Category Archives: China National Cyber Security Strategy

Chinese Military Review: From Army Information Construction to Construction of Information Army // 中國軍事評論:從軍隊信息建設到建設信息化軍隊

Chinese Military Review: From Army Information Construction to Construction of Information Army //

中國軍事評論:從軍隊信息建設到建設信息化軍隊

2006年04月20日 22:00

From the Army Information Construction to the Construction of Informatized Army——Opening the Eyes to See the New Military Revolution in the World

  Li Bingyan

  A few years ago, there was a curtain factory abroad that was on the verge of bankruptcy and turned to the consulting company. The consulting company only asked them to change the curtain factory to a shading technology factory, and the factory would survive.

  A name change has broadened the horizon of development; a concept change has opened up the mind shackles. Updating the concept is inseparable from the concept of renewal. In the new military revolution, we need to adopt new concepts in a timely manner to show new development ideas.

  Although the ongoing new military revolution still does not see the other side, it is clear that the change has entered a new stage.

  This new military revolution was triggered by a new technological revolution centered on information technology. In the 1990s, the revolutionary impact of information technology on the military mainly remained at the stage of “construction”, that is, information technology embedding, networking, networking, and integration within the framework of the mechanized military organization. Technology strengthens mechanization and enhances mechanization. The theoretical community often refers to this stage of change as a revolution in the military field, which is to promote the army.

Information construction. At that time, the digital division and the digital army to be built by the US Army were carried out within the structure of the original mechanized army. Later, the US military learned from the experience of informatization of some large enterprises and multinational corporations in the society and changed the way of thinking.

  In the past, military changes were first to change military technology, weapons and equipment, and finally to complete the transformation of the military organizational system to adapt to the new methods of warfare. The new military revolution, characterized by informatization, especially the post-launch army, should be reversed. The experience of the business community is also “first rationalization of organizational structure, re-automation, informationization.”

  Before the 1990s, the US business community carried out informatization construction, focusing only on improving work efficiency. Although effective, it still cannot be changed. Ford Motor Company has spent a lot of money on automation, and its office efficiency has improved significantly. For example, the financial department of the North American branch has reduced the number of employees from 500 to 400 after office automation. The company leaders think it is good. Later, they learned about Japan.

Mazda Motor Company did the same job and used only five people. In contrast, Ford’s leadership was shocked. After in-depth investigation, they found that Mazda started to adjust the organizational structure, first change the workflow, and then engage in office automation. Ford’s financial system, organizational structure or traditional model has caused a lot of useless work. Later, Ford Company optimized its structure, re-engineered its business processes, and started office automation on this basis. The company’s financial staff was compressed to a quarter.

  In the development of human society, there is a phenomenon of “path dependence”. After a social system is formed, it will continue to strengthen itself in the actual operation, so that people will not be able to get rid of the influence of the original ideas afterwards.

  In addition, the organizational structure does not change, it is difficult to make the right decision in information. Usually, people are standing in their own units and planning work in this department, forming a “professional syndrome.” The research informatization is first of all the informationization of the unit, beyond the scope of construction of the unit, the leadership vision will not be achieved. This has led to the emergence of new “isomorphic diseases” – large and complete, small and complete, you have me, can not be interconnected, interoperable, interoperable. In this regard, some people call it the “potato effect”: a sack of potatoes, all sprouting, each self-contained system, self-enclosed, and not connected. Building these systems may be reasonable from a local perspective, but it may not be scientific or irrational from the overall perspective of informatization.

  In the practice, the foreign military realized that if informationization is not detoured, it should start with rationalizing the system and adjusting the command system. Otherwise, all levels and departments are busy with informationization. It is likely that the faster and the more the action is now, the greater the losses will be caused once reworked in the future.

  The rationalization of the organizational structure, the consideration of informationization, or the rationalization of organizational structure and informationization, and the simultaneous development have become a new consensus on the new military revolution. After entering the 21st century, the US military proposed a military transformation, marking a new stage in military transformation. At this stage, information technology has shifted from a “construction” role to a “deconstruction” role. That is: instead of strengthening mechanization, it is reorganizing mechanization. As a result, the army’s informatization construction has turned to the construction of an information-based army; the changes in the military field have turned to real military changes.

  In the theoretical preparation stage of the US military, the future army that was designed was: the sensor army, the precision strike army, the dominant mobile army, and the logistics army. In the transition, after a new argument, the future goals of the US military reorganization are proposed: the full-dimensional battlefield perception army, the precision firepower strike army, the efficient command and control army, and the intelligent logistics support army.

  In 2005, Germany proposed the idea of ​​building a “new three armed forces”, namely: rapid reaction forces, standing combat troops, and logistics support forces.

  At the end of last year, the Russian General Staff Department completed the reform of the armed forces. The Russian military’s new round of structural reforms eliminated the arms, military regions and fleets and re-established three functional headquarters and three regional headquarters. The three functional commands are: Strategic Nuclear Power Command, Transportation Command, and Aerospace Defense Command. The three regional commands are: Western European Command, Central Asian Command and Far East Command.

  Generally speaking, although the structural changes of the military have their own characteristics, the common point is that they tend to be integrated and tend to be integrated, and the boundaries between the traditional arms and services are increasingly blurred. The informationized army is not just a technology, but a new structure that is linked to new technologies – ultimately, a structural decision function.

Original Mandarin Chinese:

從軍隊信息建設到建設信息化軍隊——放開眼界看世界新軍事變革

李炳彥

幾年前,國外有一家窗簾廠,瀕臨倒閉之際,求助於諮詢公司。諮詢公司只讓他們把窗簾廠改為遮光技術廠,這個廠子便活了起來。

一個名字改變,拓寬了發展視野;一個概念更換,撬開了心智枷鎖。更新觀念,離不開更新概念。在新軍事變革中,我們需要適時採用新的概念,來展現新的發展思路。

持續發生的新軍事變革雖然至今仍看不到彼岸,但清晰可見變革已經進入到一個新階段。

這場新軍事變革,是由以信息技術為核心的新技術革命引發的。上個世紀90年代,信息技術對軍隊的革命性影響,主要還停留於“建構”階段,即在機械化軍隊的組織結構框架內進行信息技術嵌入、建網、聯網、集成,實際上是用信息技術加強機械化、提昇機械化。理論界常把這一階段的變革,稱之為軍事領域裡的變革,是推動軍隊

信息化建設。當時,美陸軍要建設的數字化師、數字化軍,都是在原來機械化軍隊的結構內進行的。後來,美軍汲取社會上一些大企業、跨國公司進行信息化的經驗,改變了變革的思路。
以往的軍事變革,都是先變革軍事技術、武器裝備,最後完成軍事組織體制的變革,以適應新的作戰方式。而信息化為標誌的新軍事變革,特別是後發之軍,應當反過來進行。企業界的經驗也是“先組織結構合理化,再自動化、信息化”。

上個世紀90年代以前,美國企業界進行信息化建設,只著眼於提高工作效率,雖有成效,但還談不上變革。美福特汽車公司,曾花大筆金錢搞自動化,辦公效率明顯提高,如北美分公司的財務部,實現辦公自動化後,人員由原來的500人減少到400人,公司領導自認為不錯。後來,他們得知日本

馬自達汽車公司做同樣的工作,一共只用了5個人。兩者相對照,福特公司的領導大吃一驚。他們深入調查後發現,馬自達公司從調整組織結構入手,先改變工作流程,再搞辦公自動化。福特公司的財務制度、組織結構還是傳統模式,造成許多無用功。後來,福特公司經過優化結構,再造業務流程,在此基礎上搞辦公自動化,公司財務員工壓縮到了原來的四分之一。
人類社會在發展中,存在一種“路徑依賴”現象,即一個社會系統形成後,必將在實際運作中不斷自我強化,以致後來人們改進它的種種嘗試,都難以擺脫原有思路的影響。

另外,組織結構不改變,很難做出信息化的正確決策。通常,人們都是站在本單位、本部門謀劃工作,形成了一種“職業官能症”。研究信息化首先是本單位的信息化,超出本單位的建設範圍,領導視野就達不到了。致使出現新的“同構病”——大而全、小而全,你有我也有,不能互聯、互通、互操作。對此,有人稱之為“馬鈴薯效應”:一麻袋馬鈴薯,個個都發芽,個個自成小系統,自我封閉,互不相聯。建這些系統,從局部來看可能合理,但從信息化的全局看可能並不科學、不合理。

外軍在實踐中認識到:要想信息化不走彎路,還應從理順編制體制、調整指揮體系入手。否則,各級、各部門都忙著信息化,很可能現在動作愈快、投入愈多,將來一旦返工,造成的損失就愈大。

先組織結構合理化,在信息化,或者組織結構合理化與信息化一併考慮,同時進行,成了新軍事變革的一種新共識。進入21世紀後,美軍提出軍隊轉型,標誌著軍事變革進入了一個新階段。在這個階段,信息技術從“建構”作用,轉向“解構”作用。即:不是加強機械化,而是重組機械化。由此,軍隊信息化建設,轉向了建設信息化軍隊;軍事領域裡的變革,轉向真正的軍事變革。

美軍在理論準備階段,曾設計出的未來軍隊是:傳感器軍,精確打擊軍,主導機動軍,聚焦後勤軍。在轉型中,經過新的論證,提出美軍重組的未來目標:全維戰場感知軍,精確火力打擊軍,高效指揮控制軍,智能後勤保障軍。

德國於2005年,提出了建設“新三軍”設想,即:快速反應部隊,常備作戰部隊,後勤支援部隊。

去年底,俄軍總參謀部完成了關於武裝力量改革方案。俄軍新一輪結構改革方案,取消了軍兵種、軍區和艦隊,重新成立三個職能司令部和三個地區司令部。三個職能司令部是:戰略核力量司令部、運輸司令部、空天防禦司令部。三個地區司令部是:西歐司令部、中亞司令部和遠東司令部。

從總體上看,軍隊結構變革雖然各國都有自己的特色,但共同點是趨於綜合、趨於一體化,傳統的軍兵種之間的界限日益模糊。信息化軍隊不只是技術,重要的是與新技術相聯繫的新的結構方式——最終還是結構決定功能。

Original Referring url: http://mil.news.sina.com.cn/2006-04-20/

People’s Liberation Army must be brave enough to take responsibility for China’s “Cyberspace” Sovereignty // 人民解放軍必須勇敢地對中國的“網絡空間”主權負責

People’s Liberation Army must be brave enough to take responsibility for China’s “Cyberspace” Sovereignty //

人民解放軍必須勇敢地對中國的“網絡空間”主權負責

Original: “National Defense Reference”, No. 3, 2017

作者:安卫平 北部战区副参谋长

  The cyberspace was born in the military field. For example, the first computer, the APA network and the GPS navigation system all originated from the military. Today, cyberspace security has been closely related to national security, and the military has once again become the protagonist of maintaining national cyberspace security. Whether it is facing normalized network penetration or large-scale cyberattacks, it is urgent for the military to move from defending the “network camp gate” to guarding the “network country gate”, breaking through the traditional military mission and mission, breaking through the traditional war preparation mode. With a new network of national defense thinking, the founding of the network era of the country’s strong shield.

  From the “network camp door” to the “network country door”, the new era brings a new trend of military mission

  Cyberspace is not only related to the maintenance of national strategic interests, but also directly affects political, economic, cultural security and social development. It has also become the blood and link of modern battlefield joint operations. The Chinese military cannot be limited to maintaining the internal network security of the military camp. It must also actively adapt to the trend of the times and take the responsibility of the country that guards the “network country.” The strong army of the Internet is an important part of the construction of a network power. From the “network camp door” to the “network country door” is the inevitable trend of the development of the domestic and international situation in the information age.

  Guarding the “network country door” is forced by the cyberspace security situation. As the first major Internet country, China’s security situation is not optimistic, and strategic opponents have never stopped preparing for our network operations. The United States, Britain, France and other countries are actively preparing for cyberspace, giving military functions through cyberspace security legislation, developing cyber warfare forces, developing cyber warfare weapons and equipment, and advancing war to the “fifth space” of mankind, especially in China. In the historical process of the rise, the Western countries used the means of network technology and communication to implement uninterrupted harassment, subversion and cyberattacks under the leadership of the Cold War mentality and the containment subversion strategy, which seriously affected the security and social development of our country. China gradually became National security is at great risk for the hardest hit by cybersecurity threats, the test sites for virus attacks, and the destination of conscious penetration.

  In the coming period, as a new emerging country, China’s conflicts of interest with other parties will intensify. Strengthening the network defense strategy and strengthening the operational readiness of cyberspace are the inevitable ways to actively strive for the dominance and discourse power of cyberspace, and also the rise of China. The only way to go. As the main force of national security and stability, the military must adapt to the characteristics of cyberspace and become the backbone and main force to resist network intrusion and network subversion, and safeguard national security and social stability.

  Winning cyber warfare is the trend of new military revolution in the information age. As one of the most advanced productivity in the information age, network technology has made cyberspace warfare a dominant factor guiding the evolution of modern warfare and affecting the overall situation of war. In recent years, from the “seismic net” attack in Iran, the cyber warfare in the Russian-Georgian conflict, the large-scale obstruction of the Ukrainian power grid , and the cyberattack of the US military against IS, the huge role played by cyberspace in actual combat has gradually emerged, indicating that cyber warfare Has become an important style of future joint operations.

  The US military attaches great importance to the construction of cyberspace armaments, the establishment of the Cyberspace Command, the launch of cyberspace joint warfare, the extensive expansion of cyber warfare forces, the maintenance of its cyberspace hegemony, and the formation of cyberspace control capabilities as a “third offset strategy”. “Absolute advantage is the most important competitive content.

  Many countries in the world have followed suit, and the trend of militarization of cyberspace is obvious. The rigorous cyberspace military struggle situation requires the Chinese military to focus on the changes in the network battlefield space, adapt to the requirements of the information war era, and achieve the strong military goal of smashing and winning in cyberspace.

  Effective network warfare is an inherent need to accelerate the construction of a network powerhouse. In the process of China’s development from a network power to a network power, it is inseparable from the strong cyberspace military power as a guarantee. The international competition in cyberspace is a comprehensive game of the country’s comprehensive strength. Among them, the quality of network military capacity building is directly related to national security and stability, and it is the core element of the entire national security field.

  At present, the interests of countries in the world in the cyberspace are mutually infiltrated, and there is a situation in which you have me, I have you, cooperate with each other, and develop together. However, this kind of common development is not equal. The US and Western powers have taken advantage of the cyberspace dominance, and have already achieved certain network warfare advantages, which has made my network development and interests subject to people. How the military can fulfill its mission of defending the earth in the construction of a network-strength country, the premise is to form a network environment capable of curbing the crisis, controlling the opponent’s network attack and defense capabilities, and ensuring peaceful development.

  Therefore, the military needs to establish a deterrent strategic goal of effective warfare, form a strategic check and balance ability that can “destroy each other” with the enemy, thereby enhancing strategic competitiveness, ending cyberspace aggression, and ensuring the smooth advancement of the network power strategy.

  From “keeping the soil and being responsible” to “protecting the net and defending the country”, the new situation requires the military to undertake new tasks.

  The military is the main force and pillar of national security, and cyberspace is no exception. The National Security Law, which was enacted on July 1, 2015, stipulates: ” Citizens of the People’s Republic of China , all state organs and armed forces, political parties and people’s organizations, enterprises and institutions, and other social organizations have the responsibility to safeguard national security. And obligations.” The Cybersecurity Law, promulgated in November 2016, emphasizes the need to maintain cyberspace sovereignty and national security.

  On the basis of the laws of these two countries, on December 27, 2016, the “National Cyberspace Security Strategy” (hereinafter referred to as “Strategy”) was officially launched, providing overall guidance for creating a new pattern of network powers at a new starting point. Basically follow, clearly put forward nine strategic tasks, further embodying the mission of the military in the process of building a network power.

  With the national mission of protecting the network, the military must be a strong pillar to defend the cyberspace sovereignty. The first of the nine strategic tasks listed in the “Strategy” is “firmly defending the cyberspace sovereignty” and clearly proposes to “take all measures including economic, administrative, scientific, technological, legal, diplomatic, military, etc., and unswervingly maintain our network.” Space sovereignty.” It can be seen that the military must assume the military mission of using physical space and defend the national mission of the sovereign security and interests of virtual cyberspace.

  Cyberspace sovereignty is the core interest of the state and an important component of national sovereignty. It indicates the independence, equal, self-defense and management rights of the state in cyberspace. A once hostile forces violated my cyberspace sovereignty is tantamount to a violation of national sovereignty physical space of my land, sea and so on, China will have the right to take all measures, including military means, including giving resolutely fight back.

  Internationally, the United States has long proposed a cyberspace deterrence strategy, declaring that attacks on US network information facilities are equivalent to war acts, and the United States will take military strikes to retaliate. Military means is a means of safeguarding national sovereignty and plays a vital role in safeguarding national cyberspace security. Therefore, the military, air, sea and air military forces have been given the historical mission of protecting the cyberspace sovereignty. They must rely on the powerful physical space to defend the national interests of cyberspace and effectively deter the hostile forces from cyber-damaging attempts.

  In accordance with the era of the Internet, the military must be the ballast stone to defend national security. The second item of the “Strategy” mission emphasizes the need to resolutely safeguard national security, prevent, deter and punish any use of the Internet for treason, secession, sedition, subversion or incitement to subvert the people’s democratic dictatorship.

  In the era of information network, the military of all countries in the world has become an important participant in cyberspace. The level of cyberspace capability has become the main indicator for assessing the modernization of a country’s military. It is one of the main duties of the informationized military to carry out cyberspace missions and maintain national security.

  Judging from the historical process of China’s development, it is necessary to be highly vigilant against the danger of the country being invaded, subverted, and divided in cyberspace in order to adapt to the national security strategy needs of building a well-off society in an all-round way. Highly alert to the reform caused by cyberspace. The danger of developing the overall situation is destroyed, and we are highly wary of the danger of interference and destruction in the development of socialism with Chinese characteristics.

  Preventing problems before they occur requires the state to have the means to cope with and deal with these dangers, and to have the powerful force to prevent, stop and legally punish cyberspace violations. Defending the country has always been an unshirkable historical responsibility of the military. The inherent mission and mission have determined that the Chinese military must assume the role of taking various measures in the cyberspace to safeguard the country’s political, economic, cultural security and social stability.

  The strategic mission of both offensive and defensive, the military must be a strong backing to enhance the ability of cyberspace protection. The third and eighth items of the Nine Major Tasks in the Strategy clearly state that all necessary measures must be taken to protect critical information infrastructure and its important data from attack and destruction, and that technology and management should be adhered to, protected and shocked; We will build a network space protection force that is commensurate with China’s international status and compatible with the network powers. We will vigorously develop network security defense methods, timely discover and resist network intrusion, and build a strong backing for national security. Among all the political, diplomatic, military, and scientific and technological capabilities of the country to maintain security, military power has always been the foundation and support for all capabilities, the fundamental guarantee for all capabilities, and the ultimate support for national security.

  Therefore, the military must undertake the strategic task of strengthening the national cyberspace protection capability. In the real society, the military is the reassurance of safeguarding national security. In the cyberspace, it should also become the security dependence and guarantee of the people. As an important part of the national cyberspace protection capability, the military must achieve both offensive and defensive capabilities, and the ability to resolutely safeguard the interests and security of the country and the people in cyberspace, and effectively eliminate the various crises caused by cybersecurity threats. The turbulence of thoughts enables the people to truly feel that production and life are effectively protected and become the confidence of the people of the whole country in their confidence in the national network protection capabilities.

  The global responsibility of UNPROFOR, the military must be an important support for maintaining global cybersecurity. The last item of the “Strategy” mission clearly proposes to strengthen international cooperation in cyberspace, support the United Nations in playing a leading role, promote the development of universally accepted international rules on cyberspace, international anti-terrorism conventions on cyberspace, and improve the judicial assistance mechanism for combating cybercrime, deepening International cooperation in the areas of policy law, technological innovation, standardization, emergency response, and protection of key information infrastructure.

  Cyber ​​terrorism and cybercrime are new forms of global threat catalyzed by information network fermentation. They pose a huge threat to the political, economic, military and cultural security of all countries in the world. It is not enough to rely solely on the power of the government and the people. Western countries have given the military the responsibility to protect cybersecurity and the power to fight cyber terrorism. Maintaining the security and stability of global cyberspace is in the fundamental interests of China and the rest of the world. The military should become an important defender of global cyberspace security and an important force in combating global cyber terrorism and cybercrime.

  The globalization and unbounded nature of the Internet determine the international demand for combating cyber terrorism and transnational cybercrime. The military should promote military cooperation between countries in the framework of the UN Security Council and use the strategies and technologies of the Internet era to establish joint defense and joint defense. Mechanism to effectively safeguard the security of the national and world cyberspace.

  From “field training” to “network preparation”, new areas require new preparations for the military

  Under the new historical situation, cyberspace puts forward new requirements for the military training and preparation mode. It should adapt to the new characteristics of cyberspace and the new mission of the military to carry out innovative reforms on the traditional model, strengthen the country’s military objectives, and strengthen macro-coordination. Focusing on the legal needs of cyberspace military operations, it closely follows the natural attributes of cyberspace “military and civilian integration”, builds a network security attack and defense system that combines peacetime and warfare, and builds a network defense force of “military and land use”.

  Legislation empowerment provides a legal basis for the military to carry out its functional mission. The countries of the world, especially the western developed countries, attach great importance to the issue of network defense in cyber security legislation. The United States has successively issued a series of policies and regulations such as “National Security No. 16 Presidential Decree”, “Network Space Action Strategy”, and has continuously deepened and standardized on how to protect national network security in the field of network defense.

  At present, it is necessary to clarify the duties and responsibilities of the cyberspace military from the legal level. It should be based on the National Security Law and the Cyber ​​Security Law, and introduce the network defense law and related cyberspace military operational regulations, for the construction of the network defense field and military. The action provides regulatory support and a program of action to make the military’s responsibilities and mission in cyberspace more specific and specific.

  First, further define the network sovereignty and network frontier through the network defense legislation, and clearly define the scope of the military.

  The second is to establish the operational authority of the military to defend the national cyberspace security through the construction of cyber warfare laws and regulations, and to distinguish military means against network intrusion and network destruction. Third, through the cyberspace international cooperation policy, the military will coordinate with other countries and civilian forces to combat international cyber terrorism and cybercrime.

  The integration of military and civilian provides an innovative driving force for the construction of a network powerhouse. The integration of military and civilian is the main method for the world power to enhance the competitiveness of cyberspace. For the construction of China’s network powerhouse, building a military-civilian network security attack and defense system and developing a military-land dual-use defense information infrastructure is to inspire the innovation of military cyberspace combat capability. Source.

  The first is to coordinate the military, civilian, and functional departments of the state, the military, and various levels of government, set up special command and coordination agencies, mobilize all national network forces, and build a network security attack and defense system that combines “military and civilian integration” and “peace and war.”

  The second is to issue guidance on the in-depth development of cyber security military-civilian integration as soon as possible, and gradually carry out basic legal research and demonstration of military-civilian integration to guide the development of medium- and long-term military-civil integration.

  Third, relying on the country’s existing public mobile communication network, optical fiber communication network and satellite system, the military and civilians will build an information infrastructure covering the entire army of the whole country, and realize the unified construction and sharing of military and civilian.

  The fourth is to establish an emergency response mechanism for military-civilian joints, increase the ability to train military authorities to control events, strengthen experts and emergency professional strength, and enhance the ability to quickly recover damaged networks or information systems.

  Military-civilian joint training provides a practical environment for the generation of cyberspace military capabilities. The military-civilian sharing characteristics of cyberspace make military-civilian joint training an important means of military training in cyberspace around the world. The cyberspace joint military and civilian exercises in the United States and NATO countries have formed a series of series. The “Network Storm” and “Network Guardian” drills have attracted the participation of governments, enterprises, research institutions and even civilian hackers. Our military cyberspace military strength training also needs to attract a wide range of civil forces to participate.

  First, do a good job in military-government cooperation, establish a military-civilian joint offensive and defensive drill mechanism, learn from the red-blue confrontation training methods in the cyber war drills of developed countries such as the United States, actively build a “national network shooting range”, plan a series of joint exercises of the government and non-government organizations, and enhance the integration of the military and the people. The level of attack and defense of the network of the government and the people.

  The second is to do a good job in military-enterprise cooperation, relying on net-based enterprises to set up a training field on the Internet, to promote the ability of attack and defense between the military and civilians, and jointly improve the ability to prevent unknown risks.

  The third is to organize private network security companies and hacker talents, carry out network security competitions and other activities, and mutually verify each other to jointly improve the level of network security protection technology and tactics.

  The network reserve service provides a source of strength for building a powerful network army. As a backup supplement to the national defense force, the reserve has both military and civilian characteristics and is a powerful measure to realize the organic unification of the development of cyberspace economy and national defense.

  First, it is led by the national security department, and overall planning is carried out according to national interests. A series of laws and regulations conducive to the construction of the network national defense reserve are introduced, and the main division of labor, promotion strategy, interest coordination, etc. of the military and civilian construction in the network defense reserve construction are solved from the top level. problem.

  The second is to innovate the reserve organization and comprehensive coordination mechanism, and plan to integrate the reserve construction into all levels and fields of national network information development.

  The third is to focus on the reform of the military and local management models. Based on the management mechanisms of the provincial and municipal governments, the military, and local enterprises and institutions, the network will establish a network of national defense reserve personnel to jointly cultivate and use the mechanism, improve the national emergency mobilization mechanism, and establish a national network defense special talent. The database will include the construction of network militia and reserve forces into the scope of mobilization of the people’s armed forces. In normal times, they will be incorporated into the militia emergency detachment for training. In an emergency, they will select the elite personnel to participate in the non-war military operations missions, and will be recruited and used as needed during wartime. To transform the national defense potential into national defense strength. 

Original Mandarin Chinese:

原題:從守衛“網絡營門”走向守衛“網絡國門”

作者:安衛平北部戰區副參長

原載:“國防參考”2017年年第3期

網絡空間誕生於軍事領域,如首台計算機,阿帕網和GPS導航系統等都源於軍方,時至今日,網絡空間安全已與國家安全息息相關,軍隊又再次成為維護國家網絡空間安全的主角,無論是面對常態化的網絡滲透,還是大規模的網絡攻擊,都迫切需要軍隊從守衛“網絡營門”走向守衛“網絡國門”,突破傳統的軍隊使命任務,突破傳統的應戰備戰模式,以全新的網絡國防思維,鑄造網絡時代國之堅盾。

從“網絡營門”到“網絡國門”,新時代帶來軍隊使命新趨勢

網絡空間不僅事關國家戰略利益維護,直接影響政治,經濟,文化安全和社會發展,也成為現代戰場聯合作戰的血脈和紐帶。中國軍隊不能局限於維護軍營內部網絡安全,更要主動適應時代趨勢,勇於承擔把守“網絡國門”的國家擔當。網絡強軍是網絡強國建設的重要一環,從“網絡營門”走向“網絡國門”是信息時代國內外形勢發展的必然趨勢。

守衛“網絡國門”是網絡空間安全形勢所迫。中國作為第一網絡大國,安全狀況不容樂觀,戰略對手從未停止對我網絡作戰準備。美,英,法等國積極備戰網絡空間,通過網絡空間安全立法賦予軍隊職能,發展網絡戰部隊,研發網絡戰武器裝備,將戰爭推進到了人類的“第五空間”,特別是在中國日益強大崛起的歷史進程中,西方國家在冷戰思維和遏制顛覆戰略的主導下,利用網絡技術手段和傳播方式實施不間斷的騷擾,顛覆和網絡攻擊行動,嚴重影響我國家安全與社會發展,中國逐漸成為網絡安全威脅的重災區,病毒攻擊的試驗場,意識滲透的目的地,國家安全面臨著巨大風險。

未來一段時期內,中國作為新興大國,與各方利益衝突還將加劇,堅定推進網絡國防戰略,加強網絡空間的作戰準備,是積極爭取網絡空間的主導權和話語權的必然途徑,也是中國崛起的必由之路。軍隊作為國家安全穩定的主要力量,必須適應網絡空間特點要求,成為抗擊網絡入侵,網絡顛覆的中堅和主力,維護國家安全和社會穩定。

打贏網絡戰爭是信息時代新軍事變革所趨。網絡技術作為信息時代最先進生產力之一,使得網絡空間作戰成為引導現代戰爭形態演變的主導因素,影響著戰爭全局。近年來,從伊朗“震網“攻擊,俄格衝突網絡戰,烏克蘭電網遭大規模阻癱以及美軍對IS的網絡攻擊,網絡空間在實戰中所展現出的巨大作用逐漸顯現,預示著網絡作戰已成為未來聯合作戰重要樣式。

美軍高度重視網絡空間軍備建設,成立網絡空間司令部,推出網絡空間聯合作戰條令,大幅度擴編網絡戰部隊,極力維護其在網絡空間霸權,把對網絡空間控制能力作為形成“第三次抵消戰略“絕對優勢最重要的競爭內容。

世界多國紛紛跟進,網絡空間軍事化趨勢明顯。嚴峻的網絡空間軍事鬥爭形勢要求中國軍隊著眼網絡戰場空間變化,適應信息化戰爭時代要求,實現在網絡空間能打仗,打勝仗的強軍目標。

有效網絡懾戰是加速網絡強國建設內在所需。在中國由網絡大國向網絡強國發展過程中,離不開強大的網絡空間軍事力量作為保障。網絡空間國際競爭表現為國家綜合實力的全面博弈,其中,網絡軍事能力建設的好壞,直接關係到國家安全與穩定,牽一發而動全身,是整個國家安全領域的核心要素。

當前,世界各國在網絡空間的利益互相滲透,出現“你中有我,我中有你,互相合作,共同發展”的局面。但是這種共同發展是不對等的,美國及西方強國利用網絡空間主導權,已經取得了一定的網絡懾戰優勢,使我網絡發展及利益受制於人。軍隊如何在網絡強國建設中完成守土有責的使命重托,前提就是要形成能夠遏制危機,懾控對手的網絡攻防能力,確保和平發展的網絡環境。

因此,軍隊需要確立有效懾戰的威懾戰略目標,形成能與敵“相互摧毀”的戰略制衡能力,從而增強戰略競爭力,懾止網絡空間侵略,保障網絡強國戰略順利推進。

從“守土有責”到“護網衛國”,新形勢要求軍隊承擔新任務

軍隊是保衛國家安全的主力和柱石,網絡空間也不例外2015年7月1日施行的“國家安全法”規定:“中華人民共和國公民,一切國家機關和武裝力量,各政黨和各人民團體,企業事業組織和其他社會組織,都有維護國家安全的責任和義務。“2016年11月頒布的”網絡安全法“強調了要維護網絡空間主權和國家安全。

在這兩個國家法律的基礎上,2016年12月27日,“國家網絡空間安全戰略”(下文簡稱“戰略”)正式出台,為在新的起點上開創網絡強國新格局提供了總體指導和基本遵循,明確提出了九大戰略任務,進一步體現了軍隊在建設網絡強國進程中的使命任務。

全力護網的國家使命,軍隊要做捍衛網絡空間主權的堅強柱石。“戰略”中列出的九大戰略任務首項就是“堅定捍衛網絡空間主權”,明確提出要“採取包括經濟,行政,科技,法律,外交,軍事等一切措施,堅定不移地維護我國網絡空間主權“。可見,軍隊須承擔起運用實體空間的軍事手段,保衛虛擬網絡空間主權安全和利益的國家使命。

網絡空間主權是國家的核心利益,是國家主權的重要組成,表明國家在網絡空間所擁有的獨立權,平等權,自衛權和管理權。一旦敵對勢力侵犯了我網絡空間主權,就等同於侵犯了我陸海空等實體空間的國家主權,中國將有權利採取包括軍事手段在內的一切措施給予堅決回擊。

在國際上,美國早就提出網絡空間威懾戰略,宣告對美國網絡信息設施的攻擊等同於戰爭行為,美國會採取軍事打擊措施進行報復。軍事手段是維護國家主權的保底手段,在維護國家網絡空間安全中發揮著至關重要的作用。因此,陸海空天軍事力量理所應當地被賦予了保護網絡空間主權的歷史使命,必須憑藉強大的實體空間武力保衛網絡空間的國家利益,有力震懾敵對勢力的網絡破壞企圖。

依網衛國的時代擔當,軍隊要做保衛國家安全的壓艙石。“戰略”任務的第二項著力強調要堅決維護國家安全,防範,制止和依法懲治任何利用網絡進行叛國,分裂國家,煽動叛亂,顛覆或者煽動顛覆人民民主專政政權的行為。

信息網絡時代,世界各國軍隊都已經成為網絡空間重要參與者,網絡空間能力水平成為評估一個國家軍隊現代化程度的主要指標,遂行網絡空間使命任務,維護國家安全成為信息化軍隊的主要職責之一。

從中國發展所處的歷史進程來看,要適應全面建成小康社會決勝階段的國家安全戰略需求,必須高度警惕國家在網絡空間被侵略,被顛覆,被分裂的危險,高度警惕由網絡空間引發改革發展大局被破壞的危險,高度警惕中國特色社會主義發展進程被干擾,破壞的危險。

防患於未然,要求國家必須具有應對和處置這些危險的手段措施,具有防範,制止和依法懲治網絡空間違法破壞行為的強大力量。保衛國家歷來是軍隊不可推卸的歷史責任,固有的使命任務決定了中國軍隊必須承擔起在網絡空間採取各種措施,維護國家政治,經濟,文化安全和社會穩定的時代擔當。

攻防兼備的戰略任務,軍隊要做提升網絡空間防護能力的堅強後盾。“戰略”中九大任務的第三項和第八項明確提出,要採取一切必要措施保護關鍵信息基礎設施及其重要數據不受攻擊破壞,要堅持技術和管理並重,保護和震懾並舉;要建設與我國國際地位相稱,與網絡強國相適應的網絡空間防護力量,大力發展網絡安全防禦手段,及時發現和抵禦網絡入侵,鑄造維護國家網絡安全的堅強後盾。在國家所有維護安全的政治,外交,軍事,科技能力中,軍事力量歷來是所有能力的基礎和支撐,是所有能力的根本保障,是國家安全的最終依托。

因此,軍隊必須承擔起提升國家網絡空間防護能力堅強後盾的戰略任務。現實社會中,軍隊是維護國家安全的定心丸,在網絡空間也同樣應成為人民群眾的安全依賴和保障。軍隊作為國家網絡空間防護能力生成的重要一環,必須做到攻防兼備,懾戰一體,有能力堅決維護國家和人民在網絡空間的利益和安全,能夠有效消除網絡安全威脅造成的各種危機和思想動盪,使人民能夠切實感受到生產生活得到有效保護,成為全國人民對國家網絡防護能力充滿信心的底氣所在。

聯防聯治的全球責任,軍隊要做維護全球網絡安全的重要支撐。“戰略”任務最後一項明確提出要強化網絡空間國際合作,支持聯合國發揮主導作用,推動制定各方普遍接受的網絡空間國際規則,網絡空間國際反恐公約,健全打擊網絡犯罪司法協助機制,深化在政策法律,技術創新,標準規範,應急響應,關鍵信息基礎設施保護等領域的國際合作。

網絡恐怖主義和網絡犯罪是經過信息網絡發酵催化出的全球威脅新形態,對世界上所有國家的政治,經濟,軍事,文化安全都構成巨大威脅,僅僅依靠政府和民間的力量是不夠的,美國等西方國家紛紛賦予軍隊保護網絡安全的職責和打擊網絡恐怖主義的權限。維護全球網絡空間安全與穩定符合中國以及世界各國的根本利益,軍隊應成為全球網絡空間安全的重要維護者,成為打擊全球網絡恐怖主義和網絡犯罪的重要力量。

網絡的全球化,無界性決定了打擊網絡恐怖主義和跨國網絡犯罪的國際需求,軍隊應在聯合國安理會的框架下,推進國家間網絡治理軍事合作,利用網絡時代的戰略和技術,建立聯防聯治機制,切實維護國家和世界網絡空間安全。

從“沙場練兵”到“網絡備戰”,新領域需要軍隊備戰新舉措

在新的歷史形勢下,網絡空間對軍隊練兵備戰模式提出了全新的要求,應適應網絡空間新特點和軍隊新使命對傳統模式進行創新改革,以強國強軍目標為統攬,加強宏觀統籌,著眼網絡空間軍事行動的法理需求,緊扣網絡空間“軍民一體”的天然屬性,建設“平戰結合”的網絡安全攻防體系,打造“軍地兩用”的網絡國防力量。

立法賦權,為軍隊遂行職能使命提供法理依據。世界各國尤其是西方發達國家在網絡安全立法上高度重視網絡國防問題。美國先後出台了“國家安全第16號總統令”,“網絡空間行動戰略”等一系列政策法規,對如何在網絡國防領域保護國家網絡安全進行了不斷的深化規範。

當前,從法律層面釐清網絡空間軍隊的職責任務非常必要,應以“國家安全法”,“網絡安全法”為依據,出台網絡國防法和有關網絡空間軍事作戰條令法規,為網絡國防領域建設和軍事行動提供法規支撐和行動綱領,使軍隊在網絡空間的職責和使命更加明確具體。

一是通過網絡國防立法進一步界定網絡主權和網絡邊疆,清晰軍隊的職責範圍。

二是通過網絡作戰法規建設,明確軍隊遂行保衛國家網絡空間安全的行動權限,區分應對網絡入侵,網絡破壞等行為的軍事手段。三是通過網絡空間國際合作政策,明確軍隊協同他國,民間力量等打擊國際網絡恐怖主義,網絡犯罪的職能任務。

軍民融合,為網絡強國建設提供創新動力。軍民融合是世界強國提升網絡空間競爭力的主要做法,對於中國網絡強國建設來說,構建軍民融合網絡安全攻防體系,開發軍地兩用的國防信息基礎設施,是激發軍隊網絡空間作戰能力創新的源泉。

一是統籌國家,軍隊和各級政府等軍民融合職能部門,設置專門的指揮協調機構,調動一切國家網絡力量,建設“軍民一體”,“平戰結合”的網絡安全攻防體系。

二是盡快出台網絡安全軍民融合深度發展指導性意見,逐步展開軍民融合基本法律研究論證,指導中長期軍民融合發展。

三是依托國家現有公共移動通信網,光纖通信網及衛星系統,軍民共建覆蓋全國全軍的信息基礎設施,實現軍民統建,分管共享。

四是建立軍民聯合的應急響應機制,加大培訓軍地主管部門控制事態的能力,加強專家和應急專業力量,提升快速恢復受損網絡或信息系統的能力。

軍民聯訓,為網絡空間軍事能力生成提供實戰化環境。網絡空間的軍民共用特性使得軍民聯訓成為世界各國網絡空間軍事演訓的重要方式。美國及北約等國家的網絡空間軍民聯合演習已經形成系列化,“網絡風暴”,“網絡衛士”等演練活動吸引了政府,企業,研究機構甚至民間黑客的廣泛參與。我軍網絡空間軍事力量訓練也需要廣泛吸引民間力量參與。

一是搞好軍政合作,建立軍民聯合攻防演練機制,借鑒美國等發達國家網絡戰演練中的紅藍對抗訓練方法,積極建設“國家網絡靶場”,策劃政府,民間機構系列聯合演習,提升軍民一體,官民一體的網絡攻防水平。

二是搞好軍企協作,在互聯網上依靠網信企業設置演練場區,促進軍民之間攻防能力磨合,共同提高防範未知風險能力。

三是著眼軍隊和地方兩頭管理模式改革,以各省市政府,軍隊和地方企事業單位的管理機制為依托,建立網絡國防預備役人才聯合培養使用機制,完善國家應急動員機制,建立國家網絡防禦專用人才數據庫,將網絡民兵和預備役部隊建設納入人民武裝動員的範圍,平時按規定編入民兵應急分隊進行訓練,急時挑選精幹人員隨隊參加遂行非戰爭軍事行動任務,戰時按需要成建制徵召使用,使國防潛力轉變為國防實力。

Original referring url:  http://mil.huanqiu.com/strategysituation/2017-04/

The most comprehensive Chinese cyber attack simulation tool inventory in history // 史上最全面的中國網絡攻擊模擬工具庫存

The most comprehensive Chinese cyber attack simulation tool inventory in history //

史上最全面的中國網絡攻擊模擬工具庫存

Lead: Simulated attacks provide a way to test the network’s ability to recover from advanced attacks, but in a simulated attack environment, all tests are automatically run by the system. If this is a true “attack,” the system will not run these attacks with simulated features. Still, “attack simulation” can help you verify your security tools.

The most comprehensive attack simulation tool inventory in history

Every once in a while, the security industry will have a new buzzword and introduce terms that sound cool and appealing. For example, the recent “adversary emulation” vocabulary, I translated it in this article as “attack simulation.” Let us first understand what it really means. Simulated attacks provide a way to test the network’s ability to recover from advanced attacks, but in a simulated attack environment, all tests are automatically run by the system. If this is a true “attack,” the system will not run these attacks with simulated features. Still, “attack simulation” can help you verify that your security tools are running as required, whether closed source or open source, to help run these simulation tests. In fact, MITRE has also developed an ATT&CK , ATT&CK is a curated knowledge base and model of cyberattack behavior, reflecting changes in the various stages of the attacker’s life cycle. ATT&CK is useful for understanding security risks against known attacks, planning for security improvements, and verifying that defenses work as expected. Most security tools seem to use this framework. Let’s take a look at the list of attack simulation tools.

The most comprehensive attack simulation tool inventory in history

Open source attack simulation tool

1.CALDERA: CALDERA provides an intelligent automated attack simulation system that reduces the resources required by security teams for routine testing, enabling them to solve other critical issues.

The most comprehensive attack simulation tool inventory in history

It can be used to test endpoint security solutions and assess the security posture of the network based on common attack techniques in the ATT&CK model. CALDERA uses the ATT&CK model to identify and simulate attack behavior, click here to download CADERERA .

2.Metta: Uber recently opened up this hostile simulation tool, which was generated by several internal projects. Metta uses Redis/Celery, Python and VirtualBox for hostile simulation so users can test host-based security systems. In addition, users can test other network-based security detection and control, but it depends on how it is set up. Metta is compatible with Microsoft Windows, MacOS and Linux endpoints, click here to download Uber Metta .

3. ATP Simulator: ATP Simulator is actually a set of Windows Batch scripts. Its main function is to simulate the activity of an attacker, not to simulate the activity of malware. ATP Simulator uses a set of tools and output files to make the system appear to be attacked. It can help you simulate a real attack environment in a more realistic way. Obviously, this is a Windows-only solution, click here to download ATP Simulator .

4. Red Team Automation: Recently, network security company Endgame has released the source code of Red Team Automation, a set of executables with 38 scripts and support to generate reliable components corresponding to the technology in the ATT&CK framework. To date, Red Team Automation offers 50 components supported by ATT&CK technology, and the number will increase in the future. I believe this tool provides very good endpoint detection and response (EDR) coverage.

The most comprehensive attack simulation tool inventory in history

Red Team Automation supports Microsoft Windows and is coded in python. It can also perform anti-forensics operations, maliciously propagate, bypass UAC (User Account Control), etc. Click here to download Red Team Automation .

5. Invoke -Adversary: Invoke-Adversary is a PowerShell script that evaluates security products and monitoring solutions based on the extent of APT attacks. Let’s just say that this tool is a newcomer in the field of attack simulation. Microsoft’s call attack is a PowerShell script. Inspired by the APT simulator, Invoke-Adversary has tested for persistent attacks, credential access, evasion detection, information collection, commands, and controls. Click here to download Invoke-Adversary .

6. Atomic Red Team: It is a new automated testing framework for security design. The Atomic Red Team was launched in 2017 and is an open source testing framework that tests users’ attack detection capabilities. It is called “atomic” because it can be used as a small component for small or large security teams to simulate the activities of a specific attacker.

The Atomic Red Team maps small, portable inspection tests to the Mitre ATT&CK framework, which is not automatic, but supports Microsoft Windows, MacOS and Linux styles. Click here to download Atomic Red Team .

7. Infection Monkey: Infection Monkey is a data center security detection tool released by Israeli security company GuardiCore at the 2016 Black Hat Conference. It is mainly used for automated detection of data center boundaries and internal server security. The tool is divided into Monkey (scanning and exploiting side) and C&C server (equivalent to reporter, but only for collecting information about monkey detection). Simply put, it is another open source vulnerability and attack simulation tool.

The most comprehensive attack simulation tool inventory in history

It is also coded in Python for Microsoft Windows and Linux systems. Click here to download Infection Monkey .

8. Blue Team Training Toolkit (BT3): This tool is a defensive security training software that takes your network analysis training courses, incident response drills and teamwork to the next level. This toolkit allows you to create realistic computer attack scenarios while reducing infrastructure costs, implementation time and risk.

The most comprehensive attack simulation tool inventory in history

It is written in Python and includes the latest versions of Encripto’s Maligno, Pcapteller and Mocksum. It also contains multiple malware indicator profiles, click here to download Blue Team Training Toolkit v2.6.

9. DumpsterFire : DumpsterFire is a modular, menu-driven, cross-platform Python tool for building custom, delayed distributed security events. Security personnel can use it to easily create custom event chains such as sensors or alert mappings, click here to download DumpsterFire v1.0.0 .

10. AutoTTP: Abbreviation for Automated Tactics Techniques & Procedures, AutoTTP based on the attack life cycle model . It uses a purely PowerShell and Python late exploit agent tool – Empire, click here to download AutoTTP .

The following open source tools are worth mentioning, but they are not technically an analog attack tool.

1. RedHunt operating system: The goal of the RedHunt operating system is to actively identify the attacks in the environment by integrating the attacker’s arsenal and the defender’s toolkit, thus becoming a one-stop security detection store that meets all your attack simulation and attack requirements. . The basic device is Lubuntu-17.10.1 x64. It contains the following tools for different purposes:

Attack Simulation: Caldera, Atomic Red Team, DumpsterFire, Metta, RTA, Nmap, CrackMapExec, Responder, Zap.

Recording and monitoring: Kolide Fleet, ELK (Elasticsearch, Logstash and Kibana) stack

Open Source Intelligence (OSINT): Maltego, Recon-ng, Datasploit, Thearvestor

Attack Information Analysis: Yeti, Harpoon

Click here to download RedHunt OS Beta v1

2. Invoke-ATTACKAPI : This is an open source PowerShell script that interacts with the MITRE ATT&CK framework through its own API to gather information about attack techniques, policies, etc. Click here to get this script.

Enterprise-class simulation attack tool

1. Cobalt Strike : Cobalt Strike is the commercial version of Armitage. Armitage is a Java-written Metasploit graphical interface attack software that can be used in conjunction with attacks known by Metasploit to automate attacks against existing vulnerabilities.

2. Israel’s network security company Cymulate : Cymulate is mainly for attack simulation of the following scenarios, such as simulated attack WAF, simulated attack mailbox, DLP attack test, SOC simulation test, mailbox test, ransomware test, Trojan, Payload penetration test, etc. . The main purpose of these tests is to improve the product, rich security awareness of employees, and the corresponding ability to detect and attack techniques to enhance. For example, the use of email and phishing attacks can count the number of users in the move.

3. Immunity Adversary Simulation : This platform allows you to build advanced permanent attack models from within the infrastructure and assess how the security team responds to live real attacks on the network.

4. SafeBreach: This software platform simulates attack violations throughout the kill chain without affecting users or infrastructure. Look here.

5. Network Security Startup SafeBreach : Founded in 2014, SafeBreach is headquartered in Delaware, USA, and is committed to revolutionizing the way the network security industry performs risk verification. The company provides users with a continuous security verification platform, using a centralized management system, combined with a complete hacking network method “script”, from the central location to manage the intrusion simulator of the distributed network, the simulator can play virtual hackers in the real world. The role, from the “hacker’s point of view” to actively demonstrate the cyber security risks of the enterprise. Users can verify their security control performance through this platform, analyze the impact of this attack on the company’s system and the effectiveness of the attack defense, so as to obtain sufficient time advantage to repair network risk vulnerabilities and improve the enterprise security operation and maintenance center. (SOC) Analyst responsiveness. In essence, this platform is to allow any enterprise to intuitively see how it will cope when it encounters a network attack in real life.

6. SimSpace ; SimSpace seems to be using Wormhole.

7. AttackIQ FireDrill : AttackIQ’s simulated attack platform, FireDrill, can launch simulated attacks against customers’ networks and test for flaws and vulnerabilities in defense systems.

8. Verodin Instrumented Security Platform : This platform proactively identifies configuration issues in the security stack and reveals the real difference between the attacker, the attack process, and the attack technology.

The above list does not include services such as MDSec’s ActiveBreach, Nk33, FusionX, Red Siege, Spectre Ops and TrustedSec, as they are implemented by real people.

Original Mandarin Chinese:

導語:模擬攻擊提供了一種用來測試網絡在應對高級攻擊時的恢復能力,不過在模擬攻擊環境下,所有測試均由系統自動運行如果這是一個真正的“攻擊”,系統將不會運行這些具有模擬特點的攻擊。儘管如此,“攻擊模擬”還是可以幫助你驗證你的安全工具

史上最全攻擊模擬工具盤點
每隔一段時間,安全行業就會出現一個新的熱門詞彙,並引入聽起來很酷以及吸引人們興趣的術語。比如最近出現的“adversary emulation”詞彙,我在本文將其翻譯為“攻擊模擬” 。首先讓我們先來了解它的真正含義,模擬攻擊提供了一種用來測試網絡在應對高級攻擊時的恢復能力,不過在模擬攻擊環境下,所有測試均由系統自動運行。如果這是一個真正的“攻擊”,系統將不會運行這些具有模擬特點的攻擊。儘管如此,“攻擊模擬”還是可以幫助你驗證你的安全工具是否按要求運行,無論是閉源還是開源,它都有助在運行這些模擬測試。事實上,MITER還開發了一種ATT&CK,ATT&CK是網絡攻擊行為的策劃知識庫和模型,反映了攻擊者生命週期的各個階段變化.ATT&CK對於理解針對已知攻擊行為的安全風險,規劃安全改進以及驗證防禦措施是否按預期工作很有用。大多數安全工具似乎都使用了這個框架。下面,就讓我們來看看攻擊模擬工具的列表。

史上最全攻擊模擬工具盤點
開源攻擊模擬工具

1.CALDERA:CALDERA提供了一個智能的自動化攻擊模擬系統,可以減少安全團隊進行常規測試所需的資源,使他們能夠解決其他關鍵問題。

史上最全攻擊模擬工具盤點
它可用於測試端點安全解決方案,並根據ATT&CK模型中常見的攻擊技術評估網絡的安全狀況.CALDERA利用ATT&CK模型來識別和模擬攻擊行為,點擊這裡下載CALDERA。

2.Metta:烏伯最近開源了這個敵對模擬工具,它是由多個內部項目產生的.Metta使用的Redis /芹菜,蟒和VirtualBox的進行敵對模擬,這樣用戶就可以測試基於主機的安全系統另外用戶還能測試其他基於網絡的安全檢測和控制,不過這具體取決於設置的方式.Metta與Microsoft Windows,MacOS和Linux端點兼容,點擊這裡下載Uber Metta。

3.ATP模擬器:ATP模擬器其實就是一套Windows Batch腳本集合,它的主要功能就是模擬攻擊者的活動,而並非模擬惡意軟件的活動.ATP Simulator會使用一組工具和輸出文件使系統看起來好像是被攻擊了。它可以幫助你以更真實的方式模擬真實的攻擊環境。顯然,這是一個僅限Windows的解決方案,點擊這裡下載ATP模擬器。

4.Red Team Automation:最近網絡安全公司Endgame公開了Red Team Automation的源代碼,它是一組有著38個腳本和支持的可執行文件,可生成與ATT&CK框架中的技術相對應的可靠組件。截至目前,紅隊自動化提供50種由ATT&CK技術支持的組件,將來數量還會增加。我相信,這個工具提供了非常好的端點檢測和響應(EDR)覆蓋。

史上最全攻擊模擬工具盤點
Red Team Automation支持Microsoft Windows,並且使用python進行編碼,另外它還可以執行反取證操作,進行惡意傳播,繞過UAC(用戶帳戶控制)等等,點擊這裡下載Red Team Automation。

5.Invoke-敵手:調用-敵手是一個基於APT攻擊程度,來評估安全產品和監控解決方案的PowerShell的腳本這麼說吧,該工具是攻擊模擬領域的新人,微軟的調用攻擊就是一種PowerShell的腳本。可能是受到了APT模擬器的啟發,截至目前,調用-敵手具有測試持久性攻擊,憑證訪問,逃避檢測,信息收集,命令和控制等功能,點擊這裡下載調用-敵手。

6.Atomic Red Team:它是針對安防設計的新型自動化測試框架,Atomic Red Team是在2017年推出的,是一個開源測試框架,可以測試用戶的攻擊檢測能力。之所以稱之為為“atomic(原子) )“,是因為它可以作為小型組件,方便小型或大型安全團隊使用,用來模擬特定攻擊者的活動。

Atomic Red Team會員小巧便攜的檢測測試映射到Mitre ATT&CK框架,該框架不是自動的,但支持Microsoft Windows,MacOS和Linux風格,點擊這裡下載Atomic Red Team。

7.感染猴子:感染猴子是一款由以色列安全公司GuardiCore在2016黑帽大會上發布的數據中心安全檢測工具,其主要用於數據中心邊界及內部服務器安全性的自動化檢測。該工具在架構上,則分為猴(掃描及漏洞利用端)以及C&C服務器(相當於記者,但僅僅只是用於收集猴探測的信息)。簡單說,它是另一個開源漏洞和攻擊模擬工具。

史上最全攻擊模擬工具盤點
它也用Python編碼,適用於Microsoft Windows和Linux系統,點擊這裡下載Infection Monkey。

8.藍隊培訓工具包(BT3):該工具是用於防禦性安全培訓的軟件,它將你的網絡分析培訓課程,事件響應演練和團隊合作提升到一個新的水平。該工具包允許你創建逼真的計算機攻擊場景,同時降低基礎架構成本,實施時間和風險。

史上最全攻擊模擬工具盤點
它是用Python編寫的,包括Encripto的Maligno,Pcapteller和Mocksum的最新版本。它還包含多個惡意軟件指示符配置文件,點擊這裡下載Blue Team Training Toolkit v2.6。

9.DumpsterFire:DumpsterFire是一個模塊化的,菜單驅動的跨平台Python工具,用於構建自定義的,延遲的分佈式安全事件。安全人員可以利用它輕鬆創建比如傳感器或警報映射(alert mapping)的自定義事件鏈,點擊這裡下載DumpsterFire v1.0.0。

10.AutoTTP:Automated Tactics Techniques&Procedures的縮寫,AutoTTP基於攻擊生命週期模型(攻擊生命週期模型)。它使用了一個純碎的PowerShell和Python後期漏洞利用代理工具–Empire,點擊這裡下載AutoTTP。

以下開源工具值得一提,不過它們在技術上不屬於模擬攻擊工具

1.RedHunt操作系統:RedHunt操作系統的目標是通過集成攻擊者的武庫以及防御者的工具包來積極識別環境中的攻擊,從而成為一站式安全檢測商店,滿足你的所有攻擊仿真和攻擊要求。基本設備是Lubuntu-17.10.1 x64。它包含以下用於不同目的的工具:

攻擊仿真:Caldera,Atomic Red Team,DumpsterFire,Metta,RTA,Nmap,CrackMapExec,Responder,Zap。

記錄和監測:Kolide Fleet,ELK(Elasticsearch,Logstash和Kibana)堆棧

開源智能(OSINT):Maltego,偵察-NG,Datasploit,Thearvestor

攻擊信息分析:Yeti,Harpoon

點此下載RedHunt OS Beta v1

2.Invoke-ATTACKAPI:這是一個開源的PowerShell腳本,通過自己的API與MITER ATT&CK框架進行交互,以收集有關攻擊技術,策略等信息,點擊這裡獲取這個腳本。

企業級模擬攻擊工具

1.Cobalt Strike:Cobalt Strike是Armitage商業版,Armitage是一款Java寫的Metasploit圖形界面的攻擊軟件,可以用它結合Metasploit已知的攻擊來針對存在的漏洞自動化攻擊。

2.以色列的網絡安全公司Cymulate:Cymulate主要是針對以下場景進行攻擊模擬,例如模擬攻擊WAF,模擬攻擊郵箱,DLP攻擊測試,SOC模擬測試,郵箱測試,勒索軟件測試,木馬,有效載荷滲透攻擊測試等。這類測試的主要目的是完善產品,豐富員工的安全意識,以及相應的攻擊技術能力檢測和提升。舉個例子,利用郵箱以及可以統計釣魚攻擊有多少用戶中招。

3.Immunity Adversary Simulation:該平台允許你從基礎架構內建立高級永久性攻擊模型,並評估安全團隊如何應對網絡上活躍的真實攻擊。

看看該軟件平台模擬整個殺戮鏈中的攻擊違規方法,而不會影響用戶或基礎設施這裡:4.SafeBreach。

5.網絡安全初創公司SafeBreach:SafeBreach創立於2014年,總部位於美國特拉華州,致力於革新網絡安全行業風險驗證的方式。公司為用戶提供一個持續性安全驗證平台,採用集中管理系統,結合完整的黑客入侵網絡方法“劇本”,從中心位置管理分佈式網絡的入侵模擬器,模擬器能夠在現實世界中扮演虛擬黑客的角色,從“黑客的角度”主動展示企業存在的網絡安全風險。用戶可以通過這一平台驗證自己的安全控制性能,分析這種攻擊對於公司系統的影響力及攻擊防禦的有效性問題,從而獲得充足的時間優勢來修復網絡風險漏洞,並提高企業安全運維中心(SOC)分析師響應能力。實質上,這一平台就是可以讓任何企業直觀的看到在現實生活中遇到網絡攻擊時,自己將如何應對。

6.SimSpace; SimSpace似乎在使用蟲洞。

7.AttackIQ FireDrill:AttackIQ的模擬攻擊平台FireDrill可以針對客戶的網絡展開模擬攻擊,測試防禦系統的缺陷和漏洞。

8.Verodin儀表化的安全平台:該平台會主動識別安全堆棧中的配置問題,並揭示攻擊者,攻擊流程和攻擊技術之間的真實區別。

以上列表不包括諸如MDSec的ActiveBreach,Nk33,FusionX,Red Siege,Spectre Ops和TrustedSec等服務,因為它們是由真人實施的。

Original Referring url: http://www.4hou.com/web/11241.html

Chinese Military Information Warfare: The First Game of Modern Warfare // 中國軍事信息戰:現代戰爭的第一場戰爭

Chinese Military Information Warfare: The First Game of Modern Warfare //

中國軍事信息戰:現代戰爭的第一場戰爭

  The transformation of the characteristics of war is always motivated by the advancement of science and technology. If “information-led” is the characteristic of the era of today’s war, then the essence of this feature is “the dominance of information technology.” Information warfare is a new combat force that is fostered and fueled by information technology innovation.

Information warfare is the new quality of combat power

三、衛星在現代戰爭中扮演的角色為何? 四、資訊戰有哪兩種主要模式?

“knowing one’s own confidant, no wars, no war” has always been the only rule of war victory, it actually embodies the important role of “information” in the war. Since ancient times, the military has always been pursuing the dispelling of “the fog of war”, reducing the probabilistic nature of the war, and taking the lead. At the same time, it hopes to quickly gather the fighting energy with accurate and timely information to make the enemy win the enemy. Nowadays, the heroic pace of human innovation in information technology has driven the rapid development of society. The myth of “thousands of eyes and ears” has long been a reality. While the results of information technology innovation and development are fully utilized for war, they are also constantly promoting the transformation of the combat capability generation model.
The germination of information warfare can be traced back to the beginning of the last century. Shortly after the advent of the radio telegraph, Russian scientist Popov proposed the idea of ​​radio communication struggle in 1903. In the Japanese-Russian War that broke out in 1904, the two sides used radio communication for the first time. One day in April of that year, the Russian military operator subconsciously used the radio station to interfere with the shooting and guiding communication of the Japanese fleet, forcing the Japanese to return without success. The original sprout of this technical idea gave birth to a new way of warfare, and the information war began to enter the stage of war. The highly developed information technology has made “systems based on information systems” a feature of today’s war. It should be said that systemic confrontation is not a form of engagement that exists today. Both sides of the war have sought to form a strong operational system. In different historical periods, the system has different manifestations. Today’s combat system is an unprecedentedly powerful combat system that relies on networked information systems. An important manifestation of information technology playing a leading role in modern warfare is to promote the rapid development of information warfare. At the same time that “information-led” became the identifier of modern warfare, information warfare began to leap into a new kind of combat power.
Having a strong information power makes an army savvy and responsive, and the integration of information power into the strike force increases the military’s operational effectiveness into a geometric progression. Information warfare is the first sword to break the efficient integration of information firepower.
Information power is the ability to acquire, transmit, process, and use information. The enhancement of information means that information is acquired more and more comprehensively, information transmission is faster and more accurate, information processing is automated, and information usage tends to be intelligent. This makes the military’s command efficient, precise control, quick action, and powerful. From the perspective of operational mechanism, the effectiveness of information power in the combat system is manifested in the synergy of the strike force and the transformation of combat effectiveness. Although the information itself cannot directly kill the enemy, the information is used to realize the intelligent control of the combat weapon. Produced a powerful and powerful strike and non-contact strike.
Information deterrence is an important information warfare action, which can reduce the intensity of confrontation, and even force the opponent to give up resistance. It may produce a satisfactory combat effect and achieve the highest pursuit of “no war and defeated soldiers”. The principle is that the opponent It is a huge blow to the coming, and it is limited to the ability to stop the information. The achievement of the deterrent effect is the fusion effect of the multiple elements of strength, ability and determination. As a result of the high degree of integration of information and firepower, information multiplies the effectiveness of firepower, and firepower transforms information energy. The goal of information warfare is the opponent’s information system, which plays the role of “covering ears, obstructing, chaos”, so that the information power of the opponent is weakened and even lost, and the fusion of information firepower cannot be discussed. During the Gulf War, when the multinational forces scraped the “Desert Storm”, they first used a variety of electronic interference methods in the air and on the ground. At the same time, they used firepower to prioritize the communication and radar systems of the Iraqi army, making the Iraqi defense system still not in use. The powerful information power is completely lost, so it is stable. In the Kosovo war, the US military used a mistake in information warfare to provide a good opportunity for the Yugoslav army to make its air defense units cleverly use the less advanced information system to achieve effective integration of information firepower and shoot down the US military stealth fighters. Practice has proved that under the conditions of informationization, information warfare has become the first sword to break the efficient integration of opponents’ information firepower.
Information warfare is the primary action of transforming the enemy and the enemy
. The competition between the spear and the shield will never stop and escalate. When “information-led” shows great advantages, it will inevitably lead to “information counter-measure”. The containment of information will immediately reverse the original advantage. Information warfare is the primary action to transform the enemy and the enemy.
The basic types of combat are offense and defense, and the material means used for combat can also be divided into two types of weapons and equipment: spear and shield. Today, when combat weapons have unprecedented lethality, no one will use concentrated forces to concentrate their advantages. Synchronous strikes in different places can be an effective way to “eliminate the enemy and save oneself”, that is, the strike forces scattered in different locations simultaneously target the same target. Attacks are initiated, but only if there is precise time coordination.
Keeping time synchronized, it is obviously impossible to rely on the past manual pairing. Advanced techniques such as navigation satellite timing must be used, and once the timing synchronization information is destroyed by the opponent, the action will be completely disrupted. A force with high engine power and strike force, if attacked by the opponent’s information, causes information to be ineffective and information blocked, will not be able to figure out the direction of the action, can not find the target of the attack, become sluggish and weak. . Although the precision strike power is large, once the accurate guidance information is lost, the advantage is immediately lost. Command and control If the information is subject to control, it will lead to chaos, which will inevitably lead to chaos in the overall situation of the war.
Attacking the enemy’s information system is the focus and effort to break the battle system. The acquisition and use of information, counter-acquisition, and counter-utilization have become the focus of the battle between the two armies on the informationized battlefield. Information warfare is the preferred style for competing for battlefield control and even for war initiative.
While greatly improving the effectiveness of the combat system, the information system naturally becomes the target of the opponent’s attack, and it is the key target. Information warfare is to blinden the enemy battlefield perception system, weaken its information acquisition ability, interfere with its analysis and judgment; to block the enemy information transmission system, disrupt its coordination and destroy its actions; to deter the enemy accusation system by deception, reduce its command efficiency, Lead to mistakes in their decision-making. The more the information technology is developed and the more highly dependent on the information system, the more serious the consequences of its information system attack. Quaker, former chairman of the American “Old Ravens” Association, once wrote: “Advanced technology makes us highly dependent on the electromagnetic spectrum, but at the same time, we are not well invested in building electronic protection capabilities.” “The enemy uses cheap commercial technology. It can reduce or even destroy the performance of our expensive ISR equipment and weapon platforms, thereby limiting or even seriously weakening our technological advantages.” Because military electronic information systems are being widely used worldwide, in fact, the degree of dependence of national military on information systems It is constantly deepening. Therefore, all military powers are competing to develop information warfare. Some small countries are not willing to lag behind and follow suit. In modern warfare, it is of vital importance to seize the comprehensive control of the battlefield. The right to make information has become an indispensable commanding height, and it is the primary means of controlling the battlefield and mastering the initiative of war.
The information war has stood at the forefront of the contemporary military game. The
war is usually based on crossfire. The information war is invisible, the threshold is low, and the controllability is good. In peacetime, it is possible to start a dark battle and quietly extend the border of war. Information warfare has stood at the forefront of contemporary military games.
In today’s world, the use of military means is becoming more complex. War is not only a continuation of politics, but also a close integration of politics and military, subject to the overall strategy of political strategy. The use of force will also interact with politics, economy, diplomacy, and public opinion in a multi-dimensional, organically connected and closely coordinated. Information warfare is active on an invisible front, spanning peacetime and wartime. For example, the confrontation between information warfare reconnaissance and counter-reconnaissance between major powers is now almost every day. Although it is widely believed that the engagement of fire is a watershed between war and peace, the boundaries of war are changing due to the particularity of the use of new military struggle styles such as information warfare. According to reports, the US government recently publicly stated that the law of war applies to cyberattacks. It believes that certain cyber attacks are equivalent to the “use of force” legal concept as defined in the UN Charter. The attacked countries can use conventional military forces or cyber weapons. Counterattack. At the same time, we also see that the arrival of the information age has made the shadow of information warfare often appear in the struggle in the ideological field. The construction and development of information warfare capabilities have received increasing attention from all countries. In December 2011, Iran comprehensively used information warfare methods such as interference suppression, data deception, and link control to successfully deceive and capture a US military RQ-170 “sentinel” unmanned reconnaissance aircraft, which shocked the US military.

Original Mandarin Chinese:

戰爭特徵的嬗變總是由科學技術進步來激發,如果說“信息主導”是當今戰爭的時代特徵,那麼這一特徵的實質則是“信息技術的主導”。信息戰是信息技術創新孕育和助長的新質戰鬥力。

信息戰是新質戰鬥力

三、衛星在現代戰爭中扮演的角色為何? 四、資訊戰有哪兩種主要模式?

“知彼知己,百戰不殆”一直是戰爭制勝的不二法則,它實際上體現了“信息”在戰爭中的重要作用。自古以來,兵家總是在不斷追求驅散“戰爭迷霧”,降低戰爭的蓋然性,搶占先機;同時希望能夠以準確及時的信息迅速聚集戰鬥能量,制敵勝敵。如今,人類創新信息技術的豪邁步伐,驅動了社會的迅猛發展,“千里眼、順風耳”的神話早已成為現實。信息技術創新發展成果在立即為戰爭所充分利用的同時,也在不斷推動戰鬥力生成模式的轉變。
信息戰的萌芽可以上溯到上個世紀初。當時無線電報問世不久,俄國科學家波波夫就於1903年提出了無線電通信鬥爭的思想。 1904年爆發的日俄戰爭中,作戰雙方首次運用了無線電通信,當年4月的一天,俄軍報務員下意識地利用無線電台干擾了日軍艦隊的射擊引導通信,迫使日軍無功而返。這種技術思想的原始萌動孕育了一種新的作戰方式,信息戰開始登上戰爭的舞台。信息技術的高度發達,使得“基於信息系統的體係作戰”成為當今戰爭的時代特徵。應該說,體係對抗並不是今天才有的交戰形式,戰爭中交戰雙方都力求形成一個強大的作戰體系,在不同歷史時期,體係有著不同的表現形態。今天的作戰體係是依靠網絡化的信息系統聯成的一個威力空前強大的作戰體系,信息技術在現代戰爭中發揮主導作用的一個重要表現,就是助長了信息戰的快速發展。在“信息主導”成為現代戰爭的標識符的同時,信息戰開始躍變為一種新質戰鬥力。
擁有強大的信息力使一支軍隊耳聰目明、反應敏捷,信息力融入打擊力則使軍隊的作戰效能成幾何級數增加。信息戰是打破信息火力高效融合的第一把利劍。
信息力是獲取、傳輸、處理、使用信息的能力。信息力的增強意味著信息的獲取更多、更全,信息的傳輸更快、更準,信息的處理具備自動化,信息的使用趨於智能化。這就使得軍隊的指揮高效,控制精準,行動迅捷,打擊有力。從作戰機理上看,信息力在作戰系統中的效能發揮,體現的是對打擊力的增效和向戰鬥力的轉化,信息本身雖不能直接殺傷敵人,但使用信息實現打擊兵器的智能化控制就產生了威力巨大的精確打擊和非接觸打擊。
信息威懾是一種重要的信息戰行動,可以降低對抗強度,甚至迫使對手放棄抵抗,可能產生令人滿意的戰鬥力效應,實現“不戰而屈人之兵”的最高追求,而其原理是對手懾於隨之會來的巨大打擊力,懾於能力而止於信息,威懾效果的達成是實力、能力、決心多元要素的融合效應。信息與火力的高度融合的結果就是,信息使火力效能倍增,火力讓信息能量轉化。信息戰的目標是對手的信息系統,起到的作用是“掩耳、障目、亂心”,使對手的信息力受到削弱以至喪失,信息火力的融合也就無從談起。海灣戰爭中,多國部隊刮起“沙漠風暴”之時,首先動用的就是空中和地面的多種電子乾擾手段,同時運用火力優先打擊伊軍的通信和雷達系統,使得伊軍防禦體系中尚不強大的信息力完全喪失,因而穩操勝券。而科索沃戰爭中,美軍使用信息戰的一次失誤,為南聯盟軍隊提供了良機,使其防空部隊巧妙運用不夠先進的信息系統,實現信息火力的有效融合,擊落了美軍隱形戰機。實踐證明,信息化條件下,信息戰已成為打破對手信息火力高效融合的第一把利劍。
信息戰是轉變敵我優劣對比的首要行動
矛與盾的較量永不停息、不斷升級。當“信息主導”顯現出巨大優勢時,就必然引發“信息反制”。信息的受制,會使原有的優勢立即逆轉。信息戰是轉變敵我優劣對比的首要行動。
作戰的基本類型就是進攻和防禦,用以作戰的物質手段也可以區分為矛和盾兩大類型的武器裝備。在打擊兵器具有空前殺傷力的今天,誰都不會再用集中兵力來集中優勢,而異地同步打擊不失為“消滅敵人、保存自己”的有效方式,即分散於不同地點的打擊力量同時對同一目標發起攻擊,但條件是必須有精確的時間協同。
保持時間同步,靠過去的人工對錶顯然已不可能,必須利用如導航衛星授時等先進技術,而授時同步信息一旦被對手破壞,行動就會被徹底打亂。一支具有高機動力和打擊力的部隊,如果受到對手的信息攻擊,導致信息不靈、信息受阻,將會搞不清行動的方向,找不到攻擊的目標,​​變得行動呆滯、打擊無力。精確打擊威力雖大,但一旦丟失精確制導信息而打不准,優勢即刻盡失。指揮控制如果信息受制,就會陣腳大亂,勢必造成作戰全局陷於混亂。
攻擊敵方的信息系統是打破其作戰體系的著力點和發力點。信息的獲取與反獲取、利用與反利用,已成為信息化戰場上兩軍爭鬥的焦點。信息戰是爭奪戰場控制權乃至戰爭主動權的首選樣式。
信息系統在極大地提升作戰體系效能的同時,也自然成為對手的攻擊目標,而且是要害目標。信息戰就是通過迷盲敵戰場感知系統,削弱其信息獲取能力、干擾其分析判斷;通過阻斷敵信息傳輸系統,擾亂其協同、破壞其行動;通過欺騙擾亂敵指控系統,降低其指揮效率、導致其決策失誤。愈是信息技術發達、愈是高度依賴信息系統的軍隊,其信息系統受到攻擊的後果愈嚴重。美國“老烏鴉”協會前主席奎克曾經撰文指出:“先進的技術使我們高度依賴電磁頻譜,但與此同時,我們沒有很好地投資建設電子防護能力。”“敵人利用廉價的商用技術就可以降低甚至破壞我們昂貴的ISR設備以及武器平台的效能,從而限制甚至嚴重削弱我們的技術優勢。”由於軍事電子信息系統正在世界範圍內得到廣泛運用,事實上各國軍隊對信息系統的依賴程度都在不斷加深,因此,各軍事大國競相發展信息戰,一些小國也不甘落後,紛紛效仿。現代戰爭中,奪取戰場綜合控制權至關重要,制信息權成為其中不可或缺的製高點,是控制戰場和掌握戰爭主動的首要。
信息戰已站在當代軍事博弈的前沿
戰爭通常是以交火為基本標誌。信息戰隱於無形,使用門檻低,可控性好,在平時就可能展開暗戰,悄然延伸了戰爭的邊界。信息戰已站在當代軍事博弈的前沿。
當今世界,軍事手段的使用愈加複雜。戰爭不僅是政治的繼續,而且政治軍事緊密結合,服從於政略戰略大局。武力使用也將與政治、經濟、外交、輿論鬥爭多維互動,有機銜接,密切配合。信息戰跨越平時與戰時,活躍在一條看不見的戰線上。比如,各大國相互之間的信息戰偵察與反偵察的對抗,現在幾乎每天都在進行暗中角力。雖然人們普遍認為開火交戰是戰爭與和平的分水嶺,但是,由於信息戰等新的軍事鬥爭樣式運用的特殊性,戰爭的邊界正在發生改變。據報導,美國政府最近公開表明戰爭法適用於網絡攻擊,認為某些網絡攻擊等同於《聯合國憲章》所定義的“使用武力”法律概念,受到攻擊的國家,可以使用常規軍事力量或網絡武器實施反擊。同時,我們還看到,信息時代的到來,使得意識形態領域的鬥爭中也常常閃現出信息戰的影子。信息戰能力的建設發展,已經愈來愈得到各國的重視。 2011年12月,伊朗綜合運用乾擾壓制、數據欺騙、鏈路控制等信息戰手段,成功誘騙並俘獲了美軍一架RQ-170“哨兵”無人偵察機,令美軍大為震驚。

Original Referring url: http://theory.people.com.cn/n/2012/1218/

General Qiao Liang: Confident Cyber Leadership Wins the future “network space war” // 喬亮將軍:充滿信心的網絡領導贏得了未來的“網絡太空戰爭”

General Qiao Liang: Confident Cyber Leadership Wins the future “network space war” //

喬亮將軍:充滿信心的網絡領導贏得了未來的“網絡太空戰爭”

For nearly half a century, electronic technology and information technology have developed at an impressive speed, and thus have completely changed the style of modern warfare. Although people are accustomed to the sorting of land, sea and air when they talk about the dimensions of war, from the military technical level, the “network warfare” capability of “electronic warfare” and “cyber warfare” has no doubt that it has come to the fore. Become the first combat power. Who can dominate the electronic warfare, who can dominate the battlefield. It is a pity that this conclusion has not yet been universally accepted by the military.

Carving a sword for a sword is a portrayal of the evolution of people’s understanding and the development of things. Today, when this round of military revolution is marked by electronic technology and chip technology, as the technology matures and the potential approaches the limit and comes to an end, the soldiers of most countries have a small tube and a smaller chip. It is possible to change the style of war and not yet fully prepared for the spirit and knowledge. This is an irony for human beings living in the age of information, especially those armed with informatized weapons.

The individual representation of the appearance of the world makes people intuitively divide the whole world into parts to understand and understand. Even though electronic technology and information technology have long integrated the whole world into the grid space and welded into a “domain”, people are still accustomed to split it into different “domain” blocks. For example, many soldiers who are ignorant of traditional thinking take the battle space into five major dimensions: land, sea, air, sky, and electricity, and think that they will fight in these five dimensions. The grid space battlefield, in their view, is only one of them. Even in the concept of joint operations, which attempted to bring the five-dimensional space into one, the space and space warfare is only one of the combat areas and combat styles. It is completely unknown that the world has been “informed.” Such lag thinking can’t keep up with the pace of technological leap: the boat is far from the lake, but the sword sinks to the bottom of the lake. Those who can win and win in the future battlefield must be the army that observes and thinks, operates and controls all battlefields as a whole. Only in this way can we find the key to open the door to victory: who can control the grid space, who can control the battlefield; who can prevail in the space war, who is the winner of the war. This is the general trend that modern warfare can not be reversed today.

Electronic warfare (which has evolved into information warfare or cyberspace warfare today) is a prerequisite for all modern battles, battles and even wars. In contrast, air supremacy, sea power, and even land and power, have handed over the first battle of the future battlefield to the power of the grid. Moreover, the struggle for the right to heaven is itself part of the power of the network. In Deng Shiping’s words, modern warfare, “there is no air superiority, and no one can beat it.” Yes, in the future war, there is no power to make electricity in the net, and nothing can be beaten.

Today, it is proposed to use the “air-sea battle” concept to contain China’s US military. It is a military machine that is almost fully informatized. Therefore, the US military knows that informatization is its strength and its shortcomings. Short and short, whoever has the advantage of space and space warfare, who can restrain the US military. Some people may ask, is it from a military point of view that the space warfare is so important that people think it is more important than firepower? Yes, this is the author’s answer. Because when your opponent has been fully dimensioned, it will either be better than the opponent’s network space warfare, or defeat the war first, and then the firepower war will only destroy the opponents who are still unwilling to admit defeat. The process of physical digestion.

Why is the space warfare so important? In fact, all of our main rivals have their strengths in all-dimensional informationization, and all their shortcomings are over-informatization. The shortcoming of informationization is that there is no chip-free, thus forming chip dependence. The chip makes the weapon platform ammunition stronger, but it is also extremely fragile. An electromagnetic pulse bomb can destroy all electronic components within its explosive coverage. This kind of scene makes the opponent who is armed with the chip to the teeth very scared. For us, what we fear the opponents should be our priority to focus on development.

If you play against a full-dimensional informatization opponent, the opponent is most worried about: one is attacked by the network, and the other is destroyed by the sky-based system. Because this will make the hardware advantages of all weapon platforms meaningless. Although our opponents also have this ability, once both sides use this ability to smash opponents, it means that the two sides will return to World War II. At that time, who has the advantage of population, who has the advantage of resources, who has the advantage of manufacturing, who has the advantage of war.

Seeing this clearly helps us to get rid of some kind of paradox: the more we understand the military system of our opponents, the more we worry about the gap in our military system. The more we recognize the gap, the more we want to learn to catch up with our opponents. The result is what the opponent has, I There is also something to be. In the end, I forced myself to a dead end with the strength of the opponent and the length of the opponent. How can this road lead us to “can fight, win and win”? Ancient and modern Chinese and foreign, whereever wins, all of them are short of my enemy, even if it is hard, it is the longest attack of my enemy. There is a winner who wins the enemy with the enemy. Moreover, winning the war in the future cannot be achieved at all costs. For China, there should be a requirement that is as important as victory. Weapons and equipment development and operational plan development must consider how to reduce costs. Never have anything for the opponent, we must have something. You can’t do it with the Dragon King, and you can’t become a local tyrant. You can’t compare it with the Dragon King. Today, we have some cognitive defects on how to win the overall war of local war under informatization conditions. We always consciously and unconsciously think that playing high-tech wars is a high-cost war, and we always want to compare costs with our competitors. And fight costs.

In fact, we can completely change the way of thinking, that is to take the low-cost route. There are no heavy aircraft carriers, there is no X37, there is no global fast strike system, the opponent does not care. It only cares if you can destroy its satellite system and lick its network system. After all, the tools and means of attacking satellite weapons and electromagnetic pulse bombs are not very expensive and scarce, and their effects will be low-cost and high-yield. We can’t help but fall into the arms race with our opponents because we are worried about the gap between ourselves and our opponents.

The Americans said in the “air-sea battle” concept that “we will drag China into the competition with us in this way, so that the Chinese will put more energy into the production of such missiles such as Dongfeng 21D. Then use a lot of bait and deception to force the Chinese to consume these weapons in a meaningful direction.” In this regard, someone in the country wrote an article reminding us that “we must prevent falling into the trap of the United States.” This is not wrong in itself, but it still belongs to only know one, and I don’t know the other. It is important to know that after such articles come out, it is very likely that our understanding will produce new deviations, because there are “trap traps (ie double traps)” in the above-mentioned American discourse. First, it attempts to lure the Chinese army into the trap of an arms race. If you compete with the US military, you will spend a lot of money and resources to follow the US military and not to surpass; secondly, if you realize that this is a trap and give up the competition, you will immediately fall into another trap: since giving up the arms race Waste martial arts. For China, if we are not willing to compete with our opponents and we are not willing to squander martial arts, what should we do? The conclusion is that we can only go our own way.

To develop our own strengths and develop the things that are most beneficial to me, it is best to use my strength and defeat the enemy. At least it must be my long, the enemy’s long. I can’t do it with my short enemy, and the enemy’s long enemy will not do the same. With the enemy’s long attacking enemy, you will never win.

Take a look at the main design of the “Air-Sea Battle”: the opening is to hit your space-based system, let you blind; then hit the “reconnaissance war”, let you call you; then come to officially start a regular battle with you.

Under such circumstances, what should we do? It is a passive move, the soldiers will block, the water will cover the earth, or will it be my strength, in exchange for low-cost means, in exchange for the opponent’s high-value goal? Of course, the latter. To do this, we must first have three capabilities:

The first is satellite anti-missile capability. This ability will lead to a serious reliance on informatized opponents, making them blind, defamatory, and dumb, so that they can only return to the level of World War II to compete with conventional forces.

The second is the ability to remotely play. You must ensure that you have the ability to sink high-priced targets like aircraft carriers. If such a high-priced target is sunk, it will seriously undermine the confidence of investors around the world against the opponent, so that the capital does not dare to invest in it again, resulting in a serious war financing dilemma for the opponent. This is the national weakness of the opponent’s combat planners who are not aware of it. The confidence of the sinking aircraft carrier in global investors will be a huge blow, which will interrupt the opponent’s global capital chain.

The third is that there must be a network space combat capability. Especially the ability to attack any network system of the opponent. If China and the powerful opponents are really fighting, you must demonstrate your ability and determination to attack and smash all of the grid system from the very beginning. This is a necessary way to contain war by deterrence.

The reason is always easier said than done. How to get the power of the network in the future war, or to offset the advantage of the opponent’s network warfare? It is necessary to make yourself technological progress. But what is more necessary is the progress of thinking. The long history of evolution proves that human beings are not always in a state of thought progress in the coordinate system of time. Degradation will happen from time to time. The degradation of thinking is sad, but consciously pull the pair back to the “old battlefield”, that is, to offset the opponent’s informational combat capability, so that the opponent’s technical advantage is lost, and thus with us to return to a certain historical stage of combat, At that time, it is a feasible idea to give full play to my own advantages.

(The author is a professor at the National Defense University)

Original Mandarin Chinese:

近半個世紀以來,電子技術、信息技術以令人瞠目的速度迅猛發展,並因此全面改變了現代戰爭的風貌。儘管人們在談論戰爭的維度時,習慣於陸海空天電的排序,但從軍事技術層面講,“電子戰”“網絡戰”所構成的“網電空間戰”能力,卻毫無疑問已後來居上,成為第一戰鬥力。誰能主導電子戰,誰就能主宰戰場。可惜的是,這一結論至今還未能被各國軍隊普遍接受。

刻舟求劍,是對人們的認識滯後於事物的演變和發展的形象寫照。時至今日,當以電子技術和芯片技術為標誌的這一輪軍事革命,因技術日臻成熟,潛力逼近極限而漸近尾聲時,大多數國家的軍人對一個小小的電子管和更小的芯片就能改變戰爭的風貌,還沒做好充分接納的精神和知識準備。這對生活在信息化時代的人類,特別是掌握著信息化武器的軍隊來說,不能不說是一種諷刺。

世界外觀所呈現的個體性表徵,使人們憑直覺把整個世界區分成各個部分去認知和理解。即便電子技術、信息技術早已把整個世界都納入了網電空間而焊接成了一“域”,人們仍然習慣於將其切分成不同的“域”塊。如不少囿於傳統思維的軍人,就想當然地把作戰空間切分成陸、海、空、天、電五大維度,並以為自己將在這五種維度下作戰。而網電空間戰場,在他們看來,只不過是其中的一維。甚至在聯合作戰這一試圖把五維空間打通成一體的概念中,網電空間戰也只是其中一種作戰領域和作戰樣式而已,全然不懂大千世界已然被“信息化”了。這樣的滯後思維不可能跟上技術飛躍的步伐:舟已遠離湖面,劍卻沉在了湖底。能在未來戰場上穩操勝券者,一定是把全部戰場作為一個整體觀察和思考、操作並控制的軍隊。只有如此,才能找到打開胜利之門的鑰匙:誰能控製網電空間,誰就能控制戰場;誰能在網電空間戰中佔上風,誰就是戰爭的贏家。這是現代戰爭發展到今天誰也無法逆轉的大趨勢。

電子戰(今日已衍化成為信息戰或網電空間戰)是一切現代戰鬥、戰役乃至戰爭的前提。與此相比,制空權、制海權,甚至制陸權與製天權,都已向製網電權拱手交出了未來戰場的第一制權。何況制天權的爭奪本身就是製網電權的一部分。套用鄧小平的一句話說,現代戰爭,“沒有製空權,什麼仗都打不下來”。是的,未來戰爭,沒有製網電權,什麼仗都打不下來。

今天,提出要用“空海一體戰”構想遏制中國的美軍,是一架幾乎全面信息化了的軍事機器。因此,美軍深知信息化是其所長,亦是其所短。短就短在誰具備網電空間戰優勢,誰就能製約美軍。有人會問,難道從軍事角度講,網電空間戰真的那麼重要,以至於讓人認為比火力硬殺傷更重要嗎?是的,這正是筆者的回答。因為當你的對手已全維信息化後,它要么先勝於與對手的網電空間戰,要么先敗於此戰,其後的火力戰,只是對還不肯認輸的對手進行從心理摧毀到物理消解的過程。

為什麼網電空間戰如此重要?實際上,我們的主要對手其全部的長處就在於全維信息化,而其全部的短處也在於過度信息化。信息化的短處就是無一處無芯片,從而形成芯片依賴。芯片讓武器平台彈藥如虎添翼變得強大,而其自身卻也極端脆弱。一枚電磁脈衝炸彈,就可以讓在它爆炸覆蓋範圍內的所有電子元件被毀失能。這種場景讓用芯片武裝到牙齒的對手很恐懼。而對我們來說,讓對手恐懼的東西,就應該是我們要優先側重發展的武器。

如果跟全維信息化對手交手,對手最擔心的是:一被網攻癱瘓網絡,二被天戰摧毀天基系統。因為這將使其一切武器平台的硬件優勢都變得沒有意義。儘管我們的對手同樣也有這種能力,但一旦雙方都動用這種能力將對手癱瘓,那就意味著,對陣雙方將一起退回二戰水平。那時,誰具有人口優勢,誰有資源優勢,誰有製造業優勢,誰就有戰爭優勢。

看清這一點,有助於我們擺脫某種悖論:越了解對手的軍事系統,就越擔心自身軍事系統存在的差距,越承認差距,就越想學習追趕對手,結果就是對手有什麼,我就也要有什麼。最終把自己逼上一條以對手之長,攻對手之長的死路。這條路怎麼可能把我們引向“能打仗,打勝仗”?古今中外,凡勝仗,無一不是以我之長攻敵之短,即便是硬仗也是以我之長攻敵之長,未見有以敵之長攻敵之長而取勝者。何況,取勝於未來戰爭,不能以不惜一切代價獲勝為目的。對於中國來說,還應該有一個與勝利同樣重要的要求,武器裝備發展,作戰方案製定,都要考慮如何降低成本。決不能對手有什麼,我們就一定要有什麼。乞丐跟龍王爺比寶不行,變成土豪了,也不能跟龍王爺比寶。今天,我們對如何打贏信息化條件下局部戰爭的整體想法是存在某種認知缺陷的,總是自覺不自覺地以為打高技術戰爭就是打高成本戰爭,總想和對手一樣去比成本、拼成本。

實際上,我們完全可以換一種思路,那就是走低成本路線。有沒有重型航母,有沒有X37,有沒有全球快速打擊系統,對手並不在乎。它只在乎你能不能摧毀它的衛星系統,癱瘓它的網絡系統。畢竟,攻擊衛星武器和電磁脈衝炸彈的工具和手段都不是很昂貴、很稀缺,而其效果將是低成本、高收益。我們斷不能因為擔心自己與對手的差距,就不由自主地陷入跟對手的軍備競賽中。

美國人在“空海一體戰”構想中說,“我們要通過這個方式,把中國拖入到與我們的競賽,讓中國人把更多的精力都投入到東風21D等諸如此類導彈的生產中去,然後用大量的誘餌和欺騙迫使中國人大量地把這些武器消耗到沒有意義的方向”。對此,國內有人寫了一篇文章,提醒“我們要防止掉入美國陷阱”,這本身沒有錯,但仍然屬於只知其一,不知其二。要知道,此類文章出來以後,很有可能導致我們的認識產生新的偏差,因為上述美國人的話語中存在“陷阱的陷阱(即雙重陷阱)”。首先,它企圖將中國軍隊引誘到軍備競賽的陷阱中來。如果你跟美軍進行競賽,你就會耗費大量財力物力尾隨美軍而不得超越;其次,如果你意識到這是陷阱而放棄競賽,你又立刻就會掉入另一個陷阱:由於放棄軍備競賽而自廢武功。對中國來說,如果我們既不願意跟對手競賽,又不願意自廢武功,那我們應該怎麼辦?結論是,我們只能走自己的路。

發展我們自己之長,發展對我最有利的東西,最好以我之長,克敵之短。起碼也要以我之長,克敵之長。以我之短克敵之長不行,以敵之長克敵之長同樣也不行。以敵之長攻敵之長,你將永無勝算。

看看“空海一體戰”最主要的設計:開場就是打擊你的天基系統,讓你致盲;接著打“偵察戰”,讓你致聾;然後才來跟你正式開打常規戰。

這種情形下,我們怎麼辦?是被動接招,兵來將擋,水來土掩?還是揚我所長,以低成本手段,換取對手高價值目標?當然是後者。為此,我們必須先具備三種能力:

第一種是衛星反導能力。這種能力將一擊致癱嚴重依賴信息化的對手,使其致盲、致聾、致啞,從而只能與你一道退回二戰水平去比拼常規戰力。

第二種是遠程精打能力。必須確保你有能力擊沉類似航母這樣的高價目標。這樣的高價目標如果被擊沉,將沉重地打擊全世界投資人對對手的信心,使資本不敢再投向它,造成對手嚴重的戰爭融資困境。這是對手的作戰計劃人員沒有意識到的國家軟肋。擊沉航母對全球投資人的信心將是一個巨大的打擊,從而將打斷對手的全球資本循環鏈。

第三種是必須有網電空間作戰能力。特別是對對手的任何網絡系統攻擊的能力。如果中國和遠比自己強大的對手真的發生戰爭,你必須從一開始就展示你有攻擊並癱瘓其全部網電系統的能力和決心,這是用威懾遏制戰爭的必要方式。

道理,總是說起來容易做起來難。如何在未來戰爭中拿到製網電權,或者對沖掉對手的網電戰優勢?讓自己獲得技術進步是必須的。但更必須的,是思維的進步。漫長的進化史證明,人類在時間的坐標系上,並不總是處於思維進步狀態。退化,會不時發生。思維的退化是可悲的,但有意識地把對手拉回“舊戰場”,即對沖掉對手的信息化作戰能力,讓對手的技術優勢盡失,從而與我們一道退回某一歷史階段的作戰水平,屆時,盡情發揮我自身優勢,則不失為一種可行的思路。

(作者係國防大學教授)

Original Referring URL: http://www.81.cn/jkhc/2014-12/

 

Chinese Military Information Warfare Attacks on Mind and Spirit // 中國軍隊信息戰隊思想和精神的攻擊

Chinese Military Information Warfare Attacks on Mind and Spirit //

中國軍隊信息戰隊思想和精神的攻擊

June 01, 2004 08:58
  If the 1991 Gulf War was the first time that the United States brought information warfare from the research report to the actual battlefield, then the Iraq war that ended last year may be the further development of information warfare in actual combat. Information warfare, as the focus of the new military revolution in the 21st century, has increasingly attracted people’s attention. However, through the information campaign to study the lively scenes, we will find that quite a few people only understand information warfare from the perspective of military and technology alone, but information warfare is not so simple. 

  Information warfare is a new emergence of human beings entering the information age. a phenomenon of war. It is not a simple style of warfare, but a new form of warfare relative to firepower. The emergence of information warfare has formed a major breakthrough in many traditional war concepts such as the object of war, the boundaries of war, and the content of war. Among them, the focus should be on the ideological and spiritual side of information warfare. 

  What you see is only the tip of the iceberg 

  . There are dozens of concepts about information warfare in the world. However, many of them only understand information warfare from the military and technical perspectives. Even the United States, which is in the leading position of information warfare, is only from the last It was only at the end of the century that this issue was considered from a strategic and social point of view. This is not comprehensive. An important prerequisite for understanding information warfare is that information warfare should not be viewed simply with the war view of the industrial age. In the information age, computers and networks have dramatically changed the shape of war in the past. In the information war, the army and the society, the military and civilians, the war and the crime, the state and the individual have been intertwined in many cases, and they are unclear and unreasonable. 

  Information warfare broadly refers to the war against the information space and the competition for information resources in the military (including political, economic, cultural, scientific, and social fields). It mainly refers to the use of information to achieve the national strategic goals; narrowly Refers to the confrontation between the warring parties in the armed field in the field of information, and seizes the right to control the information. It should be emphasized that information warfare is not a simple military technical issue and should not be understood as a combat style. Information warfare is actually a form of war.

  The term “information” is understood relative to the times, and corresponds to the agricultural and industrial eras; in terms of social forms, it is also in line with agricultural and industrial societies. At the same time, it is one of the three major resources that human beings must compare with matter and energy. Investigating information warfare, only by knowing at this level can we reveal information warfare in the true sense. 

  The rise of information warfare lies not in what kind of nouns it uses, nor in the war nouns. It is as simple as the buzzwords of “information,” “information,” “information age,” and “digitalization.” It is the inevitable result of the development of society and science and technology, with revolutionary and epoch-making significance. The information wars that emerged at the end of the 20th century, or the information wars we have seen, are only the tip of the iceberg, and are only partial and limited information wars embodied in the military field. Only when the world reaches full network and the earth becomes a small village in the true sense can we see the broad and real information war. 

  Information warfare is not just  about the military. When it comes to information warfare, people often think of the army first. Indeed, in the traditional war, the army is the protagonist of the war, and the battlefield is also the stage of the military. Under the conditions of information warfare, the situation is very different. The scope of the battlefield has greatly expanded, and the war has become far more than just military affairs, but has developed into a national war under high-tech conditions. Information warfare is not only carried out through the military, but also through the entire social network. With the construction of the world information highway, information warfare has been difficult to define boundaries. Any social NGO or even an individual who has ordinary computer equipment and masters computer communication technology may use a globally connected computer and communication system to participate in an information war. 

  The information warfare is not only the main manifestation of the army: First, the participants in the information war are no longer limited to military personnel, but also include ordinary people. Information warfare combatants can be either regular soldiers or teenage hackers. Second, many of the weapons and equipment used in information warfare, such as computers and optical instruments, can no longer be military supplies, and are available in the civilian goods market. Take the United States, an information war powerhouse, as an example. The US military’s information warfare system relies heavily on civilian information infrastructure. Senior US military personnel referred to the informationization of the US military’s military as “buy from the market.” Third, information warfare is not only on the battlefield, but on the entire society. “The battlefield is only where the soldiers are killed. It no longer covers information warfare.”

  Information warfare is not only played in wartime. 


  Since the war, the attackers launched wars, and the defenders resisted aggression, and they must be prepared for war. In particular, mechanized warfare has shown obvious phase and proceduralization. In the war of information age, the boundaries between war preparation and implementation are increasingly blurred and even mixed. Looking around the world, it is not difficult to find that information powers are fighting almost every day: public opinion, intelligence confrontation, network reconnaissance, and so on. These are actually information wars that have transformed form, and can be called public opinion warfare, intelligence warfare, and cyber warfare. 

  In the Iraq war, the power of public opinion wars opened the eyes of the world. It has been said that the “discussion war”, one of the forms of information warfare, has been going on since the war. Earlier cases of “public opinion wars” can be traced back to the “Oath of the Oath” of China’s Xia Dynasty and later “Looking for Cao Yuwen” and “Discussing Wushu”. The “discussion of public opinion” has no boundaries between wartime and peace. It controls, manipulates, plans, and utilizes various public opinion tools to systematically deliver selected information to the audience, affecting the audience’s emotions, motivations, judgments, and choices, thus having a major and direct impact on the outcome of the war. As for the information warfare and cyber warfare in the information war, it is even more ignoring the difference between wartime and peacetime. At that time, the US Clinton Administration put forward the idea of ​​building an information highway and promoting global informationization. This move has made the world believe that the United States is leading the human society into the information age. However, the strategic intention of the United States is actually that when the informationization of human society is still in a blank, it will expand the information territory of the United States in order to occupy the opportunity of informationization. As a result, the future development of global informationization will follow the US road map. The United States can integrate the countries of the world into the informatization map of the United States. Looking at it now, this strategic attempt by the United States is far more effective than winning a war of blood and hurricanes.

  When information warfare is not only a battle, this is not only manifested in the blurring of the preparation and implementation of information warfare, especially in the attack of information warfare on people’s thoughts and spirit. The formation of thoughts and spirits is a subtle process. Through the information superiority, we can achieve the goal of “no war and defeated soldiers” or “less war and defeated soldiers”. The general approach is to use information superiority to create contrast between the enemy and the enemy, use psychological warfare and strategic deception to shake, frustrate the enemy’s military, people’s hearts and government beliefs, and destroy the enemy’s normal political and economic operation system. Means can put the enemy in a state of paralysis, curb the will of the hostile country to wage war, or deprive it of its ability to war. 

  In the 1980s, the scenes of the US-Soviet confrontation were very interesting. Reagan, the US president who is good at acting, has proposed an aggressive “Star Wars” plan, claiming to make all the strategic nuclear missiles of the Soviet Union useless. As soon as the plan was announced, the United States started to promote all the propaganda machines and caused a great sensation in the world. The Soviet leaders convened an emergency meeting in succession and decided to resolutely respond to the blood and establish a strategic defense shield of the Soviet Union. In fact, the “Star Wars” program in the United States only carried out a little bit of technical experimentation. It didn’t cost much at all, but a movie of the same name “Star Ball” was popular in the world. However, the Soviets were very hardworking and hard work. When the national economy was on the verge of collapse, the vast ruble was still thrown into the arms race. The Soviet Union, which had been unable to do so, ran out of the last drop of blood after seven years. It cannot be said that the collapse of the Soviet economy and the collapse of the regime were not dragged down by the US information war. 

  Paying attention to the people’s war that defends the boundaries of 

  information. Under the conditions of information warfare, national sovereignty has a new content. The extension of national security has expanded and its connotation has become more abundant. The influence of information warfare is no longer limited to the military field, but radiates to the whole. Human society. Under the conditions of information warfare, the important magic weapon for a weak country to defeat a powerful country is the people’s war. Only by insisting on the people’s war under the conditions of information warfare can we effectively defend the national information territory and safeguard national information sovereignty. In addition to information technology and tactics, the most important thing is to grasp the construction of the information talent team and build the two lines of the national spirit defense line in the information age. 

  Those who have talents are in the world. The outcome of the information warfare depends to a large extent on human factors, and must be supported by a large number of high-tech information warfare personnel.

  In the information warfare, a small number of top information talents can often play a key role in the outcome of the war. During the Second World War, in order to grab a German atomic physicist, the US military changed the direction of the attack of the three Army divisions. After the end of World War II, the history of “the wise man grabbed the people, the fools took the device” was even more intriguing. In the East, the Soviets were busy carrying the seized tanks and cannons; in the West, Americans hurriedly transported more than 3,000 German scientists back home. More than half a century has passed, and the country that grabbed talents is still continuing to write a history of robbing people, and its economy, technology and military are incomprehensible. The country that robbed the weapon was now facing the reality of being robbed. After the disintegration, the Soviet Union had tens of thousands of outstanding scientific and technological talents to change their positions to serve the opponents of the year. As a commanding height of military struggle, the struggle for talents is more decisive in the military contest of the information age. 

  Compared with the “hard killing” brought about by information warfare, the “soft killing” of information warfare is even more terrible. The spiritual realm is the most “window of vulnerability” under the conditions of information warfare. 

  As information technology becomes more developed, channels become more and more fluent, and information sources are more extensive. People will get more and more information and get information faster and faster. The means of modernization have transmitted the information to be transmitted to the countries of the world effectively without any restrictions. At present, developed countries pay great attention to using their advanced information technology to establish a global network of radio, television, and computer networks, thereby exporting their political opinions and values ​​on a large scale and expanding the information frontier. As a result, countries with backward informationization have been subjected to a strong spiritual impact. Therefore, in order to win the people’s war under the conditions of information warfare, from the individual, the media, the army to the whole country, we must comprehensively enhance the awareness of information and national defense, establish the concept of defending the national information territory and information boundary, and consciously build an invisible spiritual defense line. 

  Related Links 

  Scanning the overall situation of the world information war It 

  can be said that the development of the world information warfare has gone through three stages. 

  The first stage: the period of information warfare before the Gulf War in 1991; the 

  second stage: the implementation and maturity of the information war after the Gulf War to 1998; the 

  third stage: the development period of the information warfare after 1998 .

  At present, the new military revolution triggered by information warfare is still going on around the world. The transformation of mechanized warfare into information warfare has been fully carried out in the world. The armed forces of major countries around the world are adjusting their strategies and tactics, preparing equipment, and combat training in accordance with the information warfare, in preparation for winning information warfare. All the wars after the Gulf War have been marked with traces of information warfare. The power of information warfare is impacting all areas of society. 

  Information warfare techniques and techniques click 

  Currently, the world’s countries in the application and development of information warfare technology are mainly: 

  1. Reconnaissance and surveillance technology. Various means of reconnaissance, surveillance, early warning and navigation, including space-based, space-based, sea-based and foundation. 

  2. Platform integrated information warfare system. Realize radar warning, missile launch and attack alarm, information support, information interference and avoidance, and synergistic integration, and integrate with other information equipment on the platform to achieve information sharing. 

  3. Network command and control warfare technology. 4. Computer virus technology. 

  5. Attacking weapons technology. Including electromagnetic pulse weapons, ultrasonic weapons and infrasound weapons. 6. Advanced electronic countermeasures technology. 

  The latest information warfare equipment glimpse 

  In the development of information warfare weapons, in recent years, the following equipments have been developed or put into active service in various countries. 

  1. The Joint Surveillance and Target Attack Radar System is a battlefield information processing system that accurately detects moving and fixed targets to cope with the implementation of long-range precision strikes, and provides commanders with important information about combat development and combat management. 

  2. The Joint Tactical Air-to-Ground Information Station is a weapon support system that processes the vital information needed for space-based sensor data and operational capabilities for early warning missile launches. 

  3. A beam-energy weapon can penetrate targets hundreds of kilometers or even thousands of kilometers in an instant without leaving a “hard injury”, especially for the direct destruction of high-precision guided high-tech weapons. Therefore, it is considered to be tactical air defense and anti-armor. Optoelectronic countermeasures and even strategic anti-missile, anti-satellite, anti-satellite, multi-purpose ideal weapon for all spacecraft.

  4. Smart warfare, woven with a fiber optic network and a conductive polymer network, and a miniature measurement system that monitors the soldier’s physical condition. In the future battlefield, a soldier was injured. At the moment of his fall, the medical staff at the ambulance center can accurately determine whether it is a bullet or a knife wound, where the injured part is, and other basic injuries. 

  In addition, there are military robots, shipboard electronic warfare systems, high-power RF amplifier technology, advanced antenna technology and signal processing technology. 

  The information 

  warfare is fiercely competitive. Looking at the world, more than 20 countries including Britain, France, Israel, and Russia have conducted in-depth research on information warfare. The development of information warfare in the United States is at the forefront of the world, mainly in technology, equipment, and theory. 

  United States: The information war strategy was changed from defense to attack. In order to improve the US military’s information warfare technical capabilities, the US Department of Defense has a specialized information system processing agency responsible for maintaining the 2.5 million computers used by the US military. It is also studying how to improve the attack capabilities of computers and create communication networks and financial systems that destroy hostile countries. And the intrusion of the power system. As early as the fall of 2000, the US Space Command Center began to develop aggressive computer weapons. This means a major adjustment in the US military’s information war strategy—from strategic defense to strategic attack. 

  Russia: The focus of information warfare is on “Heavenly Soldiers.” The development of information warfare in Russia has concentrated on the development of “Heavenly Soldiers” — the astronauts. In 2002, Russia invested about 31.6 billion rubles for space research, 5.4 billion rubles for the development of global navigation systems, and strengthened the development of lasers, high-power microwaves and anti-satellite weapons. 

  Japan: Accelerate the formation of information warfare units. The Japanese Defense Agency is forming an information warfare force of 5,000 people, focusing on the development of cyber weapons as the focus of future defense plans, and speeding up the construction of the Japanese Army’s digital forces.

  EU and other Western countries: embarking on the construction of digital troops. Countries such as France, Germany, Britain, Canada, Australia, the Netherlands and Sweden are also developing platforms and individual C4I systems. More than 10 countries, including France, Britain, Germany, Australia, Canada, Italy, and Israel, are embarking on the implementation of digital military and digital battlefield construction plans. Among them, most countries are concentrating human and financial resources to develop the equipment needed for digital units, and a few countries in the past have conducted several digital force test exercises. In the future, while the above-mentioned countries continue to develop the digital “hardware” of the battlefield, they will begin to consider the composition of the digital units, and more countries will join the ranks of the digital construction of the troops.  

Source: China National Defense News

Original Mandarin Chinese:

如果說,1991年的海灣戰爭是美國第一次把信息戰從研究報告中搬上實戰戰場,那麼去年結束的伊拉克戰爭也許就是信息戰在實戰中的進一步發展。信息戰,作為21世紀新軍事革命狂飆的重心,已經越來越引起人們的重視。然而,透過信息戰研究熱鬧的場面,我們會發現,相當多的人們只是從單純軍事和技術的角度認識信息戰的,但信息戰其實並不這麼簡單——

信息戰是人類進入信息時代新出現的一種戰爭現象。它不是一種簡單的作戰樣式,而是相對於火力戰的一種新的戰爭形態。信息戰的出現對諸如戰爭對象、戰爭界限、戰爭內容等許多傳統戰爭理念都形成了重大突破,其中尤其應該引起關注的是信息戰攻擊思想和精神的一面。

看到的只是冰山一角

目前世界上關於信息戰的概念有幾十種,然而,很多卻只是單純從軍事和技術的角度來認識信息戰的,即使處於信息戰領先地位的美國也只是從上個世紀末才開始從戰略高度和社會意義上思考這個問題,這很不全面。認識信息戰的一個重要前提是,不應該簡單地用工業時代的戰爭觀來看待信息戰。信息時代,電腦和網絡大大改變了以往的戰爭形態。信息戰中,軍隊與社會、軍人與平民、戰爭與犯罪、國家與個人在很多情況下已經交織在一起,分不清,理還亂。

信息戰廣義地指對壘的軍事(也包括政治、經濟、文化、科技及社會一切領域)集團搶佔信息空間和爭奪信息資源的戰爭,主要是指利用信息達成國家大戰略目標的行動﹔狹義地是指武力戰中交戰雙方在信息領域的對抗,奪取制信息權。需要強調的是,信息戰不是一個簡單的軍事技術問題,不應該被理解為一種作戰樣式。信息戰實際上是一種戰爭形態。

“信息”這個名詞相對於時代來理解,是與農業時代、工業時代相對應的﹔就社會形態而言,又是與農業社會、工業社會相呼應。同時,它又是與物質、能量相提並論的人類必須的三大資源之一。考察信息戰,隻有從這個層次上去認識,才能揭示真正意義上的信息戰。

信息戰的崛起不在於它用了什麼樣的名詞,也不是戰爭名詞上冠以“信息化 ”、“信息”、“信息時代”、“數字化”這些時髦的詞藻那麼簡單。它是社會和科技發展的必然結果,帶有革命性、劃時代的意義。 20世紀末出現的信息戰,或者說我們已經看到的信息戰只是冰山之一角,僅僅是體現在軍事領域中的局部和有限的信息戰。隻有當世界達到全面網絡化,地球成為真正意義上的小村落時,我們才能看到那種廣義上、真正的信息戰。

信息戰不隻靠軍隊打

一提起打信息戰,人們往往首先就想到軍隊。確實,傳統戰爭中,軍隊是戰爭的主角,戰場也主要是軍人的舞台。信息戰條件下,情況則大不一樣。戰場的範疇大大擴展,戰爭變得遠遠不只是軍隊的事情,而是發展成高技術條件下的全民戰。信息戰不只是通過軍隊,同時也可以通過全社會網絡來實施。隨著世界信息高速公路的建設,信息戰已難以劃定界限。任何社會民間組織甚至個人隻要擁有普通計算機設備、掌握計算機通訊技術,都有可能利用全球聯網的計算機與通信系統參與一場信息戰。

信息戰不隻打軍隊主要表現在:第一,信息戰的參與者不再僅限於軍人,而且還包括普通民眾。信息戰作戰人員既可以是正規軍人,也可以是十幾歲的少年黑客。第二,信息戰所使用的許多武器裝備,如計算機、光學儀器等可以不再是軍用品,在民用品市場上都可買到。以信息戰強國美國為例,美軍的信息戰系統在很大程度上依賴民用信息基礎設施。美國軍方高層人士把美軍軍隊信息化變革稱為“從市場上買來的”。第三,信息戰作戰不單在戰場,而是分佈於整個社會。 “戰場只是士兵陣亡的地方,已不再囊括信息戰交戰場所。”

信息戰不隻在戰時打

自有戰爭以來,進攻者發動戰爭,防御者抵禦侵略,都要進行周密的戰爭準備。特別是機械化戰爭,呈現出明顯的階段性、程序化。而信息時代的戰爭,戰爭準備與實施的界限則日趨模糊,甚至混為一體。環顧世界,不難發現,信息強國幾乎每天都在進行戰爭:輿論宣傳、情報對抗、網絡偵察等等。這些實際上都是轉化了形式的信息戰,可以稱之為輿論戰、情報戰、網絡戰。

伊拉克戰爭中,輿論戰的威力讓世人大開眼界。有人說,作為信息戰作戰形式之一的“輿論戰”自有戰爭以來就一直在進行著。進行“輿論戰”的較早案例甚至可以追溯到中國夏朝的《甘誓》以及後來的《討曹檄文》與《討武檄文》。 “輿論戰”的進行完全沒有戰時與平時的界限。它通過控制、操縱、策劃、利用各種輿論工具,有計劃地向受眾傳遞經過選擇的信息,影響受眾的情感、動機、判斷和抉擇,從而對戰爭結果產生重大而直接的影響。至於信息戰中的情報戰、網絡戰就更是無視戰時與平時的分別了。當年,美國克林頓政府提出了構建信息高速公路、推進全球信息化的主張。此舉曾讓世人認為美國正在引領人類社會步入信息化時代。然而,美國的戰略意圖其實是趁人類社會的信息化尚處於一片空白之時,跑馬圈地,擴張美國的信息疆域,以期佔住信息化的先機。如此一來,全球信息化未來的發展就將按美國的路線圖行進。美國可以一舉將世界各國納入美國規劃的信息化版圖。現在看,美國的這一戰略企圖,其成效已遠遠勝於贏得一場硝煙彌漫、血雨腥風的戰爭。

信息戰不隻打戰時,這不僅表現為信息戰戰爭的準備與實施界限模糊,尤其體現在信息戰對人的思想和精神的攻擊上。思想和精神的形成是一個潛移默化的過程,通過信息優勢可以達成“不戰而屈人之兵”或“少戰而屈人之兵”的目標。其一般做法是:利用信息優勢在敵我之間製造反差,運用心理戰和戰略欺騙等手段,動搖、沮喪敵方軍心、民心和政府信念,破壞敵方正常的政治、經濟運行體系,通過上述手段可以使敵國處於癱瘓狀態,遏制敵對國家發動戰爭的意志,或使其喪失戰爭能力。

上個世紀80年代美蘇對峙中的一幕場景很值得人玩味。擅長演戲的美國總統裡根提出了一個咄咄逼人的“星球大戰”計劃,號稱要讓蘇聯的所有戰略核導彈失去作用。該計劃一宣布,美國就開動全部的宣傳機器拼命鼓吹,在全世界引起了巨大轟動。蘇聯領導人連續召開緊急會議,決定不惜血本堅決應對,建立起蘇聯的戰略防禦盾牌。其實,美國的“星球大戰”計劃隻進行了星星點點的技術實驗,壓根就沒有花多少錢,倒是一部同名的《星球大球》的電影風靡世界。而蘇聯人卻非常認真地埋頭苦幹,在國民經濟已經瀕臨崩潰的情況下,仍然把大把的盧布投向軍備競賽。本來已經力不從心的蘇聯在7年之後流盡了最後一滴血。不能說,蘇聯經濟的崩潰及政權的垮台沒有受美國信息戰的拖累。

關注保衛信息邊界的人民戰爭

在信息戰條件下,國家主權有了新的內容,國家安全的外延擴大了、內涵更豐富了,信息戰的影響也不再僅僅局限於軍事領域,而且輻射到整個人類社會。在信息戰條件下,弱國戰勝強國的重要法寶就是人民戰爭。隻有堅持打信息戰條件下的人民戰爭才能切實保衛國家信息疆域,維護國家信息主權。這其中除了信息技術和戰法等因素外,最主要的是抓住信息人才隊伍建設與構築信息時代的全民精神防線兩個環節。

得人才者興天下。信息戰的戰果如何,在很大程度上取決於人的因素,必須有大量的高技術信息戰人才作支撐。

在信息戰中,為數不多的頂尖信息人才往往能對戰爭的勝負起到關鍵作用。二戰期間,美軍為了把一個德國原子物理學家搶到手,竟然將3個陸軍師的進攻方向作了改變。二戰結束後那段“智者搶人,愚者奪器”的歷史更是耐人尋味。在東方,蘇聯人忙著搬運繳獲來的坦克大砲﹔在西方,美國人卻急急把3000多名德國科學家運回國內。半個多世紀過去了,當年搶人才的國家如今仍然在續寫著搶人的歷史,其經濟、科技和軍事不可一世。當年搶兵器的國家如今則在無奈地面對著被搶的現實。解體後的蘇聯有上萬名優秀科技人才改換門庭,服務於當年的對手。人才之爭作為軍事鬥爭的一個制高點,在信息時代的軍事較量中,更具有決定性的意義。

與信息戰所帶來的“硬殺傷”相比,信息戰的“軟殺傷”更為可怕。信息戰條件下精神領域是最“易受攻擊之窗”。

隨著信息技術越來越發達,信道越來越流暢,信息來源更為廣泛,人們獲取的信息將越來越多,獲取信息的速度也越來越快。現代化的傳播手段把所要傳遞的信息幾乎不受任何限制,有效地傳到世界各國。當前,發達國家十分注意利用它們的先進信息技術,建立覆蓋全球的廣播、電視、計算機網絡,藉此大規模輸出其政治主張和價值觀念,擴充信息疆域。其結果是信息化發展落後的國家受到強烈的精神沖擊。因此,要想打贏信息戰條件下的人民戰爭,從個人、媒體、軍隊到整個國家都必須全面增強信息國防意識,樹立保衛國家信息疆域和信息邊界的觀念,自覺築起無形的精神防線。

相關鏈接

世界信息戰總體形勢掃描

可以認為,世界信息戰的發展經歷了3個階段。

第一階段:1991年海灣戰爭以前信息戰的醞釀和提出時期﹔

第二階段:海灣戰爭後至1998年前信息戰的實施和成熟時期﹔

第三階段:1998年後至今遏制信息戰的發展時期。

當前,信息戰引發的新軍事革命仍在全球進行。機械化戰爭向信息戰的轉變已在全球全面展開。全世界各主要國家的軍隊正按照信息戰思想調整戰略戰術、編制裝備、作戰訓練等,為打贏信息戰作準備。海灣戰爭以後的所有戰爭無不烙上信息戰的痕跡。信息戰的威力正沖擊著社會的各個領域。

信息戰實戰技法點擊

當前,世界各國在信息戰技術手段的應用與發展上主要有:

1.偵察監視技術。包括天基、空基、海基和地基在內的各種偵察、監視、預警、導航等手段。

2.平台一體化信息戰系統。實現雷達告警、導彈發射和攻擊告警、信息支援、信息幹擾及規避、協同一體化,而且與平台上其他信息設備綜合為一體,達成信息共享。

3.網絡指揮控制戰技術。 4.計算機病毒技術。

5.攻心武器技術。包括電磁脈沖武器、超聲波武器和次聲波武器。 6.先進電子對抗技術。

最新信息戰裝備掠影

在信息戰武器發展上,近年來各國研製或已投入現役的主要有以下裝備。

1.聯合監視與目標攻擊雷達系統,是一種戰場信息處理系統,能精確探測移動的和固定的目標,以配合實施遠距離精確打擊,還能向指揮官提供有關戰況發展和戰鬥管理的重要情報。

2.聯合戰術空對地信息站,是一種武器支援系統,能處理供預警導彈發射用的天基傳感器數據、作戰能力所需的重要信息。

3.束能武器,能在瞬間穿透數百公裡甚至數千公裡外的目標而不留下“硬傷”,尤其對精確制導高技術武器有直接的破壞作用,因此被認為是戰術防空、反裝甲、光電對抗乃至戰略反導、反衛星、反一切航天器的多功能理想武器。

4.智能戰衣,編織有光纖網絡和導電聚合網絡,並有監視士兵身體狀態的微型測量系統。在未來戰場上,一名士兵受了傷,就在其倒地的瞬間,救護中心的醫務人員就能準確判斷出是彈傷還是刀傷、受傷部位在何處以及其他基本傷情。

此外,還有軍用機器人、艦載電子戰系統、強功率射頻放大器技術、先進的天線技術和信號處理技術等等。

信息戰國力競爭激烈

放眼世界,現在已有英國、法國、以色列、俄羅斯等20多個國家對信息戰展開深入研究。美國信息戰發展走在世界前列,主要體現在技術、裝備、理論等方面。

美國:信息戰戰略由防轉攻。為了提高美軍信息戰技術能力,美國國防部有專門信息系統處理機構負責維護美國軍方使用的250萬台電腦,並在抓緊研究如何提高電腦的攻擊能力,製造破壞敵對國的通信網絡、金融系統及電力系統的入侵病毒。早在2000年秋天,美國太空指揮中心已開始研製攻擊性電腦武器。這意味著美軍信息戰戰略的重大調整———由戰略防禦轉向戰略進攻。

俄羅斯:信息戰重心在“天兵”。俄羅斯的信息戰發展集中力量發展“天兵 ”———航天兵。 2002年俄羅斯投入約316億盧布用於太空專項研究,54億盧布用於全球導航系統的研發,還加強了激光、高功率微波和反衛星武器的研製。

日本:加快組建信息戰部隊。日本防衛廳正在組建5000人規模的信息戰部隊,把網絡武器的開發作為今后防衛計劃的重點,並加快了日本陸軍數字化部隊的建設。

歐盟和其他西方國家:著手數字化部隊建設。法、德、英、加、澳、荷蘭和瑞典等國也在研製平台和單兵的C4I系統。法國、英國、德國、澳大利亞、加拿大、意大利、以色列等10多個國家都在著手執行數字化部隊和數字化戰場建設計劃。其中,多數國家正在集中人力財力開發數字化部隊所需要的裝備,少數走在前面的國家已進行過多次數字化部隊試驗演習。今後,上述國家在繼續開發戰場數字化“硬件”的同時,將開始考慮數字化部隊的編成結構,並將有更多的國家加入部隊數字化建設的行列。

來源:中國國防報

Original Referring URL: http://people.com.cn/BIG5/junshi/1078/

 

 

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //

中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

■ cyberspace is easy to attack and defend, traditional passive defense is difficult to effectively deal with organized high-intensity attacks

■ Improve network security, the defense side can not rely solely on the technology game, but also need to win the counterattack on the concept

The new “Thirty-six” of network security

  ■Chen Sen

点击进入下一页

Fisher

  News reason

  In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

  The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

  The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

  Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

  Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

  As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

  Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

  Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

  In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

  At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

  Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

  In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

  The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

  Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

  The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

  The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

  Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

  Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Related Links–

Network attack and defense

“Shenzhen”: the pioneer of network physics warfare

点击进入下一页

  In August 2010, Iran built the Bushehr nuclear power plant with the help of Russia. However, the nuclear power plant, which was scheduled to be put into operation in October of that year, was postponed several times. A year later, according to media reports, it was caused by a computer network virus attack of unknown source. More than 30,000 computers were “in the middle”. Thousands of centrifuges in Natans were scrapped. The newly capped Bushehr nuclear power plant had to be taken out. Nuclear fuel was delayed and the Iranian nuclear development plan was forced to shelve. This virus, later named “Shenzhen”, pioneered the control and destruction of entities through the network.

“Flame”: the most powerful spy in history

点击进入下一页

  Network intelligence activities are the most active part of the cyberspace strategy game and security struggle. In 2012, a large amount of data from the Iranian oil sector was stolen and cleared, making it impossible for oil production and exports to function properly. In order to avoid continuing to create hazards, Iran was urgently disconnected from the network of the oil facilities on the Halk Island near the Gulf. After a large-scale investigation, a new virus emerged, which later appeared in the “flame” virus in Israel, Palestine and other Middle Eastern countries. The “Flame” virus combines the three characteristics of worms, backdoors and Trojans. It combines the interception of screen images, recording audio dialogues, intercepting keyboard input, and stealing Bluetooth devices. It has become a new type of electronic company that steals secret information from other countries. spy”.

“Shut”: System breaks

点击进入下一页

  In 2007, in order to kill the Syrian nuclear program in the bud, 18 F-16 fighters of the 69th Fighter Squadron of the Israeli Air Force quietly broke through the advanced Russian “Dor”-M1 air defense deployed by Syria on the Syrian-Israeli border. The system carried out precise bombing of a nuclear facility about 100 kilometers west of the Syrian-Israeli border and about 400 kilometers northeast of Damascus, and returned safely from the original road.

  According to the disclosure, the “Orchard Action” has made the US “Shuter” attack system shine. “Shut” invaded by remote radio, 瘫痪 radar, radio communication system, is the “behind the scenes” to make the Syrian air defense system in a state of failure. As a new type of network power attack system for networked weapon platforms and networked information systems, “Shut” represents the development trend of military technology and combat methods, and is bound to bring a new war landscape.

“Shadow Network”: Invisible Internet

点击进入下一页

  The complicated situation of ideological struggle caused by the Internet has created an alternative channel for information penetration and “colonization” of thought. In the “Jasmine Revolution” in North Africa and the “Arab Spring” in the Middle East, there are “shadow networks”.

  A ghost-like “shadow network” can bypass the traditionally regulated Internet, form an invisible and independent wireless local area network, realize mutual information communication, and access the Internet at any time as needed, and access the network resources “unrestricted”. The New York Times disclosed that the US State Department and the Pentagon have invested heavily in building an independent system in Afghanistan and using a launch tower located in the military camp to transmit signals to protect them from Taliban militants. Subsequently, an “invisible communication system” was established in Iran, Syria and Libya to help local anti-government organizations to communicate with each other or with the outside world.

“X Plan”: To control the network battlefield

点击进入下一页

  Foreign media revealed that the Pentagon is building a 22nd century war plan, the “X Plan.” The “X Plan” is dedicated to building an advanced global computer map. With this “network map” that can be continuously updated and updated, the US military can easily lock the target and make it embarrassing. “If this plan is completed, the US military will be able to control the network battlefield as it controls the traditional battlefield.”

  It is not difficult to foresee that after the deployment of the “X Plan”, it is definitely not just “get rid of the constraints of the keyboard”, but also enables situational awareness and cyber attacks on a global scale.

Original Mandarin Chinese

■網絡空間易攻難守,傳統的被動式防禦難以有效應對有組織的高強度攻擊

■提高網絡安全性,防禦一端不能只靠技術博弈,還需打贏理念上的反擊戰

網絡安全之新“三十六計”

■陳 森

點擊進入下一頁

費雪 繪

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

相關鏈接——

各顯其能的網絡攻防戰

“震網”:網絡物理戰先驅

點擊進入下一頁

2010年8月,伊朗在俄羅斯幫助下建成布什爾核電站,但這座計劃於當年10月正式發電運轉的核電站,卻多次推遲運行。一年後,據媒體揭秘,是因為遭到來源不明的計算機網絡病毒攻擊,超過3萬台電腦“中招”,位於納坦斯的千台離心機報廢,剛封頂的布什爾核電站不得不取出核燃料並延期啟動,伊朗核發展計劃則被迫擱置。這種後來被冠名為“震網”的病毒,開創了通過網絡控制並摧毀實體的先河。

“火焰”:史上最強大間諜

點擊進入下一頁

網絡情報活動,是網絡空間戰略博弈和安全斗爭最活躍的部分。 2012年,伊朗石油部門大量數據失竊並遭到清除,致使其無法正常進行石油生產和出口。為避免繼續製造危害,伊朗被迫切斷了海灣附近哈爾克島石油設施的網絡連接。大規模的調查後,一種新的病毒浮出水面,即後來又現身於以色列、巴勒斯坦等中東國家的“火焰”病毒。 “火焰”病毒兼具蠕蟲、後門和木馬三重特點,集截取屏幕畫面、記錄音頻對話、截獲鍵盤輸入、偷開藍牙設備等多種數據盜竊功能於一身,成為專門竊取他國機密情報的新型“電子間諜”。

“舒特”:體系破擊露鋒芒

點擊進入下一頁

2007年,為將敘利亞核計劃扼殺於萌芽之中,以色列空軍第69戰鬥機中隊的18架F-16戰機,悄無聲息地突破敘利亞在敘以邊境部署的先進俄製“道爾”-M1防空系統,對敘以邊境以西約100千米、大馬士革東北部約400千米的一處核設施實施精確轟炸,並從原路安全返回。

據披露,讓“果園行動”大放異彩的是美軍“舒特”攻擊系統。 “舒特”通過遠程無線電入侵,癱瘓雷達、無線電通信系統,是使敘防空系統處於失效狀態的“幕後真兇”。作為針對組網武器平台及網絡化信息系統的新型網電攻擊系統,“舒特”代表著軍事技術和作戰方式的發展趨勢,勢必將帶來全新戰爭景觀。

“影子網絡”:隱形國際互聯網

點擊進入下一頁

國際互聯網導致意識形態鬥爭的複雜局面,造成了信息滲透、思想“殖民”的另類通道。在北非“茉莉花革命”和中東“阿拉伯之春”中,均有“影子網絡”踪跡。

像幽靈一樣的“影子網絡”可繞過傳統監管的互聯網,形成隱形和獨立的無線局域網,實現相互間信息溝通,一旦需要又可隨時接入國際互聯網,“不受限制”地訪問網絡資源。 《紐約時報》披露稱,美國國務院和五角大樓斥巨資在阿富汗建造了獨立的系統,並利用設在軍營內的發射塔傳遞信號,以免遭塔利班武裝分子破壞。隨後在伊朗、敘利亞和利比亞設立“隱形通訊系統”,幫助當地反政府組織相互聯繫或與外界溝通。

“X計劃”:欲掌控網絡戰場

點擊進入下一頁

外媒披露,五角大樓正在打造一項22世紀的戰爭計劃,即“X計劃”。 “X計劃”致力於建立先進的全球計算機分佈圖,有了這張能夠不斷升級更新的“網絡地圖”,美軍就可以輕易鎖定目標令其癱瘓。 “如果完成了這個計劃,美軍將能夠像控制傳統戰場那樣控製網絡戰場。”

不難預見,“X計劃”部署後,絕對不只是“擺脫鍵盤的束縛”,更可以實現在全球範圍內進行態勢感知和網絡攻擊。

Original Referring URL: http://www.chinanews.com/mil/2016/08-11/

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security // 中國網絡戰如何拒絕外國入侵者關注國家安全

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security //

中國網絡戰如何拒絕外國入侵者關注國家安全

In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Original Mandarin Chinese:

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

Original Referring URL:  http://www.81.cn/jskj/2016-08/11/

Core Task of The Chinese Military Winning Localized War under Conditions of Informationization // 打贏信息化條件下局部戰爭是軍隊核心任務

Core Task of The Chinese Military Winning Localized War under Conditions of Informationization //

打贏信息化條件下局部戰爭是軍隊核心任務

2009/01/08 Article source: Liberation Army Daily

Focusing on local wars under the conditions of informatization and vigorously strengthening preparations for military struggle is a successful experience and an important guiding method for army building and a major strategic task for our military. Strategic tasks are numerous. In accordance with the established decision-making arrangements of the Central Military Commission, the People’s Army has made strides toward preparing for a new journey in military struggle.

Take the road of military struggle and prepare for rational development

New China has gone through nearly 60 years of history. For decades, the country once had a strong enemy and a crisis, but it has always stood firm and unyielding. There are many successful experiences. One important one is to prepare for a comprehensive and solid military struggle. It can be said that it is precisely with the people’s army “always ready” that it has built the steel great wall of the motherland’s security, safeguarded the happiness and tranquility of the people, and guaranteed the prosperity and development of the economy and society. Looking back on the stormy journey of preparations for military struggles for decades, behind the glory of achievements, we must also clearly see places that are not scientific enough. For example, many units are preparing for military struggles, overemphasizing specific threats in guiding ideology, relying too much on “situational stimuli”, causing the level of combat readiness to be weak and strong, and the construction of combat effectiveness to be high and low. The preparation for military struggle has not maintained autonomous and healthy. development of.

When things happen, things change, things change. At present, the preparations for military struggle are standing at a new historical starting point. The national security situation has undergone complex and profound changes. On the one hand, the traditional security threats and non-traditional security threats we are facing are increasing. The world’s major powers are increasingly competing in geostrategic competition around the country. The political situation in neighboring countries continues to be turbulent, and there are many hidden dangers in the regional security environment. The domestic separatist forces and their activities are rampant, the instability and uncertainties affecting national security are increasing, and the preparations for military struggle are facing unprecedented challenges. On the other hand, international unilateralism is frustrated, and the financial crisis has delayed global hegemonic expansion. The situation has been significantly eased, my main strategic direction has eased, and the preparations for military struggle are facing unprecedented opportunities. This opportunity is both strategic and historical. How to seize the opportunity, use the opportunity, and take advantage of the momentum is a realistic proposition that needs to be answered in preparation for the current military struggle. After 30 years of reform and development, our military has undergone a qualitative leap, with more comprehensive and informatized units, more technologically intensive and quality-efficiency features, and a wealth of achievements and advances in military struggle preparation. basic condition. Entering the new stage of the new century, President Hu focused on the special requirements of the party for national defense and army building, and endowed the military with the historical mission of “providing three to provide and play one”, emphasizing that “our army must enhance its ability to win local wars under conditions of informationization.” At the core, we are constantly improving our ability to respond to multiple security threats and accomplish diverse military tasks.” This series of major strategic ideas has adjusted the basic point of preparation for military struggle and expanded the task of preparing for military struggle. The establishment of this important guiding principle of the scientific concept of development puts forward higher requirements for the pursuit of military struggle, and is based on comprehensive, coordinated, sustainable development and people-oriented standards. There are still many ideas that need liberation, and many jobs. Innovation is needed and many aspects need to be improved.

In order to advance the preparations for military struggle under the new situation, we must seek changes based on the situation and make decisions based on the situation, and base ourselves on a new starting point for new development. We should strengthen preparations based on threats, strengthen all-round “threat awareness” and “enemy feelings”, fully recognize the grim reality that war is not far away and not only one, and unswervingly push forward preparations for military struggle. The task of the military should be based on the preparation of the task. The fundamental task of the army is to fight and prepare for war. You can not fight for a hundred years, but you can’t relax for a moment. You must comprehensively and systematically advance the preparations for military struggle in accordance with the standards for effectively fulfilling its functional mission. Based on the ability to prepare for the situation, jump out of the passive emergency preparedness mode led by the enemy, actively design the future war, plan and plan to improve the ability to deal with multiple security threats, complete diversified military tasks, and steadily and scientifically advance the preparations for military struggle.

Breaking through key points to improve the quality of military struggle preparation

Without a focus, there is no strategy, and without a focus, it is difficult to break through. Making full use of the important strategic opportunity period and grasping the key content to seek breakthroughs is not only an objective requirement to follow the inherent laws of military struggle preparation, but also an urgent need to comprehensively improve the actual combat capability of the troops.

As the most basic practical activity of the armed forces in peacetime, military training is the basic way to generate and develop combat power and is the most direct and effective preparation for military struggle. It is necessary to further raise the awareness of the importance of military training, effectively put military training in a strategic position, and truly form a new upsurge in the military training and vigorously promote the transformation of training. We should seize the key link in the formation of joint training, strengthen joint consciousness, improve joint quality, improve joint training regulations, improve joint training mechanism, and promote military training from form to substance. Training should be carried out in a complex electromagnetic environment as an important entry point and grasper, actively explore effective methods of organizing command training, combat technical countermeasures training and weaponry operation and use training, and accelerate the military training under the conditions of mechanization under military training conditions. change. We should use the mission subject training as a carrier to actively construct a battlefield environment that is close to actual combat, and explore the main methods of confrontation training, field training and base training, simulation training, and network training, with the test of truth, difficulty, and reality. Standards, taking the test, comparison, and pull as the practical training path of the implementation mechanism, enhance the effectiveness of training. Non-war military operations training should be actively carried out to improve the professional skills of non-war military operations and enhance the ability of the troops to complete diversified military missions.

Man is the most active and active element among the elements of combat effectiveness. Talent preparation is the most important and arduous preparation in the preparation for military struggle. The victory of the war depends on the battlefield, but the link that determines the outcome is in the usual competition, the focus of which is talent. At present, the key is to highlight the two “strategic graspers” of joint operational command talents and high-level professional and technical personnel, and to promote and promote the overall development of the talent team’s capacity building. Highlight the training of joint operations command personnel, focus on establishing and improving the training mode for commanders at the strategic level, focus on improving the training system for joint operations personnel, reform the content and methods of joint operations, increase the rotation and cross-training of commanding officers, and intensify joint operations. Strengthen emergency response and improve the relevant measures. Highlight the cultivation of high-level professional and technical personnel. In accordance with the principle of focusing on the key points, taking into account the general, grasping the leading, and driving the whole, we will focus on cultivating scientific and technological leaders who can organize major projects in interdisciplinary fields, and can guide the promotion of academic and technological innovation and development of top-notch talents, and can solve the complex technical support of equipment. The technical experts of the puzzles provide strong intellectual support for the construction of information technology.

The speed of the soldiers is the iron law of war guidance. Under the conditions of informationization, the “speed advantage” is emphasized. Rapid response capability has become an important indicator of the level of combat readiness and actual combat capability of an army. A sensitive and efficient emergency command mechanism should be improved. On the basis of summarizing the practical experience of our military in completing various military tasks in recent years, we will do a good job in solidifying and transforming relevant results, establish an emergency mechanism, improve laws and regulations, improve institutional setup, formulate response plans, and organize relevant training to ensure that once something happens. Quick response, efficient command, and correct action. An advanced and reliable command information system should be established. According to the requirements of good interoperability, responsiveness, security and confidentiality, and information sharing, an information network with vertical and horizontal to the edge and a comprehensive and simple command system are established, relying on information technology to improve emergency command and rapid response capability. Grasp the characteristics of strategic investment capacity building, focus on the development of strategic transport aircraft (ships), military helicopters and new types of aircraft, take into account the construction of traffic battlefields, explore the establishment of a smooth and efficient command and management mechanism, and promote the strategic transport capacity building as a whole.

Security is also a fighting force. Any combat action in modern warfare is a systemic confrontation, and the requirements for comprehensive guarantees are getting higher and higher. To advance preparations for military struggle, it is necessary to comprehensively improve the comprehensive support capabilities such as operational support, logistics support, and equipment support. Our military has always paid attention to the coordination and promotion of combat forces and the construction of combat support forces. The support capabilities of reconnaissance and early warning, command and communication, surveying and mapping, meteorological and hydrological, and engineering defense have all been simultaneously improved. However, with the development of the situation and the continuous expansion of the battlefield space, the battle support capability system has begun to appear a new “short board”, which must be completed as soon as possible to form the overall advantage of the joint operations of the full-dimensional battlefield. The focus of logistics support is to improve the level of modernization. In accordance with the requirements of the development of the times, we will steadily implement the logistics reform, and promote the security system to the integration, the security mode to the socialization, the security means to the informationization, the logistics management to the scientific transformation, and promote the sound and rapid development of logistics. The focus of equipment support is to strengthen supporting construction. Improve the ability of independent innovation, accelerate the development of new weapons and equipment, and continuously optimize the structure of our military’s weapons and equipment. Pay attention to equipment system support, system support and support construction, improve equipment serialization, generalization, and standardization level, gradually promote equipment into system to form combat capability and support capability, and accelerate the establishment of weapons and equipment for military-civilian integration and military integration. Scientific research and production system and maintenance guarantee system, further improve the way of military and civilian integration and development of equipment.

Adhere to scientific development and innovation, preparation for military struggle

To advance the preparations for military struggle at a new starting point, we must adhere to the scientific development concept as a guide, and effectively use the way of thinking that meets the requirements of the times to explore the development path for the preparation of innovative military struggles.

Continue to emancipate the mind and advance the preparations for military struggle in the tide of military reform. The deeper the preparations for military struggle, the more deep-seated contradictions and problems that touch on development concepts, institutional mechanisms, policies and systems, and the greater the difficulty of advancing. The fundamental way to solve these problems lies in continuing to emancipate the mind and deepen the reform of national defense and army building. The strategic goal of the military reform is to build an information-based army and win an information-based war. This is consistent with the basic point of preparation for military struggle. Preparation for military struggle is the leader and traction of military reform. Military reform is an important content and optimization condition for military struggle preparation. The two goals are consistent and mutually reinforcing. Therefore, in order to advance the preparations for military struggle under the new situation, we must combine the promotion of national defense and military reform, take the improvement of combat effectiveness as the starting point and the foothold of reform, unify the reform thinking with combat effectiveness standards, measure reform measures, test the effectiveness of reforms, and promote reforms. Preparation for military struggle.

Strengthen scientific co-ordination and coordinate the preparations for military struggle in the process of military modernization. The modernization of the military is a big system, and the preparation for military struggle is the key to taking the initiative and moving the whole body. When the military struggle is ready, it will provide clear and specific needs for the overall development of our military’s modernization drive, provide a real grasp and form a huge traction force. We must stand at the height of the overall development of the military’s modernization drive, effectively coordinate the relationship between the primary and secondary, far and near, construction and use, turn the process of preparation for military struggle into a process of strengthening the modernization of the military, and transform the process of military modernization. In order to serve the military struggle preparation process, the two will promote each other and coordinate development.

Adhere to information-led and innovate to advance military struggle preparations in the transformation of combat capability generation mode. At present, information technology is profoundly changing the combat generation model, and it is also changing all aspects of army building. To advance the preparations for military struggle, we must be keenly adapted to this new situation, take the initiative to jump out of the mechanized mindset, strengthen the information-led concept, focus on relying on scientific and technological progress to improve combat effectiveness, and explore innovative military concepts, military technology, military organizations, and military that meet the requirements of informationized warfare. Management, focus on improving the level of informationization of military personnel training, weapon and equipment development, and the best combination of man and weapon, accelerate the transformation of military training, gradually establish an effective mechanism for the formation and improvement of new combat capabilities, and promote the preparation of military struggle to achieve a qualitative leap.

Highlight the actual combat and accelerate the preparation of military struggles in completing various military tasks. Practice tells us that no matter how the international situation evolves, how the military’s functional mission expands, and how diversified military tasks are, it is always the top priority of our military to contain wars, win wars, and maintain peace. Local war is always the core task of our army. Only with the core military capabilities and a diversified military mission can there be a solid foundation. We must always put the core military capabilities at the forefront, aim at the fundamental functions and promote comprehensive preparations, and do more preparations without “single-on-one”, sorting preparations rather than “one size fits all”, deep preparations instead of “surfaced”, and efforts to make troops Ability to adapt to various conditions, respond to various situations, and complete diverse military tasks.

Original Mandarin Chinese:

以打贏信息化條件下局部戰爭為重點,大力加強軍事鬥爭準備,是軍隊建設的一條成功經驗和重要指導方式,是我軍一項重大的戰略任務。戰略任務重千鈞。人民軍隊按照中央軍委既定的決策部署,向著軍事鬥爭準備新征程闊步邁進。

走軍事鬥爭準備理性化發展之路

新中國走過近60年曆程。幾十年來,國家一度強敵環伺、危機四伏,卻始終屹立不屈,不斷生息壯大。成功的經驗有很多,很重要的一條就是靠全面紮實的軍事鬥爭準備。可以說,正是有了人民軍隊“時刻準備著”,才鑄就了祖國安全的鋼鐵長城,守護了人民群眾的幸福安寧,保障了經濟社會的繁榮發展。回顧幾十年軍事鬥爭準備的風雨征程,在成績的榮耀光環背後,我們也要清醒看到不夠科學的地方。比如不少單位抓軍事鬥爭準備,在指導思想上過於強調具體威脅,過度依賴“情況刺激”,造成戰備水平忽強忽弱,戰鬥力建設忽高忽低,軍事鬥爭準備沒有保持自主、健康地持續發展。

時異則事移,事異則備變。當前,軍事鬥爭準備又站在了一個嶄新的歷史起點上。國家安全形勢發生復雜深刻變化,一方面,我們面臨的傳統安全威脅和非傳統安全威脅都在增加,世界主要大國在我周邊地緣戰略競爭不斷加劇,周邊國家政局持續動盪,地區安全環境存在諸多隱患,國內民族分裂勢力及其活動猖獗,影響國家安全的不穩定、不確定因素增多,軍事鬥爭準備面臨前所未有的挑戰;另一方面,國際上單邊主義受挫,金融危機拖延了全球霸權擴張,台海形勢明顯緩和,我主要戰略方向壓力有所減輕,軍事鬥爭準備面臨前所未有的機遇。這個機遇既是戰略性的,也是歷史性的。怎樣抓住機遇、用好機遇、乘勢推進,是當前軍事鬥爭準備需要回答的現實命題。經過30年改革發展,我軍建設出現質的跨越,部隊合成化、信息化程度更高,科技密集型、質量效能型特徵更加明顯,軍事鬥爭準備有了可資利用的豐富成果和推進躍升的基礎條件。進入新世紀新階段,胡主席著眼黨對國防和軍隊建設的特殊要求,賦予軍隊“三個提供、一個發揮”的歷史使命,強調“我軍必須以增強打贏信息化條件下局部戰爭能力為核心,不斷提高應對多種安全威脅、完成多樣化軍事任務的能力”。這一系列重大戰略思想,調整了軍事鬥爭準備的基點,拓展了軍事鬥爭準備的任務內容。科學發展觀這一重要指導方針的確立,對軍事鬥爭準備提出了好中求快的更高要求,按照全面、協調、可持續發展和以人為本的標準來衡量,還有很多思想需要解放,很多工作需要創新,很多方面需要提高。

新形勢下推進軍事鬥爭準備,必須因勢求變、因情定策,立足新的起點,謀求新的發展。應基於威脅抓準備,強化全方位的“威脅意識”和“敵情觀念”,充分認清戰爭並不遙遠且不只一種的嚴峻現實,堅定不移地推進軍事鬥爭準備。應基於任務抓準備,軍隊的根本任務是打仗和準備打仗,仗可以百年不打,但準備一刻也不能放鬆,必須按照有效履行職能使命的標準,全面系統地推進軍事鬥爭準備。應基於能力抓準備,跳出被敵情牽著走的被動應急準備模式,主動設計未來戰爭,有規劃有計劃地提高應對多種安全威脅、完成多樣化軍事任務能力,穩步科學地推進軍事鬥爭準備。

以重點突破提高軍事鬥爭準備質量

沒有重點就沒有戰略,沒有重點就難以突破。充分利用重要戰略機遇期,抓住重點內容謀求突破,既是遵循軍事鬥爭準備內在規律的客觀要求,更是全面提高部隊實戰能力的迫切需要。

軍事訓練作為和平時期軍隊最基本的實踐活動,是戰鬥力生成和發展的基本途徑,是最直接、最有效的軍事鬥爭準備。必須進一步提高對軍事訓練重要性的認識,切實把軍事訓練擺到戰略位置,真正在部隊形成大抓軍事訓練、大力推進訓練轉變的新高潮。應抓住聯合訓練這個戰鬥力生成的關鍵環節,強化聯合意識,提高聯合素質,健全聯訓法規,完善聯訓機制,推動軍事訓練從形式到實質的聯合。應以復雜電磁環境下訓練為重要切入點和抓手,積極探索組織指揮訓練、戰技術對策研練和武器裝備操作使用訓練的有效辦法,加速推進機械化條件下軍事訓練向信息化條件下軍事訓練轉變。應以使命課題訓練為載體,積極構設近似實戰的戰場環境,探索以對抗訓練、野戰化訓練和基地化訓練、模擬化訓練、網絡化訓練等為主要方式,以真、難、實為檢驗標準,以考、比、拉為落實機制的實戰化訓練路子,增強訓練實效。應積極開展非戰爭軍事行動訓練,提高部隊遂行非戰爭軍事行動專業技能,增強部隊完成多樣化軍事任務的能力。

人是戰鬥力諸要素中最積極、最活躍的要素,人才准備是軍事鬥爭準備中最重要、最艱鉅的準備。戰爭勝負決於戰場,但決定勝負的環節卻在平時的競爭之中,其中的重點就是人才。當前,關鍵是要突出聯合作戰指揮人才和高層次專業技術人才兩個“戰略抓手”,牽引和推動人才隊伍能力建設的整體發展。突出聯合作戰指揮人才培養,重點建立健全戰略戰役層次指揮員培養提高模式,圍繞完善聯合作戰人才培訓體系、改革聯合作戰教學內容和方法、加大指揮軍官崗位輪換和交叉培訓力度、加緊聯合作戰指揮人才應急培訓等,加強和完善有關措施。突出高層次專業技術人才培養。按照突出重點、兼顧一般、抓住龍頭、帶動整體的原則,重點培養能夠跨學科領域謀劃組織重大項目攻關的科技領軍人才、能夠指導推進學術技術創新發展的學科拔尖人才、能夠解決裝備技術保障複雜難題的技術專家人才,為信息化建設提供強有力的智力支撐。

兵貴神速是戰爭指導的鐵律,信息化條件下更強調“速度優勢”。快速反應能力已成為衡量一支軍隊戰備水平和實戰能力的重要標誌。應健全靈敏高效的應急指揮機制。在總結梳理近年我軍完成多樣化軍事任務實踐經驗的基礎上,抓好相關成果的固化和轉化,建立應急機制,健全法規制度,完善機構設置,制定應對預案,組織相關研練,確保一旦有事能快速反應、高效指揮、正確行動。應建立先進可靠的指揮信息系統。按照互操作性好、反應靈敏、安全保密和信息共享的要求,建立縱向到底、橫向到邊的信息網絡和綜合一體、層級簡捷的指揮系統,依靠信息技術提高應急指揮與快速反應能力。把握戰略投送能力建設的特點規律,重點發展戰略運輸機(艦)、軍用直升機和新型航行器,統籌考慮交通戰場建設,探索建立順暢高效的指揮管理機制,整體推進戰略輸送能力建設。

保障也是戰鬥力。現代戰爭中的任何一次作戰行動,都是體系的對抗,對綜合保障的要求越來越高。推進軍事鬥爭準備,必須全面提高作戰保障、後勤保障和裝備保障等綜合保障能力。我軍歷來注重協調推進作戰力量與作戰保障力量建設,偵察預警、指揮通信、測繪導航、氣象水文、工程防化等保障能力總體實現了同步提高。但隨著形勢的發展變化和戰場空間的不斷拓展,作戰保障能力體系開始出現新的“短板”,必須盡快補齊,以形成全維戰場的聯合作戰整體優勢。後勤保障重點是提高現代化水平。按照時代發展要求,穩步實施後勤改革,將保障體制向一體化推進、保障方式向社會化拓展、保障手段向信息化邁進、後勤管理向科學化轉變,推動後勤建設又好又快發展。裝備保障重點是加強配套建設。提高自主創新能力,加快新型武器裝備建設發展,不斷優化我軍武器裝備結構體系。注重裝備的體系配套、系統配套和保障配套建設,提高裝備系列化、通用化、標準化水平,逐步推進裝備成系統成建制形成作戰能力和保障能力,加快建立軍民結合、寓軍於民的武器裝備科研生產體系和維修保障體系,進一步完善軍民融合發展裝備的路子。

堅持科學發展創新軍事鬥爭準備路徑

在新的起點上推進軍事鬥爭準備,必須堅持以科學發展觀為指導,切實運用符合時代要求的思維方式,探索創新軍事鬥爭準備的發展路徑。

繼續解放思想,在軍隊改革大潮中整體推進軍事鬥爭準備。軍事鬥爭準備越深入,觸及發展理念、體制機制、政策制度等方面的深層次矛盾和問題就越多,推進的難度也越大。解決這些問題的根本出路,在於繼續解放思想、深化國防和軍隊建設改革。軍隊改革的戰略目標是建設信息化軍隊、打贏信息化戰爭,這與軍事鬥爭準備的基點是一致的。軍事鬥爭準備是軍隊改革的龍頭和牽引,軍隊改革則是軍事鬥爭準備的重要內容和優化條件,二者目標一致、互為促進。因此,新形勢下推進軍事鬥爭準備,必須與推進國防和軍隊改革結合起來,把提高戰鬥力作為改革的出發點和落腳點,用戰鬥力標準統一改革思想,衡量改革措施,檢驗改革成效,在改革中推進軍事鬥爭準備。

加強科學統籌,在軍隊現代化建設進程中協調推進軍事鬥爭準備。軍隊現代化建設是個大系統,軍事鬥爭準備則是牽一發而動全身的關鍵。軍事鬥爭準備做好了,就能為我軍現代化建設整體發展提供明確具體的需求,提供實實在在的抓手,形成巨大的牽引力量。必須站在軍隊現代化建設發展全局的高度,切實統籌好主與次、遠與近、建與用等關係,把軍事鬥爭準備的過程變成加強軍隊現代化建設的過程,把軍隊現代化建設的過程變成服務軍事鬥爭準備的過程,使二者互為促進,協調發展。

堅持信息主導,在戰鬥力生成模式轉變中創新推進軍事鬥爭準備。當前,信息技術正在深刻改變著戰鬥力生成模式,也在改變著軍隊建設的方方面面。推進軍事鬥爭準備,必須敏銳地適應這個新形勢,主動跳出機械化思維定勢,強化信息主導觀念,注重依靠科技進步提高戰鬥力,探索創新適應信息化戰爭要求的軍事理念、軍事技術、軍事組織和軍事管理,著力提高軍事人才培養、武器裝備發展、人與武器最佳結合的信息化水平,加快推進軍事訓練轉變,逐步確立新型戰鬥力生成與提高的有效機制,推動軍事鬥爭準備實現質的躍升。

突出實戰牽引,在完成多樣化軍事任務中加速推進軍事鬥爭準備。實踐告訴我們,無論國際局勢如何演變、軍隊的職能使命如何拓展、多樣化軍事任務多麼繁重,遏制戰爭、打贏戰爭、維護和平始終是我軍職能的重中之重,打贏信息化條件下局部戰爭永遠是我軍的核心任務。只有具備了核心軍事能力,完成多樣化軍事任務才有堅實基礎。必須始終把提高核心軍事能力放在首要位置,瞄準根本職能推進全面準備,做到多手準備而不“單打一”,分類準備而不“一刀切”,深入準備而不“表面化”,努力使部隊具備適應各種條件、應對各種情況、完成多樣化軍事任務的能力。 (趙立德)

Original Referring URL:  http://www.china.com.cn/military/txt/2009-01/08/

Maintaining Chinese Cyber & Network Security Launching the People’s Fifth Space War //维护中國网络安全,打响第五空间人民战争

Maintaining Chinese Cyber & Network Security Launching the People’s Fifth Space War

//维护中國网络安全,打响第五空间人民战争

President Xi clearly pointed out at the symposium on cybersecurity and informatization: “Network security is for the people, network security depends on the people, and maintaining network security is the common responsibility of the whole society. It requires the government, enterprises, social organizations, and the majority of netizens to participate together. Network security defense. ” 
Maintening China’s network security is an important measure to coordinate and promote the comprehensive construction of a well-off society, comprehensively deepen reforms, comprehensively govern the country according to law, and comprehensively and strictly manage the party’s strategic layout. It is to achieve the goal of “two hundred years” and achieve The important guarantee for the great rejuvenation of the Chinese dream of the Chinese nation.Please pay attention to the report of the “Liberation Army Daily” today –

 

Breaking through the online and offline boundaries, the security situation is severe and complicated

An inconspicuous “worm” has caused an uproar in the world – in May this year, cyberattacks initiated by criminals through tampering with the “eternal blue” program in the National Security Agency arsenal made most of Europe Countries and regions have successively recruited and affected important infrastructures including government, banks, power systems, communication systems, energy companies, airports, and other computer systems in many hospitals in the United Kingdom, resulting in some patients not being able to undergo surgery in time.

Behind this ransomware incident is the escalating confrontational conflict in cyberspace. Zhao Zhiguo, director of the Network Security Administration of the Ministry of Industry and Information Technology, said that only this year, the Ministry of Industry and Information Technology organized the industry forces and coordinated the handling of many attacks against the network and important systems, covering viruses, Trojans, vulnerabilities, traffic attacks and other types, involving network infrastructure public. Systems, important information systems and terminals. “It can be said that cyberattacks are still in a high-risk situation, showing that the threshold is constantly decreasing, the objects are more extensive, and the means are more diverse.”

The data shows that as of the first half of this year, the number of Internet users in China reached 751 million, and the Internet penetration rate reached 54.3%. “When the scale of the Internet is getting bigger and bigger, the challenges facing network security are becoming more and more serious.” In the view of Wu Jianping, an academician of the Chinese Academy of Engineering and a professor at Tsinghua University, the field of network security is constantly expanding. From a global perspective, the threat of cyberattacks is infiltrating into the industrial Internet sector, and industrial Internet security incidents are frequent. In December 2015, a large-scale organized and premeditated directed cyber attack in Ukraine caused a continuous power outage in nearly one-third of the territory. At present, the key infrastructure of various countries has become the target of cyber attacks. Once attacked, it will cause immeasurable damage to national security and social stability.

“The tentacles of cyber attacks extend to all aspects of society, and they are highly integrated online and offline. Network security is becoming the core issue of global security.” Zhou Hongyi, chairman of Qihoo 360, believes that after more than 20 years of development, the Internet is no longer An industry that is increasingly integrated with society as a whole. Coupled with the development of the Internet of Things, the Internet of Vehicles, and the Industrial Internet, the boundaries between the real physical world and the virtual world of the Internet are broken, and the online and offline are integrated. In this context, the attacks in the online world begin to spread to our real world. .

To be sure, the forms of cyber attacks are diverse and complex, and the cyber security situation is still grim. Global cybersecurity has gradually entered a era of security involving national security, national defense security, social security, industrial security, infrastructure security and even personal security.

There is no battlefield for smoke, and cyber war has never died.

There is a term in the software development industry called “Thousand Line Code Defect Rate”, which means the vulnerability rate in a thousand lines of code. There is probably a vulnerability in every thousand lines of code in most software companies. According to calculations, the code size of the most commonly used Windows operating system is about 50 million lines, and the Android system is about 12 million lines. The loopholes can be imagined.

“There are only two systems in the world, one is a system that has been known to be broken, and the other is a system that has been broken but not yet known.” The first US Army commander Alexander at the 2015 China Internet Security Conference The speech was impressive, and his point was that there was no safe system in front of the attackers.

“Any network system in the real world, even if the design is more sophisticated, the structure is more complicated, there will be loopholes without exception.” Zhou Hongyi pointed out that the 360 ​​community patching vulnerability response platform discovered more than 80,000 holes a year. These vulnerabilities may become the soft underbelly of the system suffering from cyber attacks.

The 360 ​​Threat Intelligence Center found that among the many advanced sustainable threats they monitored, the attackers had mostly infiltrated or lurked for a long time and concealed themselves through various means.

There are examples to prove. The Bushehr nuclear power plant, located 100 kilometers south of the Iranian capital Tehran, was a secret target guarded by the National Defence Force. In July 2010, it was attacked by a new type of network virus called “Seismic Network”. The 8000 centrifuges working in the nuclear power plant suddenly In the event of a failure, computer data was lost in a large area, and thousands of units were physically damaged. In 2014, internal documents of two nuclear power plants in South Korea were leaked, including personal information of nearly 10,000 employees of nuclear power plants, operating instructions for nuclear power plants, air conditioning and cooling systems. Design drawings, valve design drawings, etc. A US government report said that since May this year, hackers have been infiltrating the computer networks of US nuclear power plants and other energy equipment companies.

Unlike traditional warfare, which has a clear beginning and end, cyber warfare is constantly being declared. In this sense, the world has entered the era of cyber warfare. On the battlefield where there is no smoke, the planes and artillery that people paid attention to in the past have disappeared, and the new network virus has already appeared on the scene.

“The cyberattacks on critical infrastructure can even surpass the war in the traditional sense. It is almost impossible for nuclear states to use nuclear weapons, but cyber attacks are currently close to being unconstrained.” Cyberspace Security and Security Liu Weijun, a professor at the Center for Rule of Law, said that even worse than the destruction of the Ukrainian power system, nuclear power plants were attacked, directly threatening national security.

Relying on the people is the key path to building a network power

In September this year, with the theme of “Network Security for the People, Network Security Relying on the People”, a feature film “Fifth Space” became popular.

“People are always the most important factor. Network security is not a matter of purchasing and deploying a batch of network security equipment and stacking some products. It also requires a large number of professionals to analyze, judge, respond and dispose of.” Zhou Hongyi said It is necessary to play every network user so that everyone can actively play their role.

It is understood that since 2014, China has continuously held national network security publicity activities, popularized network security knowledge, strengthened network security education, and promoted a good atmosphere in which the whole society attaches importance to network security. “National cybersecurity propaganda should enhance the awareness of cyber security among all people, pay attention to the improvement of cyber security prevention capabilities, and let the broad masses of people have the awareness and ability to maintain their own network security. They can use the network like water, electricity, and fire. Qin An, director of the China Cyberspace Strategy Institute and director of the Internet Policy and Law Research Center of Tianjin University, said that cybersecurity depends on the people. Only relying on the people is the key path to building a network power.

“To maintain network sovereignty, it is necessary to strengthen the construction of defense forces in cyberspace and enhance the self-defense capabilities of cyberspace.” Qin An pointed out that the “Network Security Law” was officially implemented on June 1 this year, and one of its core objectives is to maintain cyber sovereignty. At the same time, the “International Cooperation Strategy for Cyberspace” promulgated on March 1 this year, in the third chapter of the strategic objectives to maintain sovereignty and security, for the first time to define the national definition of defensive forces in cyberspace, the construction of cyberspace defense forces as China’s national defense and military modernization Important content of construction.

The national defense white paper “China’s Military Strategy” clearly states that it is necessary to speed up the construction of cyberspace forces, improve the cyberspace situational awareness, cyber defense, support national cyberspace struggles and participate in international cooperation, curb major cyberspace crisis, and safeguard national networks and Information security, safeguarding national security and social stability.

Safety is the premise of development, and development is the guarantee of security. Building a network power, the nation’s awareness of improving network security is the foundation. At present, China is accelerating its march from a big network country to a network power. More than 1.3 billion Chinese people really enjoy the new achievements brought about by the development of the Internet. For the realization of the goal of “two hundred years”, the strategy of network power will play a role. More and more important support.

Construct an unbreakable security line

■ Li Yang

In the report of the 19th National Congress of the Communist Party of China, President Xi proposed to strengthen the application of basic research, expand the implementation of major national science and technology projects, highlight key common technologies, leading-edge technologies, modern engineering techniques, and subversiveness. Technological innovation provides strong support for building a strong country in science and technology, a country with strong quality, a strong country in space, a network power, a powerhouse, a digital China, and a smart society. Among them, the strategy of network power is once again mentioned, exciting and inspiring. In line with the development trend of the times, comprehensive maintenance of cyberspace security is the only way to build a network power.

The Cong listened to the silence, and the Ming was seen in the shape. With the rapid development of the information revolution, the network space consisting of the Internet, communication networks, computer systems, automation control systems, digital devices and their applications, services and data has profoundly affected the historical development of human society and comprehensively changed people’s production. lifestyle. Especially in the current global economic integration and internationalization of professional division of labor, cyberspace security is characterized by soft activity, border flexibility, diversification of means, domain widening and diversification of power, and is increasingly expanding to The mixed complex confrontation between the state, the military, and various purpose-oriented organizations and individuals implies a mixed risk of defamation of productivity, culture, and combat effectiveness.

The person in charge of the relevant department of the Central Network Office said that the five years since the 18th National Congress of the Communist Party of China was the fastest five years of cyberspace security development and five years of brilliant achievements in the field of cyberspace security. The “China Internet Station Development Status and Safety Report (2017)” shows that the tampering websites and government websites in China fell by 31.7% and 47.9% respectively last year. The overall level of government website security protection has been greatly improved; DDoS attacks of more than 1G have dropped by 60%.

The results are gratifying, but they should also be soberly aware that there are still many problems in the actual work that cannot keep up with the ideological concepts, and that there are consensuses that are difficult to implement. The implementation of cyberspace security measures is not in place or even “hanging the gap”. Cyberspace security is a holistic security. If a link is broken, it may lead to the collapse of the entire network. We can’t be lucky and slack, we must start from the various aspects of technology, equipment, personnel, management, etc., and build and deploy according to the road map of “laying up positions, deploying capabilities, and forming systems”. Practice, actively discover vulnerabilities, eliminate potential threats, continuously improve the security of cyberspace, and achieve new developments at a new starting point.

The construction of cyberspace security is a long-term, complex system engineering, which is not easy to beat and drum. To achieve this goal, there is not only a slap in the face, but also the tenacity of “do not relax”. It must be step by step, gradually promoted and implemented. Only in this way can we build an unbreakable security line.

Original Mandarin Chinese:

习主席在网络安全和信息化工作座谈会上明确指出:“网络安全为人民,网络安全靠人民,维护网络安全是全社会共同责任,需要政府、企业、社会组织、广大网民共同参与,共筑网络安全防线。”
维护我国网络安全,是协调推进全面建成小康社会、全面深化改革、全面依法治国、全面从严治党战略布局的重要举措,是实现“两个一百年”奋斗目标、实现中华民族伟大复兴中国梦的重要保障。请关注今日《解放军报》的报道——

维护网络安全,打响第五空间人民战争

■何楚洋

突破线上线下界限,安全形势严峻复杂

一只不起眼的“蠕虫”,竟然在全球引起了轩然大波——今年5月,由不法分子通过篡改美国国家安全局武器库中的“永恒之蓝”程序而发起的网络攻击,使大多数欧洲国家和地区相继中招,波及到包括政府、银行、电力系统、通信系统、能源企业、机场等重要基础设施,如英国多家医院的电脑系统瘫痪,导致部分病人无法及时接受手术。

这起勒索病毒事件的背后,是网络空间日益升级的对抗冲突。工信部网络安全管理局局长赵志国表示,仅今年工信部就组织行业力量,相继协调处置多起针对网络和重要系统的攻击事件,涵盖病毒、木马、漏洞、流量攻击等多种类型,涉及网络基础设施公共系统、重要信息系统和终端。“可以说网络攻击仍处于高发态势,呈现出门槛不断降低,对象更加广泛,手段更加多样。”

数据显示,截至今年上半年,我国网民规模达7.51亿,互联网普及率达54.3%。“当互联网的规模越来越大,网络安全面临的挑战也是日趋严峻的。”在中国工程院院士、清华大学教授吴建平看来,网络安全的领域正在不断延伸。从全球角度来看,网络攻击威胁正向工业互联网领域渗透,工业互联网安全事件频发。2015年12月,乌克兰发生了一次影响巨大的有组织、有预谋的定向网络攻击,致使乌境内近三分之一的地区持续断电。目前各国的关键基础设施已成为网络攻击的对象,一旦被攻击导致瘫痪,将给国家安全、社会稳定造成不可估量的伤害。

“网络攻击的触手延伸到社会各个方面,线上与线下高度融合,网络安全正在成为全球安全的核心问题。”奇虎360公司董事长周鸿祎认为,经过20多年的发展,互联网已经不再是一个行业,它与整个社会的结合越来越紧密。加上现在物联网、车联网、工业互联网的发展,真实物理世界和网络虚拟世界的界限被打破,线上线下连成一体,在这样的背景下,网络世界的攻击开始蔓延到我们的真实世界。

可以肯定的是,网络攻击形式多样复杂,网络安全形势依然严峻,全球网络安全逐渐进入到涉及国家安全、国防安全、社会安全、产业安全、基础设施安全甚至人身安全的大安全时代。

没有硝烟的战场,网络战从未偃旗息鼓

软件开发行业里有个名词,叫“千行代码缺陷率”,意思是一千行代码中的漏洞率。绝大部分软件公司的每一千行代码就有可能存在一个漏洞。据计算,最常使用的Windows操作系统的代码量是5000万行左右,安卓系统大概是1200万行,其中的漏洞可想而知。

“世界上只有两种系统,一种是已知被攻破的系统,一种是已经被攻破但自己还不知道的系统。”美国首任网军司令亚历山大在2015年的中国互联网安全大会上的发言让人印象深刻,他的观点是,在攻击者面前,没有任何安全的系统。

“现实世界中的任何网络系统,即使设计再精巧,结构再复杂,无一例外都会有漏洞。”周鸿祎指出,360社区补天漏洞响应平台一年发现的漏洞数就超过了8万个。这些漏洞,都有可能成为系统遭受网络攻击的软肋。

360威胁情报中心发现,他们监测到的多个高级可持续威胁事件中,攻击者大都已经渗透或者潜伏了很长时间,并且通过各种手段隐匿自己。

有例为证。位于伊朗首都德黑兰以南100公里的布什尔核电站是由国防军守卫的机密目标,在2010年7月被一种名为“震网”的新型网络病毒侵害,核电站里正在工作的8000台离心机突然出现故障,电脑数据大面积丢失,上千台被物理性损毁;2014年,韩国2座核电站的内部文件遭到泄露,包括核电站近万名员工的个人信息、核电站程序运行说明、空调和冷却系统设计图、阀门设计图等。美国政府的一份报告称,自今年5月以来,黑客一直在渗透美国核电站和其他能源设备公司的计算机网络。

不同于传统战争有明显的开始和结束,网络战时时刻刻都在不宣而战。从这层意义上说,全世界已经进入网络战时代。而在这片不见硝烟的战场上,过去人们关注的飞机、大炮不见踪影,新型的网络病毒就已经粉墨登场了。

“对关键基础设施的网络攻击,其破坏效果甚至能超越传统意义上的战争。有核国家几乎不可能动用核武器,但是网络攻击在目前却接近于不受任何约束。”公安大学网络空间安全与法治协创中心教授刘为军表示,与乌克兰的电力系统遭到破坏相比,更可怕的是核电站遭到攻击,直接威胁着国家安全。

依靠人民,才是建设网络强国关键路径

今年9月,以“网络安全为人民,网络安全靠人民”为主题的第四届网络安全周上,一部专题片《第五空间》迅速走红成为人们热议的焦点。

“人永远是最重要的因素,网络安全不是购买并部署一批网络安全设备、堆砌一些产品就能防得住的,还需要大量的专业人员来做分析、研判、响应和处置。”周鸿祎说,要把每一个网络用户发挥起来,让每一个人都能积极发挥自己的作用。

据了解,我国自2014年起,开始连续举办国家网络安全宣传活动,普及网络安全知识,加强网络安全教育,推动形成全社会重视网络安全的良好氛围。“国家网络安全宣传要在提升全民网络安全意识的同时,重视网络安全防范能力的提升,让广大人民群众既有意识又有能力维护自身网络安全,能够像用水、用电、用火一样用好网络。”中国网络空间战略研究所所长、天津大学互联网政策与法律研究中心主任秦安表示,网络安全依靠人民,只有依靠人民,才是建设网络强国关键路径。

“维护网络主权,就要加强网络空间国防力量建设,提升网络空间的自卫能力。”秦安指出,《网络安全法》于今年6月1日起正式实施,其核心目标之一就是维护网络主权。同时,今年3月1日颁布的《网络空间国际合作战略》在第三章战略目标维护主权与安全部分,首次明确网络空间国防力量的国家定义,将网络空间国防力量建设作为我国国防和军队现代化建设的重要内容。

国防白皮书《中国的军事战略》明确提出,要加快网络空间力量建设,提高网络空间态势感知、网络防御、支援国家网络空间斗争和参与国际合作的能力,遏控网络空间重大危机,保障国家网络与信息安全,维护国家安全和社会稳定。

安全是发展的前提,发展是安全的保障。建设网络强国,全民提升网络安全意识是基础。当前,我国正在加速从网络大国向网络强国迈进,13多亿中国人民实实在在享受到互联网发展带来的新成果,为着“两个一百年”奋斗目标的实现,网络强国战略将发挥着越来越重要的支撑作用。

构筑牢不可破的安全防线

“善其谋而后动,成道也。”习主席在党的十九大报告中提出,加强应用基础研究,拓展实施国家重大科技项目,突出关键共性技术、前沿引领技术、现代工程技术、颠覆性技术创新,为建设科技强国、质量强国、航天强国、网络强国、交通强国、数字中国、智慧社会提供有力支撑。其中,网络强国战略再次被提及,令人振奋,鼓舞人心。顺应时代发展趋势,全面维护网络空间安全,就是建设网络强国的必由之路。

聪者听于无声,明者见于未形。伴随信息革命的飞速发展,由互联网、通信网、计算机系统、自动化控制系统、数字设备及其承载的应用、服务和数据等组成的网络空间,深刻影响人类社会历史发展进程,全面改变人们的生产生活方式。尤其是在当前全球经济一体化、专业分工国际化的大环境下,网络空间安全呈现出活动软性化、边境弹性化、手段多样化、范畴全域化和力量多元化的特征,并且日益扩展为国家、军队及各种目的性组织和个人之间的混合复杂对抗,蕴含着毁瘫生产力、文化力、战斗力的混合风险。

中央网信办相关处室负责人表示,党的十八大以来的五年,是网络空间安全发展最快的五年,也是网络空间安全领域取得辉煌成绩的五年。《中国互联网站发展状况及其安全报告(2017)》显示,去年我国境内被篡改网站与政府网站分别下降31.7%和47.9%。政府网站安全防护水平整体得到了很大提高;1G以上DDoS攻击事件下降60%。

成绩固然喜人,但也应当清醒地看到,实际工作中还存在着思想观念跟不上、有共识难落实等诸多问题,网络空间安全措施执行不到位甚至“挂空挡”情况依然存在。网络空间安全,是整体性安全,一个环节被攻破,就可能导致全网的崩溃。我们不能心存侥幸和懈怠,必须扎扎实实地从技术、装备、人员、管理等各个环节入手,按“布设阵地、配置能力、形成体系”的路线图进行建设和部署,真刀真枪地开展演练,主动发现漏洞,消除潜在威胁,不断提升网络空间安全保障能力,在新的起点上实现新发展。

网络空间安全的构建是一项长期、复杂的系统工程,绝非敲锣打鼓、轻轻松松实现的。实现这一目标,既少不了一鸣惊人的霹雳手段,更需要有“咬定青山不放松”的韧劲,必须一步一个脚印,逐步推进,落地落实。惟有如此,才能构筑牢不可破的安全防线。

Original referring URL:  http://www.81.cn/jskj/2017-11/29/