referred to as “emergency office”) is located in the central network letter office, the specific work by the central network letter to do Network Security Coordination Bureau. Emergency Office is responsible for the network security emergency cross-sectoral, cross-regional coordination of the work and the headquarters of the transactional work, organization and guidance of national network security emergency technical support team to do emergency technical support work. The relevant departments are responsible for the relevant work of the Secretary-level comrades as liaison officers, contact emergency office work.

2.3 Responsibilities of various departments

The central and state departments and departments in accordance with their duties and authority, responsible for the sector, the industry network and information systems network security incident prevention, monitoring, reporting and emergency response.

2.4 duties of provinces (autonomous regions and municipalities)

The administrative departments of the provinces (autonomous regions and municipalities) shall coordinate and organize the prevention, monitoring, reporting and emergency handling of network security incidents in the regional network and information systems under the unified leadership of the Party Committee’s Network Safety and Information Leading Group.

3 monitoring and early warning

3.1 Early warning classification

The network security event warning level is divided into four levels: from high to low, followed by red, orange, yellow and blue, respectively, corresponding to occur or may occur particularly significant, significant, large and general network security events.

3.2 Early warning monitoring

The units in accordance with the “who is responsible for who is responsible for who who is responsible for” the requirements of the organization of the unit construction and operation of the network and information systems to carry out network security monitoring. Focus on industry executives or regulatory organizations to guide the organization to do the work of network security monitoring. The provinces (autonomous regions and municipalities) network letter department with the actual situation in the region, the organization of the region to carry out the network and information systems security monitoring. Provinces (autonomous regions and municipalities), the departments will be important monitoring information reported to be urgent, emergency office to carry out inter-provincial (district, city), cross-sectoral network security information sharing.

3.3 Early warning judgment and release

Provinces, autonomous regions and municipalities, departments of the monitoring of information on the judge, that the need for immediate preventive measures, should promptly notify the relevant departments and units, may occur on major and above network security incidents in a timely manner to the emergency response report. Provinces (autonomous regions and municipalities), the departments can be based on monitoring and judging the situation, the release of the region, the industry’s orange and the following warning.

Emergency organization to determine, determine and publish red warning and involving multi-province (district, city), multi-sectoral, multi-industry early warning.

Early warning information includes the category of the event, the level of the alert, the starting time, the possible scope, the warning, the measures and time limits that should be taken, the issuing authority, and so on.

3.4 Early warning response

3.4.1 Red warning response

(1) the emergency response organization organization early warning response work, contact experts and relevant agencies, organizations to track the development of the situation to study and formulate preventive measures and emergency work program, coordination of resource scheduling and departmental linkage of the preparatory work.

(2) the relevant provinces (autonomous regions and municipalities), the Department of network security incident emergency command agencies to implement 24 hours on duty, the relevant personnel to maintain communication links. Strengthen the network security incident monitoring and development of information collection work, organize and guide the emergency support team, the relevant operating units to carry out emergency treatment or preparation, risk assessment and control work, the important situation retribution urgent.

(3) the national network security emergency technical support team into the standby state, for the early warning information research to develop a response program, check emergency vehicles, equipment, software tools, to ensure a good condition.

3.4.2 Orange warning response

(1) the relevant provinces (autonomous regions and municipalities), departmental network security incident emergency command agencies to start the corresponding contingency plans, organize early warning response, do risk assessment, emergency preparedness and risk control.

(2) the relevant provinces (autonomous regions and municipalities), departments in a timely manner to the situation of the situation reported to the emergency response. The Emergency Office is closely following the development of the matter and timely notification of the relevant provinces (autonomous regions and municipalities) and departments.

(3) the national network security emergency technical support team to keep in touch, check emergency vehicles, equipment, software tools, to ensure that in good condition.

3.4.3 yellow, blue warning response

The relevant regional and departmental network security incident emergency command agencies to start the corresponding contingency plans to guide the organization to carry out early warning response.

3.5 warning release

Early warning release departments or regions according to the actual situation, to determine whether to lift the warning, timely release warning release information.

4 emergency treatment

4.1 Event report

After the network security incident occurs, the incident unit should immediately start the emergency plan, the implementation of disposal and timely submission of information. The relevant regions and departments immediately organize the early disposal, control the situation, eliminate hidden dangers, at the same time organization and judgment, pay attention to save the evidence, do a good job of information communication. For the primary judgment is particularly significant, major network security incidents, and immediately report to the emergency office.

4.2 Emergency response

The network security incident emergency response is divided into four levels, corresponding to particularly significant, significant, large and general network security events. Level I is the highest response level.

4.2.1 Class I response

Is a particularly important network security incidents, timely start I-level response, the establishment of the headquarters, the implementation of emergency response to the unified leadership, command and coordination responsibilities. Emergency Office 24 hours on duty.

The relevant departments (district, city), the department emergency response agencies into the emergency state, in the command of the unified leadership, command and coordination, responsible for the province (district, city), the department emergency work or support security work, 24 hours on duty, And sent to participate in emergency office work.

The relevant provinces (autonomous regions and municipalities), departments to track the development of the situation, check the scope of the impact of the situation in time to change the situation, the progress of the report retribution. The headquarters of the response to the work of the decision-making arrangements, the relevant provinces (autonomous regions and municipalities) and departments responsible for the organization and implementation.

4.2.2 Class II response

The level response of the network security incident is determined by the relevant province (district, city) and the department according to the nature and circumstances of the incident.

(1) the incident occurred in the province (district, city) or department of the emergency command agencies into the emergency state, in accordance with the relevant emergency plans to do emergency work.

(2) the incident occurred in the province (district, city) or departments in a timely manner to change the situation developments. The emergency office will keep the relevant matters and the relevant departments and departments in a timely manner.

(3) the disposal of the need for other relevant provinces (autonomous regions and municipalities), departments and national network security emergency technical support team with the support and business emergency response to be coordinated. Relevant provinces (autonomous regions and municipalities), departments and national network security emergency technical support team should be based on their respective responsibilities, and actively cooperate to provide support.

(4) The relevant provinces (autonomous regions and municipalities) and departments shall, in accordance with the notification of the emergency office, strengthen the prevention and prevent the greater impact and losses on the basis of their actual and targeted efforts.

4.2.3 Class Ⅲ, Ⅳ level response

Event areas and departments in accordance with the relevant plans for emergency response.

4.3 Emergency end

4.3.1 End of class I response

Emergency Office to make recommendations, reported to the headquarters after approval, timely notification of the relevant provinces (autonomous regions and municipalities) and departments.

4.3.2 Level II response ends

(Autonomous regions and municipalities) or departments, the emergency response, emergency response to the relevant provinces (autonomous regions and municipalities) and departments.

5 Investigation and evaluation

Special major network security incidents by the emergency branch of the relevant departments and provinces (autonomous regions and municipalities) to investigate and summarize the assessment, according to the procedures reported. Significant and the following network security incidents are organized by the event area or department to organize their own investigation and summary assessment, including the major network security incident related to the summary report of the report retribution. Summary of the investigation report should be the cause of the event, nature, impact, responsibility analysis and evaluation, put forward the views and improvement measures.

The investigation and summary of the incident is carried out in principle within 30 days after the end of the emergency response.

6 to prevent work

6.1 Daily management

All localities and departments should do a good job in the day-to-day prevention of network security incidents, formulate and improve relevant emergency plans, do a good job of network security inspection, risk investigation, risk assessment and disaster recovery, improve the network security information notification mechanism, take timely and effective measures, Reduce and avoid the occurrence and harm of network security incidents, improve the ability to deal with network security incidents.

6.2 Walkthrough

Central Network letter to coordinate the relevant departments to organize regular exercises, test and improve the plan to improve the actual combat capability.

The provinces (autonomous regions and municipalities), departments at least once a year to organize a plan exercise, and the exercise situation reported to the central network letter to do.

6.3 Advocacy

All localities and departments should make full use of various media and other effective propaganda forms to strengthen the publicity and disposal of relevant laws, regulations and policies for the prevention and disposal of sudden network security incidents and carry out propaganda activities on basic knowledge and skills of network security.

6.4 Training

All localities and departments should regard the emergency knowledge of cyber security incidents as the training content of leading cadres and relevant personnel, strengthen the training of network security, especially network security contingency plans, and improve awareness and skills.

Precautions during important events

In the national important activities, during the meeting, the provinces (autonomous regions and municipalities), various departments to strengthen the network security incidents to prevent and emergency response to ensure network security. Emergency Office to coordinate the work of network security, according to the requirements of the relevant provinces (autonomous regions and municipalities), departments to start the red warning response. The relevant provinces (autonomous regions and municipalities), departments to strengthen network security monitoring and analysis of judgments, timely warning may cause significant impact on the risks and risks, key departments, key positions to maintain 24 hours on duty, timely detection and disposal of network security incidents.

7 safeguards

7.1 Institutions and personnel

All localities and departments, units to implement the network security emergency work responsibility system, the responsibility to implement specific departments, specific positions and individuals, and establish a sound emergency working mechanism.

7.2 technical support team

Strengthen the network security emergency technical support team building, do a good job of network security incident monitoring and early warning, prevention and protection, emergency response, emergency technical support work. Support network security enterprises to improve emergency response capabilities, to provide emergency technical support. The central network to do assessment of the development of accreditation standards, organizational assessment and identification of national network security emergency technical support team. All provinces (autonomous regions and municipalities), departments should be equipped with the necessary network security professional and technical personnel, and strengthen the national network security related technical units of communication, coordination, the establishment of the necessary network security information sharing mechanism.

7.3 expert team

The establishment of national network security emergency expert group, for the network security incident prevention and disposal of technical advice and decision-making recommendations. All regions and departments to strengthen their own team of experts, give full play to the role of experts in the emergency response.

7.4 Social resources

From the educational research institutions, enterprises and institutions, associations in the selection of network security personnel, pooling technology and data resources, the establishment of network security incident emergency service system to improve the response to particularly significant, major network security incidents.

7.5 base platform

All regions and departments to strengthen the network security platform and management platform for emergency management, so early detection, early warning, early response, improve emergency response capability.

7.6 Technology research and development and industry promotion

Relevant departments to strengthen network security technology research, and constantly improve the technical equipment, emergency response to provide technical support. Strengthen the policy guidance, focus on supporting network security monitoring and early warning, prevention and protection, disposal of rescue, emergency services and other directions to enhance the overall level of network security industry and core competitiveness, and enhance the prevention and disposal of network security event industry support capabilities.

7.7 International cooperation

Relevant departments to establish international cooperation channels, signed a cooperation agreement, if necessary, through international cooperation to deal with sudden network security incidents.

7.8 material security

Strengthen the network security emergency equipment, tools, reserves, timely adjustment, upgrade software hardware tools, and constantly enhance the emergency technical support capabilities.

7.9 Funds protection

The financial department provides the necessary financial guarantee for the emergency disposal of the network security incident. Relevant departments to use the existing policies and funding channels to support the network security emergency technical support team building, expert team building, basic platform construction, technology research and development, planning exercises, material security and other work carried out. All regions and departments for the network security emergency work to provide the necessary financial protection.

7.10 Responsibility and rewards and punishments

Implementation of Responsibility System for Emergency Work of Network Security Incident.

The central network letter office and the relevant regional and departmental network security incident emergency management work to make outstanding contributions to the advanced collective and individuals to commend and reward.

The central network and the relevant departments and departments do not follow the provisions of the formulation of plans and organizations to carry out exercises, late, false, concealed and owe the network security incidents important or emergency management work in other misconduct, dereliction of duty, in accordance with the relevant Provides for the responsible person to be punished; constitute a crime, shall be held criminally responsible.

8 Annex

8.1 Project Management

The plan is evaluated in principle once a year and revised in a timely manner according to the actual situation. The revision work is handled by the central network.

All provinces (autonomous regions and municipalities), departments and units shall, according to the plan, formulate or revise the contingency plans for the network security incidents in the region, the department, the industry and the unit.

8.2 Explanation of the plan

The plan is interpreted by the central network letter office.

8.3 Implementation time of the plan

The plan has been implemented since the date of issuance.

Attachment:

1. Network security event classification

2. Terminology

3. Network and information system loss degree description

attachment1

Network Security Event Classification

Network security events are classified as unwanted program events, network attack events, information corruption events, information content security incidents, device facility failures, catastrophic events, and other network security incidents.

(1) Harmful program events are classified into computer virus events, worm events, Trojan events, botnet events, mixed program attack events, web embedded malicious code events, and other unwanted program events.

(2) network attacks are divided into denial of service attacks, backdoor attacks, vulnerability attacks, network scanning eavesdropping events, phishing events, interference events and other network attacks.

(3) information destruction events are classified as information tampering events, information fake events, information disclosure incidents, information theft events, information loss events and other information destruction events.

(4) Information content security incidents refer to the dissemination of laws and regulations through the Internet to prohibit information, organize illegal series, incite rallies or hype sensitive issues and endanger national security, social stability and public interest events.

(5) equipment and equipment failure is divided into hardware and software failure, peripheral protection facilities failure, man-made damage and other equipment and equipment failure.

(6) Disastrous events refer to network security incidents caused by other emergencies such as natural disasters.

(7) Other events refer to network security events that can not be classified as above.

Annex 2

Terminology

First, the important network and information systems

The network and information systems that are closely related to national security, social order, economic construction and public interest.

(Reference: “Information Security Technology Information Security Event Classification and Classification Guide” (GB / Z 20986-2007))

Second, the important sensitive information

Information that is not related to national secrets but is closely related to national security, economic development, social stability and corporate and public interest, which, once unauthorized, is disclosed, lost, misused, tampered with or destroyed, may have the following consequences:

A) damage to national defense, international relations;

B) damage to State property, public interest and personal property or personal safety;

C) affect the state to prevent and combat economic and military spies, political infiltration, organized crime;

D) affect the administrative organs to investigate and deal with illegal, dereliction of duty, or suspected of illegal, dereliction of duty;

E) interfere with government departments to carry out administrative activities such as supervision, management, inspection and auditing impartially, hinder government departments from performing their duties;

F) endanger the national key infrastructure, government information system security;

G) affect the market order, resulting in unfair competition, undermining the laws of the market;

H) can be inferred from the state secret matter;

I) infringement of personal privacy, corporate trade secrets and intellectual property rights;

J) damage to the country, business, personal other interests and reputation.

(Reference: “Information Security Technology Cloud Computing Service Security Guide” (GB / T31167-2014))

Annex 3

Network and Information System Losses

Network and information system loss refers to the network security incidents due to network hardware and software, functions and data damage, resulting in system business interruption, so as to the loss caused by the organization, the size of the main consideration to restore the normal operation of the system and eliminate security incidents Negative effects are deducted as particularly serious system losses, severe system losses, greater system losses, and minor system losses, as follows:

A) Particularly serious systemic damage: a large area of ​​paralysis of the system, loss of business processing capacity, or confidentiality, integrity, availability of critical data, serious damage to the system, normal operation of the system and elimination of the negative impact of security incidents The price paid is very great, for the incident is unbearable;

B) Serious system loss: causing the system to be interrupted for a long time or partially paralyzed, greatly compromising its business processing capacity, or the confidentiality, integrity, availability of the critical data, the recovery of the system and the elimination of security incidents Negative effects are huge, but are affordable for the organization;

C) Larger system losses: causing system outages, significantly affecting system efficiency, affecting the operational capacity of important information systems or general information systems, or the confidentiality, integrity, availability of system critical data, and the restoration of the system The cost of running and eliminating the negative effects of security incidents is greater, but it is entirely affordable for the organization;

D) Smaller system losses: causing system interruption, affecting system efficiency, affecting system operational capacity, or confidentiality, integrity, availability of system critical data, restoring system uptime and eliminating security incidents The cost of the impact is less.

Original Mandarin Chinese:

中央網信辦關於印發《國家網絡安全事件應急預案》的通知

中網辦發文〔2017〕4號

各省、自治區、直轄市、新疆生產建設兵團黨委網絡安全和信息化領導小組,中央和國家機關各部委、各人民團體:

《國家網絡安全事件應急預案》已經中央網絡安全和信息化領導小組同意,現印發給你們,請認真組織實施。

中央網絡安全和信息化領導小組辦公室

2017年1月10日

國家網絡安全事件應急預案

目 錄

1 總則

1.1 編制目的

1.2 編制依據

1.3 適用範圍

1.4 事件分級

1.5 工作原則

2 組織機構與職責

2.1 領導機構與職責

2.2 辦事機構與職責

2.3 各部門職責

2.4 各省(區、市)職責

3 監測與預警

3.1 預警分級

3.2 預警監測

3.3 預警研判和發布

3.4 預警響應

3.5 預警解除

4 應急處置

4.1 事件報告

4.2 應急響應

4.3 應急結束

5 調查與評估

6 預防工作

6.1 日常管理

6.2 演練

6.3 宣傳

6.4 培訓

6.5 重要活動期間的預防措施

7 保障措施

7.1 機構和人員

7.2 技術支撐隊伍

7.3 專家隊伍

7.4 社會資源

7.5 基礎平台

7.6 技術研發和產業促進

7.7 國際合作

7.8 物資保障

7.9 經費保障

7.10 責任與獎懲

8 附則

8.1 預案管理

8.2 預案解釋

8.3 預案實施時間

1 總則

1.1 編制目的

建立健全國家網絡安全事件應急工作機制,提高應對網絡安全事件能力,預防和減少網絡安全事件造成的損失和危害,保護公眾利益,維護國家安全、公共安全和社會秩序。

1.2 編制依據

《中華人民共和國突發事件應對法》、《中華人民共和國網絡安全法》、《國家突發公共事件總體應急預案》、《突發事件應急預案管理辦法》和《信息安全技術信息安全事件分類分級指南》(GB/Z 20986-2007)等相關規定。

1.3 適用範圍

本預案所指網絡安全事件是指由於人為原因、軟硬件缺陷或故障、自然災害等,對網絡和信息系統或者其中的數據造成危害,對社會造成負面影響的事件,可分為有害程序事件、網絡攻擊事件、信息破壞事件、信息內容安全事件、設備設施故障、災害性事件和其他事件。

本預案適用於網絡安全事件的應對工作。其中,有關信息內容安全事件的應對,另行製定專項預案。

1.4 事件分級

網絡安全事件分為四級:特別重大網絡安全事件、重大網絡安全事件、較大網絡安全事件、一般網絡安全事件。

(1)符合下列情形之一的,為特別重大網絡安全事件:

①重要網絡和信息系統遭受特別嚴重的系統損失,造成系統大面積癱瘓,喪失業務處理能力。

②國家秘密信息、重要敏感信息和關鍵數據丟失或被竊取、篡改、假冒,對國家安全和社會穩定構成特別嚴重威脅。

③其他對國家安全、社會秩序、經濟建設和公眾利益構成特別嚴重威脅、造成特別嚴重影響的網絡安全事件。

(2)符合下列情形之一且未達到特別重大網絡安全事件的,為重大網絡安全事件:

①重要網絡和信息系統遭受嚴重的系統損失,造成系統長時間中斷或局部癱瘓,業務處理能力受到極大影響。

②國家秘密信息、重要敏感信息和關鍵數據丟失或被竊取、篡改、假冒,對國家安全和社會穩定構成嚴重威脅。

③其他對國家安全、社會秩序、經濟建設和公眾利益構成嚴重威脅、造成嚴重影響的網絡安全事件。

(3)符合下列情形之一且未達到重大網絡安全事件的,為較大網絡安全事件:

①重要網絡和信息系統遭受較大的系統損失,造成系統中斷,明顯影響系統效率,業務處理能力受到影響。

②國家秘密信息、重要敏感信息和關鍵數據丟失或被竊取、篡改、假冒,對國家安全和社會穩定構成較嚴重威脅。

③其他對國家安全、社會秩序、經濟建設和公眾利益構成較嚴重威脅、造成較嚴重影響的網絡安全事件。

(4)除上述情形外,對國家安全、社會秩序、經濟建設和公眾利益構成一定威脅、造成一定影響的網絡安全事件,為一般網絡安全事件。

1.5 工作原則

堅持統一領導、分級負責;堅持統一指揮、密切協同、快速反應、科學處置;堅持預防為主,預防與應急相結合;堅持誰主管誰負責、誰運行誰負責,充分發揮各方面力量共同做好網絡安全事件的預防和處置工作。

2 組織機構與職責

2.1 領導機構與職責

在中央網絡安全和信息化領導小組(以下簡稱“領導小組”)的領導下,中央網絡安全和信息化領導小組辦公室(以下簡稱“中央網信辦”)統籌協調組織國家網絡安全事件應對工作,建立健全跨部門聯動處置機制,工業和信息化部、公安部、國家保密局等相關部門按照職責分工負責相關網絡安全事件應對工作。必要時成立國家網絡安全事件應急指揮部(以下簡稱“指揮部”),負責特別重大網絡安全事件處置的組織指揮和協調。

2.2 辦事機構與職責

國家網絡安全應急辦公室(以下簡稱“應急辦”)設在中央網信辦,具體工作由中央網信辦網絡安全協調局承擔。應急辦負責網絡安全應急跨部門、跨地區協調工作和指揮部的事務性工作,組織指導國家網絡安全應急技術支撐隊伍做好應急處置的技術支撐工作。有關部門派負責相關工作的司局級同志為聯絡員,聯絡應急辦工作。

2.3 各部門職責

中央和國家機關各部門按照職責和權限,負責本部門、本行業網絡和信息系統網絡安全事件的預防、監測、報告和應急處置工作。

2.4 各省(區、市)職責

各省(區、市)網信部門在本地區黨委網絡安全和信息化領導小組統一領導下,統籌協調組織本地區網絡和信息系統網絡安全事件的預防、監測、報告和應急處置工作。

3 監測與預警

3.1 預警分級

網絡安全事件預警等級分為四級:由高到低依次用紅色、橙色、黃色和藍色表示,分別對應發生或可能發生特別重大、重大、較大和一般網絡安全事件。

3.2 預警監測

各單位按照“誰主管誰負責、誰運行誰負責”的要求,組織對本單位建設運行的網絡和信息系統開展網絡安全監測工作。重點行業主管或監管部門組織指導做好本行業網絡安全監測工作。各省(區、市)網信部門結合本地區實際,統籌組織開展對本地區網絡和信息系統的安全監測工作。各省(區、市)、各部門將重要監測信息報應急辦,應急辦組織開展跨省(區、市)、跨部門的網絡安全信息共享。

3.3 預警研判和發布

各省(區、市)、各部門組織對監測信息進行研判,認為需要立即採取防範措施的,應當及時通知有關部門和單位,對可能發生重大及以上網絡安全事件的信息及時向應急辦報告。各省(區、市)、各部門可根據監測研判情況,發布本地區、本行業的橙色及以下預警。

應急辦組織研判,確定和發布紅色預警和涉及多省(區、市)、多部門、多行業的預警。

預警信息包括事件的類別、預警級別、起始時間、可能影響範圍、警示事項、應採取的措施和時限要求、發布機關等。

3.4 預警響應

3.4.1 紅色預警響應

(1)應急辦組織預警響應工作,聯繫專家和有關機構,組織對事態發展情況進行跟踪研判,研究制定防範措施和應急工作方案,協調組織資源調度和部門聯動的各項準備工作。

(2)有關省(區、市)、部門網絡安全事件應急指揮機構實行24小時值班,相關人員保持通信聯絡暢通。加強網絡安全事件監測和事態發展信息蒐集工作,組織指導應急支撐隊伍、相關運行單位開展應急處置或準備、風險評估和控制工作,重要情況報應急辦。

(3)國家網絡安全應急技術支撐隊伍進入待命狀態,針對預警信息研究制定應對方案,檢查應急車輛、設備、軟件工具等,確保處於良好狀態。

3.4.2 橙色預警響應

(1)有關省(區、市)、部門網絡安全事件應急指揮機構啟動相應應急預案,組織開展預警響應工作,做好風險評估、應急準備和風險控制工作。

(2)有關省(區、市)、部門及時將事態發展情況報應急辦。應急辦密切關注事態發展,有關重大事項及時通報相關省(區、市)和部門。

(3)國家網絡安全應急技術支撐隊伍保持聯絡暢通,檢查應急車輛、設備、軟件工具等,確保處於良好狀態。

3.4.3 黃色、藍色預警響應

有關地區、部門網絡安全事件應急指揮機構啟動相應應急預案,指導組織開展預警響應。

3.5 預警解除

預警發布部門或地區根據實際情況,確定是否解除預警,及時發布預警解除信息。

4 應急處置

4.1 事件報告

網絡安全事件發生後,事發單位應立即啟動應急預案,實施處置並及時報送信息。各有關地區、部門立即組織先期處置,控制事態,消除隱患,同時組織研判,注意保存證據,做好信息通報工作。對於初判為特別重大、重大網絡安全事件的,立即報告應急辦。

4.2 應急響應

網絡安全事件應急響應分為四級,分別對應特別重大、重大、較大和一般網絡安全事件。 I級為最高響應級別。

4.2.1 Ⅰ級響應

屬特別重大網絡安全事件的,及時啟動I級響應,成立指揮部,履行應急處置工作的統一領導、指揮、協調職責。應急辦24小時值班。

有關省(區、市)、部門應急指揮機構進入應急狀態,在指揮部的統一領導、指揮、協調下,負責本省(區、市)、本部門應急處置工作或支援保障工作,24小時值班,並派員參加應急辦工作。

有關省(區、市)、部門跟踪事態發展,檢查影響範圍,及時將事態發展變化情況、處置進展情況報應急辦。指揮部對應對工作進行決策部署,有關省(區、市)和部門負責組織實施。

4.2.2 Ⅱ級響應

網絡安全事件的Ⅱ級響應,由有關省(區、市)和部門根據事件的性質和情況確定。

(1)事件發生省(區、市)或部門的應急指揮機構進入應急狀態,按照相關應急預案做好應急處置工作。

(2)事件發生省(區、市)或部門及時將事態發展變化情況報應急辦。應急辦將有關重大事項及時通報相關地區和部門。

(3)處置中需要其他有關省(區、市)、部門和國家網絡安全應急技術支撐隊伍配合和支持的,商應急辦予以協調。相關省(區、市)、部門和國家網絡安全應急技術支撐隊伍應根據各自職責,積極配合、提供支持。

(4)有關省(區、市)和部門根據應急辦的通報,結合各自實際有針對性地加強防範,防止造成更大範圍影響和損失。

4.2.3 Ⅲ級、Ⅳ級響應

事件發生地區和部門按相關預案進行應急響應。

4.3 應急結束

4.3.1 Ⅰ級響應結束

應急辦提出建議,報指揮部批准後,及時通報有關省(區、市)和部門。

4.3.2 Ⅱ級響應結束

由事件發生省(區、市)或部門決定,報應急辦,應急辦通報相關省(區、市)和部門。

5 調查與評估

特別重大網絡安全事件由應急辦組織有關部門和省(區、市)進行調查處理和總結評估,並按程序上報。重大及以下網絡安全事件由事件發生地區或部門自行組織調查處理和總結評估,其中重大網絡安全事件相關總結調查報告報應急辦。總結調查報告應對事件的起因、性質、影響、責任等進行分析評估,提出處理意見和改進措施。

事件的調查處理和總結評估工作原則上在應急響應結束後30天內完成。

6 預防工作

6.1 日常管理

各地區、各部門按職責做好網絡安全事件日常預防工作,制定完善相關應急預案,做好網絡安全檢查、隱患排查、風險評估和容災備份,健全網絡安全信息通報機制,及時採取有效措施,減少和避免網絡安全事件的發生及危害,提高應對網絡安全事件的能力。

6.2 演練

中央網信辦協調有關部門定期組織演練,檢驗和完善預案,提高實戰能力。

各省(區、市)、各部門每年至少組織一次預案

,並將演練情況報中央網信辦。

6.3 宣傳

各地區、各部門應充分利用各種傳播媒介及其他有效的宣傳形式,加強突發網絡安全事件預防和處置的有關法律、法規和政策的宣傳,開展網絡安全基本知識和技能的宣傳活動。

6.4 培訓

各地區、各部門要將網絡安全事件的應急知識列為領導幹部和有關人員的培訓內容,加強網絡安全特別是網絡安全應急預案的培訓,提高防範意識及技能。

6.5 重要活動期間的預防措施

在國家重要活動、會議期間,各省(區、市)、各部門要加強網絡安全事件的防範和應急響應,確保網絡安全。應急辦統籌協調網絡安全保障工作,根據需要要求有關省(區、市)、部門啟動紅色預警響應。有關省(區、市)、部門加強網絡安全監測和分析研判,及時預警可能造成重大影響的風險和隱患,重點部門、重點崗位保持24小時值班,及時發現和處置網絡安全事件隱患。

7 保障措施

7.1 機構和人員

各地區、各部門、各單位要落實網絡安全應急工作責任制,把責任落實到具體部門、具體崗位和個人,並建立健全應急工作機制。

7.2 技術支撐隊伍

加強網絡安全應急技術支撐隊伍建設,做好網絡安全事件的監測預警、預防防護、應急處置、應急技術支援工作。支持網絡安全企業提升應急處置能力,提供應急技術支援。中央網信辦製定評估認定標準,組織評估和認定國家網絡安全應急技術支撐隊伍。各省(區、市)、各部門應配備必要的網絡安全專業技術人才,並加強與國家網絡安全相關技術單位的溝通、協調,建立必要的網絡安全信息共享機制。

7.3 專家隊伍

建立國家網絡安全應急專家組,為網絡安全事件的預防和處置提供技術諮詢和決策建議。各地區、各部門加強各自的專家隊伍建設,充分發揮專家在應急處置工作中的作用。

7.4 社會資源

從教育科研機構、企事業單位、協會中選拔網絡安全人才,匯集技術與數據資源,建立網絡安全事件應急服務體系,提高應對特別重大、重大網絡安全事件的能力。

7.5 基礎平台

各地區、各部門加強網絡安全應急基礎平台和管理平台建設,做到早發現、早預警、早響應,提高應急處置能力。

7.6 技術研發和產業促進

有關部門加強網絡安全防範技術研究,不斷改進技術裝備,為應急響應工作提供技術支撐。加強政策引導,重點支持網絡安全監測預警、預防防護、處置救援、應急服務等方向,提升網絡安全應急產業整體水平與核心競爭力,增強防範和處置網絡安全事件的產業支撐能力。

7.7 國際合作

有關部門建立國際合作渠道,簽訂合作協定,必要時通過國際合作共同應對突發網絡安全事件。

7.8 物資保障

加強對網絡安全應急裝備、工具的儲備,及時調整、升級軟件硬件工具,不斷增強應急技術支撐能力。

7.9 經費保障

財政部門為網絡安全事件應急處置提供必要的資金保障。有關部門利用現有政策和資金渠道,支持網絡安全應急技術支撐隊伍建設、專家隊伍建設、基礎平台建設、技術研發、預案演練、物資保障等工作開展。各地區、各部門為網絡安全應急工作提供必要的經費保障。

7.10 責任與獎懲

網絡安全事件應急處置工作實行責任追究制。

中央網信辦及有關地區和部門對網絡安全事件應急管理工作中作出突出貢獻的先進集體和個人給予表彰和獎勵。

中央網信辦及有關地區和部門對不按照規定制定預案和組織開展演練,遲報、謊報、瞞報和漏報網絡安全事件重要情況或者應急管理工作中有其他失職、瀆職行為的,依照相關規定對有關責任人給予處分;構成犯罪的,依法追究刑事責任。

8 附則

8.1 預案管理

本預案原則上每年評估一次,根據實際情況適時修訂。修訂工作由中央網信辦負責。

各省(區、市)、各部門、各單位要根據本預案製定或修訂本地區、本部門、本行業、本單位網絡安全事件應急預案。

8.2 預案解釋

本預案由中央網信辦負責解釋。

8.3 預案實施時間

本預案自印發之日起實施。

附件:

1. 網絡安全事件分類

2. 名詞術語

3. 網絡和信息系統損失程度劃分說明

附件1

網絡安全事件分類

網絡安全事件分為有害程序事件、網絡攻擊事件、信息破壞事件、信息內容安全事件、設備設施故障、災害性事件和其他網絡安全事件等。

(1)有害程序事件分為計算機病毒事件、蠕蟲事件、特洛伊木馬事件、殭屍網絡事件、混合程序攻擊事件、網頁內嵌惡意代碼事件和其他有害程序事件。

(2)網絡攻擊事件分為拒絕服務攻擊事件、後門攻擊事件、漏洞攻擊事件、網絡掃描竊聽事件、網絡釣魚事件、干擾事件和其他網絡攻擊事件。

(3)信息破壞事件分為信息篡改事件、信息假冒事件、信息洩露事件、信息竊取事件、信息丟失事件和其他信息破壞事件。

(4)信息內容安全事件是指通過網絡傳播法律法規禁止信息,組織非法串聯、煽動集會遊行或炒作敏感問題並危害國家安全、社會穩定和公眾利益的事件。

(5)設備設施故障分為軟硬件自身故障、外圍保障設施故障、人為破壞事故和其他設備設施故障。

(6)災害性事件是指由自然災害等其他突發事件導致的網絡安全事件。

(7)其他事件是指不能歸為以上分類的網絡安全事件。

附件2

名詞術語

一、重要網絡與信息系統

所承載的業務與國家安全、社會秩序、經濟建設、公眾利益密切相關的網絡和信息系統。

(參考依據:《信息安全技術信息安全事件分類分級指南》(GB/Z 20986-2007))

二、重要敏感信息

不涉及國家秘密,但與國家安全、經濟發展、社會穩定以及企業和公眾利益密切相關的信息,這些信息一旦未經授權披露、丟失、濫用、篡改或銷毀,可能造成以下後果:

a) 損害國防、國際關係;

b) 損害國家財產、公共利益以及個人財產或人身安全;

c) 影響國家預防和打擊經濟與軍事間諜、政治滲透、有組織犯罪等;

d) 影響行政機關依法調查處理違法、瀆職行為,或涉嫌違法、瀆職行為;

e) 干擾政府部門依法公正地開展監督、管理、檢查、審計等行政活動,妨礙政府部門履行職責;

f) 危害國家關鍵基礎設施、政府信息系統安全;

g) 影響市場秩序,造成不公平競爭,破壞市場規律;

h) 可推論出國家秘密事項;

i) 侵犯個人隱私、企業商業秘密和知識產權;

j) 損害國家、企業、個人的其他利益和聲譽。

(參考依據:《信息安全技術雲計算服務安全指南》(GB/T31167-2014))

附件3

網絡和信息系統損失程度劃分說明

網絡和信息系統損失是指由於網絡安全事件對系統的軟硬件、功能及數據的破壞,導致系統業務中斷,從而給事發組織所造成的損失,其大小主要考慮恢復系統正常運行和消除安全事件負面影響所需付出的代價,劃分為特別嚴重的系統損失、嚴重的系統損失、較大的系統損失和較小的系統損失,說明如下:

a) 特別嚴重的系統損失:造成系統大面積癱瘓,使其喪失業務處理能力,或系統關鍵數據的保密性、完整性、可用性遭到嚴重破壞,恢復系統正常運行和消除安全事件負面影響所需付出的代價十分巨大,對於事發組織是不可承受的;

b) 嚴重的系統損失:造成系統長時間中斷或局部癱瘓,使其業務處理能力受到極大影響,或系統關鍵數據的保密性、完整性、可用性遭到破壞,恢復系統正常運行和消除安全事件負面影響所需付出的代價巨大,但對於事發組織是可承受的;

c) 較大的系統損失:造成系統中斷,明顯影響系統效率,使重要信息系統或一般信息系統業務處理能力受到影響,或系統重要數據的保密性、完整性、可用性遭到破壞,恢復系統正常運行和消除安全事件負面影響所需付出的代價較大,但對於事發組織是完全可以承受的;

d) 較小的系統損失:造成系統短暫中斷,影響系統效率,使系統業務處理能力受到影響,或系統重要數據的保密性、完整性、可用性遭到影響,恢復系統正常運行和消除安全事件負面影響所需付出的代價較小。

Original referring URL:

http://www.cac.gov.cn/2017-06/27/c_1121220113.htm