Category Archives: China National Cyber Security Strategy

Communist Chinese Cyber Fundamentals : Strategic Thinking of Network Power //共產主義中國網絡基礎:網絡權力的戰略思考

Communist Chinese Fundamentals : Strategic Thinking of Network Power //

共產主義基本原理:網絡權力的戰略思考

Author: 中國共產黨

Date: 2017

Since the 18th National Congress of the Communist Party of China, the Party Central Committee with Comrade Xi Jinping has attached great importance to and vigorously promoted cybersecurity and informationization, profoundly grasped the characteristics of the development of the information age of human society, and objectively analyzed the current national conditions of China’s Internet development and the development of global Internet. The situation has successively issued a series of important speeches, and put forward a series of new ideas, new ideas and new theories on the governance of the Internet, and scientifically answered the major question of “why build a network power, build a network power and how to build a network power”. Formed Xi Jinping’s strategic thinking of network power. Seriously studying these new ideas is of great significance to promoting the building of a network-building nation and realizing the “two hundred years” struggle goal and the Chinese dream of the great rejuvenation of the Chinese nation.

First, why build a network power

On February 27, 2014, General Secretary Xi Jinping initially proposed the vision of building a network power in the first meeting of the Central Network Security and Informatization Leading Group, and systematically explained the background, situation, tasks and connotations of the network power. Requirements, thus making this idea a relatively complete, systematic theoretical system.

Xi Jinping put forward a rigorous logical relationship between the strategic thinking of the network power, starting from the foundation of the big power network, in view of the overall situation of the network business and the new situation changes, especially objectively analyzing the existing gap and strengthening the strategy of building a network power. aims. In his speech, Xi Jinping pointed out that in today’s world, the information technology revolution is changing with each passing day, which has had a profound impact on the development of international politics, economy, culture, society and military. Informatization and economic globalization have promoted each other, and the Internet has been integrated into all aspects of social life, profoundly changing people’s production and lifestyle. China is in the midst of this tide and is getting more and more affected. China’s Internet and informatization work has achieved remarkable development achievements. The network has entered thousands of households, and the number of Internet users is the highest in the world. China has become a big network country. This is our basic premise. He pointed out that the Internet is a big platform for social information. The hundreds of millions of Internet users have access to information and exchange information. This will have an important impact on their ways of seeking knowledge, ways of thinking, and values. In particular, they will be against the country, society, and Work and perceptions of life have an important impact. Xi Jinping emphasized that cybersecurity and informatization are all about the whole world of a country. We must recognize the situation and tasks we are facing, fully understand the importance and urgency of doing a good job, and seek for the situation. Take the trend and follow the trend. This is all about the whole. Xi Jinping pointed out that with the development of the Internet, especially the mobile Internet, the social governance model is shifting from one-way management to two-way interaction, from offline to online and offline integration, from simple government supervision to more emphasis on social coordinated governance. This is a change in the situation. In today’s world, information technology is developing very fast. If you don’t advance, you will retreat. Compared with the world’s advanced level, compared with the strategic goal of building a network power, we still have a lot of gaps in many aspects, especially in terms of Internet innovation capability, infrastructure construction, information resource sharing, and industrial strength. The biggest gap is in core technology.

Second, what kind of network power to build

Xi Jinping pointed out that without cyber security, there would be no national security, and without informationization, there would be no modernization. To build a network power, we must have our own technology and have strong technology; we must have rich and comprehensive information services, a prosperous and developing network culture; we must have a good information infrastructure to form a strong information economy; we must have a high-quality network. Security and information technology talent team; we must actively carry out bilateral and multilateral Internet international exchanges and cooperation. He also stressed that cyberspace is the spiritual home of hundreds of millions of people. The cyberspace is clear and ecological, and is in line with the interests of the people. The cyberspace is smouldering and deteriorating, and it is not in the interests of the people.

In a nutshell, there are at least six major signs of network power: First, the network information infrastructure must be at the world’s leading level. The second is to have a clear cyberspace strategy and a network voice in the international community. Third, the key technologies must be self-controllable, especially the operating system and CPU technology. Fourth, network security must have sufficient safeguards and capabilities. Fifth, network applications should be at the world’s leading level in terms of scale and quality. Sixth, in the cyberspace strategy, we must have the ability and strength to occupy the commanding heights.

The Outline of the National Informatization Strategy proposes that the construction of a network powerhouse is divided into three steps: the first step is to 2020, the total amount of information consumption will reach 6 trillion yuan, and the scale of e-commerce transactions will reach 38 trillion yuan. At the international advanced level, the international competitiveness of the information industry has been greatly enhanced, and information technology has become the leading force driving the modernization drive. The second step is to 20 billion yuan in information consumption by 2025, and the scale of e-commerce transactions has reached 67 trillion yuan. The leading mobile communication network fundamentally changes the core key technologies to be controlled by people, realizes the strategic goals of advanced technology, developed industry, advanced application, and insecure network security. A large number of large-scale multinational network enterprises with strong international competitiveness emerge; By the middle of this century, informationization has comprehensively supported the building of a socialist modernized country with rich, strong, democratic, civilized and harmonious relations. The status of a network powerhouse has been increasingly consolidated, and it has made greater achievements in leading the development of global informationization.

Xi Jinping planned the timetable for building a network powerhouse. The strategic deployment of building a network powerhouse should be promoted in parallel with the goal of “two hundred years”, the basic popularization of network infrastructure, the enhancement of independent innovation capability, the comprehensive development of information economy, and network security. Ensuring strong goals continue to advance.

Third, how to build a network power

(1) Fundamental requirements: People-centered

Governing the country is always the same, and the people are oriented. Xi Jinping emphasized that in order to develop the network business, it is necessary to implement the people-centered development thinking. It is necessary to adapt to people’s expectations and needs, accelerate the popularization of information services, reduce application costs, and provide useful, affordable and well-used information services for the people, so that hundreds of millions of people can gain more sense of sharing Internet development results. . Compared with cities, rural Internet infrastructure construction is our shortcoming. It is necessary to increase investment, speed up the pace of rural Internet construction, and expand the effective coverage of fiber-optic networks and broadband networks in rural areas. We can do a good job in the in-depth integration of informatization and industrialization, develop smart manufacturing, and drive more people to innovate and start a business; we can aim at the main direction of agricultural modernization, improve the level of agricultural production intelligence and network management, and help farmers increase their income; Give full play to the advantages of the Internet, implement “Internet + education”, “Internet + medical”, “Internet + culture”, etc., to promote the equalization of basic public services; can play the role of the Internet in helping to overcome poverty and promote accurate poverty alleviation and precision poverty alleviation, Let more difficult people use the Internet, let agricultural products go out of the country through the Internet, and enable children in the ravine to receive quality education; accelerate the promotion of e-government, encourage government departments at all levels to break down information barriers, improve service efficiency, and let the people run less errands. More information, running, solving problems that are difficult to handle, slow, and complicated. There are many things to do in these areas. Some Internet companies have already tried and achieved good economic and social benefits.

On November 29, 2016, the National Network Poverty Alleviation Work Promotion Meeting was held in Ningdu, Jiangxi. “We must implement the network poverty alleviation action, promote accurate poverty alleviation, and accurately eliminate poverty, so that poverty alleviation work can be accessible anytime and anywhere, so that people in poverty-stricken areas have more sense of gaining in the Internet construction and sharing.” General Secretary Xi is an important indicator in the old Red Revolution. Once again, the network’s poverty alleviation has become a new lever to win the overall well-off.

(II) Concept requirements: Practicing the five development concepts

The Fifth Plenary Session of the 18th CPC Central Committee put forward a new development concept of innovation, coordination, green, openness and sharing. This is based on profoundly summarizing domestic and foreign development experience and lessons, and in-depth analysis of domestic and international development trends. Our party has a new understanding of China’s economic and social development laws. Promoting China’s economic and social development in accordance with the new development concept is the general requirement and general trend of China’s development in the current and future period. The ancients said: “At any time, to raise things, to make meritorious deeds due to capital, and to profit from the power of all things.” The development of China’s online letter business should adapt to this general trend. Generally speaking, the network letter business represents new productivity and new development direction, and should be able to take the lead in practicing the new development concept.

Innovation is the core strength of the development of the network business. Innovation is the genes of Internet development. The concept innovation and technological innovation of the Internet are the needs of its own development. If there is no progress in the Internet tide, there will be no living space without innovation. We must always place innovation at the forefront, promote institutional and institutional innovation, concept innovation, technological innovation, and application innovation, and support the encouragement of Internet entrepreneurs, leading talents, and engineers to create and create innovative technologies for the development of the Internet. Xi Jinping pointed out at the 2nd World Internet Conference: “China is implementing the ‘Internet +’ action plan, promoting the construction of ‘Digital China’, developing the sharing economy, supporting various Internet-based innovations, and improving the quality and efficiency of development.”

Coordination is the inherent requirement of the development of the network business. Whether it is domestic or foreign, there are problems of unbalanced and uncoordinated development of network security and informationization. To solve these problems, we must establish a concept of coordinated development, eliminate the digital divide, narrow the gap between urban and rural areas, regional differences, and ensure information security. Balanced development, all-round development, and safe development. At the first meeting of the Central Network Security and Informatization Leading Group, Xi Jinping pointed out: “From the international and domestic general trend, the overall layout, co-ordinate all parties, innovation and development, and strive to build China into a network power.”

Green development is an important guarantee for the healthy development of the network business. The information industry is a green industry. Informationization and networking are supporting the application and upgrading of industries, agriculture, and national defense, and promoting green development, low-carbon development, and circular development. It is necessary to carry forward the main theme, spread positive energy, and make the cyberspace clear. At the symposium on April 19, 2016, Xi Jinping pointed out: “The cyberspace is clear and ecological, and it is in line with the interests of the people. The cyberspace is smouldering and ecologically degraded, which is not in the interest of the people.” He also stressed: “We want this Responsible for the society and responsible for the people, strengthen the cyberspace governance in accordance with the law, strengthen the construction of online content, strengthen the positive publicity on the Internet, foster a positive and healthy, up-to-good network culture, and nourish the social core values ​​and the outstanding achievements of human civilization. People’s hearts, nourish the society, and achieve positive energy and high melody, creating a clean and cyberspace for the majority of Internet users, especially young people.”

Openness is the essential feature of the development of the network business. The Internet has opened the door to openness in all countries of the world. Xi Jinping pointed out: “The Internet has turned the world into a global village where the sound of chickens and dogs is heard. People who are thousands of miles away are no longer ‘old and dead.’ It can be said that the world is more colorful because of the Internet, and life is more because of the Internet. Rich.” The development of China’s Internet industry is inseparable from the world, and the Internet industry in the world cannot be separated from China. Xi Jinping pointed out at the Second World Internet Conference: “The Internet in China is booming, providing a broad market space for enterprises and entrepreneurs in various countries. The door to China’s opening will never be closed, and the policy of using foreign capital will not change. Foreign-invested enterprises The protection of legitimate rights and interests will not change, and the direction for countries and enterprises to provide better services in China will not change. He also stressed: “All countries should promote open cooperation in the Internet field, enrich the open connotation, increase the level of openness, and build more Communicate and cooperate with the platform to create more points of interest, cooperation growth, and win-win new highlights, and promote mutual complementarity and common development in the cyberspace, so that more countries and people can take advantage of the information age of express trains and share Internet development results.” We must actively participate in international Internet exchanges and cooperation, learn from the advanced experience and technological achievements of countries around the world, grasp and lead the development trend of the Internet, and promote open cooperation and mutual benefit for cyberspace.

Sharing is the fundamental purpose of the development of the network business. Serving the people and benefiting the people’s livelihood is the fundamental starting point and the foothold of China’s Internet development. Xi Jinping stressed: “In order to develop the network, the company must implement the people-centered development thinking. It is necessary to adapt to the people’s expectations and needs, accelerate the popularization of information services, reduce the application cost, and provide the people with the necessary, affordable and useful. Good information services will enable hundreds of millions of people to gain more sense of sharing Internet development results. “We must push the network into thousands of households and guide the people to understand the world, master information, exchange ideas, innovate and improve, and improve through the Internet. Life, let the Internet development achievements not only benefit the 1.3 billion Chinese people, but also benefit the people of all countries in the world.

(3) Governance requirements: safety and development go hand in hand

In 2014, Xi Jinping emphasized at the first meeting of the Central Network Security and Informatization Leading Group that “maintenance of network space security and network data integrity, security, reliability, and maintenance of network space security capabilities.” He also called for the overall relationship between network security and informatization. “Network security and informatization are two wings and two wheels of integration. They must be unified planning, unified deployment, unified promotion, and unified implementation. Do a good job in network security and informationization. Work, we must handle the relationship between security and development, to achieve coherence, go hand in hand, to ensure development by safety, to promote safety through development, to strive to build a long-term security, growth and governance.” Two years later, at the symposium, he pointed out again “Network security and informatization are mutually reinforcing. Security is the premise of development, development is the guarantee of security, and security and development must advance simultaneously. From a global perspective, cybersecurity threats and risks are increasingly prominent, and increasingly toward politics, economy, Conductive penetration in the fields of culture, society, ecology, national defense, etc., especially the key information infrastructure of the country Face greater potential risks, prevention and control of network security capability is weak, it is difficult to effectively deal with national, organized high-strength network attacks. This is a problem for the world, we are certainly no exception. “

In addition, he pointed out that “in the face of complex and severe network security situation, we must remain clear-headed, and all parties must jointly manage and effectively maintain network security.” First, establish a correct view of network security. The idea determines the action. There are several main features of today’s network security. First, cybersecurity is holistic rather than fragmented. Second, network security is dynamic rather than static. Third, cybersecurity is open rather than closed. Fourth, cybersecurity is relative rather than absolute. Fifth, cybersecurity is common rather than isolated. Second, accelerate the construction of a key information infrastructure security system. Third, all-weather perception of the network security situation. Fourth, enhance network security defense capabilities and deterrence capabilities.

(4) Cadre requirements: Take the network mass line and build a concentric circle

The mass line is the fundamental line of our party. Xi Jinping pointed out: “The netizens come from the common people, the people are on the net, and the public opinion is on the net. Where are the people, where are our leading cadres going, or how to contact the masses? Party and government organs and leading cadres at all levels must learn Take the mass route through the Internet, often go online to see, dive, chat, and voice, understand what the masses think, collect good ideas and suggestions, and actively respond to netizens’ concerns and doubts. Be good at using the Internet to understand public opinion and work. It is the basic skill of leading cadres to do their work well under the new situation.”

How to take the network mass route? Xi Jinping gave the method. “The majority of netizens are ordinary people, come from all directions, and their experiences are different. The opinions and ideas must be varied. They cannot be asked to be so accurate and correct about all issues. To be more inclusive. And patience, timely absorption of constructive opinions, timely assistance for difficulties, timely referrals to those who do not understand the situation, timely clarification of vague understanding, timely resolution of complaints of resentment, timely guidance and correction of wrong opinions, Let the Internet become a new platform for us to communicate and communicate with the masses, and become a new way to understand the masses, be close to the masses, solve problems for the masses, and become a new channel for carrying forward people’s democracy and accepting people’s supervision.”

At the same time, Xi Jinping pointed out the efforts of cadres at all levels. “To correctly handle the relationship between security and development, openness and autonomy, management and service, and constantly improve the ability to grasp the laws of the Internet, the ability to guide the public opinion, and the development of informationization. Capabilities, the ability to guarantee network security, and the continuous advancement of network power construction.”

(5) Management requirements: unified leadership, management according to law

The Political Bureau of the CPC Central Committee conducted the 36th collective study on the implementation of the strategy of strengthening the country by the Internet. Accelerate the improvement of network management.

Xi Jinping put forward requirements from the institutional mechanism. He emphasized that the central cybersecurity and informationization leading group should play a centralized and unified leadership role, coordinate and coordinate major issues of cybersecurity and informatization in various fields, and formulate and implement national cybersecurity and informationization development strategies. , macro-planning and major policies, continuously enhance security and security capabilities.

Instructed from the management ideas, in China, more than 700 million people on the Internet, certainly need to manage, and this management is very complicated and very heavy. Enterprises must assume the responsibility of enterprises, and the party and the government must assume the responsibility of the party and the government. No side can give up their responsibilities. It is necessary to deeply understand the role of the Internet in state management and social governance, and to promote e-government and build a new smart city, and to build a nationally integrated national big data center with data concentration and sharing as a way to promote technology integration. Business integration, data integration, and cross-level, cross-regional, cross-system, cross-department, and cross-business collaborative management and services. It is necessary to strengthen the Internet thinking, take advantage of the flat, interactive and rapid advantages of the Internet, promote the scientific decision-making of the government, the precision of social governance, the efficiency of public services, and better use the means of information to better understand the social situation, smooth communication channels, and assist decision-making governance. .

From the legislative norms to point out the direction, we must promptly formulate legislative plans, improve Internet information content management, key information infrastructure protection and other laws and regulations, manage cyberspace in accordance with the law, and safeguard the legitimate rights and interests of citizens. It is necessary to strictly guard against cybercrime, especially new cybercrime, and safeguard the interests of the people and the harmony and stability of society. It is necessary to speed up the process of network legislation, improve the regulatory measures according to law, and resolve network risks. It is necessary to strengthen the management of big data in accordance with the law. Some data concerning national interests and national security are in the hands of Internet companies, and enterprises must ensure the security of these data. Enterprises should pay attention to data security. If the company has problems with data protection and security, it will also have an adverse impact on its own reputation.

It also puts forward hopes for the whole society. Network security is for the people, network security depends on the people, and maintaining network security is the common responsibility of the whole society. It requires the government, enterprises, social organizations and the majority of netizens to participate in the construction of a network security defense line. These characteristics must be well grasped by all relevant parties.

(6) Guarantee requirements: technological breakthroughs, construction of infrastructure and sharing systems

Xi Jinping emphasized that in order to grasp the initiative of China’s Internet development and safeguard Internet security and national security, we must break through the core technology and strive to achieve “curve overtaking” in certain areas and in certain aspects. To achieve breakthroughs in core technologies, we must have determination, perseverance, and focus. He hopes that the vast number of entrepreneurs, experts, scholars and scientific and technological personnel in the field of China’s online information should establish this ambition, strive for this tone, and strive to achieve new major breakthroughs in core technology as soon as possible. The so-called “days, not afraid of thousands of miles; often do, not afraid of thousands of things.”

Xi Jinping stressed that it is necessary to firmly hold the core technology of independent innovation, and to break through the cutting-edge technologies of network development and key core technologies with international competitiveness, accelerate the promotion of domestically controlled independent alternative plans, and build a safe and controllable information technology system. . First, correctly handle open and autonomous relationships. Second, concentrate on the scientific research investment to do big things. Third, actively promote the transformation of core technological achievements. Fourth, promote strong alliances and coordinated research. Fifth, we can explore the formation of an alliance of industry, academia and research, and open the list. To lay a solid foundation for the research and development of core technologies, it is necessary not only to blow up the charge, but also to blow up the collection number, that is, to accumulate the strongest forces together to form the commando and special forces.

Xi Jinping stressed that it is necessary to speed up the construction of a key information infrastructure security system. The key information infrastructure in the fields of finance, energy, electricity, communications, transportation, etc. is the nerve center of economic and social operation, the top priority of network security, and the target of possible key attacks. The “physical isolation” line of defense can be invaded across the network, the power allocation instructions can be maliciously tampered with, and the financial transaction information can be stolen. These are major risk hazards. If there is no problem, it will cause traffic disruption, financial disorder, power hupfer and other issues, which is very destructive and lethal. We must conduct in-depth research and take effective measures to effectively protect the country’s critical information infrastructure.

At the same time, he pointed out that it is necessary to promote the modernization of the national governance system and governance capacity through informationization, coordinate the development of e-government, build an integrated online service platform, promote the construction of new smart cities by hierarchical classification, open up information barriers, and build a national information resource sharing system. It is easy to use information technology to sense social situation, smooth communication channels, and assist scientific decision-making.

(7) Propaganda requirements: the most important thing, to build consensus

Xi Jinping pointed out that we must adhere to the attitude of being responsible to the society and responsible to the people, strengthen the cyberspace governance in accordance with the law, strengthen the construction of online content, strengthen the positive publicity on the Internet, foster a positive and healthy, up-to-good network culture, and use the socialist core values. outstanding achievements of human civilization and nourishing the heart, nourishing community, so that positive energy is abundant, the main theme of the high for the majority of Internet users, especially young people to create a Delicate gas is cyberspace.

Do online media work is a long-term task to improve the online promotion of innovation, the use of propagation network, promote the theme, stimulate positive energy, great efforts to cultivate and practice the socialist core values, when good grasp of the Internet to guide public opinion, and validity To make the cyberspace clear.

Forming a good online public opinion atmosphere is not to say that there can only be one voice, one tone, but that it cannot be used to confess right and wrong, reverse black and white, make a living, commit crimes, and cannot transcend the legal boundaries of the Constitution. An important means to put power into the cage of the system is to play the role of public opinion supervision, including Internet supervision. This article, party and government organs and leading cadres at all levels must pay special attention to, first of all, do a good job. We must not only welcome, but also carefully study and learn from the online criticism of goodwill and the supervision of the Internet, whether it is for the work of the party and the government or for the leading cadres, whether it is ruthless or loyal.

Xi Jinping pointed out that the new application of new technologies and new technologies in the Internet has made the social mobilization function of the Internet increasingly enhanced. To spread positive energy, enhance communication and guiding force. It is necessary to strictly guard against cybercrime, especially new cybercrime, and safeguard the interests of the people and the harmony and stability of society. It is necessary to give full play to the advantages of network communication, experience, and sharing, listen to the will of the people, benefit the people’s livelihood, solve the people’s worries, and unite the social consensus. Online and offline networks should be united and coordinated, forming a good situation for jointly preventing social risks and building a concentric circle together. It is necessary to maintain the security of cyberspace and the integrity, security and reliability of network data, and improve the security of maintaining cyberspace.

Xi Jinping pointed out that the new application of new technologies and new technologies in the Internet has made the social mobilization function of the Internet increasingly enhanced. To spread positive energy, enhance communication and guiding force. It is necessary to give full play to the advantages of network communication, experience, and sharing, listen to the will of the people, benefit the people’s livelihood, solve the people’s worries, and unite the social consensus. Online and offline networks should be united and coordinated, forming a good situation for jointly preventing social risks and building a concentric circle together.

(8) Talent requirements: unrestricted talents

“The people are happy, the losers are falling.” Xi Jinping stressed that to build a network power, we must bring together talent resources and build a strong team with strong politics, good business and good work style. “A thousand troops are easy to get, and one will be hard to find.” It is necessary to train scientists, network technology leaders, engineers, and high-level innovation teams that have created world-class skills.

In terms of ideas, he pointed out that the competition in cyberspace is, in the final analysis, talent competition. Building a network power, there is no outstanding talent team, no talent creation, vitality, and it is difficult to succeed. After reading the talents, you can get twice the result with half the effort. Our brains have to turn around, not only paying attention to capital, but also paying attention to talents. The intensity of introducing talents should be further increased, and the steps of reforming the talent system should be further developed. The field of network information can be tested first, and research should be carried out to formulate ways to attract talents, train talents, and retain talents.

In terms of scope, he pointed out that the development of China’s online letter industry must fully mobilize the enthusiasm, initiative and creativity of entrepreneurs, experts, scholars and scientific and technological personnel. Entrepreneurs, experts, scholars, and scientific and technological personnel must have the responsibility of the state and social responsibility, and contribute their wisdom and strength to the development of the national network. Party committees and governments at all levels must respect knowledge and respect talents from the bottom of their hearts, create good conditions for talents to develop their intelligence, create a relaxed environment, and provide a broad platform.

In terms of methods, he pointed out that the Internet is mainly the cause of young people, and it is necessary to reduce talents. It is necessary to emancipate the mind, to recognize the talents, and to love the talents. To train netizen talents, we must make great efforts and make big money. We invite excellent teachers, compile excellent teaching materials, recruit outstanding students, and build a first-class cyberspace security college. Many talents in the Internet field are geeks and geniuses. They often do not take the usual routines and have many whimsy. There must be special policies for treating special talents, not requiring full blame, not arguing for seniority, and not using a ruler.

In terms of policy, he pointed out that it is necessary to adopt special policies, establish a personnel system and a salary system that adapt to the characteristics of online letters, and condense outstanding talents into technical departments, research departments, and management departments. It is necessary to establish a talent evaluation mechanism that adapts to the characteristics of online letters. The actual ability is the standard of measurement. It is not only academic, not only a thesis, not only a qualification, but also highlights professionalism, innovation and practicality. It is necessary to establish a flexible talent incentive mechanism to enable those who contribute to have a sense of accomplishment and a sense of acquisition. It is necessary to explore scientific research results, intellectual property rights, and interest distribution mechanisms in the field of online information, and formulate specific policies on talent stock participation, technology shareholding, and taxation. In the flow of talents, we must break the institutional boundaries and enable talents to achieve an orderly and smooth flow between the government, enterprises, and think tanks. The advantages of the “revolving door” system in foreign countries can also be used for reference.

At the station, he pointed out that there must be a global perspective on talent selection and the introduction of high-end talents. As China’s comprehensive national strength continues to increase, many countries’ talents also hope to come to China for development. We must take advantage of the trend, reform talents to introduce various supporting systems, and build a globally competitive talent system. No matter which country or region, as long as it is a good talent, it can be used for me. This work has been done by some enterprises and research institutes. I went to some enterprises and research institutes, and also talked with these talents imported from abroad. In this regard, we must increase our efforts to continuously improve our ability to allocate talent resources globally.

(9) Industry requirements: focus on self-discipline and healthy development

The development of a company is directly proportional to its social responsibility. Xi Jinping pointed out that China’s Internet enterprises have played an important role in stabilizing growth, promoting employment, and benefiting people’s livelihood, from small to large, from weak to strong. Let the company continue to develop healthily is not only the goal of entrepreneurs but also the needs of national development. The fate of a company is closely related to the development of the country. It is difficult to become stronger and bigger than the support of the state, the disengagement of the masses, and the service to the country and the people.

How to be stronger and bigger? Xi Jinping pointed out the direction: internally, it is necessary to introduce policies to support the development of enterprises, so that they become the main body of technological innovation and become the main body of information industry development. Externally, we must encourage and support China’s network enterprises to go out, deepen Internet international exchanges and cooperation, and actively participate in the construction of the “Belt and Road” to achieve “where the national interests are and where informationization will be covered”. Foreign Internet companies, as long as they comply with our laws and regulations, we are welcome.

How to avoid the phenomenon of “disconnecting one after another, killing one tube” that has often appeared in the past, and embarking on a new road of joint management and benign interaction? Xi Jinping gave the idea: First, insist on encouraging support and standard development in parallel. Enterprises should be encouraged and supported to become the main body of R&D, the main body of innovation, and the main body of industry. Encourage and support the cutting-edge technology of enterprise layout, promote independent innovation of core technologies, create and seize more opportunities, participate in international competition, and expand overseas development space. It is necessary to regulate market order and encourage healthy competition. The Fourth Plenary Session of the 18th CPC Central Committee proposed to improve the system of property rights protection with fairness as the core principle, strengthen the protection of property rights of various ownership economic organizations and natural persons, and clean up laws and regulations that violate fairness. These requirements should be put in place as soon as possible. Second, adhere to policy guidance and management according to law. The government should create a favorable environment for enterprise development, accelerate the reform of the examination and approval system, financing system, and patent system, reduce duplication of testing and certification, implement a high-quality and high-price government procurement system, reduce the burden on enterprises, and remove institutional and institutional obstacles. At the same time, it is necessary to speed up the process of network legislation, improve the regulatory measures according to law, and resolve network risks. It is necessary to strengthen the management of big data in accordance with the law. Third, adhere to both economic and social benefits. Only a wealth of love is a truly meaningful asset. Only a company that actively assumes social responsibility is the most competitive and vital enterprise. It is hoped that the vast number of Internet companies will adhere to the unity of economic and social benefits, and at the same time of their own development, drink water and source, return the society and benefit the people. We must encourage and support our networked enterprises to go out, deepen the international exchanges and cooperation in the Internet, and actively participate in the construction of the “Belt and Road” to achieve “where the national interests are and where informationization will be covered”. Foreign Internet companies, as long as they comply with our laws and regulations, we are welcome.

(10) International requirements: building a community of destiny

With the multi-polarization of the world, economic globalization, cultural diversity, and in-depth development of social information, the Internet will play a greater role in promoting the progress of human civilization. At the same time, problems such as unbalanced development in the Internet field, unsound rules, and unreasonable order have become increasingly prominent. The information gap between different countries and regions is constantly widening. Existing cyberspace governance rules are difficult to reflect the wishes and interests of most countries; violations of personal privacy, intellectual property rights, cybercrime, etc. occur worldwide, network monitoring, cyber attacks, networks Terrorism and other activities have become global public nuisances.

Faced with these problems and challenges, the international community should strengthen dialogue and cooperation on the basis of mutual respect and mutual trust, promote the reform of the global governance system of the Internet, and jointly build a cyberspace of peace, security, openness and cooperation, and establish multilateral, democratic and transparent. The global Internet governance system. It is proposed that “China is willing to work with the international community to adhere to the common prosperity of mankind, adhere to the concept of cyber sovereignty, promote global Internet governance in a more just and rational direction, and promote cyberspace to achieve equal respect, innovative development, open sharing, and security. The goal of the order.”

“The way of benefit is to go with time.” Cyberspace is the common space for human activities. The future of cyberspace should be mastered by all countries in the world. To promote the reform of the global Internet governance system, we should adhere to the four principles. Respect network sovereignty. Maintain peace and security. Promote open cooperation. Build a good order. Countries should strengthen communication, expand consensus, deepen cooperation, and jointly build a community of cyberspace destiny. In this regard, I would like to make five points. First, accelerate the construction of global network infrastructure and promote interconnection. Second, create an online cultural exchange and sharing platform to promote exchanges and mutual learning. Third, promote the innovation and development of the network economy and promote common prosperity. Fourth, safeguard network security and promote orderly development. Fifth, build an Internet governance system to promote fairness and justice. It has won the approval of most countries in the world.

Xi Jinping pointed out that the Internet is the common home of mankind and works together to build a community of cyberspace destiny. It is the common responsibility of the international community to make this home more beautiful, cleaner and safer. Let us join hands to jointly promote the interconnection and sharing of cyberspace, share common governance, and help create a better future for human development!

Original Mandarin Chinese:

黨的十八大以來,以習近平同志為核心的黨中央高度重視、大力推進網絡安全和信息化工作,深刻把握人類社會發展信息時代階段特徵,客觀分析當前我國互聯網發展基本國情及全球互聯網發展新形勢,先後發表了一系列重要講話,提出了一系列治網新理念新思想新論斷,科學回答了“為什麼要建設網絡強國、建設什麼樣的網絡強國以及怎樣建設網絡強國”這一重大問題,形成了習近平網絡強國戰略思想。認真學習這些新思想,對於推進網絡強國建設,實現“兩個一百年”奮鬥目標和中華民族偉大復興的中國夢具有重要意義。

一、為什麼建設網絡強國

2014年2月27日,習近平總書記在中央網絡安全和信息化領導小組第一次會議上初步提出了建設網絡強國的願景目標,並系統闡釋了網絡強國戰略思想的時代背景、形勢任務、內涵要求,從而使這一思想成為相對完整、系統的理論體系。

習近平提出網絡強國戰略思想的有著嚴謹的邏輯關係,從網絡大國的基礎出發,鑑於網信事業事關全局和麵臨的新形勢轉變,尤其是客觀剖析了存在的差距,堅定了建設網絡強國的戰略目標。習近平在講話中指出,當今世界,信息技術革命日新月異,對國際政治、經濟、文化、社會、軍事等領域發展產生了深刻影響。信息化和經濟全球化相互促進,互聯網已經融入社會生活方方面面,深刻改變了人們的生產和生活方式。我國正處在這個大潮之中,受到的影響越來越深。我國互聯網和信息化工作取得了顯著發展成就,網絡走入千家萬戶,網民數量世界第一,我國已成為網絡大國。這是我們的基礎前提。他指出,互聯網是一個社會信息大平台,億萬網民在上面獲得信息、交流信息,這會對他們的求知途徑、思維方式、價值觀念產生重要影響,特別是會對他們對國家、對社會、對工作、對人生的看法產生重要影響。習近平強調,網絡安全和信息化對一個國家很多領域都是牽一發而動全身的,要認清我們面臨的形勢和任務,充分認識做好工作的重要性和緊迫性,因勢而謀,應勢而動,順勢而為。這是事關全局。習近平指出,隨著互聯網特別是移動互聯網發展,社會治理模式正在從單向管理轉向雙向互動,從線下轉向線上線下融合,從單純的政府監管向更加註重社會協同治理轉變。這是形勢轉變。當今世界,信息化發展很快,不進則退,慢進亦退。同世界先進水平相比,同建設網絡強國戰略目標相比,我們在很多方面還有不小差距,特別是在互聯網創新能力、基礎設施建設、信息資源共享、產業實力等方面還存在不小差距,其中最大的差距在核心技術上。

二、建設什麼樣的網絡強國

習近平指出,沒有網絡安全就沒有國家安全,沒有信息化就沒有現代化。建設網絡強國,要有自己的技術,有過硬的技術;要有豐富全面的信息服務,繁榮發展的網絡文化;要有良好的信息基礎設施,形成實力雄厚的信息經濟;要有高素質的網絡安全和信息化人才隊伍;要積極開展雙邊、多邊的互聯網國際交流合作。他還強調,網絡空間是億萬民眾共同的精神家園。網絡空間天朗氣清、生態良好,符合人民利益。網絡空間烏煙瘴氣、生態惡化,不符合人民利益。

概括地講,網絡強國至少有六大標誌:一是網絡信息化基礎設施要處於世界領先水平。二是要有明確的網絡空間戰略和國際社會中的網絡話語權。三是關鍵技術上要自主可控,特別是操作系統和CPU技術。四是網絡安全要有足夠的保障手段和能力。五是網絡應用在規模、質量等方面要處在世界領先水平。六是在網絡空間戰略中,要有佔領制高點的能力和實力。

《國家信息化戰略綱要》提出,建設網絡強國具體分三步走:第一步到2020年,信息消費總額達到6萬億元,電子商務交易規模達到38萬億元,核心關鍵技術部分領域達到國際先進水平,信息產業國際競爭力大幅提升,信息化成為驅動現代化建設的先導力量;第二步到2025年,信息消費總額達到12萬億元,電子商務交易規模達到67萬億元,建成國際領先的移動通信網絡,根本改變核心關鍵技術受制於人的局面,實現技術先進、產業發達、應用領先、網絡安全堅不可摧的戰略目標,湧現一批具有強大國際競爭力的大型跨國網信企業;第三步到本世紀中葉,信息化全面支撐富強民主文明和諧的社會主義現代化國家建設,網絡強國地位日益鞏固,在引領全球信息化發展方面有更大作為。

習近平規劃了建設網絡強國的時間表,建設網絡強國的戰略部署要與“兩個一百年”奮鬥目標同步推進,向著網絡基礎設施基本普及、自主創新能力顯著增強、信息經濟全面發展、網絡安全保障有力的目標不斷前進。

三、怎樣建設網絡強國

(一)根本要求:以人民為中心

治國有常,而利民為本。習近平強調,網信事業要發展,必須貫徹以人民為中心的發展思想。要適應人民期待和需求,加快信息化服務普及,降低應用成本,為老百姓提供用得上、用得起、用得好的信息服務,讓億萬人民在共享互聯網發展成果上有更多獲得感。相比城市,農村互聯網基礎設施建設是我們的短板。要加大投入力度,加快農村互聯網建設步伐,擴大光纖網、寬帶網在農村的有效覆蓋。可以做好信息化和工業化深度融合這篇大文章,發展智能製造,帶動更多人創新創業;可以瞄準農業現代化主攻方向,提高農業生產智能化、經營網絡化水平,幫助廣大農民增加收入;可以發揮互聯網優勢,實施“互聯網+教育”、“互聯網+醫療”、“互聯網+文化”等,促進基本公共服務均等化;可以發揮互聯網在助推脫貧攻堅中的作用,推進精準扶貧、精準脫貧,讓更多困難群眾用上互聯網,讓農產品通過互聯網走出鄉村,讓山溝裡的孩子也能接受優質教育;可以加快推進電子政務,鼓勵各級政府部門打破信息壁壘、提升服務效率,讓百姓少跑腿、信息多跑路,解決辦事難、辦事慢、辦事繁的問題,等等。這些方面有很多事情可做,一些互聯網企業已經做了嘗試,取得了較好的經濟效益和社會效益。

2016年11月29日,全國網絡扶貧工作現場推進會在江西寧都召開。 “要實施網絡扶貧行動,推進精準扶貧、精準脫貧,讓扶貧工作隨時隨地、四通八達,讓貧困地區群眾在互聯網共建共享中有更多獲得感”,習總書記這一重要指示在紅色革命老區再次宣示,網絡扶貧成為決勝全面小康的新槓桿。

(二)理念要求:踐行五大發展理念先行一步

黨的十八屆五中全會提出了創新、協調、綠色、開放、共享的新發展理念,這是在深刻總結國內外發展經驗教訓、深入分析國內外發展大勢的基礎上提出的,集中反映了我們黨對我國經濟社會發展規律的新認識。按照新發展理念推動我國經濟社會發展,是當前和今後一個時期我國發展的總要求和大趨勢。古人說:“隨時以舉事,因資而立功,用萬物之能而獲利其上。”我國網信事業發展要適應這個大趨勢。總體上說,網信事業代表著新的生產力、新的發展方向,應該也能夠在踐行新發展理念上先行一步。

創新是網信事業發展的核心力量。創新是互聯網發展的基因。互聯網的理念創新、技術創新是自身發展的需要,在互聯網大潮中不進則退,沒有創新就沒有生存空間。要始終把創新擺在首要位置,推動體制機制創新、理念創新、技術創新、應用創新,支持鼓勵互聯網企業家、領軍人才和工程技術人員創新創造,為互聯網發展提供不竭動力。習近平在第二屆世界互聯網大會上指出:“中國正在實施‘互聯網+’行動計劃,推進‘數字中國’建設,發展分享經濟,支持基於互聯網的各類創新,提高發展質量和效益。”

協調是網信事業發展的內在要求。無論是國內還是國外,都存在網絡安全和信息化發展不平衡、不協調的問題,解決這些問題,就要樹立協調發展的理念,消除數字鴻溝,縮小城鄉差異、地區差異,保障信息安全,實現均衡發展、全面發展、安全發展。習近平在中央網絡安全和信息化領導小組第一次會議上指出:“要從國際國內大勢出發,總體佈局,統籌各方,創新發展,努力把我國建設成為網絡強國。”

綠色發展是網信事業健康發展的重要保障。信息化產業就是綠色產業,信息化、網絡化正支撐著工業、農業、國防等各個領域的應用和升級,推動著綠色發展、低碳發展、循環發展。要弘揚主旋律,傳播正能量,使網絡空間清朗起來。在2016年4月19日的座談會上習近平指出:“網絡空間天朗氣清、生態良好,符合人民利益。網絡空間烏煙瘴氣、生態惡化,不符合人民利益。” 他還強調:“我們要本著對社會負責、對人民負責的態度,依法加強網絡空間治理,加強網絡內容建設,做強網上正面宣傳,培育積極健康、向上向善的網絡文化,用社會主義核心價值觀和人類優秀文明成果滋養人心、滋養社會,做到正能量充沛、主旋律高昂,為廣大網民特別是青少年營造一個風清氣正的網絡空間。”

開放是網信事業發展的本質特徵。互聯網打開了世界各國開放的大門。習近平指出:“互聯網讓世界變成了’雞犬之聲相聞’的地球村,相隔萬里的人們不再’老死不相往來’。可以說,世界因互聯網而更多彩,生活因互聯網而更豐富。”中國互聯網事業的發展離不開世界,世界的互聯網事業也離不開中國。習近平在第二屆世界互聯網大會上指出:“中國互聯網蓬勃發展,為各國企業和創業者提供了廣闊市場空間。中國開放的大門永遠不會關上,利用外資的政策不會變,對外商投資企業合法權益的保障不會變,為各國企業在華投資興業提供更好服務的方向不會變。”他還強調:“各國應該推進互聯網領域開放合作,豐富開放內涵,提高開放水平,搭建更多溝通合作平台,創造更多利益契合點、合作增長點、共贏新亮點,推動彼此在網絡空間優勢互補、共同發展,讓更多國家和人民搭乘信息時代的快車、共享互聯網發展成果。”我們要積極參與國際互聯網交流與合作,學習借鑒世界各國先進經驗和技術成果,把握和引領國際互聯網發展趨勢,推動網絡空間開放合作、互利共贏。

共享是網信事業發展的根本宗旨。服務百姓、惠及民生是我國互聯網發展的根本出發點和落腳點。習近平強調:“網信事業要發展,必須貫徹以人民為中心的發展思想。要適應人民期待和需求,加快信息化服務普及,降低應用成本,為老百姓提供用得上、用得起、用得好的信息服務,讓億萬人民在共享互聯網發展成果上有更多獲得感。”我們要推動網絡走進千家萬戶,引導人民群眾通過互聯網了解世界、掌握信息、交流思想、創新創業、改善生活,讓互聯網發展成果不僅惠及13億中國人民,同時也造福於世界各國人民。

(三)治理要求:安全與發展齊頭並進

2014年,習近平在中央網絡安全和信息化領導小組第一次會議上就特別強調,“要維護網絡空間安全以及網絡數據的完整性、安全性、可靠性,提高維護網絡空間安全能力。”同時,他還要求統籌好網絡安全和信息化的關係,“網絡安全和信息化是一體之兩翼、驅動之雙輪,必須統一謀劃、統一部署、統一推進、統一實施。做好網絡安全和信息化工作,要處理好安全和發展的關係,做到協調一致、齊頭並進,以安全保發展、以發展促安全,努力建久安之勢、成長治之業。” 兩年之後的座談會上,他再次指出,“網絡安全和信息化是相輔相成的。安全是發展的前提,發展是安全的保障,安全和發展要同步推進。從世界範圍看,網絡安全威脅和風險日益突出,並日益向政治、經濟、文化、社會、生態、國防等領域傳導滲透。特別是國家關鍵信息基礎設面臨較大風險隱患,網絡安全防控能力薄弱,難以有效應對國家級、有組織的高強度網絡攻擊。這對世界各國都是一個難題,我們當然也不例外。”

此外,他指出“面對複雜嚴峻的網絡安全形勢,我們要保持清醒頭腦,各方面齊抓共管,切實維護網絡安全。”第一,樹立正確的網絡安全觀。理念決定行動。當今的網絡安全,有幾個主要特點。一是網絡安全是整體的而不是割裂的。二是網絡安全是動態的而不是靜態的。三是網絡安全是開放的而不是封閉的。四是網絡安全是相對的而不是絕對的。五是網絡安全是共同的而不是孤立的。第二,加快構建關鍵信息基礎設施安全保障體系。第三,全天候全方位感知網絡安全態勢。第四,增強網絡安全防禦能力和威懾能力。

(四)幹部要求:走好網絡群眾路線,共築同心圓

群眾路線是我們黨的根本路線。習近平指出,“網民來自老百姓,老百姓上了網,民意也就上了網。群眾在哪兒,我們的領導幹部就要到哪兒去,不然怎麼聯繫群眾呢?各級黨政機關和領導幹部要學會通過網絡走群眾路線,經常上網看看,潛潛水、聊聊天、發發聲,了解群眾所思所願,收集好想法好建議,積極回應網民關切、解疑釋惑。善於運用網絡了解民意、開展工作,是新形勢下領導幹部做好工作的基本功。”

如何走好網絡群眾路線?習近平給出了方法,“網民大多數是普通群眾,來自四面八方,各自經歷不同,觀點和想法肯定是五花八門的,不能要求他們對所有問題都看得那麼準、說得那麼對。要多一些包容和耐心,對建設性意見要及時吸納,對困難要及時幫助,對不了解情況的要及時宣介,對模糊認識要及時廓清,對怨氣怨言要及時化解,對錯誤看法要及時引導和糾正,讓互聯網成為我們同群眾交流溝通的新平台,成為了解群眾、貼近群眾、為群眾排憂解難的新途徑,成為發揚人民民主、接受人民監督的新渠道。”

同時習近平指出各級幹部的努力方向,“要正確處理安全和發展、開放和自主、管理和服務的關係,不斷提高對互聯網規律的把握能力、對網絡輿論的引導能力、對信息化發展的駕馭能力、對網絡安全的保障能力,把網絡強國建設不斷推向前進。”

(五)管理要求:統一領導,依法管理

中共中央政治局就實施網絡強國戰略進行第三十六次集體學習。加快提高網絡管理水平。

習近平從體制機制上提出了要求,他強調,中央網絡安全和信息化領導小組要發揮集中統一領導作用,統籌協調各個領域的網絡安全和信息化重大問題,制定實施國家網絡安全和信息化發展戰略、宏觀規劃和重大政策,不斷增強安全保障能力。

從管理思路上作出了指示,在我國,7億多人上互聯網,肯定需要管理,而且這個管理是很複雜、很繁重的。企業要承擔企業的責任,黨和政府要承擔黨和政府的責任,哪一邊都不能放棄自己的責任。要深刻認識互聯網在國家管理和社會治理中的作用,以推行電子政務、建設新型智慧城市等為抓手,以數據集中和共享為途徑,建設全國一體化的國家大數據中心,推進技術融合、業務融合、數據融合,實現跨層級、跨地域、跨系統、跨部門、跨業務的協同管理和服務。要強化互聯網思維,利用互聯網扁平化、交互式、快捷性優勢,推進政府決策科學化、社會治理精準化、公共服務高效化,用信息化手段更好感知社會態勢、暢通溝通渠道、輔助決策施政。

從立法規範上指明了方向,要抓緊制定立法規劃,完善互聯網信息內容管理、關鍵信息基礎設施保護等法律法規,依法治理網絡空間,維護公民合法權益。要嚴密防範網絡犯罪特別是新型網絡犯罪,維護人民群眾利益和社會和諧穩定。要加快網絡立法進程,完善依法監管措施,化解網絡風險。要依法加強對大數據的管理。一些涉及國家利益、國家安全的數據,很多掌握在互聯網企業手裡,企業要保證這些數據安全。企業要重視數據安全。如果企業在數據保護和安全上出了問題,對自己的信譽也會產生不利影響。

並對全社會提出了希望,網絡安全為人民,網絡安全靠人民,維護網絡安全是全社會共同責任,需要政府、企業、社會組織、廣大網民共同參與,共築網絡安全防線。這幾個特點,各有關方面要好好把握。

(六)保障要求:技術突破,建設基礎設施和共享體系

習近平強調,我們要掌握我國互聯網發展主動權,保障互聯網安全、國家安全,就必須突破核心技術這個難題,爭取在某些領域、某些方面實現“彎道超車”。核心技術要取得突破,就要有決心、恆心、重心。他希望,我國網信領域廣大企業家、專家學者、科技人員要樹立這個雄心壯志,要爭這口氣,努力盡快在核心技術上取得新的重大突破。正所謂“日日行,不怕千萬里;常常做,不怕千萬事”。

習近平強調,要緊緊牽住核心技術自主創新這個“牛鼻子”,抓緊突破網絡發展的前沿技術和具有國際競爭力的關鍵核心技術,加快推進國產自主可控替代計劃,構建安全可控的信息技術體系。第一,正確處理開放和自主的關係。第二,在科研投入上集中力量辦大事。第三,積極推動核心技術成果轉化。第四,推動強強聯合、協同攻關。第五,可以探索組建產學研用聯盟、揭榜掛帥。要打好核心技術研發攻堅戰,不僅要把衝鋒號吹起來,而且要把集合號吹起來,也就是要把最強的力量積聚起來共同幹,組成攻關的突擊隊、特種兵。

習近平強調,要加快構建關鍵信息基礎設施安全保障體系。金融、能源、電力、通信、交通等領域的關鍵信息基礎設施是經濟社會運行的神經中樞,是網絡安全的重中之重,也是可能遭到重點攻擊的目標。 “物理隔離”防線可被跨網入侵,電力調配指令可被惡意篡改,金融交易信息可被竊取,這些都是重大風險隱患。不出問題則已,一出就可能導致交通中斷、金融紊亂、電力癱瘓等問題,具有很大的破壞性和殺傷力。我們必須深入研究,採取有效措施,切實做好國家關鍵信息基礎設施安全防護。

同時,他指出,要以信息化推進國家治理體系和治理能力現代化,統籌發展電子政務,構建一體化在線服務平台,分級分類推進新型智慧城市建設,打通信息壁壘,構建全國信息資源共享體系,更好用信息化手段感知社會態勢、暢通溝通渠道、輔助科學決策。

(七)宣傳要求:重中之重,凝聚共識

習近平指出,我們要本著對社會負責、對人民負責的態度,依法加強網絡空間治理,加強網絡內容建設,做強網上正面宣傳,培育積極健康、向上向善的網絡文化,用社會主義核心價值觀和人類優秀文明成果滋養人心、滋養社會,做到正能量充沛、主旋律高昂,為廣大網民特別是青少年營造一個風清氣正的網絡空間。

做好網上輿論工作是一項長期任務,要創新改進網上宣傳,運用網絡傳播規律,弘揚主旋律,激發正能量,大力培育和踐行社會主義核心價值觀,把握好網上輿論引導的時、度、效,使網絡空間清朗起來。

形成良好網上輿論氛圍,不是說只能有一個聲音、一個調子,而是說不能搬弄是非、顛倒黑白、造謠生事、違法犯罪,不能超越了憲法法律界限。要把權力關進制度的籠子裡,一個重要手段就是發揮輿論監督包括互聯網監督作用。這一條,各級黨政機關和領導幹部特別要注意,首先要做好。對網上那些出於善意的批評,對互聯網監督,不論是對黨和政府工作提的還是對領導幹部個人提的,不論是和風細雨的還是忠言逆耳的,我們不僅要歡迎,而且要認真研究和吸取。

習近平指出,互聯網新技術新應用不斷發展,使互聯網的社會動員功能日益增強。要傳播正能量,提升傳播力和引導力。要嚴密防範網絡犯罪特別是新型網絡犯罪,維護人民群眾利益和社會和諧穩定。要發揮網絡傳播互動、體驗、分享的優勢,聽民意、惠民生、解民憂,凝聚社會共識。網上網下要同心聚力、齊抓共管,形成共同防範社會風險、共同構築同心圓的良好局面。要維護網絡空間安全以及網絡數據的完整性、安全性、可靠性,提高維護網絡空間安全能力。

習近平指出,互聯網新技術新應用不斷發展,使互聯網的社會動員功能日益增強。要傳播正能量,提升傳播力和引導力。要發揮網絡傳播互動、體驗、分享的優勢,聽民意、惠民生、解民憂,凝聚社會共識。網上網下要同心聚力、齊抓共管,形成共同防範社會風險、共同構築同心圓的良好局面。

(八)人才要求:不拘一格降人才

“得人者興,失人者崩。”習近平強調,建設網絡強國,要把人才資源匯聚起來,建設一支政治強、業務精、作風好的強大隊伍。 “千軍易得,一將難求”,要培養造就世界水平的科學家、網絡科技領軍人才、卓越工程師、高水平創新團隊。

思路上,他指出,網絡空間的競爭,歸根結底是人才競爭。建設網絡強國,沒有一支優秀的人才隊伍,沒有人才創造力迸發、活力湧流,是難以成功的。念好了人才經,才能事半功倍。我們的腦子要轉過彎來,既要重視資本,更要重視人才,引進人才力度要進一步加大,人才體制機制改革步子要進一步邁開。網信領域可以先行先試,抓緊調研,制定吸引人才、培養人才、留住人才的辦法。

範圍上,他指出,我國網信事業發展,必須充分調動企業家、專家學者、科技人員積極性、主動性、創造性。企業家、專家學者、科技人員要有國家擔當、社會責任,為促進國家網信事業發展多貢獻自己的智慧和力量。各級黨委和政府要從心底里尊重知識、尊重人才,為人才發揮聰明才智創造良好條件,營造寬鬆環境,提供廣闊平台。

方法上,他指出,互聯網主要是年輕人的事業,要不拘一格降人才。要解放思想,慧眼識才,愛才惜才。培養網信人才,要下大功夫、下大本錢,請優秀的老師,編優秀的教材,招優秀的學生,建一流的網絡空間安全學院。互聯網領域的人才,不少是怪才、奇才,他們往往不走一般套路,有很多奇思妙想。對待特殊人才要有特殊政策,不要求全責備,不要論資排輩,不要都用一把尺子衡量。

政策上,他指出,要採取特殊政策,建立適應網信特點的人事制度、薪酬制度,把優秀人才凝聚到技術部門、研究部門、管理部門中來。要建立適應網信特點的人才評價機制,以實際能力為衡量標準,不唯學歷,不唯論文,不唯資歷,突出專業性、創新性、實用性。要建立靈活的人才激勵機制,讓作出貢獻的人才有成就感、獲得感。要探索網信領域科研成果、知識產權歸屬、利益分配機制,在人才入股、技術入股以及稅收方面製定專門政策。在人才流動上要打破體制界限,讓人才能夠在政府、企業、智庫間實現有序順暢流動。國外那種“旋轉門”制度的優點,我們也可以藉鑑。

站位上,他指出,在人才選拔上要有全球視野,下大氣力引進高端人才。隨著我國綜合國力不斷增強,有很多國家的人才也希望來我國發展。我們要順勢而為,改革人才引進各項配套制度,構建具有全球競爭力的人才制度體系。不管是哪個國家、哪個地區的,只要是優秀人才,都可以為我所用。這項工作,有些企業、科研院所已經做了,我到一些企業、科研院所去,也同這些從國外引進的人才進行過交談。這方面要加大力度,不斷提高我們在全球配置人才資源能力。

(九)行業要求:注重自律和健康發展

企業的發展與其承擔的社會責任是成正比的。習近平指出,我國互聯網企業由小到大、由弱變強,在穩增長、促就業、惠民生等方面發揮了重要作用。讓企業持續健康發展,既是企業家奮鬥的目標,也是國家發展的需要。企業命運與國家發展息息相關。脫離了國家支持、脫離了群眾支持,脫離了為國家服務、為人民服務,企業難以做強做大。

如何做強做大?習近平指明了方向:對內,要出台支持企業發展的政策,讓他們成為技術創新主體,成為信息產業發展主體。對外,要鼓勵和支持我國網信企業走出去,深化互聯網國際交流合作,積極參與“一帶一路”建設,做到“國家利益在哪裡,信息化就覆蓋到哪裡”。外國互聯網企業,只要遵守我國法律法規,我們都歡迎。

如何避免過去經常出現的“一放就亂、一管就死”現象,走出一條齊抓共管、良性互動的新路?習近平給出了思路:第一,堅持鼓勵支持和規範發展並行。應該鼓勵和支持企業成為研發主體、創新主體、產業主體,鼓勵和支持企業佈局前沿技術,推動核心技術自主創新,創造和把握更多機會,參與國際競爭,拓展海外發展空間。要規範市場秩序,鼓勵進行良性競爭。黨的十八屆四中全會提出健全以公平為核心原則的產權保護製度,加強對各種所有製經濟組織和自然人財產權的保護,清理有違公平的法律法規條款。這些要求要盡快落實到位。第二,堅持政策引導和依法管理並舉。政府要為企業發展營造良好環境,加快推進審批制度、融資制度、專利制度等改革,減少重複檢測認證,施行優質優價政府採購制度,減輕企業負擔,破除體制機制障礙。同時,要加快網絡立法進程,完善依法監管措施,化解網絡風險。要依法加強對大數據的管理。第三,堅持經濟效益和社會效益並重。只有富有愛心的財富才是真正有意義的財富,只有積極承擔社會責任的企業才是最有競爭力和生命力的企業。希望廣大互聯網企業堅持經濟效益和社會效益統一,在自身發展的同時,飲水思源,回報社會,造福人民。我們要鼓勵和支持我國網信企業走出去,深化互聯網國際交流合作,積極參與“一帶一路”建設,做到“國家利益在哪裡,信息化就覆蓋到哪裡”。外國互聯網企業,只要遵守我國法律法規,我們都歡迎。

(十)國際要求:共建命運共同體

隨著世界多極化、經濟全球化、文化多樣化、社會信息化深入發展,互聯網對人類文明進步將發揮更大促進作用。同時,互聯網領域發展不平衡、規則不健全、秩序不合理等問題日益凸顯。不同國家和地區信息鴻溝不斷拉大,現有網絡空間治理規則難以反映大多數國家意願和利益;世界範圍內侵害個人隱私、侵犯知識產權、網絡犯罪等時有發生,網絡監聽、網絡攻擊、網絡恐怖主義活動等成為全球公害。

面對這些問題和挑戰,國際社會應該在相互尊重、相互信任的基礎上,加強對話合作,推動互聯網全球治理體系變革,共同構建和平、安全、開放、合作的網絡空間,建立多邊、民主、透明的全球互聯網治理體系。提出“中國願同國際社會一道,堅持以人類共同福祉為根本,堅持網絡主權理念,推動全球互聯網治理朝著更加公正合理的方向邁進,推動網絡空間實現平等尊重、創新發展、開放共享、安全有序的目標。”

“凡益之道,與時偕行。”網絡空間是人類共同的活動空間,網絡空間前途命運應由世界各國共同掌握。推進全球互聯網治理體系變革,應該堅持四項原則。尊重網絡主權。維護和平安全。促進開放合作。構建良好秩序。各國應該加強溝通、擴大共識、深化合作,共同構建網絡空間命運共同體。對此,我願提出5點主張。第一,加快全球網絡基礎設施建設,促進互聯互通。第二,打造網上文化交流共享平台,促進交流互鑑。第三,推動網絡經濟創新發展,促進共同繁榮。第四,保障網絡安全,促進有序發展。第五,構建互聯網治理體系,促進公平正義。贏得了世界絕大多數國家贊同。

習近平指出,互聯網是人類的共同家園,攜手構建網絡空間命運共同體。讓這個家園更美麗、更乾淨、更安全,是國際社會的共同責任。讓我們攜起手來,共同推動網絡空間互聯互通、共享共治,為開創人類發展更加美好的未來助力!

Original Referring URL:  http://theory.people.com.cn/n1/

Chinese Military: Cyber security is a matter of war. In the information war, cyberspace has become a new dimension of battlefield space // 中國軍隊:網絡安全是戰爭問題。 在信息戰中,網絡空間已成為戰場空間的新維度

Chinese Military: Cyber security is a matter of war. In the information war, cyberspace has become a new dimension of battlefield space //

中國軍隊:網絡安全是戰爭問題。 在信息戰中,網絡空間已成為戰場空間的新維度

 

Author:   來源: 解放軍報 作者: 周鴻禕 張春雨

DTG: 2018年05月22日 16:XX:XX

 ● Promote network security. The integration of military and civilian needs to integrate and optimize the allocation at the national level, and promote the two-way flow of technology, talents and resources.

  ● Whether it is network security analysis, situation research, emergency response, or network protection hardware and software development, a large number of information technology talents are needed.

  

        President Xi profoundly pointed out that there is no national security without cyber security. In the digital age, cyberspace has penetrated into various fields such as politics, economy, military, culture, etc. It has the natural attributes of military and civilian integration, and is an important aspect of the integration and development of military and civilians in the new era. At present, China is marching toward a network power and building a network great wall combining military and civilian integration. It is not only the basic system design for building a network power and information army, but also an important driving force for promoting the deep development of military and civilian integration. Under the new situation, we will actively promote the in-depth development of cyber security, military and civilian integration, and urgently need to break down institutional barriers, structural contradictions, and policy issues, and constantly improve the level of integration and enhance joint protection capabilities.

Cybersecurity is related to the overall security of the country, and it is necessary for the military to walk away from the road of comprehensive integration.

  In the information age, cyberspace security has become a new commanding height of the national strategy. Last year, the “Eternal Blue” ransomware that broke out in the world, the Ukrainian power grid attacked, and the US election “mail door” and other events showed that cyber security concerns national security, social stability and war victory or defeat. The cyber security contest has risen to the national level of confrontation, beyond the scope of the military’s respective management and control, and it is necessary to rely on the integration of the military and the local forces to manage and manage well.

  Cybersecurity is a national interest. As the network’s tentacles extend to economic, social, cultural and other fields, its security will affect economic security, social security, cultural security, and information security. In May 2017, the “Eternal Blue” ransom virus swept through more than 150 countries and regions, including government, banks, communications companies, energy companies and other important departments, and the infrastructure was paralyzed, causing an uproar in the world. Earlier, Saudi Arabia’s infrastructure was attacked by cyber attacks. In just a few minutes, the computer hard drive was destroyed, all data was emptied, and the attacker tried to cause an explosion. If it succeeded, it would undoubtedly have serious consequences.

  Cybersecurity is a matter of war. In the information war, cyberspace has become a new dimension of battlefield space. At present, the United States, the United Kingdom, and Japan have established cyber warfare forces and vigorously developed various cyber weapons. In the Iraq war, the US military first destroyed the five key command and radar facilities of the Iraqi army, and used electronic interference to firmly grasp the information superiority, making the Iraqi army blind and paralyzed, and the defense system quickly paralyzed. With the accelerated evolution of war forms, the competition for information superiority has increasingly become the core content of war wins and losses. As the “main battlefield” of information control, cyberspace has increasingly become the commanding height of war games.

  Cybersecurity is a common practice in the world. At present, many countries in the world regard military and civilian integration as an important way to improve the security of cyberspace. For example, the United States has made cybersecurity the focus of national security. The White House and the Pentagon have designated Boeing and Lockheed Martin as the national network security team, and designated information technology giants such as Microsoft, Intel, Cisco, Apple, and Google for network security. Professional team, designated Symantec, McAfee and other network security protection companies for the network security special team. In Israel, after the retiring of many Israeli cyber security forces, they became the elite of local high-tech enterprises and founded several network security companies. These companies have come back to cooperate with the Israeli army in the field of network security to enhance the security of the military network and promote the development of the entire network space security.

Network security resources are diversified and diverse, requiring military to strengthen top-level design coordination

  Promoting the integration of military and civilian development is a systematic project. It is necessary to use system science, system thinking, and systematic methods to solve problems. At present, China’s various information network systems are developing at a high speed, and network functions of different functions and types are being put into use one after another. The overall framework of the network security protection system is basically established. However, network security resources are widely distributed in the military and local areas. Promoting network security and military-civilian integration, improving synergy protection needs to strengthen top-level design coordination, break down institutional barriers and departmental interests, unify integration and optimize allocation at the national level, and promote technology, talents, resources, etc. Two-way flow conversion of features.

  Establish and improve the leadership system of the network security organization. It is necessary to speed up the establishment of a leading agency for cybersecurity work organizations with Chinese characteristics in order to ensure a clear hierarchy and division of labor. The national cybersecurity leadership agency’s work focuses on strengthening the top-level design and macro-management of cybersecurity military-civilian integration, formulating development strategies and planning plans, fulfilling the overall coordination function in military-civilian integration, and being responsible for domestic cybersecurity defense and emergency response, and combating cybercrime. And cyber terrorism; military cyber security authorities focus on the overall planning and construction of military cybersecurity, integrating the areas of military and civilian integration into the overall development of national cybersecurity, and doing a good job of connecting with national cybersecurity development plans, We will clarify the relevant processes and management methods for military-land coordination, improve the work system for regular military conferences, important situation notifications, and major operational coordination, and form joint prevention, joint management, and joint control of cyberspace security.

  Coordinate the planning standards for military network security construction. With the goal of effectively responding to the current and future cyber offensive and defensive measures, the overall framework of military and civilian cybersecurity construction will be scientifically formulated, the construction model will be classified, the short-term and long-term construction goals will be defined, and the supporting measures for completing the tasks will be determined. The first is to adhere to the standard. Actively promote the unification of technical standards for network security basic products such as autonomously controllable secure operating systems and secure database systems, and achieve full integration of systems at key moments to create a solid and reliable network security defense line. The second is to insist on a unified assessment. Strengthen the assessment of network security construction and technical risk assessment of network security products, clarify the evaluation procedures and links, and adopt scientific and effective evaluation methods to ensure that the network is secure and controllable after it is built.

  Establish a network security military resource sharing mechanism. To realize the sharing of military network security resources, the key is to establish a mechanism for military land demand. The information on military and civilian technical achievements should be released in a timely manner. The real-time table of “the battlefield needs to be lacking” and “market ownership” should be fully shared with the military and land needs, technologies, standards, products and other information resources; accelerate the construction of military information integration and sharing platform, Expand Unicom channels, standardize interoperability standards, and achieve full complementarity and sharing of military and territorial information resources; establish a network security access system, clearly define the scope of confidentiality levels, and the military business authorities and the “Ministry of the Army” enterprises regularly meet, information, and demand docking Collaborate with research and development to prevent civil network security forces from developing technology and losing targets, reducing targets, protecting tactics from losing rivals, and lacking direction; establishing a network threat information exchange mechanism, timely interoperating with domestic and international network security updates and major event notifications, encouraging private Enterprises and governments, the military share real-time network security threat information, improve the professional and real-time response capabilities of research and analysis.

The essence of cybersecurity is the contest of talents.

  The essence of cybersecurity is cyber confrontation, which is essentially the competition of talents. Whether it is network security analysis, planning, situation research, response and disposal, or network protection hardware and software development, a large number of information technology talents are needed. In order to meet the huge demand of military network security talents, it is necessary to firmly establish a joint thinking.

  Jointly train talents. In recent years, important progress has been made in the training of national cyber security personnel. Cyberspace security has been added to the first-level discipline by the Academic Degrees Committee and the Ministry of Education, and nearly 10,000 graduates in the field of cyberspace security each year. However, compared with the demand for building a network strong country and strengthening the army, there is still a big gap, such as a large gap in the talent team, a need to improve the training system, and insufficient reserve of practical talents. We should actively explore the military, local colleges, research institutes and network security enterprises to carry out joint training channels for talents, build a team of teachers, jointly set up experimental sites, and set up a practice base to realize the organic combination of classroom teaching and practical practice, through network security training. Camp, safety operation and maintenance personnel training, etc., to enhance the professional capabilities of network security practitioners, improve the rapid, large-scale, actual combat security operation and maintenance, analysis and response, attack and defense penetration and other network security personnel joint training mechanism.

  Joint use of strength. We should coordinate the use of various forces in the military, strengthen operational coordination, and establish a relatively comprehensive network security joint prevention and control mechanism. On the one hand, give full play to the role of local network security talents, open up the military network security top-level design, core technology research and development, and network security overall construction to meet the needs of military network security for talents; on the other hand, give full play to the military network security needs The role of the booster is to use the military’s advanced network technology to test the security of national critical infrastructure networks such as nuclear power, communications, transportation, and finance, and to verify the effectiveness of the emergency response system.

  Joint research and development technology. Military and civilian collaborative innovation is an important way to achieve breakthroughs in network protection technology innovation. We should focus on the use of military demand for cutting-edge innovation, and focus on breaking key network technologies, promoting the sharing of military and civilians on the basic platform, and vigorously promoting the mutual transformation of military and civilian technologies; encouraging universities, research institutes, military enterprises, and superior private enterprises to strengthen alliances. Focus on military, human, material and financial resources, and focus on key chips, core devices, operating systems, etc.; explore military and civilian integration network security equipment technology innovation model, develop a new generation of firewalls, intrusion detection, information encryption, information hiding, anti-eavesdropping And other protection technologies to jointly foster an ecological chain of autonomous network security industry.

  In addition, due to the comprehensive complexity of network security, military and regional forces are needed to strengthen regulatory and policy guarantees. Formulate a legal system for network security and military-civilian integration, relevant policies to support the integration of cyber security and civil-military, and relevant documents in the field of cybersecurity military-civilian integration key protection, ensure that the measures for network security and military-civilian integration take root, and form a joint support system for military and land.

Original Mandarin Chinese:

要點提示

●推動網絡安全軍民融合,需要在國家層面統一整合、優化配置,促進技術、人才、資源等要素雙向流動轉化。

●無論是網絡安全分析、態勢研判、應急處置,還是網絡防護硬件、軟件的研發,都需要大量的信息科技人才。

習主席深刻指出,沒有網絡安全就沒有國家安全。數字化時代,網絡空間已滲透到政治、經濟、軍事、文化等各個領域,具備軍民一體的天然屬性,是新時代軍民融合發展的重要方面。當前,我國正向網絡強國邁進,打造軍民融合的網絡長城,既是建設網絡強國和信息化軍隊的基本製度設計,也是推動軍民融合深度發展的重要驅動力量。新形勢下,積極推動網絡安全軍民融合深度發展,亟須破解體制性障礙、結構性矛盾、政策性問題,不斷提高融合水平、提升聯合防護能力。

網絡安全事關國家整體安全,需軍地走開全面融合之路

信息化時代,網絡空間安全已經成為國家戰略新的製高點。去年全球爆發的“永恆之藍”勒索病毒、烏克蘭電網遭攻擊、美國大選“郵件門”等事件表明,網絡安全事關國家安全、社會穩定和戰爭勝敗。網絡安全的較量已上升為國家層面的對抗,超出軍地各自管理控制的範疇,需要依靠軍地一體合力集中統管才有可能管得住、管得好。

網絡安全事關國家利益。由於網絡觸角延伸到經濟、社會、文化等各個領域,其安全必將影響到經濟安全、社會安全、文化安全、信息安全等。 2017年5月,“永恆之藍”勒索病毒席捲150多個國家和地區,包括政府、銀行、通信公司、能源企業等重要部門機構基礎設施陷入癱瘓,在全球引起軒然大波。早前,沙特的基礎設施遭網絡攻擊,僅僅數分鐘內,計算機硬盤就被破壞,所有數據被清空,攻擊者還試圖引發爆炸,如果得逞無疑會造成十分嚴重的後果。

網絡安全事關戰爭勝負。信息化戰爭中,網絡空間已成為新維戰場空間。當前,美國、英國、日本等都已建立網絡作戰部隊,並大力研發各種網絡武器。伊拉克戰爭中,美軍首先摧毀了伊軍非常關鍵的5個指揮與雷達設施,並使用電子乾擾等方式牢牢掌握信息優勢,使伊軍又盲又聾,防禦體系迅速癱瘓。隨著戰爭形態的加速演變,信息優勢爭奪日益成為戰爭勝負的核心內容,網絡空間作為信息控制的“主戰場”,日益成為戰爭博弈的製高點。

網絡安全軍民一體是世界普遍做法。當前,世界很多國家都將軍民一體看作是提升網絡空間安全的重要途徑。例如,美國就將網絡安全作為國家安全的重點,白宮和五角大樓指定波音、洛克希德·馬丁等公司為網絡安全國家隊,指定微軟、英特爾、思科、蘋果、谷歌等信息技術巨頭為網絡安全的專業隊,指定賽門鐵克、邁克菲等網絡安全防護企業為網絡安全的特種隊。在以色列,許多以軍網絡安全部隊的軍人退役後,成為地方高科技企業的精英,並創辦多家網絡安全公司。這些公司回過頭來與以軍在網絡安全領域展開全方位合作,提升以軍網絡防護能力的同時,推動整個網絡空間安全的發展。

網絡安全資源分散多元,需軍地強化頂層設計統籌

推動軍民融合發展是一個系統工程,要善於運用系統科學、系統思維、系統方法研究解決問題。目前,我國各類信息網絡系統高速發展,不同功能、類型的網絡安全設施陸續配套投入使用,網絡安全防護系統的總體框架基本建立。但網絡安全資源廣泛分佈於軍隊和地方,推動網絡安全軍民融合,提高協同防護能力需要強化頂層設計統籌,打破體制壁壘和部門利益,在國家層面統一整合、優化配置,促進技術、人才、資源等要素雙向流動轉化。

構建完善網絡安全組織領導體制。應加快建立軍地一體具有中國特色的網絡安全工作組織領導機構,確保層級清晰、分工協作。國家網絡安全領導機構的工作重點是加強網絡安全軍民融合的頂層設計和宏觀管控,制定發展戰略和規劃計劃,履行軍民融合中的統籌協調職能,負責國內網絡安全的防禦與應急反應,打擊網絡犯罪和網絡恐怖主義等;軍隊網絡安全主管機構側重於擬制軍隊網絡安全的整體規劃和建設,將可以實施軍民融合的領域納入國家網絡安全發展全局,做好與國家網絡安全發展規劃的相互銜接,明確軍地協調的相關流程和管理辦法,健全軍地定期會商、重要情況通報、重大行動協同等工作制度,形成網絡空間安全的聯防、聯管、聯控。

統籌軍地網絡安全建設規劃標準。以有效應對當前和未來一段時期網絡攻防手段為目標,科學制定軍民網絡安全建設總體框架,分類確立建設模式,明確近期和長遠建設目標,確定完成任務的配套措施。一是堅持統一標準。積極推動自主可控的安全操作系統、安全數據庫系統等網絡安全基礎產品的技術標準統一,關鍵時刻能實現各系統的全面融合,打造堅固可靠的網絡安全防線。二是堅持統一評估。加強網絡安全建設評估和網絡安全產品的技術風險評估,明確評估程序和環節,採取科學有效的評估方法,確保網絡建成后防得牢、控得住。

建立網絡安全軍地資源共享機制。實現軍地網絡安全資源共享,關鍵是建立軍地需求共提機制。應及時發布軍民兩用技術成果信息,實時對錶“戰場需缺”與“市場所有”,實現軍地雙方需求、技術、標準、產品等信息資源充分共享;加快構建軍地信息融合共享平台,拓展聯通渠道,規範互通標準,實現軍地信息資源充分互補共用;建立網絡安全准入制度,明確劃定保密等級範圍,軍隊業務主管部門與“民參軍”企業定期會商、信息通報、需求對接和協作攻研,防止民用網絡安全力量技術研發丟了目標、少了靶子,防護戰術失去對手、缺乏指向;建立網絡威脅信息互通機制,及時互通國內外網絡安全最新動態和重大事件通報,鼓勵民營企業與政府、軍隊實時共享網絡安全威脅信息,提高研究分析的專業性和實時響應能力。

網絡安全實質是人才的較量,需軍地樹牢聯合思想

網絡安全的本質是網絡對抗,實質是人才的競爭較量。無論是網絡安全分析、規劃、態勢研判、響應和處置,還是網絡防護硬件、軟件的研發,都需要大量的信息科技人才。為滿足軍地網絡安全人才巨大需求,需要牢固樹立聯合思想。

聯合培養人才。近年來,國家網絡安全人才培養取得重要進展,網絡空間安全被國務院學位委員會和教育部增設為一級學科,每年網絡空間安全領域畢業生近萬名。但與打造網絡強國和強軍興軍需求相比還存在較大差距,存在人才隊伍缺口較大、培養體係有待完善、實踐型人才儲備不足等問題。應積極探索軍隊、地方高校、科研院所和網絡安全企業開展人才聯合培養渠道,共建師資隊伍、共搭實驗場所、共設實習基地,實現課堂教學、實習實踐的有機結合,通過網絡安全訓練營、安全運維人才培養等,提升網絡安全從業人員的專業能力,完善快速化、規模化、實戰化的安全運維、分析響應、攻防滲透等網絡安全人才聯合培養機制。

聯合運用力量。應統籌軍地各種力量的運用,加強行動協同,建立較為完善的網絡安全聯防聯控機制。一方面,充分發揮地方網絡安全人才的作用,開放軍隊網絡安全頂層設計、核心技術研發、網絡安全整體建設等領域,以滿足軍隊網絡安全對人才的需求;另一方面,充分發揮軍隊網絡安全需求的助推器作用,利用軍方先進的網絡技術,測試核能、通信、交通、金融等國家關鍵基礎設施網絡的安全性,檢驗應急響應體系的有效性。

聯合研發技術。軍民協同創新是實現網絡防護技術創新突破的重要途徑。應圍繞發揮軍事需求對前沿創新的牽引帶動作用,聚力突破關鍵網絡技術,促進基礎平台軍民共享,大力推動軍民技術相互轉化;鼓勵高校、科研院所、軍工企業和優勢民營企業強強聯合,集中軍地人力、物力和財力,對關鍵芯片、核心器件、操作系統等領域集智攻關;探索軍民融合網絡安全裝備技術創新模式,研發新一代防火牆、入侵檢測、信息加密、信息隱藏、反竊聽等防護技術,共同培育自主化網絡安全產業生態鏈。

此外,由於網絡安全具有綜合性複雜性,還需軍地合力來強化法規政策保障。制定網絡安全軍民融合的法規體系、支撐網絡安全軍民融合的相關政策,以及網絡安全軍民融合重點保障領域的相關文件,確保網絡安全軍民融合的措施落地生根,形成軍地聯合支撐體系。

Chinese Military Review: From Army Information Construction to Construction of Information Army // 中國軍事評論:從軍隊信息建設到建設信息化軍隊

Chinese Military Review: From Army Information Construction to Construction of Information Army //

中國軍事評論:從軍隊信息建設到建設信息化軍隊

2006年04月20日 22:00

From the Army Information Construction to the Construction of Informatized Army——Opening the Eyes to See the New Military Revolution in the World

  Li Bingyan

  A few years ago, there was a curtain factory abroad that was on the verge of bankruptcy and turned to the consulting company. The consulting company only asked them to change the curtain factory to a shading technology factory, and the factory would survive.

  A name change has broadened the horizon of development; a concept change has opened up the mind shackles. Updating the concept is inseparable from the concept of renewal. In the new military revolution, we need to adopt new concepts in a timely manner to show new development ideas.

  Although the ongoing new military revolution still does not see the other side, it is clear that the change has entered a new stage.

  This new military revolution was triggered by a new technological revolution centered on information technology. In the 1990s, the revolutionary impact of information technology on the military mainly remained at the stage of “construction”, that is, information technology embedding, networking, networking, and integration within the framework of the mechanized military organization. Technology strengthens mechanization and enhances mechanization. The theoretical community often refers to this stage of change as a revolution in the military field, which is to promote the army.

Information construction. At that time, the digital division and the digital army to be built by the US Army were carried out within the structure of the original mechanized army. Later, the US military learned from the experience of informatization of some large enterprises and multinational corporations in the society and changed the way of thinking.

  In the past, military changes were first to change military technology, weapons and equipment, and finally to complete the transformation of the military organizational system to adapt to the new methods of warfare. The new military revolution, characterized by informatization, especially the post-launch army, should be reversed. The experience of the business community is also “first rationalization of organizational structure, re-automation, informationization.”

  Before the 1990s, the US business community carried out informatization construction, focusing only on improving work efficiency. Although effective, it still cannot be changed. Ford Motor Company has spent a lot of money on automation, and its office efficiency has improved significantly. For example, the financial department of the North American branch has reduced the number of employees from 500 to 400 after office automation. The company leaders think it is good. Later, they learned about Japan.

Mazda Motor Company did the same job and used only five people. In contrast, Ford’s leadership was shocked. After in-depth investigation, they found that Mazda started to adjust the organizational structure, first change the workflow, and then engage in office automation. Ford’s financial system, organizational structure or traditional model has caused a lot of useless work. Later, Ford Company optimized its structure, re-engineered its business processes, and started office automation on this basis. The company’s financial staff was compressed to a quarter.

  In the development of human society, there is a phenomenon of “path dependence”. After a social system is formed, it will continue to strengthen itself in the actual operation, so that people will not be able to get rid of the influence of the original ideas afterwards.

  In addition, the organizational structure does not change, it is difficult to make the right decision in information. Usually, people are standing in their own units and planning work in this department, forming a “professional syndrome.” The research informatization is first of all the informationization of the unit, beyond the scope of construction of the unit, the leadership vision will not be achieved. This has led to the emergence of new “isomorphic diseases” – large and complete, small and complete, you have me, can not be interconnected, interoperable, interoperable. In this regard, some people call it the “potato effect”: a sack of potatoes, all sprouting, each self-contained system, self-enclosed, and not connected. Building these systems may be reasonable from a local perspective, but it may not be scientific or irrational from the overall perspective of informatization.

  In the practice, the foreign military realized that if informationization is not detoured, it should start with rationalizing the system and adjusting the command system. Otherwise, all levels and departments are busy with informationization. It is likely that the faster and the more the action is now, the greater the losses will be caused once reworked in the future.

  The rationalization of the organizational structure, the consideration of informationization, or the rationalization of organizational structure and informationization, and the simultaneous development have become a new consensus on the new military revolution. After entering the 21st century, the US military proposed a military transformation, marking a new stage in military transformation. At this stage, information technology has shifted from a “construction” role to a “deconstruction” role. That is: instead of strengthening mechanization, it is reorganizing mechanization. As a result, the army’s informatization construction has turned to the construction of an information-based army; the changes in the military field have turned to real military changes.

  In the theoretical preparation stage of the US military, the future army that was designed was: the sensor army, the precision strike army, the dominant mobile army, and the logistics army. In the transition, after a new argument, the future goals of the US military reorganization are proposed: the full-dimensional battlefield perception army, the precision firepower strike army, the efficient command and control army, and the intelligent logistics support army.

  In 2005, Germany proposed the idea of ​​building a “new three armed forces”, namely: rapid reaction forces, standing combat troops, and logistics support forces.

  At the end of last year, the Russian General Staff Department completed the reform of the armed forces. The Russian military’s new round of structural reforms eliminated the arms, military regions and fleets and re-established three functional headquarters and three regional headquarters. The three functional commands are: Strategic Nuclear Power Command, Transportation Command, and Aerospace Defense Command. The three regional commands are: Western European Command, Central Asian Command and Far East Command.

  Generally speaking, although the structural changes of the military have their own characteristics, the common point is that they tend to be integrated and tend to be integrated, and the boundaries between the traditional arms and services are increasingly blurred. The informationized army is not just a technology, but a new structure that is linked to new technologies – ultimately, a structural decision function.

Original Mandarin Chinese:

從軍隊信息建設到建設信息化軍隊——放開眼界看世界新軍事變革

李炳彥

幾年前,國外有一家窗簾廠,瀕臨倒閉之際,求助於諮詢公司。諮詢公司只讓他們把窗簾廠改為遮光技術廠,這個廠子便活了起來。

一個名字改變,拓寬了發展視野;一個概念更換,撬開了心智枷鎖。更新觀念,離不開更新概念。在新軍事變革中,我們需要適時採用新的概念,來展現新的發展思路。

持續發生的新軍事變革雖然至今仍看不到彼岸,但清晰可見變革已經進入到一個新階段。

這場新軍事變革,是由以信息技術為核心的新技術革命引發的。上個世紀90年代,信息技術對軍隊的革命性影響,主要還停留於“建構”階段,即在機械化軍隊的組織結構框架內進行信息技術嵌入、建網、聯網、集成,實際上是用信息技術加強機械化、提昇機械化。理論界常把這一階段的變革,稱之為軍事領域裡的變革,是推動軍隊

信息化建設。當時,美陸軍要建設的數字化師、數字化軍,都是在原來機械化軍隊的結構內進行的。後來,美軍汲取社會上一些大企業、跨國公司進行信息化的經驗,改變了變革的思路。
以往的軍事變革,都是先變革軍事技術、武器裝備,最後完成軍事組織體制的變革,以適應新的作戰方式。而信息化為標誌的新軍事變革,特別是後發之軍,應當反過來進行。企業界的經驗也是“先組織結構合理化,再自動化、信息化”。

上個世紀90年代以前,美國企業界進行信息化建設,只著眼於提高工作效率,雖有成效,但還談不上變革。美福特汽車公司,曾花大筆金錢搞自動化,辦公效率明顯提高,如北美分公司的財務部,實現辦公自動化後,人員由原來的500人減少到400人,公司領導自認為不錯。後來,他們得知日本

馬自達汽車公司做同樣的工作,一共只用了5個人。兩者相對照,福特公司的領導大吃一驚。他們深入調查後發現,馬自達公司從調整組織結構入手,先改變工作流程,再搞辦公自動化。福特公司的財務制度、組織結構還是傳統模式,造成許多無用功。後來,福特公司經過優化結構,再造業務流程,在此基礎上搞辦公自動化,公司財務員工壓縮到了原來的四分之一。
人類社會在發展中,存在一種“路徑依賴”現象,即一個社會系統形成後,必將在實際運作中不斷自我強化,以致後來人們改進它的種種嘗試,都難以擺脫原有思路的影響。

另外,組織結構不改變,很難做出信息化的正確決策。通常,人們都是站在本單位、本部門謀劃工作,形成了一種“職業官能症”。研究信息化首先是本單位的信息化,超出本單位的建設範圍,領導視野就達不到了。致使出現新的“同構病”——大而全、小而全,你有我也有,不能互聯、互通、互操作。對此,有人稱之為“馬鈴薯效應”:一麻袋馬鈴薯,個個都發芽,個個自成小系統,自我封閉,互不相聯。建這些系統,從局部來看可能合理,但從信息化的全局看可能並不科學、不合理。

外軍在實踐中認識到:要想信息化不走彎路,還應從理順編制體制、調整指揮體系入手。否則,各級、各部門都忙著信息化,很可能現在動作愈快、投入愈多,將來一旦返工,造成的損失就愈大。

先組織結構合理化,在信息化,或者組織結構合理化與信息化一併考慮,同時進行,成了新軍事變革的一種新共識。進入21世紀後,美軍提出軍隊轉型,標誌著軍事變革進入了一個新階段。在這個階段,信息技術從“建構”作用,轉向“解構”作用。即:不是加強機械化,而是重組機械化。由此,軍隊信息化建設,轉向了建設信息化軍隊;軍事領域裡的變革,轉向真正的軍事變革。

美軍在理論準備階段,曾設計出的未來軍隊是:傳感器軍,精確打擊軍,主導機動軍,聚焦後勤軍。在轉型中,經過新的論證,提出美軍重組的未來目標:全維戰場感知軍,精確火力打擊軍,高效指揮控制軍,智能後勤保障軍。

德國於2005年,提出了建設“新三軍”設想,即:快速反應部隊,常備作戰部隊,後勤支援部隊。

去年底,俄軍總參謀部完成了關於武裝力量改革方案。俄軍新一輪結構改革方案,取消了軍兵種、軍區和艦隊,重新成立三個職能司令部和三個地區司令部。三個職能司令部是:戰略核力量司令部、運輸司令部、空天防禦司令部。三個地區司令部是:西歐司令部、中亞司令部和遠東司令部。

從總體上看,軍隊結構變革雖然各國都有自己的特色,但共同點是趨於綜合、趨於一體化,傳統的軍兵種之間的界限日益模糊。信息化軍隊不只是技術,重要的是與新技術相聯繫的新的結構方式——最終還是結構決定功能。

Original Referring url: http://mil.news.sina.com.cn/2006-04-20/

People’s Liberation Army must be brave enough to take responsibility for China’s “Cyberspace” Sovereignty // 人民解放軍必須勇敢地對中國的“網絡空間”主權負責

People’s Liberation Army must be brave enough to take responsibility for China’s “Cyberspace” Sovereignty //

人民解放軍必須勇敢地對中國的“網絡空間”主權負責

Original: “National Defense Reference”, No. 3, 2017

作者:安卫平 北部战区副参谋长

  The cyberspace was born in the military field. For example, the first computer, the APA network and the GPS navigation system all originated from the military. Today, cyberspace security has been closely related to national security, and the military has once again become the protagonist of maintaining national cyberspace security. Whether it is facing normalized network penetration or large-scale cyberattacks, it is urgent for the military to move from defending the “network camp gate” to guarding the “network country gate”, breaking through the traditional military mission and mission, breaking through the traditional war preparation mode. With a new network of national defense thinking, the founding of the network era of the country’s strong shield.

  From the “network camp door” to the “network country door”, the new era brings a new trend of military mission

  Cyberspace is not only related to the maintenance of national strategic interests, but also directly affects political, economic, cultural security and social development. It has also become the blood and link of modern battlefield joint operations. The Chinese military cannot be limited to maintaining the internal network security of the military camp. It must also actively adapt to the trend of the times and take the responsibility of the country that guards the “network country.” The strong army of the Internet is an important part of the construction of a network power. From the “network camp door” to the “network country door” is the inevitable trend of the development of the domestic and international situation in the information age.

  Guarding the “network country door” is forced by the cyberspace security situation. As the first major Internet country, China’s security situation is not optimistic, and strategic opponents have never stopped preparing for our network operations. The United States, Britain, France and other countries are actively preparing for cyberspace, giving military functions through cyberspace security legislation, developing cyber warfare forces, developing cyber warfare weapons and equipment, and advancing war to the “fifth space” of mankind, especially in China. In the historical process of the rise, the Western countries used the means of network technology and communication to implement uninterrupted harassment, subversion and cyberattacks under the leadership of the Cold War mentality and the containment subversion strategy, which seriously affected the security and social development of our country. China gradually became National security is at great risk for the hardest hit by cybersecurity threats, the test sites for virus attacks, and the destination of conscious penetration.

  In the coming period, as a new emerging country, China’s conflicts of interest with other parties will intensify. Strengthening the network defense strategy and strengthening the operational readiness of cyberspace are the inevitable ways to actively strive for the dominance and discourse power of cyberspace, and also the rise of China. The only way to go. As the main force of national security and stability, the military must adapt to the characteristics of cyberspace and become the backbone and main force to resist network intrusion and network subversion, and safeguard national security and social stability.

  Winning cyber warfare is the trend of new military revolution in the information age. As one of the most advanced productivity in the information age, network technology has made cyberspace warfare a dominant factor guiding the evolution of modern warfare and affecting the overall situation of war. In recent years, from the “seismic net” attack in Iran, the cyber warfare in the Russian-Georgian conflict, the large-scale obstruction of the Ukrainian power grid , and the cyberattack of the US military against IS, the huge role played by cyberspace in actual combat has gradually emerged, indicating that cyber warfare Has become an important style of future joint operations.

  The US military attaches great importance to the construction of cyberspace armaments, the establishment of the Cyberspace Command, the launch of cyberspace joint warfare, the extensive expansion of cyber warfare forces, the maintenance of its cyberspace hegemony, and the formation of cyberspace control capabilities as a “third offset strategy”. “Absolute advantage is the most important competitive content.

  Many countries in the world have followed suit, and the trend of militarization of cyberspace is obvious. The rigorous cyberspace military struggle situation requires the Chinese military to focus on the changes in the network battlefield space, adapt to the requirements of the information war era, and achieve the strong military goal of smashing and winning in cyberspace.

  Effective network warfare is an inherent need to accelerate the construction of a network powerhouse. In the process of China’s development from a network power to a network power, it is inseparable from the strong cyberspace military power as a guarantee. The international competition in cyberspace is a comprehensive game of the country’s comprehensive strength. Among them, the quality of network military capacity building is directly related to national security and stability, and it is the core element of the entire national security field.

  At present, the interests of countries in the world in the cyberspace are mutually infiltrated, and there is a situation in which you have me, I have you, cooperate with each other, and develop together. However, this kind of common development is not equal. The US and Western powers have taken advantage of the cyberspace dominance, and have already achieved certain network warfare advantages, which has made my network development and interests subject to people. How the military can fulfill its mission of defending the earth in the construction of a network-strength country, the premise is to form a network environment capable of curbing the crisis, controlling the opponent’s network attack and defense capabilities, and ensuring peaceful development.

  Therefore, the military needs to establish a deterrent strategic goal of effective warfare, form a strategic check and balance ability that can “destroy each other” with the enemy, thereby enhancing strategic competitiveness, ending cyberspace aggression, and ensuring the smooth advancement of the network power strategy.

  From “keeping the soil and being responsible” to “protecting the net and defending the country”, the new situation requires the military to undertake new tasks.

  The military is the main force and pillar of national security, and cyberspace is no exception. The National Security Law, which was enacted on July 1, 2015, stipulates: ” Citizens of the People’s Republic of China , all state organs and armed forces, political parties and people’s organizations, enterprises and institutions, and other social organizations have the responsibility to safeguard national security. And obligations.” The Cybersecurity Law, promulgated in November 2016, emphasizes the need to maintain cyberspace sovereignty and national security.

  On the basis of the laws of these two countries, on December 27, 2016, the “National Cyberspace Security Strategy” (hereinafter referred to as “Strategy”) was officially launched, providing overall guidance for creating a new pattern of network powers at a new starting point. Basically follow, clearly put forward nine strategic tasks, further embodying the mission of the military in the process of building a network power.

  With the national mission of protecting the network, the military must be a strong pillar to defend the cyberspace sovereignty. The first of the nine strategic tasks listed in the “Strategy” is “firmly defending the cyberspace sovereignty” and clearly proposes to “take all measures including economic, administrative, scientific, technological, legal, diplomatic, military, etc., and unswervingly maintain our network.” Space sovereignty.” It can be seen that the military must assume the military mission of using physical space and defend the national mission of the sovereign security and interests of virtual cyberspace.

  Cyberspace sovereignty is the core interest of the state and an important component of national sovereignty. It indicates the independence, equal, self-defense and management rights of the state in cyberspace. A once hostile forces violated my cyberspace sovereignty is tantamount to a violation of national sovereignty physical space of my land, sea and so on, China will have the right to take all measures, including military means, including giving resolutely fight back.

  Internationally, the United States has long proposed a cyberspace deterrence strategy, declaring that attacks on US network information facilities are equivalent to war acts, and the United States will take military strikes to retaliate. Military means is a means of safeguarding national sovereignty and plays a vital role in safeguarding national cyberspace security. Therefore, the military, air, sea and air military forces have been given the historical mission of protecting the cyberspace sovereignty. They must rely on the powerful physical space to defend the national interests of cyberspace and effectively deter the hostile forces from cyber-damaging attempts.

  In accordance with the era of the Internet, the military must be the ballast stone to defend national security. The second item of the “Strategy” mission emphasizes the need to resolutely safeguard national security, prevent, deter and punish any use of the Internet for treason, secession, sedition, subversion or incitement to subvert the people’s democratic dictatorship.

  In the era of information network, the military of all countries in the world has become an important participant in cyberspace. The level of cyberspace capability has become the main indicator for assessing the modernization of a country’s military. It is one of the main duties of the informationized military to carry out cyberspace missions and maintain national security.

  Judging from the historical process of China’s development, it is necessary to be highly vigilant against the danger of the country being invaded, subverted, and divided in cyberspace in order to adapt to the national security strategy needs of building a well-off society in an all-round way. Highly alert to the reform caused by cyberspace. The danger of developing the overall situation is destroyed, and we are highly wary of the danger of interference and destruction in the development of socialism with Chinese characteristics.

  Preventing problems before they occur requires the state to have the means to cope with and deal with these dangers, and to have the powerful force to prevent, stop and legally punish cyberspace violations. Defending the country has always been an unshirkable historical responsibility of the military. The inherent mission and mission have determined that the Chinese military must assume the role of taking various measures in the cyberspace to safeguard the country’s political, economic, cultural security and social stability.

  The strategic mission of both offensive and defensive, the military must be a strong backing to enhance the ability of cyberspace protection. The third and eighth items of the Nine Major Tasks in the Strategy clearly state that all necessary measures must be taken to protect critical information infrastructure and its important data from attack and destruction, and that technology and management should be adhered to, protected and shocked; We will build a network space protection force that is commensurate with China’s international status and compatible with the network powers. We will vigorously develop network security defense methods, timely discover and resist network intrusion, and build a strong backing for national security. Among all the political, diplomatic, military, and scientific and technological capabilities of the country to maintain security, military power has always been the foundation and support for all capabilities, the fundamental guarantee for all capabilities, and the ultimate support for national security.

  Therefore, the military must undertake the strategic task of strengthening the national cyberspace protection capability. In the real society, the military is the reassurance of safeguarding national security. In the cyberspace, it should also become the security dependence and guarantee of the people. As an important part of the national cyberspace protection capability, the military must achieve both offensive and defensive capabilities, and the ability to resolutely safeguard the interests and security of the country and the people in cyberspace, and effectively eliminate the various crises caused by cybersecurity threats. The turbulence of thoughts enables the people to truly feel that production and life are effectively protected and become the confidence of the people of the whole country in their confidence in the national network protection capabilities.

  The global responsibility of UNPROFOR, the military must be an important support for maintaining global cybersecurity. The last item of the “Strategy” mission clearly proposes to strengthen international cooperation in cyberspace, support the United Nations in playing a leading role, promote the development of universally accepted international rules on cyberspace, international anti-terrorism conventions on cyberspace, and improve the judicial assistance mechanism for combating cybercrime, deepening International cooperation in the areas of policy law, technological innovation, standardization, emergency response, and protection of key information infrastructure.

  Cyber ​​terrorism and cybercrime are new forms of global threat catalyzed by information network fermentation. They pose a huge threat to the political, economic, military and cultural security of all countries in the world. It is not enough to rely solely on the power of the government and the people. Western countries have given the military the responsibility to protect cybersecurity and the power to fight cyber terrorism. Maintaining the security and stability of global cyberspace is in the fundamental interests of China and the rest of the world. The military should become an important defender of global cyberspace security and an important force in combating global cyber terrorism and cybercrime.

  The globalization and unbounded nature of the Internet determine the international demand for combating cyber terrorism and transnational cybercrime. The military should promote military cooperation between countries in the framework of the UN Security Council and use the strategies and technologies of the Internet era to establish joint defense and joint defense. Mechanism to effectively safeguard the security of the national and world cyberspace.

  From “field training” to “network preparation”, new areas require new preparations for the military

  Under the new historical situation, cyberspace puts forward new requirements for the military training and preparation mode. It should adapt to the new characteristics of cyberspace and the new mission of the military to carry out innovative reforms on the traditional model, strengthen the country’s military objectives, and strengthen macro-coordination. Focusing on the legal needs of cyberspace military operations, it closely follows the natural attributes of cyberspace “military and civilian integration”, builds a network security attack and defense system that combines peacetime and warfare, and builds a network defense force of “military and land use”.

  Legislation empowerment provides a legal basis for the military to carry out its functional mission. The countries of the world, especially the western developed countries, attach great importance to the issue of network defense in cyber security legislation. The United States has successively issued a series of policies and regulations such as “National Security No. 16 Presidential Decree”, “Network Space Action Strategy”, and has continuously deepened and standardized on how to protect national network security in the field of network defense.

  At present, it is necessary to clarify the duties and responsibilities of the cyberspace military from the legal level. It should be based on the National Security Law and the Cyber ​​Security Law, and introduce the network defense law and related cyberspace military operational regulations, for the construction of the network defense field and military. The action provides regulatory support and a program of action to make the military’s responsibilities and mission in cyberspace more specific and specific.

  First, further define the network sovereignty and network frontier through the network defense legislation, and clearly define the scope of the military.

  The second is to establish the operational authority of the military to defend the national cyberspace security through the construction of cyber warfare laws and regulations, and to distinguish military means against network intrusion and network destruction. Third, through the cyberspace international cooperation policy, the military will coordinate with other countries and civilian forces to combat international cyber terrorism and cybercrime.

  The integration of military and civilian provides an innovative driving force for the construction of a network powerhouse. The integration of military and civilian is the main method for the world power to enhance the competitiveness of cyberspace. For the construction of China’s network powerhouse, building a military-civilian network security attack and defense system and developing a military-land dual-use defense information infrastructure is to inspire the innovation of military cyberspace combat capability. Source.

  The first is to coordinate the military, civilian, and functional departments of the state, the military, and various levels of government, set up special command and coordination agencies, mobilize all national network forces, and build a network security attack and defense system that combines “military and civilian integration” and “peace and war.”

  The second is to issue guidance on the in-depth development of cyber security military-civilian integration as soon as possible, and gradually carry out basic legal research and demonstration of military-civilian integration to guide the development of medium- and long-term military-civil integration.

  Third, relying on the country’s existing public mobile communication network, optical fiber communication network and satellite system, the military and civilians will build an information infrastructure covering the entire army of the whole country, and realize the unified construction and sharing of military and civilian.

  The fourth is to establish an emergency response mechanism for military-civilian joints, increase the ability to train military authorities to control events, strengthen experts and emergency professional strength, and enhance the ability to quickly recover damaged networks or information systems.

  Military-civilian joint training provides a practical environment for the generation of cyberspace military capabilities. The military-civilian sharing characteristics of cyberspace make military-civilian joint training an important means of military training in cyberspace around the world. The cyberspace joint military and civilian exercises in the United States and NATO countries have formed a series of series. The “Network Storm” and “Network Guardian” drills have attracted the participation of governments, enterprises, research institutions and even civilian hackers. Our military cyberspace military strength training also needs to attract a wide range of civil forces to participate.

  First, do a good job in military-government cooperation, establish a military-civilian joint offensive and defensive drill mechanism, learn from the red-blue confrontation training methods in the cyber war drills of developed countries such as the United States, actively build a “national network shooting range”, plan a series of joint exercises of the government and non-government organizations, and enhance the integration of the military and the people. The level of attack and defense of the network of the government and the people.

  The second is to do a good job in military-enterprise cooperation, relying on net-based enterprises to set up a training field on the Internet, to promote the ability of attack and defense between the military and civilians, and jointly improve the ability to prevent unknown risks.

  The third is to organize private network security companies and hacker talents, carry out network security competitions and other activities, and mutually verify each other to jointly improve the level of network security protection technology and tactics.

  The network reserve service provides a source of strength for building a powerful network army. As a backup supplement to the national defense force, the reserve has both military and civilian characteristics and is a powerful measure to realize the organic unification of the development of cyberspace economy and national defense.

  First, it is led by the national security department, and overall planning is carried out according to national interests. A series of laws and regulations conducive to the construction of the network national defense reserve are introduced, and the main division of labor, promotion strategy, interest coordination, etc. of the military and civilian construction in the network defense reserve construction are solved from the top level. problem.

  The second is to innovate the reserve organization and comprehensive coordination mechanism, and plan to integrate the reserve construction into all levels and fields of national network information development.

  The third is to focus on the reform of the military and local management models. Based on the management mechanisms of the provincial and municipal governments, the military, and local enterprises and institutions, the network will establish a network of national defense reserve personnel to jointly cultivate and use the mechanism, improve the national emergency mobilization mechanism, and establish a national network defense special talent. The database will include the construction of network militia and reserve forces into the scope of mobilization of the people’s armed forces. In normal times, they will be incorporated into the militia emergency detachment for training. In an emergency, they will select the elite personnel to participate in the non-war military operations missions, and will be recruited and used as needed during wartime. To transform the national defense potential into national defense strength. 

Original Mandarin Chinese:

原題:從守衛“網絡營門”走向守衛“網絡國門”

作者:安衛平北部戰區副參長

原載:“國防參考”2017年年第3期

網絡空間誕生於軍事領域,如首台計算機,阿帕網和GPS導航系統等都源於軍方,時至今日,網絡空間安全已與國家安全息息相關,軍隊又再次成為維護國家網絡空間安全的主角,無論是面對常態化的網絡滲透,還是大規模的網絡攻擊,都迫切需要軍隊從守衛“網絡營門”走向守衛“網絡國門”,突破傳統的軍隊使命任務,突破傳統的應戰備戰模式,以全新的網絡國防思維,鑄造網絡時代國之堅盾。

從“網絡營門”到“網絡國門”,新時代帶來軍隊使命新趨勢

網絡空間不僅事關國家戰略利益維護,直接影響政治,經濟,文化安全和社會發展,也成為現代戰場聯合作戰的血脈和紐帶。中國軍隊不能局限於維護軍營內部網絡安全,更要主動適應時代趨勢,勇於承擔把守“網絡國門”的國家擔當。網絡強軍是網絡強國建設的重要一環,從“網絡營門”走向“網絡國門”是信息時代國內外形勢發展的必然趨勢。

守衛“網絡國門”是網絡空間安全形勢所迫。中國作為第一網絡大國,安全狀況不容樂觀,戰略對手從未停止對我網絡作戰準備。美,英,法等國積極備戰網絡空間,通過網絡空間安全立法賦予軍隊職能,發展網絡戰部隊,研發網絡戰武器裝備,將戰爭推進到了人類的“第五空間”,特別是在中國日益強大崛起的歷史進程中,西方國家在冷戰思維和遏制顛覆戰略的主導下,利用網絡技術手段和傳播方式實施不間斷的騷擾,顛覆和網絡攻擊行動,嚴重影響我國家安全與社會發展,中國逐漸成為網絡安全威脅的重災區,病毒攻擊的試驗場,意識滲透的目的地,國家安全面臨著巨大風險。

未來一段時期內,中國作為新興大國,與各方利益衝突還將加劇,堅定推進網絡國防戰略,加強網絡空間的作戰準備,是積極爭取網絡空間的主導權和話語權的必然途徑,也是中國崛起的必由之路。軍隊作為國家安全穩定的主要力量,必須適應網絡空間特點要求,成為抗擊網絡入侵,網絡顛覆的中堅和主力,維護國家安全和社會穩定。

打贏網絡戰爭是信息時代新軍事變革所趨。網絡技術作為信息時代最先進生產力之一,使得網絡空間作戰成為引導現代戰爭形態演變的主導因素,影響著戰爭全局。近年來,從伊朗“震網“攻擊,俄格衝突網絡戰,烏克蘭電網遭大規模阻癱以及美軍對IS的網絡攻擊,網絡空間在實戰中所展現出的巨大作用逐漸顯現,預示著網絡作戰已成為未來聯合作戰重要樣式。

美軍高度重視網絡空間軍備建設,成立網絡空間司令部,推出網絡空間聯合作戰條令,大幅度擴編網絡戰部隊,極力維護其在網絡空間霸權,把對網絡空間控制能力作為形成“第三次抵消戰略“絕對優勢最重要的競爭內容。

世界多國紛紛跟進,網絡空間軍事化趨勢明顯。嚴峻的網絡空間軍事鬥爭形勢要求中國軍隊著眼網絡戰場空間變化,適應信息化戰爭時代要求,實現在網絡空間能打仗,打勝仗的強軍目標。

有效網絡懾戰是加速網絡強國建設內在所需。在中國由網絡大國向網絡強國發展過程中,離不開強大的網絡空間軍事力量作為保障。網絡空間國際競爭表現為國家綜合實力的全面博弈,其中,網絡軍事能力建設的好壞,直接關係到國家安全與穩定,牽一發而動全身,是整個國家安全領域的核心要素。

當前,世界各國在網絡空間的利益互相滲透,出現“你中有我,我中有你,互相合作,共同發展”的局面。但是這種共同發展是不對等的,美國及西方強國利用網絡空間主導權,已經取得了一定的網絡懾戰優勢,使我網絡發展及利益受制於人。軍隊如何在網絡強國建設中完成守土有責的使命重托,前提就是要形成能夠遏制危機,懾控對手的網絡攻防能力,確保和平發展的網絡環境。

因此,軍隊需要確立有效懾戰的威懾戰略目標,形成能與敵“相互摧毀”的戰略制衡能力,從而增強戰略競爭力,懾止網絡空間侵略,保障網絡強國戰略順利推進。

從“守土有責”到“護網衛國”,新形勢要求軍隊承擔新任務

軍隊是保衛國家安全的主力和柱石,網絡空間也不例外2015年7月1日施行的“國家安全法”規定:“中華人民共和國公民,一切國家機關和武裝力量,各政黨和各人民團體,企業事業組織和其他社會組織,都有維護國家安全的責任和義務。“2016年11月頒布的”網絡安全法“強調了要維護網絡空間主權和國家安全。

在這兩個國家法律的基礎上,2016年12月27日,“國家網絡空間安全戰略”(下文簡稱“戰略”)正式出台,為在新的起點上開創網絡強國新格局提供了總體指導和基本遵循,明確提出了九大戰略任務,進一步體現了軍隊在建設網絡強國進程中的使命任務。

全力護網的國家使命,軍隊要做捍衛網絡空間主權的堅強柱石。“戰略”中列出的九大戰略任務首項就是“堅定捍衛網絡空間主權”,明確提出要“採取包括經濟,行政,科技,法律,外交,軍事等一切措施,堅定不移地維護我國網絡空間主權“。可見,軍隊須承擔起運用實體空間的軍事手段,保衛虛擬網絡空間主權安全和利益的國家使命。

網絡空間主權是國家的核心利益,是國家主權的重要組成,表明國家在網絡空間所擁有的獨立權,平等權,自衛權和管理權。一旦敵對勢力侵犯了我網絡空間主權,就等同於侵犯了我陸海空等實體空間的國家主權,中國將有權利採取包括軍事手段在內的一切措施給予堅決回擊。

在國際上,美國早就提出網絡空間威懾戰略,宣告對美國網絡信息設施的攻擊等同於戰爭行為,美國會採取軍事打擊措施進行報復。軍事手段是維護國家主權的保底手段,在維護國家網絡空間安全中發揮著至關重要的作用。因此,陸海空天軍事力量理所應當地被賦予了保護網絡空間主權的歷史使命,必須憑藉強大的實體空間武力保衛網絡空間的國家利益,有力震懾敵對勢力的網絡破壞企圖。

依網衛國的時代擔當,軍隊要做保衛國家安全的壓艙石。“戰略”任務的第二項著力強調要堅決維護國家安全,防範,制止和依法懲治任何利用網絡進行叛國,分裂國家,煽動叛亂,顛覆或者煽動顛覆人民民主專政政權的行為。

信息網絡時代,世界各國軍隊都已經成為網絡空間重要參與者,網絡空間能力水平成為評估一個國家軍隊現代化程度的主要指標,遂行網絡空間使命任務,維護國家安全成為信息化軍隊的主要職責之一。

從中國發展所處的歷史進程來看,要適應全面建成小康社會決勝階段的國家安全戰略需求,必須高度警惕國家在網絡空間被侵略,被顛覆,被分裂的危險,高度警惕由網絡空間引發改革發展大局被破壞的危險,高度警惕中國特色社會主義發展進程被干擾,破壞的危險。

防患於未然,要求國家必須具有應對和處置這些危險的手段措施,具有防範,制止和依法懲治網絡空間違法破壞行為的強大力量。保衛國家歷來是軍隊不可推卸的歷史責任,固有的使命任務決定了中國軍隊必須承擔起在網絡空間採取各種措施,維護國家政治,經濟,文化安全和社會穩定的時代擔當。

攻防兼備的戰略任務,軍隊要做提升網絡空間防護能力的堅強後盾。“戰略”中九大任務的第三項和第八項明確提出,要採取一切必要措施保護關鍵信息基礎設施及其重要數據不受攻擊破壞,要堅持技術和管理並重,保護和震懾並舉;要建設與我國國際地位相稱,與網絡強國相適應的網絡空間防護力量,大力發展網絡安全防禦手段,及時發現和抵禦網絡入侵,鑄造維護國家網絡安全的堅強後盾。在國家所有維護安全的政治,外交,軍事,科技能力中,軍事力量歷來是所有能力的基礎和支撐,是所有能力的根本保障,是國家安全的最終依托。

因此,軍隊必須承擔起提升國家網絡空間防護能力堅強後盾的戰略任務。現實社會中,軍隊是維護國家安全的定心丸,在網絡空間也同樣應成為人民群眾的安全依賴和保障。軍隊作為國家網絡空間防護能力生成的重要一環,必須做到攻防兼備,懾戰一體,有能力堅決維護國家和人民在網絡空間的利益和安全,能夠有效消除網絡安全威脅造成的各種危機和思想動盪,使人民能夠切實感受到生產生活得到有效保護,成為全國人民對國家網絡防護能力充滿信心的底氣所在。

聯防聯治的全球責任,軍隊要做維護全球網絡安全的重要支撐。“戰略”任務最後一項明確提出要強化網絡空間國際合作,支持聯合國發揮主導作用,推動制定各方普遍接受的網絡空間國際規則,網絡空間國際反恐公約,健全打擊網絡犯罪司法協助機制,深化在政策法律,技術創新,標準規範,應急響應,關鍵信息基礎設施保護等領域的國際合作。

網絡恐怖主義和網絡犯罪是經過信息網絡發酵催化出的全球威脅新形態,對世界上所有國家的政治,經濟,軍事,文化安全都構成巨大威脅,僅僅依靠政府和民間的力量是不夠的,美國等西方國家紛紛賦予軍隊保護網絡安全的職責和打擊網絡恐怖主義的權限。維護全球網絡空間安全與穩定符合中國以及世界各國的根本利益,軍隊應成為全球網絡空間安全的重要維護者,成為打擊全球網絡恐怖主義和網絡犯罪的重要力量。

網絡的全球化,無界性決定了打擊網絡恐怖主義和跨國網絡犯罪的國際需求,軍隊應在聯合國安理會的框架下,推進國家間網絡治理軍事合作,利用網絡時代的戰略和技術,建立聯防聯治機制,切實維護國家和世界網絡空間安全。

從“沙場練兵”到“網絡備戰”,新領域需要軍隊備戰新舉措

在新的歷史形勢下,網絡空間對軍隊練兵備戰模式提出了全新的要求,應適應網絡空間新特點和軍隊新使命對傳統模式進行創新改革,以強國強軍目標為統攬,加強宏觀統籌,著眼網絡空間軍事行動的法理需求,緊扣網絡空間“軍民一體”的天然屬性,建設“平戰結合”的網絡安全攻防體系,打造“軍地兩用”的網絡國防力量。

立法賦權,為軍隊遂行職能使命提供法理依據。世界各國尤其是西方發達國家在網絡安全立法上高度重視網絡國防問題。美國先後出台了“國家安全第16號總統令”,“網絡空間行動戰略”等一系列政策法規,對如何在網絡國防領域保護國家網絡安全進行了不斷的深化規範。

當前,從法律層面釐清網絡空間軍隊的職責任務非常必要,應以“國家安全法”,“網絡安全法”為依據,出台網絡國防法和有關網絡空間軍事作戰條令法規,為網絡國防領域建設和軍事行動提供法規支撐和行動綱領,使軍隊在網絡空間的職責和使命更加明確具體。

一是通過網絡國防立法進一步界定網絡主權和網絡邊疆,清晰軍隊的職責範圍。

二是通過網絡作戰法規建設,明確軍隊遂行保衛國家網絡空間安全的行動權限,區分應對網絡入侵,網絡破壞等行為的軍事手段。三是通過網絡空間國際合作政策,明確軍隊協同他國,民間力量等打擊國際網絡恐怖主義,網絡犯罪的職能任務。

軍民融合,為網絡強國建設提供創新動力。軍民融合是世界強國提升網絡空間競爭力的主要做法,對於中國網絡強國建設來說,構建軍民融合網絡安全攻防體系,開發軍地兩用的國防信息基礎設施,是激發軍隊網絡空間作戰能力創新的源泉。

一是統籌國家,軍隊和各級政府等軍民融合職能部門,設置專門的指揮協調機構,調動一切國家網絡力量,建設“軍民一體”,“平戰結合”的網絡安全攻防體系。

二是盡快出台網絡安全軍民融合深度發展指導性意見,逐步展開軍民融合基本法律研究論證,指導中長期軍民融合發展。

三是依托國家現有公共移動通信網,光纖通信網及衛星系統,軍民共建覆蓋全國全軍的信息基礎設施,實現軍民統建,分管共享。

四是建立軍民聯合的應急響應機制,加大培訓軍地主管部門控制事態的能力,加強專家和應急專業力量,提升快速恢復受損網絡或信息系統的能力。

軍民聯訓,為網絡空間軍事能力生成提供實戰化環境。網絡空間的軍民共用特性使得軍民聯訓成為世界各國網絡空間軍事演訓的重要方式。美國及北約等國家的網絡空間軍民聯合演習已經形成系列化,“網絡風暴”,“網絡衛士”等演練活動吸引了政府,企業,研究機構甚至民間黑客的廣泛參與。我軍網絡空間軍事力量訓練也需要廣泛吸引民間力量參與。

一是搞好軍政合作,建立軍民聯合攻防演練機制,借鑒美國等發達國家網絡戰演練中的紅藍對抗訓練方法,積極建設“國家網絡靶場”,策劃政府,民間機構系列聯合演習,提升軍民一體,官民一體的網絡攻防水平。

二是搞好軍企協作,在互聯網上依靠網信企業設置演練場區,促進軍民之間攻防能力磨合,共同提高防範未知風險能力。

三是著眼軍隊和地方兩頭管理模式改革,以各省市政府,軍隊和地方企事業單位的管理機制為依托,建立網絡國防預備役人才聯合培養使用機制,完善國家應急動員機制,建立國家網絡防禦專用人才數據庫,將網絡民兵和預備役部隊建設納入人民武裝動員的範圍,平時按規定編入民兵應急分隊進行訓練,急時挑選精幹人員隨隊參加遂行非戰爭軍事行動任務,戰時按需要成建制徵召使用,使國防潛力轉變為國防實力。

Original referring url:  http://mil.huanqiu.com/strategysituation/2017-04/

The most comprehensive Chinese cyber attack simulation tool inventory in history // 史上最全面的中國網絡攻擊模擬工具庫存

The most comprehensive Chinese cyber attack simulation tool inventory in history //

史上最全面的中國網絡攻擊模擬工具庫存

Lead: Simulated attacks provide a way to test the network’s ability to recover from advanced attacks, but in a simulated attack environment, all tests are automatically run by the system. If this is a true “attack,” the system will not run these attacks with simulated features. Still, “attack simulation” can help you verify your security tools.

The most comprehensive attack simulation tool inventory in history

Every once in a while, the security industry will have a new buzzword and introduce terms that sound cool and appealing. For example, the recent “adversary emulation” vocabulary, I translated it in this article as “attack simulation.” Let us first understand what it really means. Simulated attacks provide a way to test the network’s ability to recover from advanced attacks, but in a simulated attack environment, all tests are automatically run by the system. If this is a true “attack,” the system will not run these attacks with simulated features. Still, “attack simulation” can help you verify that your security tools are running as required, whether closed source or open source, to help run these simulation tests. In fact, MITRE has also developed an ATT&CK , ATT&CK is a curated knowledge base and model of cyberattack behavior, reflecting changes in the various stages of the attacker’s life cycle. ATT&CK is useful for understanding security risks against known attacks, planning for security improvements, and verifying that defenses work as expected. Most security tools seem to use this framework. Let’s take a look at the list of attack simulation tools.

The most comprehensive attack simulation tool inventory in history

Open source attack simulation tool

1.CALDERA: CALDERA provides an intelligent automated attack simulation system that reduces the resources required by security teams for routine testing, enabling them to solve other critical issues.

The most comprehensive attack simulation tool inventory in history

It can be used to test endpoint security solutions and assess the security posture of the network based on common attack techniques in the ATT&CK model. CALDERA uses the ATT&CK model to identify and simulate attack behavior, click here to download CADERERA .

2.Metta: Uber recently opened up this hostile simulation tool, which was generated by several internal projects. Metta uses Redis/Celery, Python and VirtualBox for hostile simulation so users can test host-based security systems. In addition, users can test other network-based security detection and control, but it depends on how it is set up. Metta is compatible with Microsoft Windows, MacOS and Linux endpoints, click here to download Uber Metta .

3. ATP Simulator: ATP Simulator is actually a set of Windows Batch scripts. Its main function is to simulate the activity of an attacker, not to simulate the activity of malware. ATP Simulator uses a set of tools and output files to make the system appear to be attacked. It can help you simulate a real attack environment in a more realistic way. Obviously, this is a Windows-only solution, click here to download ATP Simulator .

4. Red Team Automation: Recently, network security company Endgame has released the source code of Red Team Automation, a set of executables with 38 scripts and support to generate reliable components corresponding to the technology in the ATT&CK framework. To date, Red Team Automation offers 50 components supported by ATT&CK technology, and the number will increase in the future. I believe this tool provides very good endpoint detection and response (EDR) coverage.

The most comprehensive attack simulation tool inventory in history

Red Team Automation supports Microsoft Windows and is coded in python. It can also perform anti-forensics operations, maliciously propagate, bypass UAC (User Account Control), etc. Click here to download Red Team Automation .

5. Invoke -Adversary: Invoke-Adversary is a PowerShell script that evaluates security products and monitoring solutions based on the extent of APT attacks. Let’s just say that this tool is a newcomer in the field of attack simulation. Microsoft’s call attack is a PowerShell script. Inspired by the APT simulator, Invoke-Adversary has tested for persistent attacks, credential access, evasion detection, information collection, commands, and controls. Click here to download Invoke-Adversary .

6. Atomic Red Team: It is a new automated testing framework for security design. The Atomic Red Team was launched in 2017 and is an open source testing framework that tests users’ attack detection capabilities. It is called “atomic” because it can be used as a small component for small or large security teams to simulate the activities of a specific attacker.

The Atomic Red Team maps small, portable inspection tests to the Mitre ATT&CK framework, which is not automatic, but supports Microsoft Windows, MacOS and Linux styles. Click here to download Atomic Red Team .

7. Infection Monkey: Infection Monkey is a data center security detection tool released by Israeli security company GuardiCore at the 2016 Black Hat Conference. It is mainly used for automated detection of data center boundaries and internal server security. The tool is divided into Monkey (scanning and exploiting side) and C&C server (equivalent to reporter, but only for collecting information about monkey detection). Simply put, it is another open source vulnerability and attack simulation tool.

The most comprehensive attack simulation tool inventory in history

It is also coded in Python for Microsoft Windows and Linux systems. Click here to download Infection Monkey .

8. Blue Team Training Toolkit (BT3): This tool is a defensive security training software that takes your network analysis training courses, incident response drills and teamwork to the next level. This toolkit allows you to create realistic computer attack scenarios while reducing infrastructure costs, implementation time and risk.

The most comprehensive attack simulation tool inventory in history

It is written in Python and includes the latest versions of Encripto’s Maligno, Pcapteller and Mocksum. It also contains multiple malware indicator profiles, click here to download Blue Team Training Toolkit v2.6.

9. DumpsterFire : DumpsterFire is a modular, menu-driven, cross-platform Python tool for building custom, delayed distributed security events. Security personnel can use it to easily create custom event chains such as sensors or alert mappings, click here to download DumpsterFire v1.0.0 .

10. AutoTTP: Abbreviation for Automated Tactics Techniques & Procedures, AutoTTP based on the attack life cycle model . It uses a purely PowerShell and Python late exploit agent tool – Empire, click here to download AutoTTP .

The following open source tools are worth mentioning, but they are not technically an analog attack tool.

1. RedHunt operating system: The goal of the RedHunt operating system is to actively identify the attacks in the environment by integrating the attacker’s arsenal and the defender’s toolkit, thus becoming a one-stop security detection store that meets all your attack simulation and attack requirements. . The basic device is Lubuntu-17.10.1 x64. It contains the following tools for different purposes:

Attack Simulation: Caldera, Atomic Red Team, DumpsterFire, Metta, RTA, Nmap, CrackMapExec, Responder, Zap.

Recording and monitoring: Kolide Fleet, ELK (Elasticsearch, Logstash and Kibana) stack

Open Source Intelligence (OSINT): Maltego, Recon-ng, Datasploit, Thearvestor

Attack Information Analysis: Yeti, Harpoon

Click here to download RedHunt OS Beta v1

2. Invoke-ATTACKAPI : This is an open source PowerShell script that interacts with the MITRE ATT&CK framework through its own API to gather information about attack techniques, policies, etc. Click here to get this script.

Enterprise-class simulation attack tool

1. Cobalt Strike : Cobalt Strike is the commercial version of Armitage. Armitage is a Java-written Metasploit graphical interface attack software that can be used in conjunction with attacks known by Metasploit to automate attacks against existing vulnerabilities.

2. Israel’s network security company Cymulate : Cymulate is mainly for attack simulation of the following scenarios, such as simulated attack WAF, simulated attack mailbox, DLP attack test, SOC simulation test, mailbox test, ransomware test, Trojan, Payload penetration test, etc. . The main purpose of these tests is to improve the product, rich security awareness of employees, and the corresponding ability to detect and attack techniques to enhance. For example, the use of email and phishing attacks can count the number of users in the move.

3. Immunity Adversary Simulation : This platform allows you to build advanced permanent attack models from within the infrastructure and assess how the security team responds to live real attacks on the network.

4. SafeBreach: This software platform simulates attack violations throughout the kill chain without affecting users or infrastructure. Look here.

5. Network Security Startup SafeBreach : Founded in 2014, SafeBreach is headquartered in Delaware, USA, and is committed to revolutionizing the way the network security industry performs risk verification. The company provides users with a continuous security verification platform, using a centralized management system, combined with a complete hacking network method “script”, from the central location to manage the intrusion simulator of the distributed network, the simulator can play virtual hackers in the real world. The role, from the “hacker’s point of view” to actively demonstrate the cyber security risks of the enterprise. Users can verify their security control performance through this platform, analyze the impact of this attack on the company’s system and the effectiveness of the attack defense, so as to obtain sufficient time advantage to repair network risk vulnerabilities and improve the enterprise security operation and maintenance center. (SOC) Analyst responsiveness. In essence, this platform is to allow any enterprise to intuitively see how it will cope when it encounters a network attack in real life.

6. SimSpace ; SimSpace seems to be using Wormhole.

7. AttackIQ FireDrill : AttackIQ’s simulated attack platform, FireDrill, can launch simulated attacks against customers’ networks and test for flaws and vulnerabilities in defense systems.

8. Verodin Instrumented Security Platform : This platform proactively identifies configuration issues in the security stack and reveals the real difference between the attacker, the attack process, and the attack technology.

The above list does not include services such as MDSec’s ActiveBreach, Nk33, FusionX, Red Siege, Spectre Ops and TrustedSec, as they are implemented by real people.

Original Mandarin Chinese:

導語:模擬攻擊提供了一種用來測試網絡在應對高級攻擊時的恢復能力,不過在模擬攻擊環境下,所有測試均由系統自動運行如果這是一個真正的“攻擊”,系統將不會運行這些具有模擬特點的攻擊。儘管如此,“攻擊模擬”還是可以幫助你驗證你的安全工具

史上最全攻擊模擬工具盤點
每隔一段時間,安全行業就會出現一個新的熱門詞彙,並引入聽起來很酷以及吸引人們興趣的術語。比如最近出現的“adversary emulation”詞彙,我在本文將其翻譯為“攻擊模擬” 。首先讓我們先來了解它的真正含義,模擬攻擊提供了一種用來測試網絡在應對高級攻擊時的恢復能力,不過在模擬攻擊環境下,所有測試均由系統自動運行。如果這是一個真正的“攻擊”,系統將不會運行這些具有模擬特點的攻擊。儘管如此,“攻擊模擬”還是可以幫助你驗證你的安全工具是否按要求運行,無論是閉源還是開源,它都有助在運行這些模擬測試。事實上,MITER還開發了一種ATT&CK,ATT&CK是網絡攻擊行為的策劃知識庫和模型,反映了攻擊者生命週期的各個階段變化.ATT&CK對於理解針對已知攻擊行為的安全風險,規劃安全改進以及驗證防禦措施是否按預期工作很有用。大多數安全工具似乎都使用了這個框架。下面,就讓我們來看看攻擊模擬工具的列表。

史上最全攻擊模擬工具盤點
開源攻擊模擬工具

1.CALDERA:CALDERA提供了一個智能的自動化攻擊模擬系統,可以減少安全團隊進行常規測試所需的資源,使他們能夠解決其他關鍵問題。

史上最全攻擊模擬工具盤點
它可用於測試端點安全解決方案,並根據ATT&CK模型中常見的攻擊技術評估網絡的安全狀況.CALDERA利用ATT&CK模型來識別和模擬攻擊行為,點擊這裡下載CALDERA。

2.Metta:烏伯最近開源了這個敵對模擬工具,它是由多個內部項目產生的.Metta使用的Redis /芹菜,蟒和VirtualBox的進行敵對模擬,這樣用戶就可以測試基於主機的安全系統另外用戶還能測試其他基於網絡的安全檢測和控制,不過這具體取決於設置的方式.Metta與Microsoft Windows,MacOS和Linux端點兼容,點擊這裡下載Uber Metta。

3.ATP模擬器:ATP模擬器其實就是一套Windows Batch腳本集合,它的主要功能就是模擬攻擊者的活動,而並非模擬惡意軟件的活動.ATP Simulator會使用一組工具和輸出文件使系統看起來好像是被攻擊了。它可以幫助你以更真實的方式模擬真實的攻擊環境。顯然,這是一個僅限Windows的解決方案,點擊這裡下載ATP模擬器。

4.Red Team Automation:最近網絡安全公司Endgame公開了Red Team Automation的源代碼,它是一組有著38個腳本和支持的可執行文件,可生成與ATT&CK框架中的技術相對應的可靠組件。截至目前,紅隊自動化提供50種由ATT&CK技術支持的組件,將來數量還會增加。我相信,這個工具提供了非常好的端點檢測和響應(EDR)覆蓋。

史上最全攻擊模擬工具盤點
Red Team Automation支持Microsoft Windows,並且使用python進行編碼,另外它還可以執行反取證操作,進行惡意傳播,繞過UAC(用戶帳戶控制)等等,點擊這裡下載Red Team Automation。

5.Invoke-敵手:調用-敵手是一個基於APT攻擊程度,來評估安全產品和監控解決方案的PowerShell的腳本這麼說吧,該工具是攻擊模擬領域的新人,微軟的調用攻擊就是一種PowerShell的腳本。可能是受到了APT模擬器的啟發,截至目前,調用-敵手具有測試持久性攻擊,憑證訪問,逃避檢測,信息收集,命令和控制等功能,點擊這裡下載調用-敵手。

6.Atomic Red Team:它是針對安防設計的新型自動化測試框架,Atomic Red Team是在2017年推出的,是一個開源測試框架,可以測試用戶的攻擊檢測能力。之所以稱之為為“atomic(原子) )“,是因為它可以作為小型組件,方便小型或大型安全團隊使用,用來模擬特定攻擊者的活動。

Atomic Red Team會員小巧便攜的檢測測試映射到Mitre ATT&CK框架,該框架不是自動的,但支持Microsoft Windows,MacOS和Linux風格,點擊這裡下載Atomic Red Team。

7.感染猴子:感染猴子是一款由以色列安全公司GuardiCore在2016黑帽大會上發布的數據中心安全檢測工具,其主要用於數據中心邊界及內部服務器安全性的自動化檢測。該工具在架構上,則分為猴(掃描及漏洞利用端)以及C&C服務器(相當於記者,但僅僅只是用於收集猴探測的信息)。簡單說,它是另一個開源漏洞和攻擊模擬工具。

史上最全攻擊模擬工具盤點
它也用Python編碼,適用於Microsoft Windows和Linux系統,點擊這裡下載Infection Monkey。

8.藍隊培訓工具包(BT3):該工具是用於防禦性安全培訓的軟件,它將你的網絡分析培訓課程,事件響應演練和團隊合作提升到一個新的水平。該工具包允許你創建逼真的計算機攻擊場景,同時降低基礎架構成本,實施時間和風險。

史上最全攻擊模擬工具盤點
它是用Python編寫的,包括Encripto的Maligno,Pcapteller和Mocksum的最新版本。它還包含多個惡意軟件指示符配置文件,點擊這裡下載Blue Team Training Toolkit v2.6。

9.DumpsterFire:DumpsterFire是一個模塊化的,菜單驅動的跨平台Python工具,用於構建自定義的,延遲的分佈式安全事件。安全人員可以利用它輕鬆創建比如傳感器或警報映射(alert mapping)的自定義事件鏈,點擊這裡下載DumpsterFire v1.0.0。

10.AutoTTP:Automated Tactics Techniques&Procedures的縮寫,AutoTTP基於攻擊生命週期模型(攻擊生命週期模型)。它使用了一個純碎的PowerShell和Python後期漏洞利用代理工具–Empire,點擊這裡下載AutoTTP。

以下開源工具值得一提,不過它們在技術上不屬於模擬攻擊工具

1.RedHunt操作系統:RedHunt操作系統的目標是通過集成攻擊者的武庫以及防御者的工具包來積極識別環境中的攻擊,從而成為一站式安全檢測商店,滿足你的所有攻擊仿真和攻擊要求。基本設備是Lubuntu-17.10.1 x64。它包含以下用於不同目的的工具:

攻擊仿真:Caldera,Atomic Red Team,DumpsterFire,Metta,RTA,Nmap,CrackMapExec,Responder,Zap。

記錄和監測:Kolide Fleet,ELK(Elasticsearch,Logstash和Kibana)堆棧

開源智能(OSINT):Maltego,偵察-NG,Datasploit,Thearvestor

攻擊信息分析:Yeti,Harpoon

點此下載RedHunt OS Beta v1

2.Invoke-ATTACKAPI:這是一個開源的PowerShell腳本,通過自己的API與MITER ATT&CK框架進行交互,以收集有關攻擊技術,策略等信息,點擊這裡獲取這個腳本。

企業級模擬攻擊工具

1.Cobalt Strike:Cobalt Strike是Armitage商業版,Armitage是一款Java寫的Metasploit圖形界面的攻擊軟件,可以用它結合Metasploit已知的攻擊來針對存在的漏洞自動化攻擊。

2.以色列的網絡安全公司Cymulate:Cymulate主要是針對以下場景進行攻擊模擬,例如模擬攻擊WAF,模擬攻擊郵箱,DLP攻擊測試,SOC模擬測試,郵箱測試,勒索軟件測試,木馬,有效載荷滲透攻擊測試等。這類測試的主要目的是完善產品,豐富員工的安全意識,以及相應的攻擊技術能力檢測和提升。舉個例子,利用郵箱以及可以統計釣魚攻擊有多少用戶中招。

3.Immunity Adversary Simulation:該平台允許你從基礎架構內建立高級永久性攻擊模型,並評估安全團隊如何應對網絡上活躍的真實攻擊。

看看該軟件平台模擬整個殺戮鏈中的攻擊違規方法,而不會影響用戶或基礎設施這裡:4.SafeBreach。

5.網絡安全初創公司SafeBreach:SafeBreach創立於2014年,總部位於美國特拉華州,致力於革新網絡安全行業風險驗證的方式。公司為用戶提供一個持續性安全驗證平台,採用集中管理系統,結合完整的黑客入侵網絡方法“劇本”,從中心位置管理分佈式網絡的入侵模擬器,模擬器能夠在現實世界中扮演虛擬黑客的角色,從“黑客的角度”主動展示企業存在的網絡安全風險。用戶可以通過這一平台驗證自己的安全控制性能,分析這種攻擊對於公司系統的影響力及攻擊防禦的有效性問題,從而獲得充足的時間優勢來修復網絡風險漏洞,並提高企業安全運維中心(SOC)分析師響應能力。實質上,這一平台就是可以讓任何企業直觀的看到在現實生活中遇到網絡攻擊時,自己將如何應對。

6.SimSpace; SimSpace似乎在使用蟲洞。

7.AttackIQ FireDrill:AttackIQ的模擬攻擊平台FireDrill可以針對客戶的網絡展開模擬攻擊,測試防禦系統的缺陷和漏洞。

8.Verodin儀表化的安全平台:該平台會主動識別安全堆棧中的配置問題,並揭示攻擊者,攻擊流程和攻擊技術之間的真實區別。

以上列表不包括諸如MDSec的ActiveBreach,Nk33,FusionX,Red Siege,Spectre Ops和TrustedSec等服務,因為它們是由真人實施的。

Original Referring url: http://www.4hou.com/web/11241.html

Chinese Military Information Warfare: The First Game of Modern Warfare // 中國軍事信息戰:現代戰爭的第一場戰爭

Chinese Military Information Warfare: The First Game of Modern Warfare //

中國軍事信息戰:現代戰爭的第一場戰爭

  The transformation of the characteristics of war is always motivated by the advancement of science and technology. If “information-led” is the characteristic of the era of today’s war, then the essence of this feature is “the dominance of information technology.” Information warfare is a new combat force that is fostered and fueled by information technology innovation.

Information warfare is the new quality of combat power

三、衛星在現代戰爭中扮演的角色為何? 四、資訊戰有哪兩種主要模式?

“knowing one’s own confidant, no wars, no war” has always been the only rule of war victory, it actually embodies the important role of “information” in the war. Since ancient times, the military has always been pursuing the dispelling of “the fog of war”, reducing the probabilistic nature of the war, and taking the lead. At the same time, it hopes to quickly gather the fighting energy with accurate and timely information to make the enemy win the enemy. Nowadays, the heroic pace of human innovation in information technology has driven the rapid development of society. The myth of “thousands of eyes and ears” has long been a reality. While the results of information technology innovation and development are fully utilized for war, they are also constantly promoting the transformation of the combat capability generation model.
The germination of information warfare can be traced back to the beginning of the last century. Shortly after the advent of the radio telegraph, Russian scientist Popov proposed the idea of ​​radio communication struggle in 1903. In the Japanese-Russian War that broke out in 1904, the two sides used radio communication for the first time. One day in April of that year, the Russian military operator subconsciously used the radio station to interfere with the shooting and guiding communication of the Japanese fleet, forcing the Japanese to return without success. The original sprout of this technical idea gave birth to a new way of warfare, and the information war began to enter the stage of war. The highly developed information technology has made “systems based on information systems” a feature of today’s war. It should be said that systemic confrontation is not a form of engagement that exists today. Both sides of the war have sought to form a strong operational system. In different historical periods, the system has different manifestations. Today’s combat system is an unprecedentedly powerful combat system that relies on networked information systems. An important manifestation of information technology playing a leading role in modern warfare is to promote the rapid development of information warfare. At the same time that “information-led” became the identifier of modern warfare, information warfare began to leap into a new kind of combat power.
Having a strong information power makes an army savvy and responsive, and the integration of information power into the strike force increases the military’s operational effectiveness into a geometric progression. Information warfare is the first sword to break the efficient integration of information firepower.
Information power is the ability to acquire, transmit, process, and use information. The enhancement of information means that information is acquired more and more comprehensively, information transmission is faster and more accurate, information processing is automated, and information usage tends to be intelligent. This makes the military’s command efficient, precise control, quick action, and powerful. From the perspective of operational mechanism, the effectiveness of information power in the combat system is manifested in the synergy of the strike force and the transformation of combat effectiveness. Although the information itself cannot directly kill the enemy, the information is used to realize the intelligent control of the combat weapon. Produced a powerful and powerful strike and non-contact strike.
Information deterrence is an important information warfare action, which can reduce the intensity of confrontation, and even force the opponent to give up resistance. It may produce a satisfactory combat effect and achieve the highest pursuit of “no war and defeated soldiers”. The principle is that the opponent It is a huge blow to the coming, and it is limited to the ability to stop the information. The achievement of the deterrent effect is the fusion effect of the multiple elements of strength, ability and determination. As a result of the high degree of integration of information and firepower, information multiplies the effectiveness of firepower, and firepower transforms information energy. The goal of information warfare is the opponent’s information system, which plays the role of “covering ears, obstructing, chaos”, so that the information power of the opponent is weakened and even lost, and the fusion of information firepower cannot be discussed. During the Gulf War, when the multinational forces scraped the “Desert Storm”, they first used a variety of electronic interference methods in the air and on the ground. At the same time, they used firepower to prioritize the communication and radar systems of the Iraqi army, making the Iraqi defense system still not in use. The powerful information power is completely lost, so it is stable. In the Kosovo war, the US military used a mistake in information warfare to provide a good opportunity for the Yugoslav army to make its air defense units cleverly use the less advanced information system to achieve effective integration of information firepower and shoot down the US military stealth fighters. Practice has proved that under the conditions of informationization, information warfare has become the first sword to break the efficient integration of opponents’ information firepower.
Information warfare is the primary action of transforming the enemy and the enemy
. The competition between the spear and the shield will never stop and escalate. When “information-led” shows great advantages, it will inevitably lead to “information counter-measure”. The containment of information will immediately reverse the original advantage. Information warfare is the primary action to transform the enemy and the enemy.
The basic types of combat are offense and defense, and the material means used for combat can also be divided into two types of weapons and equipment: spear and shield. Today, when combat weapons have unprecedented lethality, no one will use concentrated forces to concentrate their advantages. Synchronous strikes in different places can be an effective way to “eliminate the enemy and save oneself”, that is, the strike forces scattered in different locations simultaneously target the same target. Attacks are initiated, but only if there is precise time coordination.
Keeping time synchronized, it is obviously impossible to rely on the past manual pairing. Advanced techniques such as navigation satellite timing must be used, and once the timing synchronization information is destroyed by the opponent, the action will be completely disrupted. A force with high engine power and strike force, if attacked by the opponent’s information, causes information to be ineffective and information blocked, will not be able to figure out the direction of the action, can not find the target of the attack, become sluggish and weak. . Although the precision strike power is large, once the accurate guidance information is lost, the advantage is immediately lost. Command and control If the information is subject to control, it will lead to chaos, which will inevitably lead to chaos in the overall situation of the war.
Attacking the enemy’s information system is the focus and effort to break the battle system. The acquisition and use of information, counter-acquisition, and counter-utilization have become the focus of the battle between the two armies on the informationized battlefield. Information warfare is the preferred style for competing for battlefield control and even for war initiative.
While greatly improving the effectiveness of the combat system, the information system naturally becomes the target of the opponent’s attack, and it is the key target. Information warfare is to blinden the enemy battlefield perception system, weaken its information acquisition ability, interfere with its analysis and judgment; to block the enemy information transmission system, disrupt its coordination and destroy its actions; to deter the enemy accusation system by deception, reduce its command efficiency, Lead to mistakes in their decision-making. The more the information technology is developed and the more highly dependent on the information system, the more serious the consequences of its information system attack. Quaker, former chairman of the American “Old Ravens” Association, once wrote: “Advanced technology makes us highly dependent on the electromagnetic spectrum, but at the same time, we are not well invested in building electronic protection capabilities.” “The enemy uses cheap commercial technology. It can reduce or even destroy the performance of our expensive ISR equipment and weapon platforms, thereby limiting or even seriously weakening our technological advantages.” Because military electronic information systems are being widely used worldwide, in fact, the degree of dependence of national military on information systems It is constantly deepening. Therefore, all military powers are competing to develop information warfare. Some small countries are not willing to lag behind and follow suit. In modern warfare, it is of vital importance to seize the comprehensive control of the battlefield. The right to make information has become an indispensable commanding height, and it is the primary means of controlling the battlefield and mastering the initiative of war.
The information war has stood at the forefront of the contemporary military game. The
war is usually based on crossfire. The information war is invisible, the threshold is low, and the controllability is good. In peacetime, it is possible to start a dark battle and quietly extend the border of war. Information warfare has stood at the forefront of contemporary military games.
In today’s world, the use of military means is becoming more complex. War is not only a continuation of politics, but also a close integration of politics and military, subject to the overall strategy of political strategy. The use of force will also interact with politics, economy, diplomacy, and public opinion in a multi-dimensional, organically connected and closely coordinated. Information warfare is active on an invisible front, spanning peacetime and wartime. For example, the confrontation between information warfare reconnaissance and counter-reconnaissance between major powers is now almost every day. Although it is widely believed that the engagement of fire is a watershed between war and peace, the boundaries of war are changing due to the particularity of the use of new military struggle styles such as information warfare. According to reports, the US government recently publicly stated that the law of war applies to cyberattacks. It believes that certain cyber attacks are equivalent to the “use of force” legal concept as defined in the UN Charter. The attacked countries can use conventional military forces or cyber weapons. Counterattack. At the same time, we also see that the arrival of the information age has made the shadow of information warfare often appear in the struggle in the ideological field. The construction and development of information warfare capabilities have received increasing attention from all countries. In December 2011, Iran comprehensively used information warfare methods such as interference suppression, data deception, and link control to successfully deceive and capture a US military RQ-170 “sentinel” unmanned reconnaissance aircraft, which shocked the US military.

Original Mandarin Chinese:

戰爭特徵的嬗變總是由科學技術進步來激發,如果說“信息主導”是當今戰爭的時代特徵,那麼這一特徵的實質則是“信息技術的主導”。信息戰是信息技術創新孕育和助長的新質戰鬥力。

信息戰是新質戰鬥力

三、衛星在現代戰爭中扮演的角色為何? 四、資訊戰有哪兩種主要模式?

“知彼知己,百戰不殆”一直是戰爭制勝的不二法則,它實際上體現了“信息”在戰爭中的重要作用。自古以來,兵家總是在不斷追求驅散“戰爭迷霧”,降低戰爭的蓋然性,搶占先機;同時希望能夠以準確及時的信息迅速聚集戰鬥能量,制敵勝敵。如今,人類創新信息技術的豪邁步伐,驅動了社會的迅猛發展,“千里眼、順風耳”的神話早已成為現實。信息技術創新發展成果在立即為戰爭所充分利用的同時,也在不斷推動戰鬥力生成模式的轉變。
信息戰的萌芽可以上溯到上個世紀初。當時無線電報問世不久,俄國科學家波波夫就於1903年提出了無線電通信鬥爭的思想。 1904年爆發的日俄戰爭中,作戰雙方首次運用了無線電通信,當年4月的一天,俄軍報務員下意識地利用無線電台干擾了日軍艦隊的射擊引導通信,迫使日軍無功而返。這種技術思想的原始萌動孕育了一種新的作戰方式,信息戰開始登上戰爭的舞台。信息技術的高度發達,使得“基於信息系統的體係作戰”成為當今戰爭的時代特徵。應該說,體係對抗並不是今天才有的交戰形式,戰爭中交戰雙方都力求形成一個強大的作戰體系,在不同歷史時期,體係有著不同的表現形態。今天的作戰體係是依靠網絡化的信息系統聯成的一個威力空前強大的作戰體系,信息技術在現代戰爭中發揮主導作用的一個重要表現,就是助長了信息戰的快速發展。在“信息主導”成為現代戰爭的標識符的同時,信息戰開始躍變為一種新質戰鬥力。
擁有強大的信息力使一支軍隊耳聰目明、反應敏捷,信息力融入打擊力則使軍隊的作戰效能成幾何級數增加。信息戰是打破信息火力高效融合的第一把利劍。
信息力是獲取、傳輸、處理、使用信息的能力。信息力的增強意味著信息的獲取更多、更全,信息的傳輸更快、更準,信息的處理具備自動化,信息的使用趨於智能化。這就使得軍隊的指揮高效,控制精準,行動迅捷,打擊有力。從作戰機理上看,信息力在作戰系統中的效能發揮,體現的是對打擊力的增效和向戰鬥力的轉化,信息本身雖不能直接殺傷敵人,但使用信息實現打擊兵器的智能化控制就產生了威力巨大的精確打擊和非接觸打擊。
信息威懾是一種重要的信息戰行動,可以降低對抗強度,甚至迫使對手放棄抵抗,可能產生令人滿意的戰鬥力效應,實現“不戰而屈人之兵”的最高追求,而其原理是對手懾於隨之會來的巨大打擊力,懾於能力而止於信息,威懾效果的達成是實力、能力、決心多元要素的融合效應。信息與火力的高度融合的結果就是,信息使火力效能倍增,火力讓信息能量轉化。信息戰的目標是對手的信息系統,起到的作用是“掩耳、障目、亂心”,使對手的信息力受到削弱以至喪失,信息火力的融合也就無從談起。海灣戰爭中,多國部隊刮起“沙漠風暴”之時,首先動用的就是空中和地面的多種電子乾擾手段,同時運用火力優先打擊伊軍的通信和雷達系統,使得伊軍防禦體系中尚不強大的信息力完全喪失,因而穩操勝券。而科索沃戰爭中,美軍使用信息戰的一次失誤,為南聯盟軍隊提供了良機,使其防空部隊巧妙運用不夠先進的信息系統,實現信息火力的有效融合,擊落了美軍隱形戰機。實踐證明,信息化條件下,信息戰已成為打破對手信息火力高效融合的第一把利劍。
信息戰是轉變敵我優劣對比的首要行動
矛與盾的較量永不停息、不斷升級。當“信息主導”顯現出巨大優勢時,就必然引發“信息反制”。信息的受制,會使原有的優勢立即逆轉。信息戰是轉變敵我優劣對比的首要行動。
作戰的基本類型就是進攻和防禦,用以作戰的物質手段也可以區分為矛和盾兩大類型的武器裝備。在打擊兵器具有空前殺傷力的今天,誰都不會再用集中兵力來集中優勢,而異地同步打擊不失為“消滅敵人、保存自己”的有效方式,即分散於不同地點的打擊力量同時對同一目標發起攻擊,但條件是必須有精確的時間協同。
保持時間同步,靠過去的人工對錶顯然已不可能,必須利用如導航衛星授時等先進技術,而授時同步信息一旦被對手破壞,行動就會被徹底打亂。一支具有高機動力和打擊力的部隊,如果受到對手的信息攻擊,導致信息不靈、信息受阻,將會搞不清行動的方向,找不到攻擊的目標,​​變得行動呆滯、打擊無力。精確打擊威力雖大,但一旦丟失精確制導信息而打不准,優勢即刻盡失。指揮控制如果信息受制,就會陣腳大亂,勢必造成作戰全局陷於混亂。
攻擊敵方的信息系統是打破其作戰體系的著力點和發力點。信息的獲取與反獲取、利用與反利用,已成為信息化戰場上兩軍爭鬥的焦點。信息戰是爭奪戰場控制權乃至戰爭主動權的首選樣式。
信息系統在極大地提升作戰體系效能的同時,也自然成為對手的攻擊目標,而且是要害目標。信息戰就是通過迷盲敵戰場感知系統,削弱其信息獲取能力、干擾其分析判斷;通過阻斷敵信息傳輸系統,擾亂其協同、破壞其行動;通過欺騙擾亂敵指控系統,降低其指揮效率、導致其決策失誤。愈是信息技術發達、愈是高度依賴信息系統的軍隊,其信息系統受到攻擊的後果愈嚴重。美國“老烏鴉”協會前主席奎克曾經撰文指出:“先進的技術使我們高度依賴電磁頻譜,但與此同時,我們沒有很好地投資建設電子防護能力。”“敵人利用廉價的商用技術就可以降低甚至破壞我們昂貴的ISR設備以及武器平台的效能,從而限制甚至嚴重削弱我們的技術優勢。”由於軍事電子信息系統正在世界範圍內得到廣泛運用,事實上各國軍隊對信息系統的依賴程度都在不斷加深,因此,各軍事大國競相發展信息戰,一些小國也不甘落後,紛紛效仿。現代戰爭中,奪取戰場綜合控制權至關重要,制信息權成為其中不可或缺的製高點,是控制戰場和掌握戰爭主動的首要。
信息戰已站在當代軍事博弈的前沿
戰爭通常是以交火為基本標誌。信息戰隱於無形,使用門檻低,可控性好,在平時就可能展開暗戰,悄然延伸了戰爭的邊界。信息戰已站在當代軍事博弈的前沿。
當今世界,軍事手段的使用愈加複雜。戰爭不僅是政治的繼續,而且政治軍事緊密結合,服從於政略戰略大局。武力使用也將與政治、經濟、外交、輿論鬥爭多維互動,有機銜接,密切配合。信息戰跨越平時與戰時,活躍在一條看不見的戰線上。比如,各大國相互之間的信息戰偵察與反偵察的對抗,現在幾乎每天都在進行暗中角力。雖然人們普遍認為開火交戰是戰爭與和平的分水嶺,但是,由於信息戰等新的軍事鬥爭樣式運用的特殊性,戰爭的邊界正在發生改變。據報導,美國政府最近公開表明戰爭法適用於網絡攻擊,認為某些網絡攻擊等同於《聯合國憲章》所定義的“使用武力”法律概念,受到攻擊的國家,可以使用常規軍事力量或網絡武器實施反擊。同時,我們還看到,信息時代的到來,使得意識形態領域的鬥爭中也常常閃現出信息戰的影子。信息戰能力的建設發展,已經愈來愈得到各國的重視。 2011年12月,伊朗綜合運用乾擾壓制、數據欺騙、鏈路控制等信息戰手段,成功誘騙並俘獲了美軍一架RQ-170“哨兵”無人偵察機,令美軍大為震驚。

Original Referring url: http://theory.people.com.cn/n/2012/1218/

General Qiao Liang: Confident Cyber Leadership Wins the future “network space war” // 喬亮將軍:充滿信心的網絡領導贏得了未來的“網絡太空戰爭”

General Qiao Liang: Confident Cyber Leadership Wins the future “network space war” //

喬亮將軍:充滿信心的網絡領導贏得了未來的“網絡太空戰爭”

For nearly half a century, electronic technology and information technology have developed at an impressive speed, and thus have completely changed the style of modern warfare. Although people are accustomed to the sorting of land, sea and air when they talk about the dimensions of war, from the military technical level, the “network warfare” capability of “electronic warfare” and “cyber warfare” has no doubt that it has come to the fore. Become the first combat power. Who can dominate the electronic warfare, who can dominate the battlefield. It is a pity that this conclusion has not yet been universally accepted by the military.

Carving a sword for a sword is a portrayal of the evolution of people’s understanding and the development of things. Today, when this round of military revolution is marked by electronic technology and chip technology, as the technology matures and the potential approaches the limit and comes to an end, the soldiers of most countries have a small tube and a smaller chip. It is possible to change the style of war and not yet fully prepared for the spirit and knowledge. This is an irony for human beings living in the age of information, especially those armed with informatized weapons.

The individual representation of the appearance of the world makes people intuitively divide the whole world into parts to understand and understand. Even though electronic technology and information technology have long integrated the whole world into the grid space and welded into a “domain”, people are still accustomed to split it into different “domain” blocks. For example, many soldiers who are ignorant of traditional thinking take the battle space into five major dimensions: land, sea, air, sky, and electricity, and think that they will fight in these five dimensions. The grid space battlefield, in their view, is only one of them. Even in the concept of joint operations, which attempted to bring the five-dimensional space into one, the space and space warfare is only one of the combat areas and combat styles. It is completely unknown that the world has been “informed.” Such lag thinking can’t keep up with the pace of technological leap: the boat is far from the lake, but the sword sinks to the bottom of the lake. Those who can win and win in the future battlefield must be the army that observes and thinks, operates and controls all battlefields as a whole. Only in this way can we find the key to open the door to victory: who can control the grid space, who can control the battlefield; who can prevail in the space war, who is the winner of the war. This is the general trend that modern warfare can not be reversed today.

Electronic warfare (which has evolved into information warfare or cyberspace warfare today) is a prerequisite for all modern battles, battles and even wars. In contrast, air supremacy, sea power, and even land and power, have handed over the first battle of the future battlefield to the power of the grid. Moreover, the struggle for the right to heaven is itself part of the power of the network. In Deng Shiping’s words, modern warfare, “there is no air superiority, and no one can beat it.” Yes, in the future war, there is no power to make electricity in the net, and nothing can be beaten.

Today, it is proposed to use the “air-sea battle” concept to contain China’s US military. It is a military machine that is almost fully informatized. Therefore, the US military knows that informatization is its strength and its shortcomings. Short and short, whoever has the advantage of space and space warfare, who can restrain the US military. Some people may ask, is it from a military point of view that the space warfare is so important that people think it is more important than firepower? Yes, this is the author’s answer. Because when your opponent has been fully dimensioned, it will either be better than the opponent’s network space warfare, or defeat the war first, and then the firepower war will only destroy the opponents who are still unwilling to admit defeat. The process of physical digestion.

Why is the space warfare so important? In fact, all of our main rivals have their strengths in all-dimensional informationization, and all their shortcomings are over-informatization. The shortcoming of informationization is that there is no chip-free, thus forming chip dependence. The chip makes the weapon platform ammunition stronger, but it is also extremely fragile. An electromagnetic pulse bomb can destroy all electronic components within its explosive coverage. This kind of scene makes the opponent who is armed with the chip to the teeth very scared. For us, what we fear the opponents should be our priority to focus on development.

If you play against a full-dimensional informatization opponent, the opponent is most worried about: one is attacked by the network, and the other is destroyed by the sky-based system. Because this will make the hardware advantages of all weapon platforms meaningless. Although our opponents also have this ability, once both sides use this ability to smash opponents, it means that the two sides will return to World War II. At that time, who has the advantage of population, who has the advantage of resources, who has the advantage of manufacturing, who has the advantage of war.

Seeing this clearly helps us to get rid of some kind of paradox: the more we understand the military system of our opponents, the more we worry about the gap in our military system. The more we recognize the gap, the more we want to learn to catch up with our opponents. The result is what the opponent has, I There is also something to be. In the end, I forced myself to a dead end with the strength of the opponent and the length of the opponent. How can this road lead us to “can fight, win and win”? Ancient and modern Chinese and foreign, whereever wins, all of them are short of my enemy, even if it is hard, it is the longest attack of my enemy. There is a winner who wins the enemy with the enemy. Moreover, winning the war in the future cannot be achieved at all costs. For China, there should be a requirement that is as important as victory. Weapons and equipment development and operational plan development must consider how to reduce costs. Never have anything for the opponent, we must have something. You can’t do it with the Dragon King, and you can’t become a local tyrant. You can’t compare it with the Dragon King. Today, we have some cognitive defects on how to win the overall war of local war under informatization conditions. We always consciously and unconsciously think that playing high-tech wars is a high-cost war, and we always want to compare costs with our competitors. And fight costs.

In fact, we can completely change the way of thinking, that is to take the low-cost route. There are no heavy aircraft carriers, there is no X37, there is no global fast strike system, the opponent does not care. It only cares if you can destroy its satellite system and lick its network system. After all, the tools and means of attacking satellite weapons and electromagnetic pulse bombs are not very expensive and scarce, and their effects will be low-cost and high-yield. We can’t help but fall into the arms race with our opponents because we are worried about the gap between ourselves and our opponents.

The Americans said in the “air-sea battle” concept that “we will drag China into the competition with us in this way, so that the Chinese will put more energy into the production of such missiles such as Dongfeng 21D. Then use a lot of bait and deception to force the Chinese to consume these weapons in a meaningful direction.” In this regard, someone in the country wrote an article reminding us that “we must prevent falling into the trap of the United States.” This is not wrong in itself, but it still belongs to only know one, and I don’t know the other. It is important to know that after such articles come out, it is very likely that our understanding will produce new deviations, because there are “trap traps (ie double traps)” in the above-mentioned American discourse. First, it attempts to lure the Chinese army into the trap of an arms race. If you compete with the US military, you will spend a lot of money and resources to follow the US military and not to surpass; secondly, if you realize that this is a trap and give up the competition, you will immediately fall into another trap: since giving up the arms race Waste martial arts. For China, if we are not willing to compete with our opponents and we are not willing to squander martial arts, what should we do? The conclusion is that we can only go our own way.

To develop our own strengths and develop the things that are most beneficial to me, it is best to use my strength and defeat the enemy. At least it must be my long, the enemy’s long. I can’t do it with my short enemy, and the enemy’s long enemy will not do the same. With the enemy’s long attacking enemy, you will never win.

Take a look at the main design of the “Air-Sea Battle”: the opening is to hit your space-based system, let you blind; then hit the “reconnaissance war”, let you call you; then come to officially start a regular battle with you.

Under such circumstances, what should we do? It is a passive move, the soldiers will block, the water will cover the earth, or will it be my strength, in exchange for low-cost means, in exchange for the opponent’s high-value goal? Of course, the latter. To do this, we must first have three capabilities:

The first is satellite anti-missile capability. This ability will lead to a serious reliance on informatized opponents, making them blind, defamatory, and dumb, so that they can only return to the level of World War II to compete with conventional forces.

The second is the ability to remotely play. You must ensure that you have the ability to sink high-priced targets like aircraft carriers. If such a high-priced target is sunk, it will seriously undermine the confidence of investors around the world against the opponent, so that the capital does not dare to invest in it again, resulting in a serious war financing dilemma for the opponent. This is the national weakness of the opponent’s combat planners who are not aware of it. The confidence of the sinking aircraft carrier in global investors will be a huge blow, which will interrupt the opponent’s global capital chain.

The third is that there must be a network space combat capability. Especially the ability to attack any network system of the opponent. If China and the powerful opponents are really fighting, you must demonstrate your ability and determination to attack and smash all of the grid system from the very beginning. This is a necessary way to contain war by deterrence.

The reason is always easier said than done. How to get the power of the network in the future war, or to offset the advantage of the opponent’s network warfare? It is necessary to make yourself technological progress. But what is more necessary is the progress of thinking. The long history of evolution proves that human beings are not always in a state of thought progress in the coordinate system of time. Degradation will happen from time to time. The degradation of thinking is sad, but consciously pull the pair back to the “old battlefield”, that is, to offset the opponent’s informational combat capability, so that the opponent’s technical advantage is lost, and thus with us to return to a certain historical stage of combat, At that time, it is a feasible idea to give full play to my own advantages.

(The author is a professor at the National Defense University)

Original Mandarin Chinese:

近半個世紀以來,電子技術、信息技術以令人瞠目的速度迅猛發展,並因此全面改變了現代戰爭的風貌。儘管人們在談論戰爭的維度時,習慣於陸海空天電的排序,但從軍事技術層面講,“電子戰”“網絡戰”所構成的“網電空間戰”能力,卻毫無疑問已後來居上,成為第一戰鬥力。誰能主導電子戰,誰就能主宰戰場。可惜的是,這一結論至今還未能被各國軍隊普遍接受。

刻舟求劍,是對人們的認識滯後於事物的演變和發展的形象寫照。時至今日,當以電子技術和芯片技術為標誌的這一輪軍事革命,因技術日臻成熟,潛力逼近極限而漸近尾聲時,大多數國家的軍人對一個小小的電子管和更小的芯片就能改變戰爭的風貌,還沒做好充分接納的精神和知識準備。這對生活在信息化時代的人類,特別是掌握著信息化武器的軍隊來說,不能不說是一種諷刺。

世界外觀所呈現的個體性表徵,使人們憑直覺把整個世界區分成各個部分去認知和理解。即便電子技術、信息技術早已把整個世界都納入了網電空間而焊接成了一“域”,人們仍然習慣於將其切分成不同的“域”塊。如不少囿於傳統思維的軍人,就想當然地把作戰空間切分成陸、海、空、天、電五大維度,並以為自己將在這五種維度下作戰。而網電空間戰場,在他們看來,只不過是其中的一維。甚至在聯合作戰這一試圖把五維空間打通成一體的概念中,網電空間戰也只是其中一種作戰領域和作戰樣式而已,全然不懂大千世界已然被“信息化”了。這樣的滯後思維不可能跟上技術飛躍的步伐:舟已遠離湖面,劍卻沉在了湖底。能在未來戰場上穩操勝券者,一定是把全部戰場作為一個整體觀察和思考、操作並控制的軍隊。只有如此,才能找到打開胜利之門的鑰匙:誰能控製網電空間,誰就能控制戰場;誰能在網電空間戰中佔上風,誰就是戰爭的贏家。這是現代戰爭發展到今天誰也無法逆轉的大趨勢。

電子戰(今日已衍化成為信息戰或網電空間戰)是一切現代戰鬥、戰役乃至戰爭的前提。與此相比,制空權、制海權,甚至制陸權與製天權,都已向製網電權拱手交出了未來戰場的第一制權。何況制天權的爭奪本身就是製網電權的一部分。套用鄧小平的一句話說,現代戰爭,“沒有製空權,什麼仗都打不下來”。是的,未來戰爭,沒有製網電權,什麼仗都打不下來。

今天,提出要用“空海一體戰”構想遏制中國的美軍,是一架幾乎全面信息化了的軍事機器。因此,美軍深知信息化是其所長,亦是其所短。短就短在誰具備網電空間戰優勢,誰就能製約美軍。有人會問,難道從軍事角度講,網電空間戰真的那麼重要,以至於讓人認為比火力硬殺傷更重要嗎?是的,這正是筆者的回答。因為當你的對手已全維信息化後,它要么先勝於與對手的網電空間戰,要么先敗於此戰,其後的火力戰,只是對還不肯認輸的對手進行從心理摧毀到物理消解的過程。

為什麼網電空間戰如此重要?實際上,我們的主要對手其全部的長處就在於全維信息化,而其全部的短處也在於過度信息化。信息化的短處就是無一處無芯片,從而形成芯片依賴。芯片讓武器平台彈藥如虎添翼變得強大,而其自身卻也極端脆弱。一枚電磁脈衝炸彈,就可以讓在它爆炸覆蓋範圍內的所有電子元件被毀失能。這種場景讓用芯片武裝到牙齒的對手很恐懼。而對我們來說,讓對手恐懼的東西,就應該是我們要優先側重發展的武器。

如果跟全維信息化對手交手,對手最擔心的是:一被網攻癱瘓網絡,二被天戰摧毀天基系統。因為這將使其一切武器平台的硬件優勢都變得沒有意義。儘管我們的對手同樣也有這種能力,但一旦雙方都動用這種能力將對手癱瘓,那就意味著,對陣雙方將一起退回二戰水平。那時,誰具有人口優勢,誰有資源優勢,誰有製造業優勢,誰就有戰爭優勢。

看清這一點,有助於我們擺脫某種悖論:越了解對手的軍事系統,就越擔心自身軍事系統存在的差距,越承認差距,就越想學習追趕對手,結果就是對手有什麼,我就也要有什麼。最終把自己逼上一條以對手之長,攻對手之長的死路。這條路怎麼可能把我們引向“能打仗,打勝仗”?古今中外,凡勝仗,無一不是以我之長攻敵之短,即便是硬仗也是以我之長攻敵之長,未見有以敵之長攻敵之長而取勝者。何況,取勝於未來戰爭,不能以不惜一切代價獲勝為目的。對於中國來說,還應該有一個與勝利同樣重要的要求,武器裝備發展,作戰方案製定,都要考慮如何降低成本。決不能對手有什麼,我們就一定要有什麼。乞丐跟龍王爺比寶不行,變成土豪了,也不能跟龍王爺比寶。今天,我們對如何打贏信息化條件下局部戰爭的整體想法是存在某種認知缺陷的,總是自覺不自覺地以為打高技術戰爭就是打高成本戰爭,總想和對手一樣去比成本、拼成本。

實際上,我們完全可以換一種思路,那就是走低成本路線。有沒有重型航母,有沒有X37,有沒有全球快速打擊系統,對手並不在乎。它只在乎你能不能摧毀它的衛星系統,癱瘓它的網絡系統。畢竟,攻擊衛星武器和電磁脈衝炸彈的工具和手段都不是很昂貴、很稀缺,而其效果將是低成本、高收益。我們斷不能因為擔心自己與對手的差距,就不由自主地陷入跟對手的軍備競賽中。

美國人在“空海一體戰”構想中說,“我們要通過這個方式,把中國拖入到與我們的競賽,讓中國人把更多的精力都投入到東風21D等諸如此類導彈的生產中去,然後用大量的誘餌和欺騙迫使中國人大量地把這些武器消耗到沒有意義的方向”。對此,國內有人寫了一篇文章,提醒“我們要防止掉入美國陷阱”,這本身沒有錯,但仍然屬於只知其一,不知其二。要知道,此類文章出來以後,很有可能導致我們的認識產生新的偏差,因為上述美國人的話語中存在“陷阱的陷阱(即雙重陷阱)”。首先,它企圖將中國軍隊引誘到軍備競賽的陷阱中來。如果你跟美軍進行競賽,你就會耗費大量財力物力尾隨美軍而不得超越;其次,如果你意識到這是陷阱而放棄競賽,你又立刻就會掉入另一個陷阱:由於放棄軍備競賽而自廢武功。對中國來說,如果我們既不願意跟對手競賽,又不願意自廢武功,那我們應該怎麼辦?結論是,我們只能走自己的路。

發展我們自己之長,發展對我最有利的東西,最好以我之長,克敵之短。起碼也要以我之長,克敵之長。以我之短克敵之長不行,以敵之長克敵之長同樣也不行。以敵之長攻敵之長,你將永無勝算。

看看“空海一體戰”最主要的設計:開場就是打擊你的天基系統,讓你致盲;接著打“偵察戰”,讓你致聾;然後才來跟你正式開打常規戰。

這種情形下,我們怎麼辦?是被動接招,兵來將擋,水來土掩?還是揚我所長,以低成本手段,換取對手高價值目標?當然是後者。為此,我們必須先具備三種能力:

第一種是衛星反導能力。這種能力將一擊致癱嚴重依賴信息化的對手,使其致盲、致聾、致啞,從而只能與你一道退回二戰水平去比拼常規戰力。

第二種是遠程精打能力。必須確保你有能力擊沉類似航母這樣的高價目標。這樣的高價目標如果被擊沉,將沉重地打擊全世界投資人對對手的信心,使資本不敢再投向它,造成對手嚴重的戰爭融資困境。這是對手的作戰計劃人員沒有意識到的國家軟肋。擊沉航母對全球投資人的信心將是一個巨大的打擊,從而將打斷對手的全球資本循環鏈。

第三種是必須有網電空間作戰能力。特別是對對手的任何網絡系統攻擊的能力。如果中國和遠比自己強大的對手真的發生戰爭,你必須從一開始就展示你有攻擊並癱瘓其全部網電系統的能力和決心,這是用威懾遏制戰爭的必要方式。

道理,總是說起來容易做起來難。如何在未來戰爭中拿到製網電權,或者對沖掉對手的網電戰優勢?讓自己獲得技術進步是必須的。但更必須的,是思維的進步。漫長的進化史證明,人類在時間的坐標系上,並不總是處於思維進步狀態。退化,會不時發生。思維的退化是可悲的,但有意識地把對手拉回“舊戰場”,即對沖掉對手的信息化作戰能力,讓對手的技術優勢盡失,從而與我們一道退回某一歷史階段的作戰水平,屆時,盡情發揮我自身優勢,則不失為一種可行的思路。

(作者係國防大學教授)

Original Referring URL: http://www.81.cn/jkhc/2014-12/

 

Chinese Military Information Warfare Attacks on Mind and Spirit // 中國軍隊信息戰隊思想和精神的攻擊

Chinese Military Information Warfare Attacks on Mind and Spirit //

中國軍隊信息戰隊思想和精神的攻擊

June 01, 2004 08:58
  If the 1991 Gulf War was the first time that the United States brought information warfare from the research report to the actual battlefield, then the Iraq war that ended last year may be the further development of information warfare in actual combat. Information warfare, as the focus of the new military revolution in the 21st century, has increasingly attracted people’s attention. However, through the information campaign to study the lively scenes, we will find that quite a few people only understand information warfare from the perspective of military and technology alone, but information warfare is not so simple. 

  Information warfare is a new emergence of human beings entering the information age. a phenomenon of war. It is not a simple style of warfare, but a new form of warfare relative to firepower. The emergence of information warfare has formed a major breakthrough in many traditional war concepts such as the object of war, the boundaries of war, and the content of war. Among them, the focus should be on the ideological and spiritual side of information warfare. 

  What you see is only the tip of the iceberg 

  . There are dozens of concepts about information warfare in the world. However, many of them only understand information warfare from the military and technical perspectives. Even the United States, which is in the leading position of information warfare, is only from the last It was only at the end of the century that this issue was considered from a strategic and social point of view. This is not comprehensive. An important prerequisite for understanding information warfare is that information warfare should not be viewed simply with the war view of the industrial age. In the information age, computers and networks have dramatically changed the shape of war in the past. In the information war, the army and the society, the military and civilians, the war and the crime, the state and the individual have been intertwined in many cases, and they are unclear and unreasonable. 

  Information warfare broadly refers to the war against the information space and the competition for information resources in the military (including political, economic, cultural, scientific, and social fields). It mainly refers to the use of information to achieve the national strategic goals; narrowly Refers to the confrontation between the warring parties in the armed field in the field of information, and seizes the right to control the information. It should be emphasized that information warfare is not a simple military technical issue and should not be understood as a combat style. Information warfare is actually a form of war.

  The term “information” is understood relative to the times, and corresponds to the agricultural and industrial eras; in terms of social forms, it is also in line with agricultural and industrial societies. At the same time, it is one of the three major resources that human beings must compare with matter and energy. Investigating information warfare, only by knowing at this level can we reveal information warfare in the true sense. 

  The rise of information warfare lies not in what kind of nouns it uses, nor in the war nouns. It is as simple as the buzzwords of “information,” “information,” “information age,” and “digitalization.” It is the inevitable result of the development of society and science and technology, with revolutionary and epoch-making significance. The information wars that emerged at the end of the 20th century, or the information wars we have seen, are only the tip of the iceberg, and are only partial and limited information wars embodied in the military field. Only when the world reaches full network and the earth becomes a small village in the true sense can we see the broad and real information war. 

  Information warfare is not just  about the military. When it comes to information warfare, people often think of the army first. Indeed, in the traditional war, the army is the protagonist of the war, and the battlefield is also the stage of the military. Under the conditions of information warfare, the situation is very different. The scope of the battlefield has greatly expanded, and the war has become far more than just military affairs, but has developed into a national war under high-tech conditions. Information warfare is not only carried out through the military, but also through the entire social network. With the construction of the world information highway, information warfare has been difficult to define boundaries. Any social NGO or even an individual who has ordinary computer equipment and masters computer communication technology may use a globally connected computer and communication system to participate in an information war. 

  The information warfare is not only the main manifestation of the army: First, the participants in the information war are no longer limited to military personnel, but also include ordinary people. Information warfare combatants can be either regular soldiers or teenage hackers. Second, many of the weapons and equipment used in information warfare, such as computers and optical instruments, can no longer be military supplies, and are available in the civilian goods market. Take the United States, an information war powerhouse, as an example. The US military’s information warfare system relies heavily on civilian information infrastructure. Senior US military personnel referred to the informationization of the US military’s military as “buy from the market.” Third, information warfare is not only on the battlefield, but on the entire society. “The battlefield is only where the soldiers are killed. It no longer covers information warfare.”

  Information warfare is not only played in wartime. 


  Since the war, the attackers launched wars, and the defenders resisted aggression, and they must be prepared for war. In particular, mechanized warfare has shown obvious phase and proceduralization. In the war of information age, the boundaries between war preparation and implementation are increasingly blurred and even mixed. Looking around the world, it is not difficult to find that information powers are fighting almost every day: public opinion, intelligence confrontation, network reconnaissance, and so on. These are actually information wars that have transformed form, and can be called public opinion warfare, intelligence warfare, and cyber warfare. 

  In the Iraq war, the power of public opinion wars opened the eyes of the world. It has been said that the “discussion war”, one of the forms of information warfare, has been going on since the war. Earlier cases of “public opinion wars” can be traced back to the “Oath of the Oath” of China’s Xia Dynasty and later “Looking for Cao Yuwen” and “Discussing Wushu”. The “discussion of public opinion” has no boundaries between wartime and peace. It controls, manipulates, plans, and utilizes various public opinion tools to systematically deliver selected information to the audience, affecting the audience’s emotions, motivations, judgments, and choices, thus having a major and direct impact on the outcome of the war. As for the information warfare and cyber warfare in the information war, it is even more ignoring the difference between wartime and peacetime. At that time, the US Clinton Administration put forward the idea of ​​building an information highway and promoting global informationization. This move has made the world believe that the United States is leading the human society into the information age. However, the strategic intention of the United States is actually that when the informationization of human society is still in a blank, it will expand the information territory of the United States in order to occupy the opportunity of informationization. As a result, the future development of global informationization will follow the US road map. The United States can integrate the countries of the world into the informatization map of the United States. Looking at it now, this strategic attempt by the United States is far more effective than winning a war of blood and hurricanes.

  When information warfare is not only a battle, this is not only manifested in the blurring of the preparation and implementation of information warfare, especially in the attack of information warfare on people’s thoughts and spirit. The formation of thoughts and spirits is a subtle process. Through the information superiority, we can achieve the goal of “no war and defeated soldiers” or “less war and defeated soldiers”. The general approach is to use information superiority to create contrast between the enemy and the enemy, use psychological warfare and strategic deception to shake, frustrate the enemy’s military, people’s hearts and government beliefs, and destroy the enemy’s normal political and economic operation system. Means can put the enemy in a state of paralysis, curb the will of the hostile country to wage war, or deprive it of its ability to war. 

  In the 1980s, the scenes of the US-Soviet confrontation were very interesting. Reagan, the US president who is good at acting, has proposed an aggressive “Star Wars” plan, claiming to make all the strategic nuclear missiles of the Soviet Union useless. As soon as the plan was announced, the United States started to promote all the propaganda machines and caused a great sensation in the world. The Soviet leaders convened an emergency meeting in succession and decided to resolutely respond to the blood and establish a strategic defense shield of the Soviet Union. In fact, the “Star Wars” program in the United States only carried out a little bit of technical experimentation. It didn’t cost much at all, but a movie of the same name “Star Ball” was popular in the world. However, the Soviets were very hardworking and hard work. When the national economy was on the verge of collapse, the vast ruble was still thrown into the arms race. The Soviet Union, which had been unable to do so, ran out of the last drop of blood after seven years. It cannot be said that the collapse of the Soviet economy and the collapse of the regime were not dragged down by the US information war. 

  Paying attention to the people’s war that defends the boundaries of 

  information. Under the conditions of information warfare, national sovereignty has a new content. The extension of national security has expanded and its connotation has become more abundant. The influence of information warfare is no longer limited to the military field, but radiates to the whole. Human society. Under the conditions of information warfare, the important magic weapon for a weak country to defeat a powerful country is the people’s war. Only by insisting on the people’s war under the conditions of information warfare can we effectively defend the national information territory and safeguard national information sovereignty. In addition to information technology and tactics, the most important thing is to grasp the construction of the information talent team and build the two lines of the national spirit defense line in the information age. 

  Those who have talents are in the world. The outcome of the information warfare depends to a large extent on human factors, and must be supported by a large number of high-tech information warfare personnel.

  In the information warfare, a small number of top information talents can often play a key role in the outcome of the war. During the Second World War, in order to grab a German atomic physicist, the US military changed the direction of the attack of the three Army divisions. After the end of World War II, the history of “the wise man grabbed the people, the fools took the device” was even more intriguing. In the East, the Soviets were busy carrying the seized tanks and cannons; in the West, Americans hurriedly transported more than 3,000 German scientists back home. More than half a century has passed, and the country that grabbed talents is still continuing to write a history of robbing people, and its economy, technology and military are incomprehensible. The country that robbed the weapon was now facing the reality of being robbed. After the disintegration, the Soviet Union had tens of thousands of outstanding scientific and technological talents to change their positions to serve the opponents of the year. As a commanding height of military struggle, the struggle for talents is more decisive in the military contest of the information age. 

  Compared with the “hard killing” brought about by information warfare, the “soft killing” of information warfare is even more terrible. The spiritual realm is the most “window of vulnerability” under the conditions of information warfare. 

  As information technology becomes more developed, channels become more and more fluent, and information sources are more extensive. People will get more and more information and get information faster and faster. The means of modernization have transmitted the information to be transmitted to the countries of the world effectively without any restrictions. At present, developed countries pay great attention to using their advanced information technology to establish a global network of radio, television, and computer networks, thereby exporting their political opinions and values ​​on a large scale and expanding the information frontier. As a result, countries with backward informationization have been subjected to a strong spiritual impact. Therefore, in order to win the people’s war under the conditions of information warfare, from the individual, the media, the army to the whole country, we must comprehensively enhance the awareness of information and national defense, establish the concept of defending the national information territory and information boundary, and consciously build an invisible spiritual defense line. 

  Related Links 

  Scanning the overall situation of the world information war It 

  can be said that the development of the world information warfare has gone through three stages. 

  The first stage: the period of information warfare before the Gulf War in 1991; the 

  second stage: the implementation and maturity of the information war after the Gulf War to 1998; the 

  third stage: the development period of the information warfare after 1998 .

  At present, the new military revolution triggered by information warfare is still going on around the world. The transformation of mechanized warfare into information warfare has been fully carried out in the world. The armed forces of major countries around the world are adjusting their strategies and tactics, preparing equipment, and combat training in accordance with the information warfare, in preparation for winning information warfare. All the wars after the Gulf War have been marked with traces of information warfare. The power of information warfare is impacting all areas of society. 

  Information warfare techniques and techniques click 

  Currently, the world’s countries in the application and development of information warfare technology are mainly: 

  1. Reconnaissance and surveillance technology. Various means of reconnaissance, surveillance, early warning and navigation, including space-based, space-based, sea-based and foundation. 

  2. Platform integrated information warfare system. Realize radar warning, missile launch and attack alarm, information support, information interference and avoidance, and synergistic integration, and integrate with other information equipment on the platform to achieve information sharing. 

  3. Network command and control warfare technology. 4. Computer virus technology. 

  5. Attacking weapons technology. Including electromagnetic pulse weapons, ultrasonic weapons and infrasound weapons. 6. Advanced electronic countermeasures technology. 

  The latest information warfare equipment glimpse 

  In the development of information warfare weapons, in recent years, the following equipments have been developed or put into active service in various countries. 

  1. The Joint Surveillance and Target Attack Radar System is a battlefield information processing system that accurately detects moving and fixed targets to cope with the implementation of long-range precision strikes, and provides commanders with important information about combat development and combat management. 

  2. The Joint Tactical Air-to-Ground Information Station is a weapon support system that processes the vital information needed for space-based sensor data and operational capabilities for early warning missile launches. 

  3. A beam-energy weapon can penetrate targets hundreds of kilometers or even thousands of kilometers in an instant without leaving a “hard injury”, especially for the direct destruction of high-precision guided high-tech weapons. Therefore, it is considered to be tactical air defense and anti-armor. Optoelectronic countermeasures and even strategic anti-missile, anti-satellite, anti-satellite, multi-purpose ideal weapon for all spacecraft.

  4. Smart warfare, woven with a fiber optic network and a conductive polymer network, and a miniature measurement system that monitors the soldier’s physical condition. In the future battlefield, a soldier was injured. At the moment of his fall, the medical staff at the ambulance center can accurately determine whether it is a bullet or a knife wound, where the injured part is, and other basic injuries. 

  In addition, there are military robots, shipboard electronic warfare systems, high-power RF amplifier technology, advanced antenna technology and signal processing technology. 

  The information 

  warfare is fiercely competitive. Looking at the world, more than 20 countries including Britain, France, Israel, and Russia have conducted in-depth research on information warfare. The development of information warfare in the United States is at the forefront of the world, mainly in technology, equipment, and theory. 

  United States: The information war strategy was changed from defense to attack. In order to improve the US military’s information warfare technical capabilities, the US Department of Defense has a specialized information system processing agency responsible for maintaining the 2.5 million computers used by the US military. It is also studying how to improve the attack capabilities of computers and create communication networks and financial systems that destroy hostile countries. And the intrusion of the power system. As early as the fall of 2000, the US Space Command Center began to develop aggressive computer weapons. This means a major adjustment in the US military’s information war strategy—from strategic defense to strategic attack. 

  Russia: The focus of information warfare is on “Heavenly Soldiers.” The development of information warfare in Russia has concentrated on the development of “Heavenly Soldiers” — the astronauts. In 2002, Russia invested about 31.6 billion rubles for space research, 5.4 billion rubles for the development of global navigation systems, and strengthened the development of lasers, high-power microwaves and anti-satellite weapons. 

  Japan: Accelerate the formation of information warfare units. The Japanese Defense Agency is forming an information warfare force of 5,000 people, focusing on the development of cyber weapons as the focus of future defense plans, and speeding up the construction of the Japanese Army’s digital forces.

  EU and other Western countries: embarking on the construction of digital troops. Countries such as France, Germany, Britain, Canada, Australia, the Netherlands and Sweden are also developing platforms and individual C4I systems. More than 10 countries, including France, Britain, Germany, Australia, Canada, Italy, and Israel, are embarking on the implementation of digital military and digital battlefield construction plans. Among them, most countries are concentrating human and financial resources to develop the equipment needed for digital units, and a few countries in the past have conducted several digital force test exercises. In the future, while the above-mentioned countries continue to develop the digital “hardware” of the battlefield, they will begin to consider the composition of the digital units, and more countries will join the ranks of the digital construction of the troops.  

Source: China National Defense News

Original Mandarin Chinese:

如果說,1991年的海灣戰爭是美國第一次把信息戰從研究報告中搬上實戰戰場,那麼去年結束的伊拉克戰爭也許就是信息戰在實戰中的進一步發展。信息戰,作為21世紀新軍事革命狂飆的重心,已經越來越引起人們的重視。然而,透過信息戰研究熱鬧的場面,我們會發現,相當多的人們只是從單純軍事和技術的角度認識信息戰的,但信息戰其實並不這麼簡單——

信息戰是人類進入信息時代新出現的一種戰爭現象。它不是一種簡單的作戰樣式,而是相對於火力戰的一種新的戰爭形態。信息戰的出現對諸如戰爭對象、戰爭界限、戰爭內容等許多傳統戰爭理念都形成了重大突破,其中尤其應該引起關注的是信息戰攻擊思想和精神的一面。

看到的只是冰山一角

目前世界上關於信息戰的概念有幾十種,然而,很多卻只是單純從軍事和技術的角度來認識信息戰的,即使處於信息戰領先地位的美國也只是從上個世紀末才開始從戰略高度和社會意義上思考這個問題,這很不全面。認識信息戰的一個重要前提是,不應該簡單地用工業時代的戰爭觀來看待信息戰。信息時代,電腦和網絡大大改變了以往的戰爭形態。信息戰中,軍隊與社會、軍人與平民、戰爭與犯罪、國家與個人在很多情況下已經交織在一起,分不清,理還亂。

信息戰廣義地指對壘的軍事(也包括政治、經濟、文化、科技及社會一切領域)集團搶佔信息空間和爭奪信息資源的戰爭,主要是指利用信息達成國家大戰略目標的行動﹔狹義地是指武力戰中交戰雙方在信息領域的對抗,奪取制信息權。需要強調的是,信息戰不是一個簡單的軍事技術問題,不應該被理解為一種作戰樣式。信息戰實際上是一種戰爭形態。

“信息”這個名詞相對於時代來理解,是與農業時代、工業時代相對應的﹔就社會形態而言,又是與農業社會、工業社會相呼應。同時,它又是與物質、能量相提並論的人類必須的三大資源之一。考察信息戰,隻有從這個層次上去認識,才能揭示真正意義上的信息戰。

信息戰的崛起不在於它用了什麼樣的名詞,也不是戰爭名詞上冠以“信息化 ”、“信息”、“信息時代”、“數字化”這些時髦的詞藻那麼簡單。它是社會和科技發展的必然結果,帶有革命性、劃時代的意義。 20世紀末出現的信息戰,或者說我們已經看到的信息戰只是冰山之一角,僅僅是體現在軍事領域中的局部和有限的信息戰。隻有當世界達到全面網絡化,地球成為真正意義上的小村落時,我們才能看到那種廣義上、真正的信息戰。

信息戰不隻靠軍隊打

一提起打信息戰,人們往往首先就想到軍隊。確實,傳統戰爭中,軍隊是戰爭的主角,戰場也主要是軍人的舞台。信息戰條件下,情況則大不一樣。戰場的範疇大大擴展,戰爭變得遠遠不只是軍隊的事情,而是發展成高技術條件下的全民戰。信息戰不只是通過軍隊,同時也可以通過全社會網絡來實施。隨著世界信息高速公路的建設,信息戰已難以劃定界限。任何社會民間組織甚至個人隻要擁有普通計算機設備、掌握計算機通訊技術,都有可能利用全球聯網的計算機與通信系統參與一場信息戰。

信息戰不隻打軍隊主要表現在:第一,信息戰的參與者不再僅限於軍人,而且還包括普通民眾。信息戰作戰人員既可以是正規軍人,也可以是十幾歲的少年黑客。第二,信息戰所使用的許多武器裝備,如計算機、光學儀器等可以不再是軍用品,在民用品市場上都可買到。以信息戰強國美國為例,美軍的信息戰系統在很大程度上依賴民用信息基礎設施。美國軍方高層人士把美軍軍隊信息化變革稱為“從市場上買來的”。第三,信息戰作戰不單在戰場,而是分佈於整個社會。 “戰場只是士兵陣亡的地方,已不再囊括信息戰交戰場所。”

信息戰不隻在戰時打

自有戰爭以來,進攻者發動戰爭,防御者抵禦侵略,都要進行周密的戰爭準備。特別是機械化戰爭,呈現出明顯的階段性、程序化。而信息時代的戰爭,戰爭準備與實施的界限則日趨模糊,甚至混為一體。環顧世界,不難發現,信息強國幾乎每天都在進行戰爭:輿論宣傳、情報對抗、網絡偵察等等。這些實際上都是轉化了形式的信息戰,可以稱之為輿論戰、情報戰、網絡戰。

伊拉克戰爭中,輿論戰的威力讓世人大開眼界。有人說,作為信息戰作戰形式之一的“輿論戰”自有戰爭以來就一直在進行著。進行“輿論戰”的較早案例甚至可以追溯到中國夏朝的《甘誓》以及後來的《討曹檄文》與《討武檄文》。 “輿論戰”的進行完全沒有戰時與平時的界限。它通過控制、操縱、策劃、利用各種輿論工具,有計劃地向受眾傳遞經過選擇的信息,影響受眾的情感、動機、判斷和抉擇,從而對戰爭結果產生重大而直接的影響。至於信息戰中的情報戰、網絡戰就更是無視戰時與平時的分別了。當年,美國克林頓政府提出了構建信息高速公路、推進全球信息化的主張。此舉曾讓世人認為美國正在引領人類社會步入信息化時代。然而,美國的戰略意圖其實是趁人類社會的信息化尚處於一片空白之時,跑馬圈地,擴張美國的信息疆域,以期佔住信息化的先機。如此一來,全球信息化未來的發展就將按美國的路線圖行進。美國可以一舉將世界各國納入美國規劃的信息化版圖。現在看,美國的這一戰略企圖,其成效已遠遠勝於贏得一場硝煙彌漫、血雨腥風的戰爭。

信息戰不隻打戰時,這不僅表現為信息戰戰爭的準備與實施界限模糊,尤其體現在信息戰對人的思想和精神的攻擊上。思想和精神的形成是一個潛移默化的過程,通過信息優勢可以達成“不戰而屈人之兵”或“少戰而屈人之兵”的目標。其一般做法是:利用信息優勢在敵我之間製造反差,運用心理戰和戰略欺騙等手段,動搖、沮喪敵方軍心、民心和政府信念,破壞敵方正常的政治、經濟運行體系,通過上述手段可以使敵國處於癱瘓狀態,遏制敵對國家發動戰爭的意志,或使其喪失戰爭能力。

上個世紀80年代美蘇對峙中的一幕場景很值得人玩味。擅長演戲的美國總統裡根提出了一個咄咄逼人的“星球大戰”計劃,號稱要讓蘇聯的所有戰略核導彈失去作用。該計劃一宣布,美國就開動全部的宣傳機器拼命鼓吹,在全世界引起了巨大轟動。蘇聯領導人連續召開緊急會議,決定不惜血本堅決應對,建立起蘇聯的戰略防禦盾牌。其實,美國的“星球大戰”計劃隻進行了星星點點的技術實驗,壓根就沒有花多少錢,倒是一部同名的《星球大球》的電影風靡世界。而蘇聯人卻非常認真地埋頭苦幹,在國民經濟已經瀕臨崩潰的情況下,仍然把大把的盧布投向軍備競賽。本來已經力不從心的蘇聯在7年之後流盡了最後一滴血。不能說,蘇聯經濟的崩潰及政權的垮台沒有受美國信息戰的拖累。

關注保衛信息邊界的人民戰爭

在信息戰條件下,國家主權有了新的內容,國家安全的外延擴大了、內涵更豐富了,信息戰的影響也不再僅僅局限於軍事領域,而且輻射到整個人類社會。在信息戰條件下,弱國戰勝強國的重要法寶就是人民戰爭。隻有堅持打信息戰條件下的人民戰爭才能切實保衛國家信息疆域,維護國家信息主權。這其中除了信息技術和戰法等因素外,最主要的是抓住信息人才隊伍建設與構築信息時代的全民精神防線兩個環節。

得人才者興天下。信息戰的戰果如何,在很大程度上取決於人的因素,必須有大量的高技術信息戰人才作支撐。

在信息戰中,為數不多的頂尖信息人才往往能對戰爭的勝負起到關鍵作用。二戰期間,美軍為了把一個德國原子物理學家搶到手,竟然將3個陸軍師的進攻方向作了改變。二戰結束後那段“智者搶人,愚者奪器”的歷史更是耐人尋味。在東方,蘇聯人忙著搬運繳獲來的坦克大砲﹔在西方,美國人卻急急把3000多名德國科學家運回國內。半個多世紀過去了,當年搶人才的國家如今仍然在續寫著搶人的歷史,其經濟、科技和軍事不可一世。當年搶兵器的國家如今則在無奈地面對著被搶的現實。解體後的蘇聯有上萬名優秀科技人才改換門庭,服務於當年的對手。人才之爭作為軍事鬥爭的一個制高點,在信息時代的軍事較量中,更具有決定性的意義。

與信息戰所帶來的“硬殺傷”相比,信息戰的“軟殺傷”更為可怕。信息戰條件下精神領域是最“易受攻擊之窗”。

隨著信息技術越來越發達,信道越來越流暢,信息來源更為廣泛,人們獲取的信息將越來越多,獲取信息的速度也越來越快。現代化的傳播手段把所要傳遞的信息幾乎不受任何限制,有效地傳到世界各國。當前,發達國家十分注意利用它們的先進信息技術,建立覆蓋全球的廣播、電視、計算機網絡,藉此大規模輸出其政治主張和價值觀念,擴充信息疆域。其結果是信息化發展落後的國家受到強烈的精神沖擊。因此,要想打贏信息戰條件下的人民戰爭,從個人、媒體、軍隊到整個國家都必須全面增強信息國防意識,樹立保衛國家信息疆域和信息邊界的觀念,自覺築起無形的精神防線。

相關鏈接

世界信息戰總體形勢掃描

可以認為,世界信息戰的發展經歷了3個階段。

第一階段:1991年海灣戰爭以前信息戰的醞釀和提出時期﹔

第二階段:海灣戰爭後至1998年前信息戰的實施和成熟時期﹔

第三階段:1998年後至今遏制信息戰的發展時期。

當前,信息戰引發的新軍事革命仍在全球進行。機械化戰爭向信息戰的轉變已在全球全面展開。全世界各主要國家的軍隊正按照信息戰思想調整戰略戰術、編制裝備、作戰訓練等,為打贏信息戰作準備。海灣戰爭以後的所有戰爭無不烙上信息戰的痕跡。信息戰的威力正沖擊著社會的各個領域。

信息戰實戰技法點擊

當前,世界各國在信息戰技術手段的應用與發展上主要有:

1.偵察監視技術。包括天基、空基、海基和地基在內的各種偵察、監視、預警、導航等手段。

2.平台一體化信息戰系統。實現雷達告警、導彈發射和攻擊告警、信息支援、信息幹擾及規避、協同一體化,而且與平台上其他信息設備綜合為一體,達成信息共享。

3.網絡指揮控制戰技術。 4.計算機病毒技術。

5.攻心武器技術。包括電磁脈沖武器、超聲波武器和次聲波武器。 6.先進電子對抗技術。

最新信息戰裝備掠影

在信息戰武器發展上,近年來各國研製或已投入現役的主要有以下裝備。

1.聯合監視與目標攻擊雷達系統,是一種戰場信息處理系統,能精確探測移動的和固定的目標,以配合實施遠距離精確打擊,還能向指揮官提供有關戰況發展和戰鬥管理的重要情報。

2.聯合戰術空對地信息站,是一種武器支援系統,能處理供預警導彈發射用的天基傳感器數據、作戰能力所需的重要信息。

3.束能武器,能在瞬間穿透數百公裡甚至數千公裡外的目標而不留下“硬傷”,尤其對精確制導高技術武器有直接的破壞作用,因此被認為是戰術防空、反裝甲、光電對抗乃至戰略反導、反衛星、反一切航天器的多功能理想武器。

4.智能戰衣,編織有光纖網絡和導電聚合網絡,並有監視士兵身體狀態的微型測量系統。在未來戰場上,一名士兵受了傷,就在其倒地的瞬間,救護中心的醫務人員就能準確判斷出是彈傷還是刀傷、受傷部位在何處以及其他基本傷情。

此外,還有軍用機器人、艦載電子戰系統、強功率射頻放大器技術、先進的天線技術和信號處理技術等等。

信息戰國力競爭激烈

放眼世界,現在已有英國、法國、以色列、俄羅斯等20多個國家對信息戰展開深入研究。美國信息戰發展走在世界前列,主要體現在技術、裝備、理論等方面。

美國:信息戰戰略由防轉攻。為了提高美軍信息戰技術能力,美國國防部有專門信息系統處理機構負責維護美國軍方使用的250萬台電腦,並在抓緊研究如何提高電腦的攻擊能力,製造破壞敵對國的通信網絡、金融系統及電力系統的入侵病毒。早在2000年秋天,美國太空指揮中心已開始研製攻擊性電腦武器。這意味著美軍信息戰戰略的重大調整———由戰略防禦轉向戰略進攻。

俄羅斯:信息戰重心在“天兵”。俄羅斯的信息戰發展集中力量發展“天兵 ”———航天兵。 2002年俄羅斯投入約316億盧布用於太空專項研究,54億盧布用於全球導航系統的研發,還加強了激光、高功率微波和反衛星武器的研製。

日本:加快組建信息戰部隊。日本防衛廳正在組建5000人規模的信息戰部隊,把網絡武器的開發作為今后防衛計劃的重點,並加快了日本陸軍數字化部隊的建設。

歐盟和其他西方國家:著手數字化部隊建設。法、德、英、加、澳、荷蘭和瑞典等國也在研製平台和單兵的C4I系統。法國、英國、德國、澳大利亞、加拿大、意大利、以色列等10多個國家都在著手執行數字化部隊和數字化戰場建設計劃。其中,多數國家正在集中人力財力開發數字化部隊所需要的裝備,少數走在前面的國家已進行過多次數字化部隊試驗演習。今後,上述國家在繼續開發戰場數字化“硬件”的同時,將開始考慮數字化部隊的編成結構,並將有更多的國家加入部隊數字化建設的行列。

來源:中國國防報

Original Referring URL: http://people.com.cn/BIG5/junshi/1078/

 

 

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //

中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

■ cyberspace is easy to attack and defend, traditional passive defense is difficult to effectively deal with organized high-intensity attacks

■ Improve network security, the defense side can not rely solely on the technology game, but also need to win the counterattack on the concept

The new “Thirty-six” of network security

  ■Chen Sen

点击进入下一页

Fisher

  News reason

  In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

  The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

  The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

  Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

  Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

  As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

  Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

  Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

  In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

  At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

  Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

  In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

  The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

  Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

  The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

  The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

  Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

  Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Related Links–

Network attack and defense

“Shenzhen”: the pioneer of network physics warfare

点击进入下一页

  In August 2010, Iran built the Bushehr nuclear power plant with the help of Russia. However, the nuclear power plant, which was scheduled to be put into operation in October of that year, was postponed several times. A year later, according to media reports, it was caused by a computer network virus attack of unknown source. More than 30,000 computers were “in the middle”. Thousands of centrifuges in Natans were scrapped. The newly capped Bushehr nuclear power plant had to be taken out. Nuclear fuel was delayed and the Iranian nuclear development plan was forced to shelve. This virus, later named “Shenzhen”, pioneered the control and destruction of entities through the network.

“Flame”: the most powerful spy in history

点击进入下一页

  Network intelligence activities are the most active part of the cyberspace strategy game and security struggle. In 2012, a large amount of data from the Iranian oil sector was stolen and cleared, making it impossible for oil production and exports to function properly. In order to avoid continuing to create hazards, Iran was urgently disconnected from the network of the oil facilities on the Halk Island near the Gulf. After a large-scale investigation, a new virus emerged, which later appeared in the “flame” virus in Israel, Palestine and other Middle Eastern countries. The “Flame” virus combines the three characteristics of worms, backdoors and Trojans. It combines the interception of screen images, recording audio dialogues, intercepting keyboard input, and stealing Bluetooth devices. It has become a new type of electronic company that steals secret information from other countries. spy”.

“Shut”: System breaks

点击进入下一页

  In 2007, in order to kill the Syrian nuclear program in the bud, 18 F-16 fighters of the 69th Fighter Squadron of the Israeli Air Force quietly broke through the advanced Russian “Dor”-M1 air defense deployed by Syria on the Syrian-Israeli border. The system carried out precise bombing of a nuclear facility about 100 kilometers west of the Syrian-Israeli border and about 400 kilometers northeast of Damascus, and returned safely from the original road.

  According to the disclosure, the “Orchard Action” has made the US “Shuter” attack system shine. “Shut” invaded by remote radio, 瘫痪 radar, radio communication system, is the “behind the scenes” to make the Syrian air defense system in a state of failure. As a new type of network power attack system for networked weapon platforms and networked information systems, “Shut” represents the development trend of military technology and combat methods, and is bound to bring a new war landscape.

“Shadow Network”: Invisible Internet

点击进入下一页

  The complicated situation of ideological struggle caused by the Internet has created an alternative channel for information penetration and “colonization” of thought. In the “Jasmine Revolution” in North Africa and the “Arab Spring” in the Middle East, there are “shadow networks”.

  A ghost-like “shadow network” can bypass the traditionally regulated Internet, form an invisible and independent wireless local area network, realize mutual information communication, and access the Internet at any time as needed, and access the network resources “unrestricted”. The New York Times disclosed that the US State Department and the Pentagon have invested heavily in building an independent system in Afghanistan and using a launch tower located in the military camp to transmit signals to protect them from Taliban militants. Subsequently, an “invisible communication system” was established in Iran, Syria and Libya to help local anti-government organizations to communicate with each other or with the outside world.

“X Plan”: To control the network battlefield

点击进入下一页

  Foreign media revealed that the Pentagon is building a 22nd century war plan, the “X Plan.” The “X Plan” is dedicated to building an advanced global computer map. With this “network map” that can be continuously updated and updated, the US military can easily lock the target and make it embarrassing. “If this plan is completed, the US military will be able to control the network battlefield as it controls the traditional battlefield.”

  It is not difficult to foresee that after the deployment of the “X Plan”, it is definitely not just “get rid of the constraints of the keyboard”, but also enables situational awareness and cyber attacks on a global scale.

Original Mandarin Chinese

■網絡空間易攻難守,傳統的被動式防禦難以有效應對有組織的高強度攻擊

■提高網絡安全性,防禦一端不能只靠技術博弈,還需打贏理念上的反擊戰

網絡安全之新“三十六計”

■陳 森

點擊進入下一頁

費雪 繪

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

相關鏈接——

各顯其能的網絡攻防戰

“震網”:網絡物理戰先驅

點擊進入下一頁

2010年8月,伊朗在俄羅斯幫助下建成布什爾核電站,但這座計劃於當年10月正式發電運轉的核電站,卻多次推遲運行。一年後,據媒體揭秘,是因為遭到來源不明的計算機網絡病毒攻擊,超過3萬台電腦“中招”,位於納坦斯的千台離心機報廢,剛封頂的布什爾核電站不得不取出核燃料並延期啟動,伊朗核發展計劃則被迫擱置。這種後來被冠名為“震網”的病毒,開創了通過網絡控制並摧毀實體的先河。

“火焰”:史上最強大間諜

點擊進入下一頁

網絡情報活動,是網絡空間戰略博弈和安全斗爭最活躍的部分。 2012年,伊朗石油部門大量數據失竊並遭到清除,致使其無法正常進行石油生產和出口。為避免繼續製造危害,伊朗被迫切斷了海灣附近哈爾克島石油設施的網絡連接。大規模的調查後,一種新的病毒浮出水面,即後來又現身於以色列、巴勒斯坦等中東國家的“火焰”病毒。 “火焰”病毒兼具蠕蟲、後門和木馬三重特點,集截取屏幕畫面、記錄音頻對話、截獲鍵盤輸入、偷開藍牙設備等多種數據盜竊功能於一身,成為專門竊取他國機密情報的新型“電子間諜”。

“舒特”:體系破擊露鋒芒

點擊進入下一頁

2007年,為將敘利亞核計劃扼殺於萌芽之中,以色列空軍第69戰鬥機中隊的18架F-16戰機,悄無聲息地突破敘利亞在敘以邊境部署的先進俄製“道爾”-M1防空系統,對敘以邊境以西約100千米、大馬士革東北部約400千米的一處核設施實施精確轟炸,並從原路安全返回。

據披露,讓“果園行動”大放異彩的是美軍“舒特”攻擊系統。 “舒特”通過遠程無線電入侵,癱瘓雷達、無線電通信系統,是使敘防空系統處於失效狀態的“幕後真兇”。作為針對組網武器平台及網絡化信息系統的新型網電攻擊系統,“舒特”代表著軍事技術和作戰方式的發展趨勢,勢必將帶來全新戰爭景觀。

“影子網絡”:隱形國際互聯網

點擊進入下一頁

國際互聯網導致意識形態鬥爭的複雜局面,造成了信息滲透、思想“殖民”的另類通道。在北非“茉莉花革命”和中東“阿拉伯之春”中,均有“影子網絡”踪跡。

像幽靈一樣的“影子網絡”可繞過傳統監管的互聯網,形成隱形和獨立的無線局域網,實現相互間信息溝通,一旦需要又可隨時接入國際互聯網,“不受限制”地訪問網絡資源。 《紐約時報》披露稱,美國國務院和五角大樓斥巨資在阿富汗建造了獨立的系統,並利用設在軍營內的發射塔傳遞信號,以免遭塔利班武裝分子破壞。隨後在伊朗、敘利亞和利比亞設立“隱形通訊系統”,幫助當地反政府組織相互聯繫或與外界溝通。

“X計劃”:欲掌控網絡戰場

點擊進入下一頁

外媒披露,五角大樓正在打造一項22世紀的戰爭計劃,即“X計劃”。 “X計劃”致力於建立先進的全球計算機分佈圖,有了這張能夠不斷升級更新的“網絡地圖”,美軍就可以輕易鎖定目標令其癱瘓。 “如果完成了這個計劃,美軍將能夠像控制傳統戰場那樣控製網絡戰場。”

不難預見,“X計劃”部署後,絕對不只是“擺脫鍵盤的束縛”,更可以實現在全球範圍內進行態勢感知和網絡攻擊。

Original Referring URL: http://www.chinanews.com/mil/2016/08-11/

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security // 中國網絡戰如何拒絕外國入侵者關注國家安全

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security //

中國網絡戰如何拒絕外國入侵者關注國家安全

In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Original Mandarin Chinese:

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

Original Referring URL:  http://www.81.cn/jskj/2016-08/11/