China’s Cyberspace National Security Strategy: Actively Defending Network Sovereignty! // 中國的網絡空間國家安全戰略:積極捍衛網絡主權!

China’s Cyberspace National Security Strategy: Actively Defending Network Sovereignty! //

中國的網絡空間國家安全戰略:積極捍衛網絡主權!

According to CCTV news client reports, today (27th) morning, the National Internet Information Office released the “National Cyberspace Security Strategy “, which is the first time China released a strategy on cyberspace security. The “Strategy” clarifies China’s major positions and propositions on the development and security of cyberspace, clarifies the strategic guidelines and main tasks, and is a programmatic document guiding national cybersecurity work.

“Strategy” pointed out that information networks such as the Internet have become a new channel for information dissemination, a new space for production and life, a new engine for economic development, a new carrier for cultural prosperity, a new platform for social governance, a new bond for exchanges and cooperation, and a national sovereignty. New territory. With the in-depth development of information technology, the network security situation is becoming more and more serious. The use of network interference in other countries’ internal affairs and large-scale network monitoring and stealing activities seriously endangers national political security and user information security. The critical information infrastructure has been attacked and destroyed, and major security incidents have occurred. Harmful to national economic security and public interests, network rumors, decadent culture and obscenity, violence, superstition and other harmful information eroding cultural security and youth physical and mental health, cyber terror and illegal crimes directly threaten people’s lives and property security, social order, around cyberspace The international competition for resource control, rulemaking, and strategic initiative is becoming increasingly fierce, and the cyberspace arms race challenges world peace. Cyberspace opportunities and challenges coexist, and opportunities outweigh challenges. We must adhere to active use, scientific development, management according to law, ensure security, resolutely safeguard network security, maximize the utilization potential of cyberspace, better benefit more than 1.3 billion Chinese people, benefit all mankind, and firmly safeguard world peace.

The “Strategy” requires that the overall national security concept should be taken as a guide to implement the development concept of innovation, coordination, green, openness, and sharing, enhance risk awareness and crisis awareness, coordinate the two domestic and international situations, and coordinate the development of two major events. Actively defend and effectively respond to promote the peaceful, secure, open, cooperative, and orderly cyberspace, safeguard national sovereignty, security, and development interests, and realize the strategic goal of building a network power.

The Strategy emphasizes that a safe, stable and prosperous cyberspace is of great significance to all countries and the world. China is willing to work with other countries to respect and uphold cyberspace sovereignty, peacefully utilize cyberspace, manage cyberspace according to law, coordinate network security and development, strengthen communication, expand consensus, deepen cooperation, actively promote global Internet governance system reform, and jointly maintain cyberspace. Peace and security. China is committed to safeguarding the sovereignty, security, and development interests of the country’s cyberspace, promoting the Internet for the benefit of mankind, and promoting the peaceful use and common governance of cyberspace.

The Strategy clarifies that the strategic task of national cyberspace security work in the current and future period is to firmly defend cyberspace sovereignty, resolutely safeguard national security, protect key information infrastructure, strengthen network culture construction, combat cyber terrorism and crimes, and improve the network. Governance system, solid foundation of network security, improvement of cyberspace protection capability, and strengthening international cooperation in cyberspace.

The full text of the National Cyberspace Security Strategy

On December 27th, approved by the Central Network Security and Informatization Leading Group, the National Internet Information Office released the National Cyberspace Security Strategy, the full text of which is as follows.

The widespread use of information technology and the development of cyberspace have greatly promoted economic and social prosperity and progress, but also brought new security risks and challenges. Cyberspace security (hereinafter referred to as cybersecurity) is related to the common interests of mankind, to world peace and development, and to national security. Safeguarding China’s cybersecurity is an important measure to coordinate and promote the comprehensive construction of a well-off society, comprehensively deepen reforms, comprehensively ruling the country according to law, and comprehensively and strictly manage the party’s strategic layout. It is to achieve the goal of “two hundred years” and realize the great Chinese rejuvenation of the Chinese nation. An important guarantee. In order to implement the “Four Principles” of Chairman Xi Jinping’s promotion of the global Internet governance system reform and the “five-point proposal” for building a community of cyberspace destiny, clarify China’s important position on cyberspace development and security, guide China’s cybersecurity work, and maintain The state develops this strategy in the interests of sovereignty, security, and development of cyberspace.

I. Opportunities and challenges

(1) Major opportunities

With the rapid development of the information revolution, the cyberspace composed of the Internet, communication networks, computer systems, automation control systems, digital devices and their applications, services and data is transforming people’s production and life styles and profoundly affecting the history of human society. Development process.

New channels for information dissemination. The development of network technology has broken through the limitations of time and space, expanded the scope of communication, and innovated the means of communication, which triggered a fundamental change in the pattern of communication. The Internet has become a new channel for people to obtain information, learn and communicate, and become a new carrier of human knowledge transmission.

A new space for production and life. In today’s world, the depth of the network is integrated into people’s learning, life, and work. Online education, entrepreneurship, medical care, shopping, and finance are becoming more and more popular. More and more people exchange ideas, achieve careers, and realize their dreams through the Internet.

The new engine of economic development. The Internet has increasingly become the leading force for innovation-driven development. Information technology has been widely used in various industries of the national economy, promoting the upgrading and upgrading of traditional industries, and has spawned new technologies, new formats, new industries, and new models, and promoted the adjustment of economic structure and the transformation of economic development mode. It has injected new impetus into economic and social development.

A new carrier of cultural prosperity. The network promotes cultural exchanges and knowledge popularization, releases the vitality of cultural development, promotes cultural innovation and creation, enriches people’s spiritual and cultural life, and has become a new means of disseminating culture and providing new means of public cultural services. Network culture has become an important part of cultural construction.

A new platform for social governance. The role of the network in promoting the modernization of the national governance system and governance capacity has become increasingly prominent. The application of e-government has become more in-depth, and government information has been publicly shared. It has promoted the scientific, democratic, and rule-based government decision-making, and has smoothed the channels for citizens to participate in social governance. An important way to protect citizens’ right to know, participate, express, and supervise.

A new link for exchanges and cooperation. The interweaving of informationization and globalization has promoted the global flow of information, capital, technology, talents and other factors, and has enhanced the exchange and integration of different civilizations. The Internet has turned the world into a global village, and the international community has increasingly become a community of destiny among you and me.

The new territory of national sovereignty. Cyberspace has become a new field of human activity that is as important as land, sea, sky and space. The expansion of national sovereignty extends to cyberspace, and cyberspace sovereignty has become an important part of national sovereignty. Respecting cyberspace sovereignty, maintaining cybersecurity, seeking common governance, and achieving win-win results are becoming the consensus of the international community.

(2) Severe challenges

The cyber security situation is becoming increasingly severe. The country’s political, economic, cultural, social, and national defense security and citizens’ legitimate rights and interests in cyberspace are facing serious risks and challenges.

Network penetration harms political security. Political stability is the basic prerequisite for national development and people’s happiness. The use of the network to interfere in his internal affairs, attack the political system of other countries, incite social unrest, subvert the political power of other countries, and large-scale network monitoring, network theft and other activities seriously endanger the political security of the country and the security of user information.

Cyber ​​attacks threaten economic security. Network and information systems have become the backbone of critical infrastructure and the entire economic society. Attacks and destruction and major security incidents will lead to rampant infrastructure such as energy, transportation, communications, and finance, causing disastrous consequences and seriously jeopardizing national economic security. And the public interest.

Harmful information on the Internet erodes cultural security. Various ideological and cultural networks on the Internet are in conflict and confrontation, and excellent traditional culture and mainstream values ​​are facing impact. Internet rumors, decadent culture and obscenity, violence, superstition and other harmful information that violates the core values ​​of socialism erodes the physical and mental health of young people, ruin the social atmosphere, mislead value orientation and endanger cultural security. Online morality is out of order, lack of integrity is frequent, and the degree of network civilization needs to be improved.

Cyber ​​terror and illegal crimes undermine social security. Terrorism, separatism, extremism and other forces use the Internet to incite, plan, organize and implement violent terrorist activities, directly threatening people’s lives and property, and social order. Computer viruses, Trojans, etc. spread in the cyberspace. Internet fraud, hacker attacks, intellectual property infringement, and misuse of personal information are abundant. Some organizations deliberately steal user information, transaction data, location information, and corporate trade secrets, seriously damaging the country. , corporate and personal interests, affecting social harmony and stability.

The international competition in cyberspace is on the rise. The international competition for competing for and controlling cyberspace strategic resources, seizing the rule-making power and strategic commanding heights, and seeking strategic initiative is becoming increasingly fierce. Individual countries have strengthened their network deterrence strategies and intensified the cyberspace arms race, and world peace has been challenged by new challenges.

Cyberspace opportunities and challenges coexist, and opportunities outweigh challenges. We must adhere to active use, scientific development, management according to law, ensure security, resolutely safeguard network security, maximize the utilization potential of cyberspace, better benefit more than 1.3 billion Chinese people, benefit all mankind, and firmly safeguard world peace.

Second, the goal

Guided by the overall national security concept, we will implement the development concept of innovation, coordination, green, openness, and sharing, enhance risk awareness and crisis awareness, coordinate the two major domestic and international situations, and coordinate the development of two major events, actively defending and responding effectively. Promote cyberspace peace, security, openness, cooperation, orderly, safeguard national sovereignty, security, development interests, and achieve the strategic goal of building a network power.

Peace: Information technology abuse has been effectively curbed, and activities such as the cyberspace arms race that threaten international peace have been effectively controlled, and cyberspace conflicts have been effectively prevented.

Security: The network security risks are effectively controlled, the national network security assurance system is sound and complete, the core technical equipment is safe and controllable, and the network and information systems are stable and reliable. Network security talents meet the needs, and the society’s cyber security awareness, basic protection skills and confidence in using the network have increased significantly.

Openness: Information technology standards, policies and markets are open and transparent, product circulation and information dissemination are smoother, and the digital divide is increasingly bridging. Regardless of size, strength, or wealth, countries around the world, especially developing countries, can share development opportunities, share development results, and participate fairly in cyberspace governance.

Cooperation: All countries in the world have closer cooperation in the fields of technology exchange, combating cyber terrorism and cybercrime. The multilateral, democratic and transparent international Internet governance system is sound and perfect, and the cyberspace destiny community with cooperation and win-win as the core has gradually formed.

Orderly: The public’s right to know, participation, expression, and supervision in the cyberspace is fully protected, and the privacy of cyberspace is effectively protected and human rights are fully respected. The domestic and international legal systems and standards of cyberspace have been gradually established. The cyberspace has been effectively governed according to law. The network environment is honest, civilized and healthy. The free flow of information and the maintenance of national security and public interests are organically unified.

Third, the principle

A safe, stable and prosperous cyberspace is of great significance to all countries and the world. China is willing to work with other countries to strengthen communication, expand consensus, deepen cooperation, actively promote the transformation of the global Internet governance system, and jointly safeguard cyberspace peace and security.

(1) Respect for maintaining cyberspace sovereignty

The cyberspace sovereignty is inviolable and respects the right of countries to choose their own development path, network management model, Internet public policy and equal participation in international cyberspace governance. The network affairs within the sovereignty of each country are the responsibility of the people of each country. The countries have the right to formulate laws and regulations concerning cyberspace according to their national conditions and draw on international experience, and take necessary measures to manage their own information systems and network activities on their own territory. The domestic information systems and information resources are protected from intrusion, interference, attacks and destruction, guarantee the legitimate rights and interests of citizens in cyberspace; prevent, prevent and punish harmful information that endangers national security and interests from spreading in the domestic network and maintain the cyberspace order. No country engages in cyber hegemony, does not engage in double standards, does not use the network to interfere in its internal affairs, and does not engage in, condone or support network activities that endanger the national security of other countries.

(2) Peaceful use of cyberspace

The peaceful use of cyberspace is in the common interest of mankind. All countries should abide by the UN Charter’s principle of not using or threatening to use force, prevent information technology from being used for the purpose of maintaining international security and stability, and jointly resist the cyberspace arms race and prevent cyberspace conflicts. Adhere to mutual respect, treat each other as equals, seek common ground while reserving differences, embrace mutual trust, respect each other’s security interests and major concerns in cyberspace, and promote the building of a harmonious network world. Oppose the use of national security as an excuse to use technological superiority to control other countries’ networks and information systems, collect and steal data from other countries, and not to seek their own absolute security at the expense of other countries’ security.

(3) Governing cyberspace according to law

We will comprehensively promote the rule of law in cyberspace, adhere to the rule of law, establish networks according to law, and go online according to law, so that the Internet can operate healthily on the rule of law. Establish a good network order according to law, protect the cyberspace information in a legal and orderly free flow, protect personal privacy, and protect intellectual property rights. Any organization or individual who enjoys freedom and exercise rights in cyberspace must abide by the law, respect the rights of others, and be responsible for their words and deeds on the Internet.

(4) Coordinating network security and development

Without cybersecurity, there is no national security. Without informationization, there will be no modernization. Network security and informationization are two wings of the two wings and the drive. Correctly handle the relationship between development and security, adhere to safety and development, and promote safety through development. Security is a prerequisite for development, and any development at the expense of security is difficult to sustain. Development is the foundation of security, and development is the biggest insecurity. Without information development, network security is not guaranteed, and existing security may even be lost.

Fourth, strategic tasks

China’s number of Internet users and network scale is the highest in the world. Maintaining China’s network security is not only its own needs, but also of great significance for maintaining global network security and even world peace. China is committed to safeguarding the sovereignty, security, and development interests of the country’s cyberspace, promoting the Internet for the benefit of mankind, and promoting the peaceful use and common governance of cyberspace.

(1) Firmly defending cyberspace sovereignty

In accordance with the Constitution and laws and regulations, we will manage the network activities within the scope of our sovereignty, protect the security of our information facilities and information resources, and adopt all measures including economy, administration, science and technology, law, diplomacy, and military, and unswervingly safeguard China’s cyberspace sovereignty. Resolutely oppose all acts of subverting our state’s political power and undermining our national sovereignty through the Internet.

(2) Resolutely safeguard national security

Prevent, stop and punish any use of the Internet for treason, secession, sedition, subversion or incitement to subvert the people’s democratic dictatorship; prevent, deter and punish the use of the Internet for theft, disclosure of state secrets and other acts that endanger national security; Prevent, stop and punish foreign forces in the use of the network for infiltration, destruction, subversion and separatist activities.

(iii) Protection of critical information infrastructure

National key information infrastructure refers to information facilities that are related to national security, national economy and people’s livelihood. Once data leakage, destruction or loss of function may seriously endanger national security and public interest, including but not limited to providing services such as public communication and radio and television transmission. Information networks, important information systems in the fields of energy, finance, transportation, education, scientific research, water conservancy, industrial manufacturing, medical and health care, social security, public utilities, and state agencies, and important Internet application systems. Take all necessary steps to protect critical information infrastructure and its critical data from attack. Adhere to the combination of technology and management, focus on protection, prevention, detection, early warning, response, disposal, etc., establish and implement key information infrastructure protection systems, and increase investment in management, technology, talents, and capital. Comprehensively implement policies to effectively strengthen the security protection of key information infrastructure.

The protection of key information infrastructure is the common responsibility of the government, enterprises and the whole society. The competent authorities, operating units and organizations must take necessary measures to ensure the security of key information infrastructures in accordance with the requirements of laws, regulations and system standards, and gradually realize the first evaluation and use. Strengthen risk assessment of key information infrastructure. Strengthen the security protection of party and government organs and websites in key areas, and build and operate the website of grassroots party and government organs in an intensive mode. Establish an orderly sharing mechanism for cyber security information of government, industry and enterprises, and give full play to the important role of enterprises in protecting key information infrastructure.

Adhere to opening up and maintain network security in an open environment. Establish and implement a network security review system, strengthen supply chain security management, conduct security reviews on important information technology products and services purchased by party and government organs and key industries, improve the security and controllability of products and services, and prevent product service providers. And other organizations use the advantages of information technology to implement unfair competition or harm the interests of users.

(4) Strengthening the construction of network culture

Strengthen the construction of online ideological and cultural positions, vigorously cultivate and practice the core values ​​of socialism, implement network content construction projects, develop a positive and upward network culture, spread positive energy, unite powerful spiritual strength, and create a good network atmosphere. Encourage the development of new business, create new products, create a network culture brand that reflects the spirit of the times, and continuously improve the scale of the network culture industry. Implement the China Excellent Culture Online Communication Project and actively promote the digitalization, network production and dissemination of excellent traditional culture and contemporary cultural products. Give full play to the advantages of the Internet communication platform, promote the exchange of excellent cultural exchanges between China and foreign countries, let the people of all countries understand the excellent Chinese culture, let the Chinese people understand the excellent culture of each country, jointly promote the prosperity and development of the network culture, enrich people’s spiritual world, and promote the progress of human civilization.

Strengthen the network ethics and network civilization construction, give play to the role of moral education, and use the excellent results of human civilization to nourish cyberspace and repair the network ecology. Building a civilized and honest network environment, advocating civilized network and civilized Internet access, and forming a safe, civilized and orderly information dissemination order. Resolutely crack down on illegal and harmful information such as rumors, obscenity, violence, superstition, and cults in the cyberspace. Improve the network civilization of young people, strengthen the protection of minors online, and create a good network environment for the healthy growth of young people through the joint efforts of the government, social organizations, communities, schools, and families.

(5) Combating cyber terror and illegal crimes

Strengthen the network’s anti-terrorism, anti-espionage and anti-stealing capabilities, and crack down on cyber terror and cyber espionage activities.

Adhere to comprehensive governance, source control, and legal prevention, and severely crack down on illegal activities such as online fraud, cyber theft, drug trafficking, infringement of citizens’ personal information, dissemination of obscene pornography, hacking, and infringement of intellectual property rights.

(6) Improve the network governance system

Adhere to the rule of law, open and transparent management of the network, and earnestly do the law, the law must be enforced, the law enforcement must be strict, and the law must be investigated. We will improve the network security laws and regulations, formulate laws and regulations such as the Cyber ​​Security Law and the Minor Network Protection Regulations, clarify the responsibilities and obligations of all aspects of society, and clarify the requirements for network security management. Accelerate the revision and interpretation of existing laws to make them applicable to cyberspace. Improve the network security related system, establish a network trust system, and improve the scientific and standardized level of network security management.

Accelerate the construction of a network governance system that combines legal norms, administrative supervision, industry self-discipline, technical support, public supervision, and social education, promotes network social organization management innovation, and improves basic management, content management, industry management, and network crime prevention and combat. Work linkage mechanism. Strengthen the protection of cyberspace communication secrets, freedom of speech, trade secrets, and the legitimate rights and interests of property rights and property rights.

Encourage social organizations to participate in network governance, develop online public welfare undertakings, and strengthen the construction of new types of network social organizations. Encourage netizens to report cyber violations and bad information.

(7) Consolidating the foundation of network security

Adhere to innovation-driven development, actively create a policy environment conducive to technological innovation, pool resources and strength, take enterprises as the main body, combine production, study and research, coordinate research, point-to-face, and overall advancement, and make breakthroughs in core technologies as soon as possible. Pay attention to software security and accelerate the promotion and application of security and trusted products. Develop network infrastructure and enrich cyberspace information content. Implement the “Internet +” initiative and vigorously develop the network economy. Implement national big data strategy, establish a big data security management system, and support next-generation information technology innovation and application such as big data and cloud computing. Optimize the market environment, encourage network security enterprises to become bigger and stronger, and consolidate the industrial foundation for safeguarding national network security.

Establish and improve the national network security technology support system. Strengthen the basic theory of network security and research on major issues. Strengthen network security standardization and certification and accreditation, and make greater use of standards to standardize cyberspace behavior. Do basic work such as level protection, risk assessment, and vulnerability discovery, and improve the network security monitoring and early warning and network security major incident emergency response mechanism.

Implement network security talent project, strengthen the construction of network security disciplines, build a first-class network security college and innovation park, and form an ecological environment conducive to talent cultivation and innovation and entrepreneurship. We will do a good job in the network security publicity week and vigorously carry out publicity and education on the national network security. Promote cybersecurity education into teaching materials, enter the school, enter the classroom, improve the network media literacy, enhance the cyber security awareness and protection skills of the whole society, and improve the identification and resilience of the majority of netizens on illegal criminal activities such as network illegal information and online fraud.

(8) Improving the ability of cyberspace protection

Cyberspace is a new frontier of national sovereignty. We will build a network space protection force that is commensurate with China’s international status and compatible with the network powers. We will vigorously develop network security defense methods, timely discover and resist network intrusion, and build a strong backing for national security.

(9) Strengthening international cooperation in cyberspace

On the basis of mutual respect and mutual trust, we will strengthen international cyberspace dialogue and cooperation and promote the transformation of the Internet global governance system. We will deepen dialogue and exchanges and information communication with bilateral and multilateral networks in various countries, effectively control differences, actively participate in network security cooperation between global and regional organizations, and promote the internationalization of basic resource management such as Internet addresses and root name servers.

Support the United Nations to play a leading role in promoting the development of universally accepted international rules on cyberspace, cyberspace international counter-terrorism conventions, sound judicial assistance mechanisms against cybercrime, deepening policy and law, technological innovation, standards and norms, emergency response, and critical information infrastructure International cooperation in areas such as protection.

Strengthen support for Internet technology diffusion and infrastructure construction in developing and underdeveloped regions, and strive to bridge the digital divide. Promote the construction of the “Belt and Road”, improve the level of international communication and interconnection, and smooth the information silk road. Establish a global Internet sharing and governance platform, such as the World Internet Conference, to jointly promote the healthy development of the Internet. Through active and effective international cooperation, we will establish a multilateral, democratic and transparent international Internet governance system to jointly build a peaceful, secure, open, cooperative and orderly network space.

Original Mandarin Chinese:

據央視新聞客戶端報導,今天(27日)上午,國家互聯網信息辦公室發布了《國家網絡空間安全戰略》,這是我國首次發布關於網絡空間安全的戰略。 《戰略》闡明了中國關於網絡空間發展和安全的重大立場和主張,明確了戰略方針和主要任務,是指導國家網絡安全工作的綱領性文件。

《戰略》指出,互聯網等信息網絡已經成為信息傳播的新渠道、生產生活的新空間、經濟發展的新引擎、文化繁榮的新載體、社會治理的新平台、交流合作的新紐帶、國家主權的新疆域。隨著信息技術深入發展,網絡安全形勢日益嚴峻,利用網絡干涉他國內政以及大規模網絡監控、竊密等活動嚴重危害國家政治安全和用戶信息安全,關鍵信息基礎設施遭受攻擊破壞、發生重大安全事件嚴重危害國家經濟安全和公共利益,網絡謠言、頹廢文化和淫穢、暴力、迷信等有害信息侵蝕文化安全和青少年身心健康,網絡恐怖和違法犯罪大量存在直接威脅人民生命財產安全、社會秩序,圍繞網絡空間資源控制權、規則制定權、戰略主動權的國際競爭日趨激烈,網絡空間軍備競賽挑戰世界和平。網絡空間機遇和挑戰並存,機遇大於挑戰。必須堅持積極利用、科學發展、依法管理、確保安全,堅決維護網絡安全,最大限度利用網絡空間發展潛力,更好惠及13億多中國人民,造福全人類,堅定維護世界和平。

《戰略》要求,要以總體國家安全觀為指導,貫徹落實創新、協調、綠色、開放、共享的發展理念,增強風險意識和危機意識,統籌國內國際兩個大局,統籌發展安全兩件大事,積極防禦、有效應對,推進網絡空間和平、安全、開放、合作、有序,維護國家主權、安全、發展利益,實現建設網絡強國的戰略目標。

《戰略》強調,一個安全穩定繁榮的網絡空間,對各國乃至世界都具有重大意義。中國願與各國一道,堅持尊重維護網絡空間主權、和平利用網絡空間、依法治理網絡空間、統籌網絡安全與發展,加強溝通、擴大共識、深化合作,積極推進全球互聯網治理體系變革,共同維護網絡空間和平安全。中國致力於維護國家網絡空間主權、安全、發展利益,推動互聯網造福人類,推動網絡空間和平利用和共同治理。

《戰略》明確,當前和今後一個時期國家網絡空間安全工作的戰略任務是堅定捍衛網絡空間主權、堅決維護國家安全、保護關鍵信息基礎設施、加強網絡文化建設、打擊網絡恐怖和違法犯罪、完善網絡治理體系、夯實網絡安全基礎、提升網絡空間防護能力、強化網絡空間國際合作等9個方面。

資料圖

《國家網絡空間安全戰略》全文

12月27日,經中央網絡安全和信息化領導小組批准,國家互聯網信息辦公室發布《國家網絡空間安全戰略》,全文如下。

信息技術廣泛應用和網絡空間興起發展,極大促進了經濟社會繁榮進步,同時也帶來了新的安全風險和挑戰。網絡空間安全(以下稱網絡安全)事關人類共同利益,事關世界和平與發展,事關各國國家安全。維護我國網絡安全是協調推進全面建成小康社會、全面深化改革、全面依法治國、全面從嚴治黨戰略佈局的重要舉措,是實現“兩個一百年”奮鬥目標、實現中華民族偉大復興中國夢的重要保障。為貫徹落實習近平主席關於推進全球互聯網治理體系變革的“四項原則”和構建網絡空間命運共同體的“五點主張”,闡明中國關於網絡空間發展和安全的重大立場,指導中國網絡安全工作,維護國家在網絡空間的主權、安全、發展利益,制定本戰略。

一、機遇和挑戰

(一)重大機遇

伴隨信息革命的飛速發展,互聯網、通信網、計算機系統、自動化控制系統、數字設備及其承載的應用、服務和數據等組成的網絡空間,正在全面改變人們的生產生活方式,深刻影響人類社會歷史發展進程。

信息傳播的新渠道。網絡技術的發展,突破了時空限制,拓展了傳播範圍,創新了傳播手段,引發了傳播格局的根本性變革。網絡已成為人們獲取信息、學習交流的新渠道,成為人類知識傳播的新載體。

生產生活的新空間。當今世界,網絡深度融入人們的學習、生活、工作等方方面面,網絡教育、創業、醫療、購物、金融等日益普及,越來越多的人通過網絡交流思想、成就事業、實現夢想。

經濟發展的新引擎。互聯網日益成為創新驅動發展的先導力量,信息技術在國民經濟各行業廣泛應用,推動傳統產業改造升級,催生了新技術、新業態、新產業、新模式,促進了經濟結構調整和經濟發展方式轉變,為經濟社會發展注入了新的動力。

文化繁榮的新載體。網絡促進了文化交流和知識普及,釋放了文化發展活力,推動了文化創新創造,豐富了人們精神文化生活,已經成為傳播文化的新途徑、提供公共文化服務的新手段。網絡文化已成為文化建設的重要組成部分。

社會治理的新平台。網絡在推進國家治理體系和治理能力現代化方面的作用日益凸顯,電子政務應用走向深入,政府信息公開共享,推動了政府決策科學化、民主化、法治化,暢通了公民​​參與社會治理的渠道,成為保障公民知情權、參與權、表達權、監督權的重要途徑。

交流合作的新紐帶。信息化與全球化交織發展,促進了信息、資金、技術、人才等要素的全球流動,增進了不同文明交流融合。網絡讓世界變成了地球村,國際社會越來越成為你中有我、我中有你的命運共同體。

國家主權的新疆域。網絡空間已經成為與陸地、海洋、天空、太空同等重要的人類活動新領域,國家主權拓展延伸到網絡空間,網絡空間主權成為國家主權的重要組成部分。尊重網絡空間主權,維護網絡安全,謀求共治,實現共贏,正在成為國際社會共識。

(二)嚴峻挑戰

網絡安全形勢日益嚴峻,國家政治、經濟、文化、社會、國防安全及公民在網絡空間的合法權益面臨嚴峻風險與挑戰。

網絡滲透危害政治安全。政治穩定是國家發展、人民幸福的基本前提。利用網絡干涉他國內政、攻擊他國政治制度、煽動社會動亂、顛覆他國政權,以及大規模網絡監控、網絡竊密等活動嚴重危害國家政治安全和用戶信息安全。

網絡攻擊威脅經濟安全。網絡和信息系統已經成為關鍵基礎設施乃至整個經濟社會的神經中樞,遭受攻擊破壞、發生重大安全事件,將導致能源、交通、通信、金融等基礎設施癱瘓,造成災難性後果,嚴重危害國家經濟安全和公共利益。

網絡有害信息侵蝕文化安全。網絡上各種思想文化相互激盪、交鋒,優秀傳統文化和主流價值觀面臨衝擊。網絡謠言、頹廢文化和淫穢、暴力、迷信等違背社會主義核心價值觀的有害信息侵蝕青少年身心健康,敗壞社會風氣,誤導價值取向,危害文化安全。網上道德失範、誠信缺失現象頻發,網絡文明程度亟待提高。

網絡恐怖和違法犯罪破壞社會安全。恐怖主義、分裂主義、極端主義等勢力利用網絡煽動、策劃、組織和實施暴力恐怖活動,直接威脅人民生命財產安全、社會秩序。計算機病毒、木馬等在網絡空間傳播蔓延,網絡欺詐、黑客攻擊、侵犯知識產權、濫用個人信息等不法行為大量存在,一些組織肆意竊取用戶信息、交易數據、位置信息以及企業商業秘密,嚴重損害國家、企業和個人利益,影響社會和諧穩定。

網絡空間的國際競爭方興未艾。國際上爭奪和控製網絡空間戰略資源、搶占規則制定權和戰略制高點、謀求戰略主動權的競爭日趨激烈。個別國家強化網絡威懾戰略,加劇網絡空間軍備競賽,世界和平受到新的挑戰。

網絡空間機遇和挑戰並存,機遇大於挑戰。必須堅持積極利用、科學發展、依法管理、確保安全,堅決維護網絡安全,最大限度利用網絡空間發展潛力,更好惠及13億多中國人民,造福全人類,堅定維護世界和平。

二、目標

以總體國家安全觀為指導,貫徹落實創新、協調、綠色、開放、共享的發展理念,增強風險意識和危機意識,統籌國內國際兩個大局,統籌發展安全兩件大事,積極防禦、有效應對,推進網絡空間和平、安全、開放、合作、有序,維護國家主權、安全、發展利益,實現建設網絡強國的戰略目標。

和平:信息技術濫用得到有效遏制,網絡空間軍備競賽等威脅國際和平的活動得到有效控制,網絡空間衝突得到有效防範。

安全:網絡安全風險得到有效控制,國家網絡安全保障體系健全完善,核心技術裝備安全可控,網絡和信息系統運行穩定可靠。網絡安全人才滿足需求,全社會的網絡安全意識、基本防護技能和利用網絡的信心大幅提升。

開放:信息技術標準、政策和市場開放、透明,產品流通和信息傳播更加順暢,數字鴻溝日益彌合。不分大小、強弱、貧富,世界各國特別是發展中國家都能分享發展機遇、共享發展成果、公平參與網絡空間治理。

合作:世界各國在技術交流、打擊網絡恐怖和網絡犯罪等領域的合作更加密切,多邊、民主、透明的國際互聯網治理體系健全完善,以合作共贏為核心的網絡空間命運共同體逐步形成。

有序:公眾在網絡空間的知情權、參與權、表達權、監督權等合法權益得到充分保障,網絡空間個人隱私獲得有效保護,人權受到充分尊重。網絡空間的國內和國際法律體系、標準規範逐步建立,網絡空間實現依法有效治理,網絡環境誠信、文明、健康,信息自由流動與維護國家安全、公共利益實現有機統一。

三、原則

一個安全穩定繁榮的網絡空間,對各國乃至世界都具有重大意義。中國願與各國一道,加強溝通、擴大共識、深化合作,積極推進全球互聯網治理體系變革,共同維護網絡空間和平安全。

(一)尊重維護網絡空間主權

網絡空間主權不容侵犯,尊重各國自主選擇發展道路、網絡管理模式、互聯網公共政策和平等參與國際網絡空間治理的權利。各國主權範圍內的網絡事務由各國人民自己做主,各國有權根據本國國情,借鑒國際經驗,制定有關網絡空間的法律法規,依法採取必要措施,管理本國信息系統及本國疆域上的網絡活動;保護本國信息系統和信息資源免受侵入、干擾、攻擊和破壞,保障公民在網絡空間的合法權益;防範、阻止和懲治危害國家安全和利益的有害信息在本國網絡傳播,維護網絡空間秩序。任何國家都不搞網絡霸權、不搞雙重標準,不利用網絡干涉他國內政,不從事、縱容或支持危害他國國家安全的網絡活動。

(二)和平利用網絡空間

和平利用網絡空間符合人類的共同利益。各國應遵守《聯合國憲章》關於不得使用或威脅使用武力的原則,防止信息技術被用於與維護國際安全與穩定相悖的目的,共同抵製網絡空間軍備競賽、防範網絡空間衝突。堅持相互尊重、平等相待,求同存異、包容互信,尊重彼此在網絡空間的安全利益和重大關切,推動構建和諧網絡世界。反對以國家安全為藉口,利用技術優勢控制他國網絡和信息系統、收集和竊取他國數據,更不能以犧牲別國安全謀求自身所謂絕對安全。

(三)依法治理網絡空間

全面推進網絡空間法治化,堅持依法治網、依法辦網、依法上網,讓互聯網在法治軌道上健康運行。依法構建良好網絡秩序,保護網絡空間信息依法有序自由流動,保護個人隱私,保護知識產權。任何組織和個人在網絡空間享有自由、行使權利的同時,須遵守法律,尊重他人權利,對自己在網絡上的言行負責。

(四)統籌網絡安全與發展

沒有網絡安全就沒有國家安全,沒有信息化就沒有現代化。網絡安全和信息化是一體之兩翼、驅動之雙輪。正確處理髮展和安全的關係,堅持以安全保發展,以發展促安全。安全是發展的前提,任何以犧牲安全為代價的發展都難以持續。發展是安全的基礎,不發展是最大的不安全。沒有信息化發展,網絡安全也沒有保障,已有的安全甚至會喪失。

四、戰略任務

中國的網民數量和網絡規模世界第一,維護好中國網絡安全,不僅是自身需要,對於維護全球網絡安全乃至世界和平都具有重大意義。中國致力於維護國家網絡空間主權、安全、發展利益,推動互聯網造福人類,推動網絡空間和平利用和共同治理。

(一)堅定捍衛網絡空間主權

根據憲法和法律法規管理我國主權範圍內的網絡活動,保護我國信息設施和信息資源安全,採取包括經濟、行政、科技、法律、外交、軍事等一切措施,堅定不移地維護我國網絡空間主權。堅決反對通過網絡顛覆我國國家政權、破壞我國國家主權的一切行為。

(二)堅決維護國家安全

防範、制止和依法懲治任何利用網絡進行叛國、分裂國家、煽動叛亂、顛覆或者煽動顛覆人民民主專政政權的行為;防範、制止和依法懲治利用網絡進行竊取、洩露國家秘密等危害國家安全的行為;防範、制止和依法懲治境外勢力利用網絡進行滲透、破壞、顛覆、分裂活動。

(三)保護關鍵信息基礎設施

國家關鍵信息基礎設施是指關係國家安全、國計民生,一旦數據洩露、遭到破壞或者喪失功能可能嚴重危害國家安全、公共利益的信息設施,包括但不限於提供公共通信、廣播電視傳輸等服務的基礎信息網絡,能源、金融、交通、教育、科研、水利、工業製造、醫療衛生、社會保障、公用事業等領域和國家機關的重要信息系統,重要互聯網應用系統等。採取一切必要措施保護關鍵信息基礎設施及其重要數據不受攻擊破壞。堅持技術和管理並重、保護和震懾並舉,著眼識別、防護、檢測、預警、響應、處置等環節,建立實施關鍵信息基礎設施保護製度,從管理、技術、人才、資金等方面加大投入,依法綜合施策,切實加強關鍵信息基礎設施安全防護。

關鍵信息基礎設施保護是政府、企業和全社會的共同責任,主管、運營單位和組織要按照法律法規、制度標準的要求,採取必要措施保障關鍵信息基礎設施安全,逐步實現先評估後使用。加強關鍵信息基礎設施風險評估。加強黨政機關以及重點領域網站的安全防護,基層黨政機關網站要按集約化模式建設運行和管理。建立政府、行業與企業的網絡安全信息有序共享機制,充分發揮企業在保護關鍵信息基礎設施中的重要作用。

堅持對外開放,立足開放環境下維護網絡安全。建立實施網絡安全審查制度,加強供應鏈安全管理,對黨政機關、重點行業採購使用的重要信息技術產品和服務開展安全審查,提高產品和服務的安全性和可控性,防止產品服務提供者和其他組織利用信息技術優勢實施不正當競爭或損害用戶利益。

(四)加強網絡文化建設

加強網上思想文化陣地建設,大力培育和踐行社會主義核心價值觀,實施網絡內容建設工程,發展積極向上的網絡文化,傳播正能量,凝聚強大精神力量,營造良好網絡氛圍。鼓勵拓展新業務、創作新產品,打造體現時代精神的網絡文化品牌,不斷提高網絡文化產業規模水平。實施中華優秀文化網上傳播工程,積極推動優秀傳統文化和當代文化精品的數字化、網絡化製作和傳播。發揮互聯網傳播平台優勢,推動中外優秀文化交流互鑑,讓各國人民了解中華優秀文化,讓中國人民了解各國優秀文化,共同推動網絡文化繁榮發展,豐富人們精神世界,促進人類文明進步。

加強網絡倫理、網絡文明建設,發揮道德教化引導作用,用人類文明優秀成果滋養網絡空間、修復網絡生態。建設文明誠信的網絡環境,倡導文明辦網、文明上網,形成安全、文明、有序的信息傳播秩序。堅決打擊謠言、淫穢、暴力、迷信、邪教等違法有害信息在網絡空間傳播蔓延。提高青少年網絡文明素養,加強對未成年人上網保護,通過政府、社會組織、社區、學校、家庭等方面的共同努力,為青少年健康成長創造良好的網絡環境。

(五)打擊網絡恐怖和違法犯罪

加強網絡反恐、反間諜、反竊密能力建設,嚴厲打擊網絡恐怖和網絡間諜活動。

堅持綜合治理、源頭控制、依法防範,嚴厲打擊網絡詐騙、網絡盜竊、販槍販毒、侵害公民個人信息、傳播淫穢色情、黑客攻擊、侵犯知識產權等違法犯罪行為。

(六)完善網絡治理體系

堅持依法、公開、透明管網治網,切實做到有法可依、有法必依、執法必嚴、違法必究。健全網絡安全法律法規體系,制定出台網絡安全法、未成年人網絡保護條例等法律法規,明確社會各方面的責任和義務,明確網絡安全管理要求。加快對現行法律的修訂和解釋,使之適用於網絡空間。完善網絡安全相關製度,建立網絡信任體系,提高網絡安全管理的科學化規範化水平。

加快構建法律規範、行政監管、行業自律、技術保障、公眾監督、社會教育相結合的網絡治理體系,推進網絡社會組織管理創新,健全基礎管理、內容管理、行業管理以及網絡違法犯罪防範和打擊等工作聯動機制。加強網絡空間通信秘密、言論自由、商業秘密,以及名譽權、財產權等合法權益的保護。

鼓勵社會組織等參與網絡治理,發展網絡公益事業,加強新型網絡社會組織建設。鼓勵網民舉報網絡違法行為和不良信息。

(七)夯實網絡安全基礎

堅持創新驅動發展,積極創造有利於技術創新的政策環境,統籌資源和力量,以企業為主體,產學研用相結合,協同攻關、以點帶面、整體推進,盡快在核心技術上取得突破。重視軟件安全,加快安全可信產品推廣應用。發展網絡基礎設施,豐富網絡空間信息內容。實施“互聯網+”行動,大力發展網絡經濟。實施國家大數據戰略,建立大數據安全管理制度,支持大數據、雲計算等新一代信息技術創新和應用。優化市場環境,鼓勵網絡安全企業做大做強,為保障國家網絡安全夯實產業基礎。

建立完善國家網絡安全技術支撐體系。加強網絡安全基礎理論和重大問題研究。加強網絡安全標準化和認證認可工作,更多地利用標準規範網絡空間行為。做好等級保護、風險評估、漏洞發現等基礎性工作,完善網絡安全監測預警和網絡安全重大事件應急處置機制。

實施網絡安全人才工程,加強網絡安全學科專業建設,打造一流網絡安全學院和創新園區,形成有利於人才培養和創新創業的生態環境。辦好網絡安全宣傳周活動,大力開展全民網絡安全宣傳教育。推動網絡安全教育進教材、進學校、進課堂,提高網絡媒介素養,增強全社會網絡安全意識和防護技能,提高廣大網民對網絡違法有害信息、網絡欺詐等違法犯罪活動的辨識和抵禦能力。

(八)提升網絡空間防護能力

網絡空間是國家主權的新疆域。建設與我國國際地位相稱、與網絡強國相適應的網絡空間防護力量,大力發展網絡安全防御手段,及時發現和抵禦網絡入侵,鑄造維護國家網絡安全的堅強後盾。

(九)強化網絡空間國際合作

在相互尊重、相互信任的基礎上,加強國際網絡空間對話合作,推動互聯網全球治理體系變革。深化同各國的雙邊、多邊網絡安全對話交流和信息溝通,有效管控分歧,積極參與全球和區域組織網絡安全合作,推動互聯網地址、根域名服務器等基礎資源管理國際化。

支持聯合國發揮主導作用,推動制定各方普遍接受的網絡空間國際規則、網絡空間國際反恐公約,健全打擊網絡犯罪司法協助機制,深化在政策法律、技術創新、標準規範、應急響應、關鍵信息基礎設施保護等領域的國際合作。

加強對發展中國家和落後地區互聯網技術普及和基礎設施建設的支持援助,努力彌合數字鴻溝。推動“一帶一路”建設,提高國際通信互聯互通水平,暢通信息絲綢之路。搭建世界互聯網大會等全球互聯網共享共治平台,共同推動互聯網健康發展。通過積極有效的國際合作,建立多邊、民主、透明的國際互聯網治理體系,共同構建和平、安全、開放、合作、有序的網絡空間。

Original Referring URL: https://military.china.com/important/

 

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //

中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

■ cyberspace is easy to attack and defend, traditional passive defense is difficult to effectively deal with organized high-intensity attacks

■ Improve network security, the defense side can not rely solely on the technology game, but also need to win the counterattack on the concept

The new “Thirty-six” of network security

  ■Chen Sen

点击进入下一页

Fisher

  News reason

  In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

  The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

  The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

  Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

  Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

  As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

  Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

  Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

  In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

  At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

  Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

  In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

  The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

  Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

  The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

  The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

  Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

  Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Related Links–

Network attack and defense

“Shenzhen”: the pioneer of network physics warfare

点击进入下一页

  In August 2010, Iran built the Bushehr nuclear power plant with the help of Russia. However, the nuclear power plant, which was scheduled to be put into operation in October of that year, was postponed several times. A year later, according to media reports, it was caused by a computer network virus attack of unknown source. More than 30,000 computers were “in the middle”. Thousands of centrifuges in Natans were scrapped. The newly capped Bushehr nuclear power plant had to be taken out. Nuclear fuel was delayed and the Iranian nuclear development plan was forced to shelve. This virus, later named “Shenzhen”, pioneered the control and destruction of entities through the network.

“Flame”: the most powerful spy in history

点击进入下一页

  Network intelligence activities are the most active part of the cyberspace strategy game and security struggle. In 2012, a large amount of data from the Iranian oil sector was stolen and cleared, making it impossible for oil production and exports to function properly. In order to avoid continuing to create hazards, Iran was urgently disconnected from the network of the oil facilities on the Halk Island near the Gulf. After a large-scale investigation, a new virus emerged, which later appeared in the “flame” virus in Israel, Palestine and other Middle Eastern countries. The “Flame” virus combines the three characteristics of worms, backdoors and Trojans. It combines the interception of screen images, recording audio dialogues, intercepting keyboard input, and stealing Bluetooth devices. It has become a new type of electronic company that steals secret information from other countries. spy”.

“Shut”: System breaks

点击进入下一页

  In 2007, in order to kill the Syrian nuclear program in the bud, 18 F-16 fighters of the 69th Fighter Squadron of the Israeli Air Force quietly broke through the advanced Russian “Dor”-M1 air defense deployed by Syria on the Syrian-Israeli border. The system carried out precise bombing of a nuclear facility about 100 kilometers west of the Syrian-Israeli border and about 400 kilometers northeast of Damascus, and returned safely from the original road.

  According to the disclosure, the “Orchard Action” has made the US “Shuter” attack system shine. “Shut” invaded by remote radio, 瘫痪 radar, radio communication system, is the “behind the scenes” to make the Syrian air defense system in a state of failure. As a new type of network power attack system for networked weapon platforms and networked information systems, “Shut” represents the development trend of military technology and combat methods, and is bound to bring a new war landscape.

“Shadow Network”: Invisible Internet

点击进入下一页

  The complicated situation of ideological struggle caused by the Internet has created an alternative channel for information penetration and “colonization” of thought. In the “Jasmine Revolution” in North Africa and the “Arab Spring” in the Middle East, there are “shadow networks”.

  A ghost-like “shadow network” can bypass the traditionally regulated Internet, form an invisible and independent wireless local area network, realize mutual information communication, and access the Internet at any time as needed, and access the network resources “unrestricted”. The New York Times disclosed that the US State Department and the Pentagon have invested heavily in building an independent system in Afghanistan and using a launch tower located in the military camp to transmit signals to protect them from Taliban militants. Subsequently, an “invisible communication system” was established in Iran, Syria and Libya to help local anti-government organizations to communicate with each other or with the outside world.

“X Plan”: To control the network battlefield

点击进入下一页

  Foreign media revealed that the Pentagon is building a 22nd century war plan, the “X Plan.” The “X Plan” is dedicated to building an advanced global computer map. With this “network map” that can be continuously updated and updated, the US military can easily lock the target and make it embarrassing. “If this plan is completed, the US military will be able to control the network battlefield as it controls the traditional battlefield.”

  It is not difficult to foresee that after the deployment of the “X Plan”, it is definitely not just “get rid of the constraints of the keyboard”, but also enables situational awareness and cyber attacks on a global scale.

Original Mandarin Chinese

■網絡空間易攻難守,傳統的被動式防禦難以有效應對有組織的高強度攻擊

■提高網絡安全性,防禦一端不能只靠技術博弈,還需打贏理念上的反擊戰

網絡安全之新“三十六計”

■陳 森

點擊進入下一頁

費雪 繪

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

相關鏈接——

各顯其能的網絡攻防戰

“震網”:網絡物理戰先驅

點擊進入下一頁

2010年8月,伊朗在俄羅斯幫助下建成布什爾核電站,但這座計劃於當年10月正式發電運轉的核電站,卻多次推遲運行。一年後,據媒體揭秘,是因為遭到來源不明的計算機網絡病毒攻擊,超過3萬台電腦“中招”,位於納坦斯的千台離心機報廢,剛封頂的布什爾核電站不得不取出核燃料並延期啟動,伊朗核發展計劃則被迫擱置。這種後來被冠名為“震網”的病毒,開創了通過網絡控制並摧毀實體的先河。

“火焰”:史上最強大間諜

點擊進入下一頁

網絡情報活動,是網絡空間戰略博弈和安全斗爭最活躍的部分。 2012年,伊朗石油部門大量數據失竊並遭到清除,致使其無法正常進行石油生產和出口。為避免繼續製造危害,伊朗被迫切斷了海灣附近哈爾克島石油設施的網絡連接。大規模的調查後,一種新的病毒浮出水面,即後來又現身於以色列、巴勒斯坦等中東國家的“火焰”病毒。 “火焰”病毒兼具蠕蟲、後門和木馬三重特點,集截取屏幕畫面、記錄音頻對話、截獲鍵盤輸入、偷開藍牙設備等多種數據盜竊功能於一身,成為專門竊取他國機密情報的新型“電子間諜”。

“舒特”:體系破擊露鋒芒

點擊進入下一頁

2007年,為將敘利亞核計劃扼殺於萌芽之中,以色列空軍第69戰鬥機中隊的18架F-16戰機,悄無聲息地突破敘利亞在敘以邊境部署的先進俄製“道爾”-M1防空系統,對敘以邊境以西約100千米、大馬士革東北部約400千米的一處核設施實施精確轟炸,並從原路安全返回。

據披露,讓“果園行動”大放異彩的是美軍“舒特”攻擊系統。 “舒特”通過遠程無線電入侵,癱瘓雷達、無線電通信系統,是使敘防空系統處於失效狀態的“幕後真兇”。作為針對組網武器平台及網絡化信息系統的新型網電攻擊系統,“舒特”代表著軍事技術和作戰方式的發展趨勢,勢必將帶來全新戰爭景觀。

“影子網絡”:隱形國際互聯網

點擊進入下一頁

國際互聯網導致意識形態鬥爭的複雜局面,造成了信息滲透、思想“殖民”的另類通道。在北非“茉莉花革命”和中東“阿拉伯之春”中,均有“影子網絡”踪跡。

像幽靈一樣的“影子網絡”可繞過傳統監管的互聯網,形成隱形和獨立的無線局域網,實現相互間信息溝通,一旦需要又可隨時接入國際互聯網,“不受限制”地訪問網絡資源。 《紐約時報》披露稱,美國國務院和五角大樓斥巨資在阿富汗建造了獨立的系統,並利用設在軍營內的發射塔傳遞信號,以免遭塔利班武裝分子破壞。隨後在伊朗、敘利亞和利比亞設立“隱形通訊系統”,幫助當地反政府組織相互聯繫或與外界溝通。

“X計劃”:欲掌控網絡戰場

點擊進入下一頁

外媒披露,五角大樓正在打造一項22世紀的戰爭計劃,即“X計劃”。 “X計劃”致力於建立先進的全球計算機分佈圖,有了這張能夠不斷升級更新的“網絡地圖”,美軍就可以輕易鎖定目標令其癱瘓。 “如果完成了這個計劃,美軍將能夠像控制傳統戰場那樣控製網絡戰場。”

不難預見,“X計劃”部署後,絕對不只是“擺脫鍵盤的束縛”,更可以實現在全球範圍內進行態勢感知和網絡攻擊。

Original Referring URL: http://www.chinanews.com/mil/2016/08-11/

America Instigating Cyber Warfare – How China Will Realize the Chinese Dream in the Age of American Cyber ​​Warfare // 美國煽動網絡戰 – 中國如何在美國網絡戰時代實現中國夢

America Instigating Cyber Warfare – How China Will Realize the Chinese Dream in the Age of American Cyber ​​Warfare //

美國煽動網絡戰 – 中國如何在美國網絡戰時代實現中國夢

If a power-state wants to realize the dream of the empire, it was a world war 100 years ago, a nuclear war 50 years ago, and now it is a cyber war.

How does the United States face the cyber war era?

來源:中國國防報·軍事特刊作者:郝葉力責任編輯:黃楊海

Core tips

In recent years, the United States has taken a number of measures to accelerate the development of cyber warfare. After the Obama administration took office, it continued to play the “eight-one” “combination boxing” to improve its cyber warfare capabilities.

Because the United States adheres to the concept of absolute security in cyberspace, this will not only aggravate the insecurity of the United States, but will also induce instability in the objective, resulting in instability of the cyberspace situation.

Recently, foreign media reported the latest progress of the US military in cyber warfare: the US military has spent five years developing advanced cyber weapons and digital combat capabilities, and these weapons may soon be deployed more publicly and will be considered for the next few years. “Network militia.” The US’s measures to accelerate the development of cyber war deserve our high attention and in-depth study.

The era of cyber war has arrived

Today, one-third of the world’s population uses the Internet, and billions of people accept the services provided by the Internet. The arrival of cyber warfare is an inevitable historical necessity. The network revolution is also reshaping the new pattern of world political, economic, social and cultural development.

Cyber ​​warfare in many fields. Cyber ​​warfare has broken through the traditional warfare field, making war a veritable development in economic, political, and military fields. First, the cyber warfare in the economic field is aggressive. In particular, cyber warfare in the financial sector has been described as “a modern version of the bank.” Second, the cyber war in the political arena has intensified. Social networking as a tool for political change represents an amazing power. From the turmoil in West Asia and North Africa to the “Autumn Wall Street”, social networks are everywhere to participate and help. Under the conditions of informationization, the destructive power of network penetration even exceeds military intervention. The third is the initial test of the cyber warfare in the military field. The network has changed the traditional war mode, from the Gulf War embedded virus attack to the Russian-Georgian conflict to use the network “bee colony” attack, each war has a network war “shadow.”

Cyber ​​warfare has become the “atomic bomb” of the information age. The research of RAND Corporation puts forward: “The strategic war in the industrial era is nuclear war, and the strategic war in the information age is mainly cyber warfare.” Why can cyber warfare compare with nuclear war? Because the two have similarities in the “fission reaction” and the destruction effect. If the computer network is abstracted into the weaving of points and lines, the point is the computer and the router, the line is the network channel and the TCP/IP transmission protocol extending in all directions, and the network viruses such as Trojans and worms are the potential “uranium” in the network. Why do viruses in the network cause fission? There are two main reasons: First, the inherent defects of the computer architecture provide a “soil and hotbed” for the virus. The weapon of cyber warfare is a virus such as a Trojan, a worm (which is essentially a malicious code). The reason why malicious code can be raging is because there are exploitable vulnerabilities in the system, and the source of the vulnerability lies in the inherent shortcomings of the von Neumann architecture used by computers. The principle is to store data and programs in the read and write memory (RAM), the data can be read and written, and the program can be changed. In the cybersecurity incidents that occur in today’s world, more than 50% of the exploits that are exploited are mainly due to this mechanism. Second, the open shared Internet provides a path and bridge for the fission of the virus. “Network warfare: The next threat to national security and countermeasures” clearly states that there are five major flaws in the Internet: fragile domain name service systems, unverified routing protocols, malicious traffic without censorship, decentralized network structures, and Clear text transmission. Once these defects are exploited, they may form a flood of attacks on the network, which acts like a weapon of mass destruction, and is as powerful as the “atomic bomb” of the industrial age.

In the process of changing times and the evolution of war, who can take the lead in shifting the focus from the traditional field of human activities to new important areas, who can gain huge strategic benefits. It can be said that mastering the right to make nets in the 21st century is as decisive as mastering the sea power in the 19th century and mastering the air power in the 20th century.

Original Mandarin Chinese:

強權國家要想實現帝國夢想,100年前是發動世界大戰,50年前是籌劃核大戰,現在則是策動網絡戰

美國如何迎戰網絡戰時代

核心提示

近年來,美國採取多項舉措加快網絡戰的發展。奧巴馬政府上台以後,更是連續打出“八個一”的“組合拳”,提升網絡戰能力。

由於美國在網絡空間秉持絕對安全的理念,這不僅會加劇美國的不安全感,而且還會在客觀上誘發不安定因素,造成網絡空間態勢的不穩定。

近日,外媒報導美軍在網絡戰方面的最新進展:美軍已經花了5年時間開發先進的網絡武器和數字作戰能力,可能很快就會將這些武器進行更公開部署,並考慮未來數年建立“網絡民兵”。美國加快網絡戰發展的舉措值得我們高度重視和深入研究。

網絡戰時代已經到來

今天,全世界1/3人口使用國際互聯網,數十億人接受著網絡提供的各種服務。網絡戰的到來是不可阻擋的歷史必然,網絡革命也正在重塑世界政治、經濟、社會、文化發展的新格局。

多個領域迎來網絡戰。網絡戰已經突破傳統戰爭領域,使戰爭名副其實地在經濟、政治、軍事多個領域展開。一是經濟領域的網絡戰攻勢凌厲。特別是金融領域的網絡戰,被形容為“現代版的搶銀行”。二是政治領域的網絡戰愈演愈烈。社交網絡作為政治變革的工具體現了驚人的威力。從西亞北非動亂到“華爾街之秋”,處處都有社交網絡參與其中、推波助瀾。信息化條件下,網絡滲透的破壞力甚至超過軍事干預。三是軍事領域的網絡戰初試鋒芒。網絡改變了傳統戰爭模式,從海灣戰爭預埋病毒攻擊、到俄格衝突動用網絡“蜂群”攻擊,每一場戰爭都有網絡戰“影子”。

網絡戰成為信息時代的“原子彈”。蘭德公司研究提出:“工業時代的戰略戰是核戰爭,信息時代的戰略戰主要是網絡戰。”網絡戰為什麼能與核戰爭比肩?因為二者在“裂變反應”和破壞效果上極具相似之處。如果把計算機網絡抽象為點和線的編織,點就是計算機和路由器,線則是四通八達的網絡信道和TCP/IP傳輸協議,而木馬、蠕蟲等網絡病毒正是網絡中潛在的“鈾”。網絡中的病毒為什麼會產生裂變?主要有兩個原因:一是計算機體系結構的固有缺陷給病毒的產生提供了“土壤和溫床”。網絡戰的武器是木馬、蠕蟲(其實質是惡意代碼)等病毒。惡意代碼之所以能夠肆虐,是因為系統內存在可利用的漏洞,而漏洞的本源在於計算機採用的馮·諾依曼體系結構的先天不足。其原理是把數據和程序都統一存儲在讀寫存儲器(RAM)內,數據是可以讀寫的,程序也是可以改變的。當今世界發生的網絡安全事件,50%以上被利用的漏洞主要是源於這個機理。二是開放共享的互聯網為病毒的裂變提供了途徑和橋樑。 《網絡戰:國家安全的下一個威脅及對策》一書明確指出,互聯網存在五大缺陷:脆弱的域名服務系統、不經過驗證的路由協議、不進行審查的惡意流量、非集中式的網絡結構以及明文傳送。這些缺陷一旦被利用,就可能形成對網絡的攻擊洪流,其作用類似於大規模毀傷性武器,威力不亞於工業時代的“原子彈”。

在時代更迭、戰爭演變的進程中,誰能夠率先把關注點從人類活動的傳統領域轉入新的重要領域,誰就能獲得巨大戰略利益。可以說,21世紀掌握製網權與19世紀掌握制海權、20世紀掌握制空權一樣具有決定意義。

The main measures for the United States to accelerate the development of cyber war

Obama, who relies on the success of the network operator, attaches great importance to the construction of cyberspace. He delivered a “5·29” speech when he came to power, and believed that protecting the network infrastructure would be the top priority for maintaining US national security. During his tenure, Obama successively launched the “eight-one” “combination boxing”, which made the US cyber war into a period of rapid development.

The first is to launch a report. In the “Network Space Security Policy Assessment Report”, it emphasizes that cyber war is related to national security, affects social stability, is related to economic development, and determines the outcome of war.

The second is to strengthen a strategy. It has established a “three-in-one” national security strategy supported by the deterrent strategy of nuclear weapons, the preemptive strategy of space, and the network’s control strategy.

The third is to form a headquarters. In 2009, the US military established the Cyberspace Command, which is the main function of commanding cyber warfare. In May 2013, the US military set up a “joint network center” at each theater headquarters, and its cyber warfare command system was gradually improved. At the same time, the US military also plans to upgrade the Cyberspace Command to a formal combatant command, making it a level of organization with other theater headquarters. This will directly shorten the chain of command of the US cyber warfare forces and the military.

The fourth is to develop a road map. In 2010, the US Army officially issued the “Network Space Combat Capability Conception”, which is considered to be the first roadmap for the development of cyber warfare capabilities developed by the US military.

The fifth is to start a shooting range. In 2009, the US Department of Defense launched the “National Network Shooting Range” project, which was officially delivered in 2012. The US cyber warfare training and weapon evaluation have a realistic environment.

The sixth is to develop a series of weapons. The US military has developed and stocked more than 2,000 virus weapons, and these weapons are gradually moving toward a systemic direction. There are mainly anti-smuggling weapons represented by “seismic net” virus and “digital cannon”, intelligence warfare weapons represented by “flame” and “Gauss” virus, and psychology represented by “shadow network” and “digital water army”. War weapons.

The seventh is to plan a series of exercises. From 2006 to the present, the United States has organized several cross-border cross-border “network storm” exercises. Every time, the Internet is listed as an offensive and defensive target, targeting key infrastructure such as finance, transportation, electricity, energy, and communications. This reveals the main battlefield of cyberspace, which is an open Internet rather than a closed tactical network.

Eight is to support a number of social networking sites. A number of social networking sites such as “Twitter” and “Facebook” have become strategic tools to interfere in his internal affairs. This is a punch in the combination punch. In February 2013, after the overthrow of the opposition government in Tunisia and Egypt, Obama fully affirmed the important role played by Internet companies such as “Twitter” and “Facebook”. According to statistics, only “Facebook” social networking sites have more than 1.3 billion users worldwide.

Published the “Network War Declaration.” Obama’s move after the ruling shows that the United States has officially incorporated cyber warfare into the category of war and classified cyberspace as a new operational domain, reflecting the US’s advanced forecast and preemptive design for future wars. There are two main reasons for its deep motivation: First, to ensure its own network security – reflecting the United States’ concerns about its information security. The second is to ensure global cyber hegemony – reflecting the new concept of the American war.

In 2014, the US military actually promoted the “Network Space Warfare Rules” and “Network Space Warfare Joint Order”, which led to the international strategic competition to focus on the new global public domain of the Internet. The actions of the United States from the domestic to the international, the slave network to the use of force, from the declaration to the action, from the colonial land to the colonial thinking reflect the United States attempting to format the whole world with American values ​​through the Internet. As one reporter said: “Modern American colonization is thought, not land.”

In April 2015, the United States released a new version of the Network Strategy Report, which comprehensively revised the 2011 Cyberspace Action Strategy Report issued by the US Department of Defense. It has the following new changes:

First, it provides a new basis for enhancing the important position of network power construction. The report further raises the threat of US cyberspace to a “first-tier” threat. At the same time, the report also regards China, Russia, Iran, and North Korea as potential “network opponents” in the United States. This is the latest and most serious judgment on the cyber threat situation.

The second is to provide new guidance for speeding up the construction of cyber warfare forces. The report focused on the three major tasks and five major goals of the Ministry of Defense in cyberspace, and further refined the construction goals of 133 cyber warfare detachments.

The third is to create a new pillar for maintaining a comprehensive military advantage. The report clearly stated that when the United States faces an attack against the interests of the United States or the United States in cyberspace, the US military can conduct cyber operations and implement cyber attacks. This is the most important adjustment to this cyberspace strategy. In the future, the US military will use cyber attacks as an important means of warfare. This is the main manifestation of the United States’ concept of “moving the Internet with the use of force” in cyberspace.

The fourth is to create new conditions for reshaping the international network system. The report emphasizes the emphasis on strengthening the coordination between the military and the civilians; the key external development and cooperation with allies. The main goal of the cooperation is to share the costs and risks, promote the international code of conduct that is beneficial to the United States, and seize the right to speak and lead in the formulation of cyberspace rules.

Original Mandarin Chinese:

美國加快網絡戰發展的主要舉措

依靠網絡運營商競選成功的奧巴馬,對網絡空間的建設非常重視,一上台就發表了“5·29”講話,認為保護網絡基礎設施將是維護美國國家安全的第一要務。在任期間,奧巴馬連續打出了“八個一”的“組合拳”,使美國網絡戰進入快速發展時期。

一是推出一個報告。其在《網絡空間安全政策評估報告》中強調:網絡戰事關國家安全、影響社會穩定、關乎經濟發展、決定戰爭勝負。

二是強化一個戰略。其確立了以核武器的威懾戰略、太空的搶先戰略、網絡的控制戰略為支撐的“三位一體”國家安全戰略。

三是組建一個司令部。 2009年,美軍成立了以指揮網絡戰為主要職能的網絡空間司令部。 2013年5月,美軍在各戰區總部組建“聯合網絡中心”,其網絡戰指揮體係日漸完善。同時,美軍還計劃將網絡空間司令部升格為正式的作戰司令部,使其成為與其他戰區司令部平級的機構。此舉將直接縮短美國網絡戰部隊與軍方最高層的指揮鏈。

四是製定一個路線圖。 2010年,美陸軍正式出台《網絡空間作戰能力構想》,這被認為是美軍制定的首份網絡作戰能力發展路線圖。

五是啟動一個靶場。 2009年,美國防部啟動了“國家網絡靶場”項目,2012年正式交付使用,美國網絡戰演習訓練、武器測評擁有了逼真環境。

六是研發一系列武器。美軍已研發儲備了2000多種病毒武器,這些武器逐漸向體系化方向發展。主要有以“震網”病毒、“數字大砲”為代表的阻癱戰武器,以“火焰”“高斯”病毒為代表的情報戰武器和以“影子網絡”“數字水軍”為代表的心理戰武器。

七是策劃系列演習。從2006年到現在,美國已經組織了多次跨界跨國跨域“網絡風暴”演習。每一次都把互聯網列為攻防目標,瞄準的都是金融、交通、電力、能源、通信等關鍵基礎設施。這揭示了網絡空間的主戰場,是開放的國際互聯網而不是封閉的戰術網。

八是扶持一批社交網站。把“推特”“臉書”等一批社交網站變為乾涉他國內政的戰略利器。這是組合拳中的一記重拳。 2013年2月,在突尼斯、埃及政府被反對派推翻後,奧巴馬充分肯定了“推特”“臉譜”等網絡公司在其中發揮的重要作用。據統計,僅“臉譜”社交網站的全球用戶已超過13億。

發表“網絡戰宣言”。奧巴馬執政後的舉措,表明美國已經正式將網絡戰納入戰爭範疇,把網絡空間列為新的作戰域,這反映出美國對未來戰爭的超前預測和搶先設計。其深層動因主要有兩點:一是確保自身網絡安全———反映了美國對其信息安全的擔憂。二是確保全球網絡霸權———反映了美國戰爭的新理念。

2014年,美軍實案化推進《網絡空間作戰規則》和《網絡空間作戰聯合條令》,牽動國際戰略競爭向互聯網這一新全球公域聚焦。美國這些從國內到國際、從動網到動武、從宣言到行動、從殖民土地到殖民思想的行動舉措,反映出美國企圖通過互聯網,用美式價值觀格式化整個世界。正如一位記者所說:“現代美國殖民的是思想,而不是土地”。

2015年4月,美國又發布了新版網絡戰略報告,對2011年美國國防部出台的《網絡空間行動戰略報告》進行了全面修訂。其主要有以下幾個新變化:

一是為提升網絡力量建設重要地位提供新的依據。該報告進一步把美國在網絡空間的威脅上升為“第一層級”的威脅。同時,該報告還將中國、俄羅斯、伊朗、朝鮮視為美國潛在的“網絡對手”,這是其對網絡威脅形勢做出的最新、最嚴峻的判斷。

二是為加快網絡戰力量建設提供新的指導。報告重點明確了國防部在網絡空間的三大任務和五大目標,並進一步細化133支網絡戰分隊的建設目標。

三是為維持全面的軍事優勢打造新的支柱。報告明確提出,當美國面臨針對美國本土或美國在網絡空間利益的攻擊時,美軍可以進行網絡作戰,實施網絡攻擊。這是此次網絡空間戰略最重要的調整。未來,美軍將把網絡攻擊作為重要的作戰手段使用。這是美國在網絡空間“動網就動武”理念的主要體現。

四是為重塑國際網絡體系創造新條件。報告強調,對內重點加強軍民協同;對外重點發展與盟友合作。合作的主要目標是分擔成本和風險,推行對美有利的國際行為準則,搶奪網絡空間規則制定的話語權和主導權。

The three key pillars of the United States to accelerate the development of cyber war

There are three key pillars for the United States to accelerate the development of cyber warfare:

Technical pillar. The “Prism Gate Incident” further confirms that the United States has been monitoring the global network to the point of pervasiveness. The United States occupies the upstream of the industrial chain. From basic chips to hardware applications, from operating systems to commercial software, Midea has an absolute technological advantage, forming a complete set of industrial chains, supply chains and information chains. The overwhelming advantages of technology and the monopoly in many core markets are key to the acceleration of cyber warfare in the United States.

Discourse pillar. The powerful ability of the United States to act in cyberspace determines its strong voice in online diplomacy. No matter what double standards it exhibits in cyberspace, it can influence the global public opinion space under the support of powerful discourse. Without the emergence of the “Prism Gate Incident,” the United States has created two “lie” that have become truths around the world: first, the West is a victim of cyberattacks; and second, China is a source of cyberattacks. This has greatly damaged China’s national image, reputation and international status in the international community, seriously affecting China’s high-tech exports, and achieving the “four-two-pound” effect that is difficult to achieve using trade protection and WTO rules. Even if the “Prism Gate Incident” tears open the “fair of justice” of the United States, it still shows superior combat capability, claiming to be monitored by itself, and placing national security on the basis of personal privacy in the name of counter-terrorism. Firmly control the right to speak in cyberspace.

Strategic pillar. A higher level than the technical pillar and discourse pillar is the strategic pillar. The core of the US strategic pillar is reflected in the pre-emptive global strategy and the overall layout of the game power. First, the advantages of multiple forces complement each other. At present, the United States is actively cultivating cyber security companies such as “Fire Eyes”, using their technological advantages and unofficial background to globally control, long-term tracking, collecting evidence, and acting as a pioneer, while the government and the military are hiding behind the scenes. This has earned the US diplomacy a flexible space for attack and retreat. Second, the network attack and defense and theft of intelligence are clear. The clear strategic division of labor has brought the benefit to the United States. Even if the “Prime Gate Incident” broke the news, the National Security Agency was “spoken” by the world, but there was no such thing as its cyberspace command. Instead, the cyberspace command made the cyberspace command The maintenance of national security is an excuse to accelerate the expansion of the army and develop at a high level. The United States has two clear main lines in cyberspace, namely: the National Security Agency is in charge of the network, and the Cyberspace Command is in charge of the network. This clear strategic thinking has provided strong support for the United States to accelerate the development of cyber warfare.

Original Mandarin Chinese:

美國加快網絡戰發展的三個關鍵支柱

美國加快網絡戰發展有三個關鍵性支柱:

技術支柱。 “棱鏡門事件”進一步證實美國對全球網絡的監控達到了無孔不入的程度。美國占據了產業鏈上游,從基礎芯片到硬件應用,從操作系統到商用軟件,美都具有絕對的技術優勢,形成了一整套完整的產業鏈、供應鍊和信息鏈。技術領域的壓倒性優勢和在眾多核心市場的壟斷地位是美國能加快網絡戰發展的關鍵。

話語支柱。美國在網絡空間強大的行動能力決定了其在網絡外交上強大的話語權。無論它在網絡空間展現怎樣的雙重標準,都能在強大的話語支撐下影響全球輿論空間。要是沒有“棱鏡門事件”的出現,美國已在全球製造出兩個已經成為真理的“謊言”:第一,西方是網絡攻擊受害者;第二,中國是網絡攻擊源。這在國際社會極大地損害了中國的國家形象、信譽和國際地位,嚴重影響了中國的高科技出口,達到了利用貿易保護和WTO規則博弈難以實現的“四兩撥千斤”效果。即便是“棱鏡門事件”撕開了美國的“正義面紗”,它仍然表現出超強的戰鬥能力,對外聲稱自己被監控;對內以反恐為名,將國家安全置於個人隱私之上,牢牢掌握著網絡空間的話語權。

戰略支柱。比技術支柱和話語支柱更高一層的是戰略支柱。美方的戰略支柱核心體現在先發製人的全球戰略和博弈力量的整體佈局。一是多元力量的優勢互補。目前,美國積極培植“火眼”這樣的網絡安全企業,利用他們的技術優勢和非官方背景在全球布控、長期跟踪、蒐集證據、充當先鋒,而政府和軍隊則躲在背後,水到渠成時再投入博弈,這為美國的外交贏得了進可攻、退可守的彈性空間。二是網絡攻防和竊取情報涇渭分明。清晰的戰略分工對美國帶來的好處是,即使“棱鏡門事件”的爆料讓美國國家安全局被世界“吐槽”,但是卻絲毫沒有殃及其網絡空間司令部,反而使網絡空間司令部以維護國家安全為藉口,理直氣壯加速擴軍,高調發展。美國在網絡空間有兩條清晰的主線,即:國家安全局主管網絡獲情,網絡空間司令部主管網絡攻防。這種清晰的戰略思路為美國加快網絡戰發展提供了強有力的支撐。

Absolute Security: Double Standards and Realistic Paradox of American Cybersecurity Concept

It can be seen that on the issue of network security, the United States pursues the concept of absolute security and attempts to use force to move the military to achieve absolute control over cyberspace. It can be seen from Snowden’s breaking news that the US network monitoring of the international community is systematic, large-scale, and uninterrupted, but it requires other countries to strictly control itself, and it cannot be half-step. This is an asymmetrical mindset and a double standard.

Is it feasible? The problem of cyberspace is very complicated, and the processing methods cannot be too simple. To deal with these problems, new rules, new methods, and new thinking are needed. First, there are many kinds of cyberspace actors, and they are mixed. Second, the attack path and source can be virtual forged, and the source of evidence must rely on multiple parties. Due to the complexity and uncertainty of virtual space, many rules of armed conflict law for physical space are difficult to use in cyberspace. For example: How to define war and peace in cyberspace? How to distinguish between military targets and civilian targets? How does the neutral concept apply? In a country that declares neutrality, it is difficult to control the computer malicious code of others without flowing through the network equipment in its own territory, and it is difficult to avoid the control and utilization of the network facilities of the belligerents. For example, in the case of cyber attacks in foreign countries, network equipment in China has also been used by hackers as “broilers” and “springboards”. China is an innocent victim. If “the state responsibility of cyberattacks launched through the country is not properly prevented by “neutral state standards” and “the destruction of cyberattacks by force”, China may suffer innocent blame. And the United States has such a strong technology that it is difficult to completely prevent being exploited, attacked, and controlled. Cyberspace cannot easily be judged or written. Management methods and patterns suitable for physical space may not be suitable for virtual space. Feel free to reduce the trajectory of cyberspace, and at the same time push up the risk of conflict escalation. Therefore, any dispute arising out of cyberspace should be resolved in a peaceful manner and should not be threatened by force or by force.

Is the effect controllable? There are two situations in which a consequence assessment is required. First, what should I do if I misjudge? Simplifying the threshold of attack can make a neutral country or an innocent suffer a disaster. Second, can you solve the problem? In 2014, local conflicts such as the Ukrainian crisis and the Palestinian-Israeli conflict led to cyber conflicts, and large-scale cyber attacks continued to take place. Western countries headed by the United States have imposed sanctions on Russian banks and enterprises, resulting in a clear upward trend in cyberattacks against the US financial industry. It can be seen from the effect evaluation that it cannot be said that deterrence and force have no effect on the solution of the problem, but it is not a panacea. If a big country like the United States and Russia uses force in cyberspace, what kind of negative effects and consequences will this bring to world peace?

Is it desirable to think? Although the United States has the most powerful army and the most advanced technology in the world, it is still constantly looking for opponents, rendering crises and exaggerating threats. This makes the whole world lack of security, objectively induces unstable factors, and stimulates negative energy and potential threats. It is precisely because the United States pays too much attention to its own national interests and is unwilling to adjust its strategic demands for the sound development of the international system. This has led the United States to continually fall into the “security dilemma” and “more anti-terrorism” circles since the “9.11” incident. This phenomenon deserves the United States to ponder.

(The author is the vice president of the National Innovation and Development Strategy Research Association)

Original Mandarin Chinese:

絕對安全:美國網絡安全觀的雙重標準及現實悖論

可以看出,在網絡安全問題上,美國奉行絕對安全的理念,企圖通過動網就動武,實現對網絡空間的絕對控制。通過斯諾登的爆料可以看出,美國對國際社會的網絡監控是系統的、大規模的、不間斷的,但是其要求其他國家嚴格自我管控,不能越雷池半步。這是一種不對稱的思維,也是一種雙重標準。

方法上是否可行?網絡空間的問題非常複雜,處理方法不能過於簡單,處理這些問題需要有新規則、新方法、新思維。一是網絡空間行為體多種多樣,“魚龍混雜”。二是攻擊路徑、源頭可以虛擬偽造,溯源取證要靠多方配合。由於虛擬空間的複雜性、不確定性,用於實體空間的武裝衝突法的很多規則很難在網絡空間使用。例如:在網絡空間戰爭與和平如何界定?軍用目標和民用目標如何區分?中立概念如何適用?一個宣布中立的國家,很難控制他人的計算機惡意代碼不流經自己領土內的網絡設備,也很難躲避交戰方對其網絡設施的控制和利用。例如在外國發生的網絡攻擊事件中,中國境內的網絡設備也被黑客用作“肉雞”和“跳板”,中國是無辜的受害方。如果以“中立國標準追究沒有適時阻止經由本國發動的網絡攻擊的國家責任”,“以武力毀傷摧毀網絡攻擊來源”,中國可能會遭受無辜的非難。而美國有那麼強的技術也難以完全阻止被利用、被攻擊、被控制。網絡空間不能輕易下判書、下戰書。適合實體空間的管理方法和模式未必適合虛擬空間。隨意降低網絡空間動武門檻,同時會推高衝突升級的風險。因此,網絡空間發生的任何爭端應以和平方式解決,不應使用武力或以武力相威脅。

效果上是否可控?有兩種情況需要作後果評估。第一,誤判了怎麼辦?簡單化地降低打擊門檻可能會讓中立國或無辜者蒙受災難。第二,能否解決問題? 2014年,烏克蘭危機、巴以沖突等局部地區對抗導致網絡衝突不斷,大規模網絡攻擊事件持續上演。以美國為首的西方國家對俄銀行、企業進行製裁,導致對美金融行業的網絡攻擊呈明顯上升趨勢。由此可見,從效果評估看,不能說威懾和武力對問題的解決沒有效果,但它不是萬能的。如果美俄這樣的大國在網絡空間動武,這會給世界和平帶來什麼樣的負面效應和惡果?

思維上是否可取?儘管美國擁有世界上最強大的軍隊、最先進的科技,但仍然在不斷尋找對手、渲染危機、誇大威脅。這讓整個世界缺少安全感,客觀上誘發不安定因素,激發負能量和潛在威脅。正是因為美國過度關注自身的國家利益,不願意為了國際體系良性發展,調整戰略訴求,才導緻美國從“9·11”事件以來,不斷陷入“安全困境”和“越反越恐”的怪圈,這種現象值得美國深思。

(作者係國家創新與發展戰略研究會副會長)。

Original Referring URL:  http://www.81.cn/wjsm/2016-02/17/

 

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security // 中國網絡戰如何拒絕外國入侵者關注國家安全

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security //

中國網絡戰如何拒絕外國入侵者關注國家安全

In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Original Mandarin Chinese:

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

Original Referring URL:  http://www.81.cn/jskj/2016-08/11/

Core Task of The Chinese Military Winning Localized War under Conditions of Informationization // 打贏信息化條件下局部戰爭是軍隊核心任務

Core Task of The Chinese Military Winning Localized War under Conditions of Informationization //

打贏信息化條件下局部戰爭是軍隊核心任務

2009/01/08 Article source: Liberation Army Daily

Focusing on local wars under the conditions of informatization and vigorously strengthening preparations for military struggle is a successful experience and an important guiding method for army building and a major strategic task for our military. Strategic tasks are numerous. In accordance with the established decision-making arrangements of the Central Military Commission, the People’s Army has made strides toward preparing for a new journey in military struggle.

Take the road of military struggle and prepare for rational development

New China has gone through nearly 60 years of history. For decades, the country once had a strong enemy and a crisis, but it has always stood firm and unyielding. There are many successful experiences. One important one is to prepare for a comprehensive and solid military struggle. It can be said that it is precisely with the people’s army “always ready” that it has built the steel great wall of the motherland’s security, safeguarded the happiness and tranquility of the people, and guaranteed the prosperity and development of the economy and society. Looking back on the stormy journey of preparations for military struggles for decades, behind the glory of achievements, we must also clearly see places that are not scientific enough. For example, many units are preparing for military struggles, overemphasizing specific threats in guiding ideology, relying too much on “situational stimuli”, causing the level of combat readiness to be weak and strong, and the construction of combat effectiveness to be high and low. The preparation for military struggle has not maintained autonomous and healthy. development of.

When things happen, things change, things change. At present, the preparations for military struggle are standing at a new historical starting point. The national security situation has undergone complex and profound changes. On the one hand, the traditional security threats and non-traditional security threats we are facing are increasing. The world’s major powers are increasingly competing in geostrategic competition around the country. The political situation in neighboring countries continues to be turbulent, and there are many hidden dangers in the regional security environment. The domestic separatist forces and their activities are rampant, the instability and uncertainties affecting national security are increasing, and the preparations for military struggle are facing unprecedented challenges. On the other hand, international unilateralism is frustrated, and the financial crisis has delayed global hegemonic expansion. The situation has been significantly eased, my main strategic direction has eased, and the preparations for military struggle are facing unprecedented opportunities. This opportunity is both strategic and historical. How to seize the opportunity, use the opportunity, and take advantage of the momentum is a realistic proposition that needs to be answered in preparation for the current military struggle. After 30 years of reform and development, our military has undergone a qualitative leap, with more comprehensive and informatized units, more technologically intensive and quality-efficiency features, and a wealth of achievements and advances in military struggle preparation. basic condition. Entering the new stage of the new century, President Hu focused on the special requirements of the party for national defense and army building, and endowed the military with the historical mission of “providing three to provide and play one”, emphasizing that “our army must enhance its ability to win local wars under conditions of informationization.” At the core, we are constantly improving our ability to respond to multiple security threats and accomplish diverse military tasks.” This series of major strategic ideas has adjusted the basic point of preparation for military struggle and expanded the task of preparing for military struggle. The establishment of this important guiding principle of the scientific concept of development puts forward higher requirements for the pursuit of military struggle, and is based on comprehensive, coordinated, sustainable development and people-oriented standards. There are still many ideas that need liberation, and many jobs. Innovation is needed and many aspects need to be improved.

In order to advance the preparations for military struggle under the new situation, we must seek changes based on the situation and make decisions based on the situation, and base ourselves on a new starting point for new development. We should strengthen preparations based on threats, strengthen all-round “threat awareness” and “enemy feelings”, fully recognize the grim reality that war is not far away and not only one, and unswervingly push forward preparations for military struggle. The task of the military should be based on the preparation of the task. The fundamental task of the army is to fight and prepare for war. You can not fight for a hundred years, but you can’t relax for a moment. You must comprehensively and systematically advance the preparations for military struggle in accordance with the standards for effectively fulfilling its functional mission. Based on the ability to prepare for the situation, jump out of the passive emergency preparedness mode led by the enemy, actively design the future war, plan and plan to improve the ability to deal with multiple security threats, complete diversified military tasks, and steadily and scientifically advance the preparations for military struggle.

Breaking through key points to improve the quality of military struggle preparation

Without a focus, there is no strategy, and without a focus, it is difficult to break through. Making full use of the important strategic opportunity period and grasping the key content to seek breakthroughs is not only an objective requirement to follow the inherent laws of military struggle preparation, but also an urgent need to comprehensively improve the actual combat capability of the troops.

As the most basic practical activity of the armed forces in peacetime, military training is the basic way to generate and develop combat power and is the most direct and effective preparation for military struggle. It is necessary to further raise the awareness of the importance of military training, effectively put military training in a strategic position, and truly form a new upsurge in the military training and vigorously promote the transformation of training. We should seize the key link in the formation of joint training, strengthen joint consciousness, improve joint quality, improve joint training regulations, improve joint training mechanism, and promote military training from form to substance. Training should be carried out in a complex electromagnetic environment as an important entry point and grasper, actively explore effective methods of organizing command training, combat technical countermeasures training and weaponry operation and use training, and accelerate the military training under the conditions of mechanization under military training conditions. change. We should use the mission subject training as a carrier to actively construct a battlefield environment that is close to actual combat, and explore the main methods of confrontation training, field training and base training, simulation training, and network training, with the test of truth, difficulty, and reality. Standards, taking the test, comparison, and pull as the practical training path of the implementation mechanism, enhance the effectiveness of training. Non-war military operations training should be actively carried out to improve the professional skills of non-war military operations and enhance the ability of the troops to complete diversified military missions.

Man is the most active and active element among the elements of combat effectiveness. Talent preparation is the most important and arduous preparation in the preparation for military struggle. The victory of the war depends on the battlefield, but the link that determines the outcome is in the usual competition, the focus of which is talent. At present, the key is to highlight the two “strategic graspers” of joint operational command talents and high-level professional and technical personnel, and to promote and promote the overall development of the talent team’s capacity building. Highlight the training of joint operations command personnel, focus on establishing and improving the training mode for commanders at the strategic level, focus on improving the training system for joint operations personnel, reform the content and methods of joint operations, increase the rotation and cross-training of commanding officers, and intensify joint operations. Strengthen emergency response and improve the relevant measures. Highlight the cultivation of high-level professional and technical personnel. In accordance with the principle of focusing on the key points, taking into account the general, grasping the leading, and driving the whole, we will focus on cultivating scientific and technological leaders who can organize major projects in interdisciplinary fields, and can guide the promotion of academic and technological innovation and development of top-notch talents, and can solve the complex technical support of equipment. The technical experts of the puzzles provide strong intellectual support for the construction of information technology.

The speed of the soldiers is the iron law of war guidance. Under the conditions of informationization, the “speed advantage” is emphasized. Rapid response capability has become an important indicator of the level of combat readiness and actual combat capability of an army. A sensitive and efficient emergency command mechanism should be improved. On the basis of summarizing the practical experience of our military in completing various military tasks in recent years, we will do a good job in solidifying and transforming relevant results, establish an emergency mechanism, improve laws and regulations, improve institutional setup, formulate response plans, and organize relevant training to ensure that once something happens. Quick response, efficient command, and correct action. An advanced and reliable command information system should be established. According to the requirements of good interoperability, responsiveness, security and confidentiality, and information sharing, an information network with vertical and horizontal to the edge and a comprehensive and simple command system are established, relying on information technology to improve emergency command and rapid response capability. Grasp the characteristics of strategic investment capacity building, focus on the development of strategic transport aircraft (ships), military helicopters and new types of aircraft, take into account the construction of traffic battlefields, explore the establishment of a smooth and efficient command and management mechanism, and promote the strategic transport capacity building as a whole.

Security is also a fighting force. Any combat action in modern warfare is a systemic confrontation, and the requirements for comprehensive guarantees are getting higher and higher. To advance preparations for military struggle, it is necessary to comprehensively improve the comprehensive support capabilities such as operational support, logistics support, and equipment support. Our military has always paid attention to the coordination and promotion of combat forces and the construction of combat support forces. The support capabilities of reconnaissance and early warning, command and communication, surveying and mapping, meteorological and hydrological, and engineering defense have all been simultaneously improved. However, with the development of the situation and the continuous expansion of the battlefield space, the battle support capability system has begun to appear a new “short board”, which must be completed as soon as possible to form the overall advantage of the joint operations of the full-dimensional battlefield. The focus of logistics support is to improve the level of modernization. In accordance with the requirements of the development of the times, we will steadily implement the logistics reform, and promote the security system to the integration, the security mode to the socialization, the security means to the informationization, the logistics management to the scientific transformation, and promote the sound and rapid development of logistics. The focus of equipment support is to strengthen supporting construction. Improve the ability of independent innovation, accelerate the development of new weapons and equipment, and continuously optimize the structure of our military’s weapons and equipment. Pay attention to equipment system support, system support and support construction, improve equipment serialization, generalization, and standardization level, gradually promote equipment into system to form combat capability and support capability, and accelerate the establishment of weapons and equipment for military-civilian integration and military integration. Scientific research and production system and maintenance guarantee system, further improve the way of military and civilian integration and development of equipment.

Adhere to scientific development and innovation, preparation for military struggle

To advance the preparations for military struggle at a new starting point, we must adhere to the scientific development concept as a guide, and effectively use the way of thinking that meets the requirements of the times to explore the development path for the preparation of innovative military struggles.

Continue to emancipate the mind and advance the preparations for military struggle in the tide of military reform. The deeper the preparations for military struggle, the more deep-seated contradictions and problems that touch on development concepts, institutional mechanisms, policies and systems, and the greater the difficulty of advancing. The fundamental way to solve these problems lies in continuing to emancipate the mind and deepen the reform of national defense and army building. The strategic goal of the military reform is to build an information-based army and win an information-based war. This is consistent with the basic point of preparation for military struggle. Preparation for military struggle is the leader and traction of military reform. Military reform is an important content and optimization condition for military struggle preparation. The two goals are consistent and mutually reinforcing. Therefore, in order to advance the preparations for military struggle under the new situation, we must combine the promotion of national defense and military reform, take the improvement of combat effectiveness as the starting point and the foothold of reform, unify the reform thinking with combat effectiveness standards, measure reform measures, test the effectiveness of reforms, and promote reforms. Preparation for military struggle.

Strengthen scientific co-ordination and coordinate the preparations for military struggle in the process of military modernization. The modernization of the military is a big system, and the preparation for military struggle is the key to taking the initiative and moving the whole body. When the military struggle is ready, it will provide clear and specific needs for the overall development of our military’s modernization drive, provide a real grasp and form a huge traction force. We must stand at the height of the overall development of the military’s modernization drive, effectively coordinate the relationship between the primary and secondary, far and near, construction and use, turn the process of preparation for military struggle into a process of strengthening the modernization of the military, and transform the process of military modernization. In order to serve the military struggle preparation process, the two will promote each other and coordinate development.

Adhere to information-led and innovate to advance military struggle preparations in the transformation of combat capability generation mode. At present, information technology is profoundly changing the combat generation model, and it is also changing all aspects of army building. To advance the preparations for military struggle, we must be keenly adapted to this new situation, take the initiative to jump out of the mechanized mindset, strengthen the information-led concept, focus on relying on scientific and technological progress to improve combat effectiveness, and explore innovative military concepts, military technology, military organizations, and military that meet the requirements of informationized warfare. Management, focus on improving the level of informationization of military personnel training, weapon and equipment development, and the best combination of man and weapon, accelerate the transformation of military training, gradually establish an effective mechanism for the formation and improvement of new combat capabilities, and promote the preparation of military struggle to achieve a qualitative leap.

Highlight the actual combat and accelerate the preparation of military struggles in completing various military tasks. Practice tells us that no matter how the international situation evolves, how the military’s functional mission expands, and how diversified military tasks are, it is always the top priority of our military to contain wars, win wars, and maintain peace. Local war is always the core task of our army. Only with the core military capabilities and a diversified military mission can there be a solid foundation. We must always put the core military capabilities at the forefront, aim at the fundamental functions and promote comprehensive preparations, and do more preparations without “single-on-one”, sorting preparations rather than “one size fits all”, deep preparations instead of “surfaced”, and efforts to make troops Ability to adapt to various conditions, respond to various situations, and complete diverse military tasks.

Original Mandarin Chinese:

以打贏信息化條件下局部戰爭為重點,大力加強軍事鬥爭準備,是軍隊建設的一條成功經驗和重要指導方式,是我軍一項重大的戰略任務。戰略任務重千鈞。人民軍隊按照中央軍委既定的決策部署,向著軍事鬥爭準備新征程闊步邁進。

走軍事鬥爭準備理性化發展之路

新中國走過近60年曆程。幾十年來,國家一度強敵環伺、危機四伏,卻始終屹立不屈,不斷生息壯大。成功的經驗有很多,很重要的一條就是靠全面紮實的軍事鬥爭準備。可以說,正是有了人民軍隊“時刻準備著”,才鑄就了祖國安全的鋼鐵長城,守護了人民群眾的幸福安寧,保障了經濟社會的繁榮發展。回顧幾十年軍事鬥爭準備的風雨征程,在成績的榮耀光環背後,我們也要清醒看到不夠科學的地方。比如不少單位抓軍事鬥爭準備,在指導思想上過於強調具體威脅,過度依賴“情況刺激”,造成戰備水平忽強忽弱,戰鬥力建設忽高忽低,軍事鬥爭準備沒有保持自主、健康地持續發展。

時異則事移,事異則備變。當前,軍事鬥爭準備又站在了一個嶄新的歷史起點上。國家安全形勢發生復雜深刻變化,一方面,我們面臨的傳統安全威脅和非傳統安全威脅都在增加,世界主要大國在我周邊地緣戰略競爭不斷加劇,周邊國家政局持續動盪,地區安全環境存在諸多隱患,國內民族分裂勢力及其活動猖獗,影響國家安全的不穩定、不確定因素增多,軍事鬥爭準備面臨前所未有的挑戰;另一方面,國際上單邊主義受挫,金融危機拖延了全球霸權擴張,台海形勢明顯緩和,我主要戰略方向壓力有所減輕,軍事鬥爭準備面臨前所未有的機遇。這個機遇既是戰略性的,也是歷史性的。怎樣抓住機遇、用好機遇、乘勢推進,是當前軍事鬥爭準備需要回答的現實命題。經過30年改革發展,我軍建設出現質的跨越,部隊合成化、信息化程度更高,科技密集型、質量效能型特徵更加明顯,軍事鬥爭準備有了可資利用的豐富成果和推進躍升的基礎條件。進入新世紀新階段,胡主席著眼黨對國防和軍隊建設的特殊要求,賦予軍隊“三個提供、一個發揮”的歷史使命,強調“我軍必須以增強打贏信息化條件下局部戰爭能力為核心,不斷提高應對多種安全威脅、完成多樣化軍事任務的能力”。這一系列重大戰略思想,調整了軍事鬥爭準備的基點,拓展了軍事鬥爭準備的任務內容。科學發展觀這一重要指導方針的確立,對軍事鬥爭準備提出了好中求快的更高要求,按照全面、協調、可持續發展和以人為本的標準來衡量,還有很多思想需要解放,很多工作需要創新,很多方面需要提高。

新形勢下推進軍事鬥爭準備,必須因勢求變、因情定策,立足新的起點,謀求新的發展。應基於威脅抓準備,強化全方位的“威脅意識”和“敵情觀念”,充分認清戰爭並不遙遠且不只一種的嚴峻現實,堅定不移地推進軍事鬥爭準備。應基於任務抓準備,軍隊的根本任務是打仗和準備打仗,仗可以百年不打,但準備一刻也不能放鬆,必須按照有效履行職能使命的標準,全面系統地推進軍事鬥爭準備。應基於能力抓準備,跳出被敵情牽著走的被動應急準備模式,主動設計未來戰爭,有規劃有計劃地提高應對多種安全威脅、完成多樣化軍事任務能力,穩步科學地推進軍事鬥爭準備。

以重點突破提高軍事鬥爭準備質量

沒有重點就沒有戰略,沒有重點就難以突破。充分利用重要戰略機遇期,抓住重點內容謀求突破,既是遵循軍事鬥爭準備內在規律的客觀要求,更是全面提高部隊實戰能力的迫切需要。

軍事訓練作為和平時期軍隊最基本的實踐活動,是戰鬥力生成和發展的基本途徑,是最直接、最有效的軍事鬥爭準備。必須進一步提高對軍事訓練重要性的認識,切實把軍事訓練擺到戰略位置,真正在部隊形成大抓軍事訓練、大力推進訓練轉變的新高潮。應抓住聯合訓練這個戰鬥力生成的關鍵環節,強化聯合意識,提高聯合素質,健全聯訓法規,完善聯訓機制,推動軍事訓練從形式到實質的聯合。應以復雜電磁環境下訓練為重要切入點和抓手,積極探索組織指揮訓練、戰技術對策研練和武器裝備操作使用訓練的有效辦法,加速推進機械化條件下軍事訓練向信息化條件下軍事訓練轉變。應以使命課題訓練為載體,積極構設近似實戰的戰場環境,探索以對抗訓練、野戰化訓練和基地化訓練、模擬化訓練、網絡化訓練等為主要方式,以真、難、實為檢驗標準,以考、比、拉為落實機制的實戰化訓練路子,增強訓練實效。應積極開展非戰爭軍事行動訓練,提高部隊遂行非戰爭軍事行動專業技能,增強部隊完成多樣化軍事任務的能力。

人是戰鬥力諸要素中最積極、最活躍的要素,人才准備是軍事鬥爭準備中最重要、最艱鉅的準備。戰爭勝負決於戰場,但決定勝負的環節卻在平時的競爭之中,其中的重點就是人才。當前,關鍵是要突出聯合作戰指揮人才和高層次專業技術人才兩個“戰略抓手”,牽引和推動人才隊伍能力建設的整體發展。突出聯合作戰指揮人才培養,重點建立健全戰略戰役層次指揮員培養提高模式,圍繞完善聯合作戰人才培訓體系、改革聯合作戰教學內容和方法、加大指揮軍官崗位輪換和交叉培訓力度、加緊聯合作戰指揮人才應急培訓等,加強和完善有關措施。突出高層次專業技術人才培養。按照突出重點、兼顧一般、抓住龍頭、帶動整體的原則,重點培養能夠跨學科領域謀劃組織重大項目攻關的科技領軍人才、能夠指導推進學術技術創新發展的學科拔尖人才、能夠解決裝備技術保障複雜難題的技術專家人才,為信息化建設提供強有力的智力支撐。

兵貴神速是戰爭指導的鐵律,信息化條件下更強調“速度優勢”。快速反應能力已成為衡量一支軍隊戰備水平和實戰能力的重要標誌。應健全靈敏高效的應急指揮機制。在總結梳理近年我軍完成多樣化軍事任務實踐經驗的基礎上,抓好相關成果的固化和轉化,建立應急機制,健全法規制度,完善機構設置,制定應對預案,組織相關研練,確保一旦有事能快速反應、高效指揮、正確行動。應建立先進可靠的指揮信息系統。按照互操作性好、反應靈敏、安全保密和信息共享的要求,建立縱向到底、橫向到邊的信息網絡和綜合一體、層級簡捷的指揮系統,依靠信息技術提高應急指揮與快速反應能力。把握戰略投送能力建設的特點規律,重點發展戰略運輸機(艦)、軍用直升機和新型航行器,統籌考慮交通戰場建設,探索建立順暢高效的指揮管理機制,整體推進戰略輸送能力建設。

保障也是戰鬥力。現代戰爭中的任何一次作戰行動,都是體系的對抗,對綜合保障的要求越來越高。推進軍事鬥爭準備,必須全面提高作戰保障、後勤保障和裝備保障等綜合保障能力。我軍歷來注重協調推進作戰力量與作戰保障力量建設,偵察預警、指揮通信、測繪導航、氣象水文、工程防化等保障能力總體實現了同步提高。但隨著形勢的發展變化和戰場空間的不斷拓展,作戰保障能力體系開始出現新的“短板”,必須盡快補齊,以形成全維戰場的聯合作戰整體優勢。後勤保障重點是提高現代化水平。按照時代發展要求,穩步實施後勤改革,將保障體制向一體化推進、保障方式向社會化拓展、保障手段向信息化邁進、後勤管理向科學化轉變,推動後勤建設又好又快發展。裝備保障重點是加強配套建設。提高自主創新能力,加快新型武器裝備建設發展,不斷優化我軍武器裝備結構體系。注重裝備的體系配套、系統配套和保障配套建設,提高裝備系列化、通用化、標準化水平,逐步推進裝備成系統成建制形成作戰能力和保障能力,加快建立軍民結合、寓軍於民的武器裝備科研生產體系和維修保障體系,進一步完善軍民融合發展裝備的路子。

堅持科學發展創新軍事鬥爭準備路徑

在新的起點上推進軍事鬥爭準備,必須堅持以科學發展觀為指導,切實運用符合時代要求的思維方式,探索創新軍事鬥爭準備的發展路徑。

繼續解放思想,在軍隊改革大潮中整體推進軍事鬥爭準備。軍事鬥爭準備越深入,觸及發展理念、體制機制、政策制度等方面的深層次矛盾和問題就越多,推進的難度也越大。解決這些問題的根本出路,在於繼續解放思想、深化國防和軍隊建設改革。軍隊改革的戰略目標是建設信息化軍隊、打贏信息化戰爭,這與軍事鬥爭準備的基點是一致的。軍事鬥爭準備是軍隊改革的龍頭和牽引,軍隊改革則是軍事鬥爭準備的重要內容和優化條件,二者目標一致、互為促進。因此,新形勢下推進軍事鬥爭準備,必須與推進國防和軍隊改革結合起來,把提高戰鬥力作為改革的出發點和落腳點,用戰鬥力標準統一改革思想,衡量改革措施,檢驗改革成效,在改革中推進軍事鬥爭準備。

加強科學統籌,在軍隊現代化建設進程中協調推進軍事鬥爭準備。軍隊現代化建設是個大系統,軍事鬥爭準備則是牽一發而動全身的關鍵。軍事鬥爭準備做好了,就能為我軍現代化建設整體發展提供明確具體的需求,提供實實在在的抓手,形成巨大的牽引力量。必須站在軍隊現代化建設發展全局的高度,切實統籌好主與次、遠與近、建與用等關係,把軍事鬥爭準備的過程變成加強軍隊現代化建設的過程,把軍隊現代化建設的過程變成服務軍事鬥爭準備的過程,使二者互為促進,協調發展。

堅持信息主導,在戰鬥力生成模式轉變中創新推進軍事鬥爭準備。當前,信息技術正在深刻改變著戰鬥力生成模式,也在改變著軍隊建設的方方面面。推進軍事鬥爭準備,必須敏銳地適應這個新形勢,主動跳出機械化思維定勢,強化信息主導觀念,注重依靠科技進步提高戰鬥力,探索創新適應信息化戰爭要求的軍事理念、軍事技術、軍事組織和軍事管理,著力提高軍事人才培養、武器裝備發展、人與武器最佳結合的信息化水平,加快推進軍事訓練轉變,逐步確立新型戰鬥力生成與提高的有效機制,推動軍事鬥爭準備實現質的躍升。

突出實戰牽引,在完成多樣化軍事任務中加速推進軍事鬥爭準備。實踐告訴我們,無論國際局勢如何演變、軍隊的職能使命如何拓展、多樣化軍事任務多麼繁重,遏制戰爭、打贏戰爭、維護和平始終是我軍職能的重中之重,打贏信息化條件下局部戰爭永遠是我軍的核心任務。只有具備了核心軍事能力,完成多樣化軍事任務才有堅實基礎。必須始終把提高核心軍事能力放在首要位置,瞄準根本職能推進全面準備,做到多手準備而不“單打一”,分類準備而不“一刀切”,深入準備而不“表面化”,努力使部隊具備適應各種條件、應對各種情況、完成多樣化軍事任務的能力。 (趙立德)

Original Referring URL:  http://www.china.com.cn/military/txt/2009-01/08/

Maintaining Chinese Cyber & Network Security Launching the People’s Fifth Space War //维护中國网络安全,打响第五空间人民战争

Maintaining Chinese Cyber & Network Security Launching the People’s Fifth Space War

//维护中國网络安全,打响第五空间人民战争

President Xi clearly pointed out at the symposium on cybersecurity and informatization: “Network security is for the people, network security depends on the people, and maintaining network security is the common responsibility of the whole society. It requires the government, enterprises, social organizations, and the majority of netizens to participate together. Network security defense. ” 
Maintening China’s network security is an important measure to coordinate and promote the comprehensive construction of a well-off society, comprehensively deepen reforms, comprehensively govern the country according to law, and comprehensively and strictly manage the party’s strategic layout. It is to achieve the goal of “two hundred years” and achieve The important guarantee for the great rejuvenation of the Chinese dream of the Chinese nation.Please pay attention to the report of the “Liberation Army Daily” today –

 

Breaking through the online and offline boundaries, the security situation is severe and complicated

An inconspicuous “worm” has caused an uproar in the world – in May this year, cyberattacks initiated by criminals through tampering with the “eternal blue” program in the National Security Agency arsenal made most of Europe Countries and regions have successively recruited and affected important infrastructures including government, banks, power systems, communication systems, energy companies, airports, and other computer systems in many hospitals in the United Kingdom, resulting in some patients not being able to undergo surgery in time.

Behind this ransomware incident is the escalating confrontational conflict in cyberspace. Zhao Zhiguo, director of the Network Security Administration of the Ministry of Industry and Information Technology, said that only this year, the Ministry of Industry and Information Technology organized the industry forces and coordinated the handling of many attacks against the network and important systems, covering viruses, Trojans, vulnerabilities, traffic attacks and other types, involving network infrastructure public. Systems, important information systems and terminals. “It can be said that cyberattacks are still in a high-risk situation, showing that the threshold is constantly decreasing, the objects are more extensive, and the means are more diverse.”

The data shows that as of the first half of this year, the number of Internet users in China reached 751 million, and the Internet penetration rate reached 54.3%. “When the scale of the Internet is getting bigger and bigger, the challenges facing network security are becoming more and more serious.” In the view of Wu Jianping, an academician of the Chinese Academy of Engineering and a professor at Tsinghua University, the field of network security is constantly expanding. From a global perspective, the threat of cyberattacks is infiltrating into the industrial Internet sector, and industrial Internet security incidents are frequent. In December 2015, a large-scale organized and premeditated directed cyber attack in Ukraine caused a continuous power outage in nearly one-third of the territory. At present, the key infrastructure of various countries has become the target of cyber attacks. Once attacked, it will cause immeasurable damage to national security and social stability.

“The tentacles of cyber attacks extend to all aspects of society, and they are highly integrated online and offline. Network security is becoming the core issue of global security.” Zhou Hongyi, chairman of Qihoo 360, believes that after more than 20 years of development, the Internet is no longer An industry that is increasingly integrated with society as a whole. Coupled with the development of the Internet of Things, the Internet of Vehicles, and the Industrial Internet, the boundaries between the real physical world and the virtual world of the Internet are broken, and the online and offline are integrated. In this context, the attacks in the online world begin to spread to our real world. .

To be sure, the forms of cyber attacks are diverse and complex, and the cyber security situation is still grim. Global cybersecurity has gradually entered a era of security involving national security, national defense security, social security, industrial security, infrastructure security and even personal security.

There is no battlefield for smoke, and cyber war has never died.

There is a term in the software development industry called “Thousand Line Code Defect Rate”, which means the vulnerability rate in a thousand lines of code. There is probably a vulnerability in every thousand lines of code in most software companies. According to calculations, the code size of the most commonly used Windows operating system is about 50 million lines, and the Android system is about 12 million lines. The loopholes can be imagined.

“There are only two systems in the world, one is a system that has been known to be broken, and the other is a system that has been broken but not yet known.” The first US Army commander Alexander at the 2015 China Internet Security Conference The speech was impressive, and his point was that there was no safe system in front of the attackers.

“Any network system in the real world, even if the design is more sophisticated, the structure is more complicated, there will be loopholes without exception.” Zhou Hongyi pointed out that the 360 ​​community patching vulnerability response platform discovered more than 80,000 holes a year. These vulnerabilities may become the soft underbelly of the system suffering from cyber attacks.

The 360 ​​Threat Intelligence Center found that among the many advanced sustainable threats they monitored, the attackers had mostly infiltrated or lurked for a long time and concealed themselves through various means.

There are examples to prove. The Bushehr nuclear power plant, located 100 kilometers south of the Iranian capital Tehran, was a secret target guarded by the National Defence Force. In July 2010, it was attacked by a new type of network virus called “Seismic Network”. The 8000 centrifuges working in the nuclear power plant suddenly In the event of a failure, computer data was lost in a large area, and thousands of units were physically damaged. In 2014, internal documents of two nuclear power plants in South Korea were leaked, including personal information of nearly 10,000 employees of nuclear power plants, operating instructions for nuclear power plants, air conditioning and cooling systems. Design drawings, valve design drawings, etc. A US government report said that since May this year, hackers have been infiltrating the computer networks of US nuclear power plants and other energy equipment companies.

Unlike traditional warfare, which has a clear beginning and end, cyber warfare is constantly being declared. In this sense, the world has entered the era of cyber warfare. On the battlefield where there is no smoke, the planes and artillery that people paid attention to in the past have disappeared, and the new network virus has already appeared on the scene.

“The cyberattacks on critical infrastructure can even surpass the war in the traditional sense. It is almost impossible for nuclear states to use nuclear weapons, but cyber attacks are currently close to being unconstrained.” Cyberspace Security and Security Liu Weijun, a professor at the Center for Rule of Law, said that even worse than the destruction of the Ukrainian power system, nuclear power plants were attacked, directly threatening national security.

Relying on the people is the key path to building a network power

In September this year, with the theme of “Network Security for the People, Network Security Relying on the People”, a feature film “Fifth Space” became popular.

“People are always the most important factor. Network security is not a matter of purchasing and deploying a batch of network security equipment and stacking some products. It also requires a large number of professionals to analyze, judge, respond and dispose of.” Zhou Hongyi said It is necessary to play every network user so that everyone can actively play their role.

It is understood that since 2014, China has continuously held national network security publicity activities, popularized network security knowledge, strengthened network security education, and promoted a good atmosphere in which the whole society attaches importance to network security. “National cybersecurity propaganda should enhance the awareness of cyber security among all people, pay attention to the improvement of cyber security prevention capabilities, and let the broad masses of people have the awareness and ability to maintain their own network security. They can use the network like water, electricity, and fire. Qin An, director of the China Cyberspace Strategy Institute and director of the Internet Policy and Law Research Center of Tianjin University, said that cybersecurity depends on the people. Only relying on the people is the key path to building a network power.

“To maintain network sovereignty, it is necessary to strengthen the construction of defense forces in cyberspace and enhance the self-defense capabilities of cyberspace.” Qin An pointed out that the “Network Security Law” was officially implemented on June 1 this year, and one of its core objectives is to maintain cyber sovereignty. At the same time, the “International Cooperation Strategy for Cyberspace” promulgated on March 1 this year, in the third chapter of the strategic objectives to maintain sovereignty and security, for the first time to define the national definition of defensive forces in cyberspace, the construction of cyberspace defense forces as China’s national defense and military modernization Important content of construction.

The national defense white paper “China’s Military Strategy” clearly states that it is necessary to speed up the construction of cyberspace forces, improve the cyberspace situational awareness, cyber defense, support national cyberspace struggles and participate in international cooperation, curb major cyberspace crisis, and safeguard national networks and Information security, safeguarding national security and social stability.

Safety is the premise of development, and development is the guarantee of security. Building a network power, the nation’s awareness of improving network security is the foundation. At present, China is accelerating its march from a big network country to a network power. More than 1.3 billion Chinese people really enjoy the new achievements brought about by the development of the Internet. For the realization of the goal of “two hundred years”, the strategy of network power will play a role. More and more important support.

Construct an unbreakable security line

■ Li Yang

In the report of the 19th National Congress of the Communist Party of China, President Xi proposed to strengthen the application of basic research, expand the implementation of major national science and technology projects, highlight key common technologies, leading-edge technologies, modern engineering techniques, and subversiveness. Technological innovation provides strong support for building a strong country in science and technology, a country with strong quality, a strong country in space, a network power, a powerhouse, a digital China, and a smart society. Among them, the strategy of network power is once again mentioned, exciting and inspiring. In line with the development trend of the times, comprehensive maintenance of cyberspace security is the only way to build a network power.

The Cong listened to the silence, and the Ming was seen in the shape. With the rapid development of the information revolution, the network space consisting of the Internet, communication networks, computer systems, automation control systems, digital devices and their applications, services and data has profoundly affected the historical development of human society and comprehensively changed people’s production. lifestyle. Especially in the current global economic integration and internationalization of professional division of labor, cyberspace security is characterized by soft activity, border flexibility, diversification of means, domain widening and diversification of power, and is increasingly expanding to The mixed complex confrontation between the state, the military, and various purpose-oriented organizations and individuals implies a mixed risk of defamation of productivity, culture, and combat effectiveness.

The person in charge of the relevant department of the Central Network Office said that the five years since the 18th National Congress of the Communist Party of China was the fastest five years of cyberspace security development and five years of brilliant achievements in the field of cyberspace security. The “China Internet Station Development Status and Safety Report (2017)” shows that the tampering websites and government websites in China fell by 31.7% and 47.9% respectively last year. The overall level of government website security protection has been greatly improved; DDoS attacks of more than 1G have dropped by 60%.

The results are gratifying, but they should also be soberly aware that there are still many problems in the actual work that cannot keep up with the ideological concepts, and that there are consensuses that are difficult to implement. The implementation of cyberspace security measures is not in place or even “hanging the gap”. Cyberspace security is a holistic security. If a link is broken, it may lead to the collapse of the entire network. We can’t be lucky and slack, we must start from the various aspects of technology, equipment, personnel, management, etc., and build and deploy according to the road map of “laying up positions, deploying capabilities, and forming systems”. Practice, actively discover vulnerabilities, eliminate potential threats, continuously improve the security of cyberspace, and achieve new developments at a new starting point.

The construction of cyberspace security is a long-term, complex system engineering, which is not easy to beat and drum. To achieve this goal, there is not only a slap in the face, but also the tenacity of “do not relax”. It must be step by step, gradually promoted and implemented. Only in this way can we build an unbreakable security line.

Original Mandarin Chinese:

习主席在网络安全和信息化工作座谈会上明确指出:“网络安全为人民,网络安全靠人民,维护网络安全是全社会共同责任,需要政府、企业、社会组织、广大网民共同参与,共筑网络安全防线。”
维护我国网络安全,是协调推进全面建成小康社会、全面深化改革、全面依法治国、全面从严治党战略布局的重要举措,是实现“两个一百年”奋斗目标、实现中华民族伟大复兴中国梦的重要保障。请关注今日《解放军报》的报道——

维护网络安全,打响第五空间人民战争

■何楚洋

突破线上线下界限,安全形势严峻复杂

一只不起眼的“蠕虫”,竟然在全球引起了轩然大波——今年5月,由不法分子通过篡改美国国家安全局武器库中的“永恒之蓝”程序而发起的网络攻击,使大多数欧洲国家和地区相继中招,波及到包括政府、银行、电力系统、通信系统、能源企业、机场等重要基础设施,如英国多家医院的电脑系统瘫痪,导致部分病人无法及时接受手术。

这起勒索病毒事件的背后,是网络空间日益升级的对抗冲突。工信部网络安全管理局局长赵志国表示,仅今年工信部就组织行业力量,相继协调处置多起针对网络和重要系统的攻击事件,涵盖病毒、木马、漏洞、流量攻击等多种类型,涉及网络基础设施公共系统、重要信息系统和终端。“可以说网络攻击仍处于高发态势,呈现出门槛不断降低,对象更加广泛,手段更加多样。”

数据显示,截至今年上半年,我国网民规模达7.51亿,互联网普及率达54.3%。“当互联网的规模越来越大,网络安全面临的挑战也是日趋严峻的。”在中国工程院院士、清华大学教授吴建平看来,网络安全的领域正在不断延伸。从全球角度来看,网络攻击威胁正向工业互联网领域渗透,工业互联网安全事件频发。2015年12月,乌克兰发生了一次影响巨大的有组织、有预谋的定向网络攻击,致使乌境内近三分之一的地区持续断电。目前各国的关键基础设施已成为网络攻击的对象,一旦被攻击导致瘫痪,将给国家安全、社会稳定造成不可估量的伤害。

“网络攻击的触手延伸到社会各个方面,线上与线下高度融合,网络安全正在成为全球安全的核心问题。”奇虎360公司董事长周鸿祎认为,经过20多年的发展,互联网已经不再是一个行业,它与整个社会的结合越来越紧密。加上现在物联网、车联网、工业互联网的发展,真实物理世界和网络虚拟世界的界限被打破,线上线下连成一体,在这样的背景下,网络世界的攻击开始蔓延到我们的真实世界。

可以肯定的是,网络攻击形式多样复杂,网络安全形势依然严峻,全球网络安全逐渐进入到涉及国家安全、国防安全、社会安全、产业安全、基础设施安全甚至人身安全的大安全时代。

没有硝烟的战场,网络战从未偃旗息鼓

软件开发行业里有个名词,叫“千行代码缺陷率”,意思是一千行代码中的漏洞率。绝大部分软件公司的每一千行代码就有可能存在一个漏洞。据计算,最常使用的Windows操作系统的代码量是5000万行左右,安卓系统大概是1200万行,其中的漏洞可想而知。

“世界上只有两种系统,一种是已知被攻破的系统,一种是已经被攻破但自己还不知道的系统。”美国首任网军司令亚历山大在2015年的中国互联网安全大会上的发言让人印象深刻,他的观点是,在攻击者面前,没有任何安全的系统。

“现实世界中的任何网络系统,即使设计再精巧,结构再复杂,无一例外都会有漏洞。”周鸿祎指出,360社区补天漏洞响应平台一年发现的漏洞数就超过了8万个。这些漏洞,都有可能成为系统遭受网络攻击的软肋。

360威胁情报中心发现,他们监测到的多个高级可持续威胁事件中,攻击者大都已经渗透或者潜伏了很长时间,并且通过各种手段隐匿自己。

有例为证。位于伊朗首都德黑兰以南100公里的布什尔核电站是由国防军守卫的机密目标,在2010年7月被一种名为“震网”的新型网络病毒侵害,核电站里正在工作的8000台离心机突然出现故障,电脑数据大面积丢失,上千台被物理性损毁;2014年,韩国2座核电站的内部文件遭到泄露,包括核电站近万名员工的个人信息、核电站程序运行说明、空调和冷却系统设计图、阀门设计图等。美国政府的一份报告称,自今年5月以来,黑客一直在渗透美国核电站和其他能源设备公司的计算机网络。

不同于传统战争有明显的开始和结束,网络战时时刻刻都在不宣而战。从这层意义上说,全世界已经进入网络战时代。而在这片不见硝烟的战场上,过去人们关注的飞机、大炮不见踪影,新型的网络病毒就已经粉墨登场了。

“对关键基础设施的网络攻击,其破坏效果甚至能超越传统意义上的战争。有核国家几乎不可能动用核武器,但是网络攻击在目前却接近于不受任何约束。”公安大学网络空间安全与法治协创中心教授刘为军表示,与乌克兰的电力系统遭到破坏相比,更可怕的是核电站遭到攻击,直接威胁着国家安全。

依靠人民,才是建设网络强国关键路径

今年9月,以“网络安全为人民,网络安全靠人民”为主题的第四届网络安全周上,一部专题片《第五空间》迅速走红成为人们热议的焦点。

“人永远是最重要的因素,网络安全不是购买并部署一批网络安全设备、堆砌一些产品就能防得住的,还需要大量的专业人员来做分析、研判、响应和处置。”周鸿祎说,要把每一个网络用户发挥起来,让每一个人都能积极发挥自己的作用。

据了解,我国自2014年起,开始连续举办国家网络安全宣传活动,普及网络安全知识,加强网络安全教育,推动形成全社会重视网络安全的良好氛围。“国家网络安全宣传要在提升全民网络安全意识的同时,重视网络安全防范能力的提升,让广大人民群众既有意识又有能力维护自身网络安全,能够像用水、用电、用火一样用好网络。”中国网络空间战略研究所所长、天津大学互联网政策与法律研究中心主任秦安表示,网络安全依靠人民,只有依靠人民,才是建设网络强国关键路径。

“维护网络主权,就要加强网络空间国防力量建设,提升网络空间的自卫能力。”秦安指出,《网络安全法》于今年6月1日起正式实施,其核心目标之一就是维护网络主权。同时,今年3月1日颁布的《网络空间国际合作战略》在第三章战略目标维护主权与安全部分,首次明确网络空间国防力量的国家定义,将网络空间国防力量建设作为我国国防和军队现代化建设的重要内容。

国防白皮书《中国的军事战略》明确提出,要加快网络空间力量建设,提高网络空间态势感知、网络防御、支援国家网络空间斗争和参与国际合作的能力,遏控网络空间重大危机,保障国家网络与信息安全,维护国家安全和社会稳定。

安全是发展的前提,发展是安全的保障。建设网络强国,全民提升网络安全意识是基础。当前,我国正在加速从网络大国向网络强国迈进,13多亿中国人民实实在在享受到互联网发展带来的新成果,为着“两个一百年”奋斗目标的实现,网络强国战略将发挥着越来越重要的支撑作用。

构筑牢不可破的安全防线

“善其谋而后动,成道也。”习主席在党的十九大报告中提出,加强应用基础研究,拓展实施国家重大科技项目,突出关键共性技术、前沿引领技术、现代工程技术、颠覆性技术创新,为建设科技强国、质量强国、航天强国、网络强国、交通强国、数字中国、智慧社会提供有力支撑。其中,网络强国战略再次被提及,令人振奋,鼓舞人心。顺应时代发展趋势,全面维护网络空间安全,就是建设网络强国的必由之路。

聪者听于无声,明者见于未形。伴随信息革命的飞速发展,由互联网、通信网、计算机系统、自动化控制系统、数字设备及其承载的应用、服务和数据等组成的网络空间,深刻影响人类社会历史发展进程,全面改变人们的生产生活方式。尤其是在当前全球经济一体化、专业分工国际化的大环境下,网络空间安全呈现出活动软性化、边境弹性化、手段多样化、范畴全域化和力量多元化的特征,并且日益扩展为国家、军队及各种目的性组织和个人之间的混合复杂对抗,蕴含着毁瘫生产力、文化力、战斗力的混合风险。

中央网信办相关处室负责人表示,党的十八大以来的五年,是网络空间安全发展最快的五年,也是网络空间安全领域取得辉煌成绩的五年。《中国互联网站发展状况及其安全报告(2017)》显示,去年我国境内被篡改网站与政府网站分别下降31.7%和47.9%。政府网站安全防护水平整体得到了很大提高;1G以上DDoS攻击事件下降60%。

成绩固然喜人,但也应当清醒地看到,实际工作中还存在着思想观念跟不上、有共识难落实等诸多问题,网络空间安全措施执行不到位甚至“挂空挡”情况依然存在。网络空间安全,是整体性安全,一个环节被攻破,就可能导致全网的崩溃。我们不能心存侥幸和懈怠,必须扎扎实实地从技术、装备、人员、管理等各个环节入手,按“布设阵地、配置能力、形成体系”的路线图进行建设和部署,真刀真枪地开展演练,主动发现漏洞,消除潜在威胁,不断提升网络空间安全保障能力,在新的起点上实现新发展。

网络空间安全的构建是一项长期、复杂的系统工程,绝非敲锣打鼓、轻轻松松实现的。实现这一目标,既少不了一鸣惊人的霹雳手段,更需要有“咬定青山不放松”的韧劲,必须一步一个脚印,逐步推进,落地落实。惟有如此,才能构筑牢不可破的安全防线。

Original referring URL:  http://www.81.cn/jskj/2017-11/29/

What is the main reason for US military network warfare? // 美军网络战主要干什么?

What is the main reason for US military network warfare? //

美军网络战主要干什么?

Source: PLA Daily Author: Chen Hanghui Editor: Yao Yuan

Recently, the US military has been “big move” in the field of cyber warfare. On October 24th, the US Department of Defense announced in a high-profile manner that the network task force directly under the US Cyber ​​Command has the initial operational capability to perform basic cyber warfare tasks. From wielding the “cyber weapon stick” to the announcement of major progress in the construction of network forces, the United States intends to send a message to the outside world – the US military has basically built a network warfare power system and strives for the hegemonic position of the “fifth space.”

Strategic guidance –

Create a network action force system

As the creator of the Internet, the US military was the first to plan the formation of a cyber warfare army. As early as 1995, the US National Defense University trained 16 network warriors who relied on computers for information confrontation. From the development history of the past 20 years, strengthening strategic guidance and doing a good overall planning is a basic experience for the rapid development of the US military’s cyber warfare forces.

In 2002, the then President Bush signed the “National Security Order No. 16” and asked the Ministry of Defense to take the lead in formulating a cyberspace action strategy. In December of the same year, the US Navy took the lead in setting up the Cyber ​​Command, and the Air Force and the Army also quickly followed up to form a service network force. In March 2005, the US Department of Defense issued the “Defense Strategy Report,” which defined the strategic position of cyberspace and characterized it as the fifth-dimensional space that is as important as land, sea, air, and sky. The development of US cyber warfare forces is ushered in. The first wave of climax. In general, in the early stage of development, although the development speed of the US military’s cyber warfare forces was fast, it lacked overall planning, and the various military cyber warfare units were stacked in flames and failed to form a joint force.

After President Obama, who relied on the Internet to win the general election, took the stage, he focused on strengthening the strategic guidance for cyber warfare capacity building from two aspects. On the one hand, in May 2010, the network headquarters of the entire army was established to coordinate the cyber warfare forces of various services and strengthen the command and control of cyberspace operations. On the other hand, in 2011 and 2015, two strategic reports, the Cyberspace Action Strategy and the DoD Network Strategy, were launched. The former explained the five pillars of the US military’s cyberspace operations, and the latter clarified the mission of cyber warfare forces. Mission and construction goals.

At present, the US military cyber warfare power system has basically taken shape. At the heart of the system is a network mission force directly under the US Cyber ​​Command, which plays a key role in the US cyber warfare operations. As of the end of October 2016, the number of US military network task forces has reached 5,000, and all of the 133 network task forces compiled have initial operational capabilities, of which nearly half have full operational capabilities. According to the US Department of Defense program, by September 30, 2018, the number of network missions will increase to 6,187, with full operational capability.

Practical traction –

Conduct cyberspace attack and defense drills

In recent years, as cyber warfare has moved from behind the scenes to the front of the stage as an independent warfare style, the US military’s cyberspace action strategy has shifted from “precaution-based” to “attack and defense”, and improving the cyberspace combat capability has become the focus of the US military. At present, the US military mainly promotes network training under actual combat conditions from four aspects.

Open online courses according to actual needs and lay a solid foundation for cyber warfare skills. In response to the new situation in the field of cyberspace, the US military major military academies have added online courses. In 2012, the US Air Force Ordnance Academy launched its first offensive cyber action course, focusing on how to combine network capabilities with traditional combat methods. In 2014, West Point Military Academy established the Army Cyber ​​Warfare Academy to train network elites. In the past few years, military colleges such as the West Point Military Academy and the Naval Academy have conducted network offensive and defensive drills with the “Red Cell” team composed of experts from the US National Security Agency to cultivate the backbone of future cyber warfare.

Develop a general-purpose network warfare training platform to improve the comprehensive benefits of training. At the Department of Defense, led by the Defense Advanced Research Projects Agency, the “National Network Shooting Range” was developed to simulate the cyberspace attack and defense operational environment, test network weaponry, and test new operational concepts. At the military level, a virtual environment was developed that could serve as a network range or test platform for testing, planning, and evaluating cyberspace operations. For example, the network virtual city built by the US Air Force can be used to conduct network attack and defense tactics; the naval development of the “tactical network shooting range” can extend network training to the radio frequency physical environment, achieving efficient integration of joint firepower and information advantages.

Conduct integrated network warfare exercises to improve the actual combat capability of network forces. In early 2016, the US Department of Defense’s Office of Combat Test and Evaluation recommended in a report to Congress that, in view of the fact that the US military will perform its tasks under the violent confrontation of cyberspace, it should regularly organize network offensive and defensive units and combat units to jointly conduct operations. drill. Since the beginning of this year, the US Army has conducted a number of exercises using network squadrons such as “Network Exploration” and “Network Flash Battle”, focusing on the actions of network detachments to support combat troops under field conditions. In April of this year, the US Army’s 25th Infantry Division and the 7th Communications Command Network Protection Brigade jointly held a “Network Flash Battle” exercise to test the feasibility of multi-sectoral interdisciplinary collaboration such as communication, network, and firepower.

Organize comprehensive cyber war exercises to strengthen military and network joint network operations capabilities. The US military believes that “the strategic war in the industrial era is a nuclear war, and the strategic war in the information age is mainly a cyber war.” Only by implementing the overall network war of the military and the land can we win the future cyber war. Since 2012, the US Army Network Command has jointly led the Department of Homeland Security and the Federal Bureau of Investigation to jointly organize a “Network Guardian” military joint exercise to strengthen information sharing between the US Department of Defense and other federal government agencies and private companies. In the “Network Guardian-2016” exercise held in June this year, more than 100 organizations and more than 800 organizations from government, academia, industry and allies participated in the exercise, focusing on the response to large-scale blackouts, oil refinery oil spills, and ports. Close other network attack scenarios.

Built with one –

Exploring the use of network forces

The United States was the first country to propose the concept of cyber warfare and the first country to use cyber forces for actual combat. As early as 2007, the National Security Agency used computer viruses to infect militants’ mobile phones and laptops, deceiving the enemy by sending false information, and even introducing the enemy into the US ambush to assist the US military in its operations.

After the establishment of the network mission force in 2012, in order to maintain the first-mover advantage in the field of cyberspace, the US military has followed the principle of “building and using, building and integrating” and actively explored and promoted the operational use of network forces. At the end of 2012, the US Army Network Command took the lead in deploying a network mission detachment with full operational capabilities at the Central Command to support US military operations in Syria and Iraq. In October 2015, US Naval Network Task Force Commander Paul Nakaso revealed at the seminar of the Center for Strategic and International Studies that although it had not yet been formed, the network task force had begun to participate in actual military operations. According to reports, from January to October 2015, the US military network task force participated in seven major military operations.

In April this year, under the direction of Defense Minister Carter, the US Cyber ​​Command publicly announced a cyberattack against the “Islamic State” terrorist organization and became the “first show” of the US military network forces. In the course of the operation, the US military network forces focused on the communication network, publicity websites, and social networking websites of the “Islamic State”, and downgraded the information, issued instructions, recruited new people, and paid electronic payments through network downgrades and false orders. ability.

With the increasingly prominent role of cyberspace operations in US military joint operations, the US military has focused on the construction of the network force command and control architecture. After the completion of the US Cyber ​​Command in 2010, the US Army, Sea, and Air Forces established the Service Network Command. In May 2012, the US military formed a “Joint Network Center” at each theater headquarters to serve as a link between the theater command and the US Cyber ​​Command to better use the network mission force to support theater operations. At present, the US military executives are actively promoting the upgrading of the Cyber ​​Command to an independent combatant command. Once this vision becomes a reality, the command relationship of the US military network forces will be clearer and the chain of command will be more efficient.

(Author: Nanjing Army Command Academy) 

Picture: Yang Lei

Original Mandarin Chinese:

近段時間,美軍在網絡戰領域“大招”頻出。 10月24日,美國國防部高調宣布,直屬於美國網絡司令部的網絡任務部隊已具備初始作戰能力,能夠執行基本的網絡戰任務。從揮舞“網絡武器大棒”到公佈網絡部隊建設重大進展,美國意在向外界傳遞一個訊息——美軍已基本建成網絡戰力量體系,全力謀求“第五空間”的霸權地位。

戰略引導——

打造網絡行動力量體系

作為互聯網的締造者,美軍是最早籌劃組建網絡戰部隊的軍隊。早在1995年,美國國防大學就培養了16名依托計算機從事信息對抗的網絡戰士。從過去20年的發展歷程看,強化戰略指導、搞好統籌規劃是美軍網絡戰力量快速發展的一條基本經驗。

2002年,時任總統布什簽署“國家安全第16號總統令”,要求國防部牽頭制定網絡空間行動戰略。同年12月,美國海軍率先成立網絡司令部,空軍和陸軍也迅速跟進,組建軍種網絡部隊。 2005年3月,美國國防部出台《國防戰略報告》,明確了網絡空間的戰略地位,將其定性為與陸、海、空、天同等重要的第五維空間,美軍網絡戰力量發展迎來第一波高潮。總體而言,在發展初期,美軍網絡戰力量發展速度雖快,但缺乏統籌規劃,各軍種網絡戰部隊煙囪林立,未能形成合力。

依靠互聯網贏得大選的奧巴馬總統上台後,重點從兩方面強化對網絡戰能力建設的戰略引導。一方面,於2010年5月建成統管全軍的網絡司令部,統籌各軍種網絡戰力量,強化網絡空間行動指揮控制。另一方面,分別於2011年和2015年推出《網絡空間行動戰略》和《國防部網絡戰略》兩份戰略報告,前者闡述了美軍網絡空間行動的五大支柱,後者明確了網絡戰力量的使命任務和建設目標。

目前,美軍網絡戰力量體系已基本成型。位於該體系中心的是直屬於美國網絡司令部的網絡任務部隊,其在美軍網絡戰行動中扮演關鍵角色。截至2016年10月底,美軍網絡任務部隊人數已達5000人,編制的133個網絡任務組全部具備初始作戰能力,其中近一半具備了完全作戰能力。根據美國國防部計劃,到2018年9月30日,網絡任務部隊規模將增至6187人,具備完全作戰能力。

實戰牽引——

開展網絡空間攻防演練

近年來,隨著網絡戰作為獨立作戰樣式從幕後走向台前,美軍網絡空間行動策略由“以防為主”向“攻防兼備”轉變,提升網絡空間實戰能力成為美軍的練兵重點。當前,美軍主要從4方面推進實戰條件下的網絡訓練。

根據實戰需求開設網絡課程,打牢網絡戰技能基礎。為應對網絡空間領域新情況,美軍各大軍事院校紛紛增設網絡課程。 2012年,美國空軍軍械學院首次開設進攻性網絡行動課程,重點講授如何將網絡能力與傳統戰斗方式有機結合;2014年,西點軍校成立了陸軍網絡戰研究院,負責培養網絡精英。過去幾年,西點軍校、海軍軍官學院等軍事院校每年都會與由美國國家安全局專家組成的“紅細胞”隊進行網絡攻防演練,培養未來的網絡戰骨幹力量。

開發通用型網絡戰訓練平台,提高訓練綜合效益。在國防部層面,由國防高級研究項目局牽頭,開發了“國家網絡靶場”,用於模擬網絡空間攻防作戰環境,測試網絡武器裝備,檢驗新型作戰概念。在軍種層面,研發了可作為網絡靶場或測試平台的虛擬環境,用於測試、規劃和評估網絡空間行動。例如,美國空軍打造的網絡虛擬城市,可用於演練網絡攻防戰術;海軍開發的“戰術網絡靶場”可以將網絡訓練拓展到射頻物理環境,實現聯合火力與信息優勢的高效集成。

開展集成性網絡戰演練,提升網絡部隊實戰能力。 2016年初,美國國防部作戰測試與評估辦公室在向國會提交的一份報告中建議,考慮到美軍將在網絡空間領域激烈對抗的條件下執行任務,應定期組織網絡攻防部隊和作戰部隊聯合開展作戰演練。今年以來,美國陸軍已開展“網絡探索”“網絡閃擊戰”等多場運用網絡分隊的演習,重點演練網絡分隊在野戰條件下支援作戰部隊的行動。今年4月,美國陸軍第25步兵師和第7通信司令部網絡防護旅聯合舉行了“網絡閃擊戰”演習,檢驗了通信、網絡、火力等多部門跨專業協同的可行性。

組織綜合性網絡戰演習,強化軍地聯合網絡行動能力。美軍認為,“工業時代的戰略戰是核戰爭,信息時代的戰略戰主要是網絡戰”,只有實施軍地聯合的網絡總體戰,才能打贏未來網絡戰爭。 2012年以來,美軍網絡司令部每年都與國土安全部和聯邦調查局聯合牽頭組織“網絡衛士”軍地聯合演習,以便加強美國國防部與其他聯邦政府機構和私營企業之間的信息共享。在今年6月舉行的“網絡衛士-2016”演習中,來自政府、學界、業界和盟國的100多個組織、800多人參加了演習,重點演練了應對大面積停電、煉油廠漏油、港口關閉等網絡襲擊場景。

建用一體——

探索網絡部隊作戰運用

美國是第一個提出網絡戰概念的國家,也是第一個將網絡部隊用於實戰的國家。早在2007年,美國國家安全局就曾使用電腦病毒感染武裝分子的手機和筆記本電腦,通過發送虛假信息欺騙敵方,甚至將敵引入美軍埋伏圈,協助美軍開展行動。

2012年開始組建網絡任務部隊後,為保持在網絡空間領域的先發優勢,美軍遵循“邊建邊用、建用一體”的原則,積極探索和推進網絡部隊的作戰運用。 2012年底,美軍網絡司令部率先在中央司令部部署擁有完全作戰能力的網絡任務分隊,支持美軍在敘利亞和伊拉克的軍事行動。 2015年10月,美軍網絡任務部隊指揮官保羅·納卡索在參加戰略與國際研究中心研討會時透露,雖然尚未組建完畢,但網絡任務部隊已經開始參與實際軍事行動。據報導,僅2015年1月至10月,美軍網絡任務部隊就參與了7次重大軍事行動。

今年4月,在國防部長卡特的授意下,美國網絡司令部公開宣布對“伊斯蘭國”恐怖組織發動網絡攻擊,成為美軍網絡部隊的“首秀”。行動中,美軍網絡部隊以“伊斯蘭國”組織的通信網絡、宣傳網站、社交網站賬號為主要目標,通過網絡降級、發布虛假指令等方式,削弱其傳遞信息、下達指示、招募新人和電子支付等能力。

隨著網絡空間作戰在美軍聯合作戰中的作用日益突出,美軍重點推進了網絡部隊指揮控制架構建設。 2010年建成美國網絡司令部後,美國陸、海、空三大軍種相繼成立了軍種網絡司令部。 2012年5月,美軍在各戰區總部組建“聯合網絡中心”,作為連接戰區司令部與美國網絡司令部的紐帶,以便更好地使用網絡任務部隊支援戰區作戰。當前,美軍高層正積極推動將網絡司令部升格為獨立的作戰司令部,一旦該設想成為現實,美軍網絡部隊的指揮關係將更加清晰,指揮鏈運轉將更加高效。

(作者單位:南京陸軍指揮學院)

圖片資料:楊 磊

Referring URL:  http://www.81.cn/jskj/2017-03/

China analysis for winning mechanisms of victory on the cyberspace battlefield // 中國對網絡空間戰場胜利機制的分析

China analysis for winning mechanisms of victory on the cyberspace battlefield //

中國對網絡空間戰場胜利機制的分析

2017年04月17日 15:xx:xx

If the First World War was a chemist’s war and the Second World War was a physicist’s war, then the 21st century war would undoubtedly become a game between informatics. The cyberspace war has moved from the background to the front. From the supporting role to the protagonist, become a new battlefield and combat platform. With the gradual emergence of the cyber warfare deterrent effect, countries have introduced network strategies and formed “cyber warfare forces”. The global network arms race has shown its tempo. At present, more than 20 countries have established “cyber warfare forces”. Committed to the application of network technology to war, the “seismic network” incident and the “hacker door” incident fully proved the remarkable power of cyber warfare in the new generation of war mode.

    We must profoundly understand the new forms of war reflected by these events and actively respond to the threats and challenges brought by cyber sovereignty, network defense, network frontiers, and cyber warfare, because whoever masters the new war winning mechanism will be able to Win the initiative in the round of war.

Network Sovereignty: A New Dimension

  

  The world today is moving rapidly toward informationization, and cyberspace has become the “fifth largest territory” beyond land, sea, air and sky. The original sovereignty is the sovereignty of physical space, while the network sovereignty is the sovereign space of network electromagnetic space; national sovereignty is a concept that expands with the expansion of human activity space. Network sovereignty is a new content and an important part of national sovereignty.

    (1) Cyber ​​sovereignty has become the “commanding height” of national sovereignty. The network carries a large amount of content such as politics, economy, military, culture, transportation and social, and becomes the basic platform for the efficient operation and accelerated progress of the entire society. Once the cyber sovereignty is lost, the network public opinion orientation will be out of control. The national industrial, transportation, energy and other national economic lifeline industry control systems and military information networks will be out of control, just as sea power challenges land rights and air rights challenges sea power and land rights. The latecomers of cyber sovereignty have become the “commanding heights” of national sovereignty, directly affecting the security and stability of all areas of the country.

    (2) The violation of cyber sovereignty will directly affect the “heart” of the country. Compared with traditional physical space, the existence and defense of cyberspace sovereignty is not only easily overlooked, but also vulnerable to violations. The network hinges the information nodes on the earth that are thousands of miles apart. Through it, it can be easily and easily moved from one country to the heart of another country to the heart. A keystroke can surround the Earth for two weeks in a period of 0.3 seconds, and the attack is difficult to locate.

    (3) The use of “combination boxing” is required to defend the cyberspace sovereignty. In the Google turmoil in 2010, the Chinese government categorically rejected Google’s request for “freedom” beyond Chinese legal management, which is a firm defense of cyber sovereignty. For any violation of the cyber sovereignty of our network, we must not only resist and counterattack in the cyberspace, but also play a “combination boxing” of politics, economy, and diplomacy to counterattack if necessary.

Network Frontiers – A New Border of National Security

    China’s Internet users have reached 731 million. In this context, the network frontier far surpasses the status of the Great Wall in history and has become an important “warning line” for national security in the information age.

    (1) Fully recognize the “new situation” of the network frontier. The first is the lack of network protection awareness among the people. Many systems have the same firewall, the network security problem is serious, and the cyber crime is increasing. Secondly, the network security products and security equipment in key areas rely on imports. The mainstream firewall technology and anti-virus technology are mostly from abroad, and they can control themselves independently. The lack of high-tech network security products; the third is that as China is increasingly connected to the world, the introduction of technology and equipment network remote services increases, the foreign party can monitor the operation and production of the equipment in real time, making me “portal opening”; finally In actual network operations, Western network powers monopolize a large number of network resources. For example, most of the world’s online information comes from or passes through the United States.

    (2) Accurately define the “new boundary” of cyberspace. On the one hand, we must correctly understand the essential meaning of the network frontier. A country’s network infrastructure, state-specific Internet domain names and their domains, as well as financial, telecommunications, transportation, energy and other national core network systems in the national economy and the people’s livelihood should be regarded as an important part of the national network frontier, and no vandalism is allowed. On the one hand, we must correctly understand the importance of guarding the network frontier. Watching the network frontier is actually an authorization relationship, that is, it must meet the requirements and be allowed to enter. Otherwise, it cannot enter. For example, national financial, power, transportation and other systems of protection measures, firewalls and bank card cryptosystems are the “watchers” of the network frontier.

    (3) Focus on creating a “new sword” that guards the frontiers of the network. The frontiers of guarding the network must be supported by powerful technical means. Various firewalls, cryptosystems, etc. are equivalent to building thick lines on the frontiers of the network, but this is not enough to resist external “invasion”, but also requires “patrol sentinels” and “frontier forces” to detect “intrusion” in a timely manner. In 2003, the US Einstein Plan for monitoring abnormal traffic at government agencies and institutional networks was the world’s first intrusion detection system. By the end of 2008, the Einstein system had been deployed in 600 government agency website systems, forming an intrusion detection system that supports dynamic protection.

Network Defense – The New Great Wall of National Defense

    Sovereignty without armed protection is a fragile sovereignty, and frontiers without defense and defense are endangered frontiers. Therefore, people have a strong sense of border defense, coastal defense, and air defense.

    (1) Firmly establishing a network defense concept is a “premise.” The countries of the world, especially the western developed countries, have not only woke up early, got up early, but also ran fast in the construction of network defense. Among them, the United States is both the creator of the Internet and the country that first paid attention to the construction of network security protection. The United States not only took the lead in formulating a series of policy documents such as the National Strategy for Ensuring Cyberspace Security, but also established a strong “net army” and a strong network defense.

    (2) Vigorously building the network’s national defense force is a “trend.” The United States, Britain, Japan, Russia and other countries, as well as Taiwan, have formed cyber warfare units and command agencies. Strengthening the construction of cyber security forces and improving the national cyber defense capabilities are both the general trend and the successful practices of all countries in the world. They are also an urgent task for safeguarding China’s national security.

    (III) Overall planning of network defense construction is “key”. The overall strategic concept should be proposed for the current cyberspace struggle, and the “three hands” should be highlighted in the top-level design: that is, to compete as a “flag-bearer” in public opinion, to select “hands-on” in the construction focus, and to stay on the struggle strategy. There is a “backhand”.

Cyber ​​Warfare: A New Battlefield for the Game of Great Powers

    In today’s world, the globalization of network battlefields, the normalization of network attack and defense, and the white-hotness of network attacks have made it possible to scientifically and effectively control cyberspace and occupy cyberspace, and become a new battlefield for strategic games of big countries.

    The first is to regard the cyberspace situational awareness as the core of the power system. The four capabilities of “network security, situational awareness, network defense, and network deterrence” are the core capabilities for comprehensively promoting the construction of the cyberspace capability system. The war first requires the commander to grasp and understand the enemy’s and his own situation, make correct decisions based on the real-time situation, and the ever-changing characteristics of the network situation determine the success or failure of the network operation. Therefore, network situational awareness has become the primary capability of the cyberspace combat confrontation system.

    The second is to use offensive operations as the main way to seize the initiative of cyberspace. The US military has strategically considered the cyberspace attacks as aggression in real space and has been attacked by the military. At present, the US military has built 100 teams to operate in cyberspace. In cyberspace operations, the offensive and defensive subjects have a certain degree of separation, and the offensive and defensive effects have asymmetry. The key to seizing the initiative in cyberspace operations is to use the offensive action to contain enemy attacks and ensure my stability.

    The third is to establish a cyberspace defense force system with national co-ordination and military-civilian integration. To attack and defend, not to ignore the defense. Therefore, in accordance with the idea of ​​“optimizing the overall existing strength, developing the gap to fill the gap, and building a new mechanism to protect the forces”, the company will build a professional, support and reserve based on the requirements of “moderate scale, structural optimization, integration of technology and warfare, and complementary functions”. The new cyberspace security defense force system composed of other forces will enhance the national network counterattack capability and form a network deterrent. (Li Yiyang: School of Secondary School Affiliated to Renmin University of China; Li Minghai: Deputy Director, Network Space Research Center, National Defense University) 

Original Mandarin Chinese:

如果說第一次世界大戰是化學家的戰爭,第二次世界大戰是物理學家的戰爭,那麼,21世紀的戰爭無疑將成為信息學家之間的博弈,網絡空間戰已從後台走向前台,從配角轉向主角,成為新的戰場和作戰平台隨著網絡戰威懾效果的逐步顯現,各國紛紛出台網絡戰略,組建“網絡戰部隊”,全球網絡軍備競賽呈燎原之勢 – 目前已有20多個國家組建了“網絡戰部隊”,各國都致力於將網絡技術運用於戰爭“震網”事件,“黑客門”事件充分證明了網絡戰在新一代戰爭模式中的顯著威力。

我們必須深刻認識這些事件所折射出來的新的戰爭形態,積極應對網絡主權,網絡國防,網絡邊疆,網絡戰爭帶來的威脅和挑戰,因為,誰掌握新的戰爭制勝機理,誰就能在下一輪戰爭中贏得主動。

網絡主權 – 國家主權的新維度

當今世界正在向著信息化快速邁進,網絡空間成為繼陸,海,空,天之外的“第五大疆域”原有的主權均為物理空間的主權,而網絡主權是網絡電磁空間主權。國家主權是一個隨著人類活動空間的拓展而不斷拓展的概念,網絡主權是國家主權的全新內容和重要組成部分。

(一)網絡主權已成為國家主權的“制高點”。網絡承載了政治,經濟,軍事,文化,交通和社交等大量內容,成為整個社會高效運轉和加速進步的基本平台。一旦喪失網絡主權,網絡輿情導向將會失控,國家工業,交通,能源等國民經濟命脈行業控制系統和軍事信息網絡都將會失控,如同海權挑戰陸權,空權挑戰海權與陸權一樣,網絡主權後來者居上,成為國家主權的“制高點”,直接影響國家各領域的安全穩定。

(二)網絡主權的侵犯將直逼國家的“心臟”。與傳統實體空間相比,網絡空間主權的存在與捍衛不僅易被忽視,而且易遭侵犯。網絡把地球上相距萬里的信息節點鉸鏈為一體,通過它可以悄無聲息,輕而易舉地從一國進入另一國腹地直至心臟部位。一次擊鍵0.3秒時間內即可環繞地球兩週,而且,攻擊很難被定位。

(三)捍衛網絡空間主權需用“組合拳”。2010年谷歌風波中,中國政府斷然拒絕谷歌要求超越中國法律管理的“自由”,就是對網絡主權的堅決捍衛。對於任何侵犯我網絡主權的行為,不僅要在網絡空間予以抵制和反擊,必要時還可打出政治,經濟,外交等“組合拳”給予還擊。

網絡邊疆 – 國家安全的新邊界

中國網民已達7.31億,在這個背景下,網絡邊疆遠超歷史上萬里長城的地位,成為信息時代國家安全的重要“警戒線”。

(一)充分認清網絡邊疆的“新形勢”首先是民眾缺乏網絡防護意識,很多系統的防火牆形同虛設,網絡安全問題嚴重,網絡犯罪日益增加;其次是網絡安全產品和關鍵領域安全設備依賴進口,主流防火牆技術和殺毒技術大都來自國外,自主可控,高技術含量的網絡安全產品匱乏;第三是隨著我國日益與世界接軌,引進技術設備的網絡遠程服務增加,外方能實時監控設備運轉和生產情況,令我自身“門戶洞開”;最後是在實際網絡運營上,西方網絡大國壟斷著大量網絡資源,比如,全球大多數網上信息發自或經過美國。

(二)準確界定網絡空間的“新邊界”。一方面,要正確理解網絡邊疆的本質內涵。一個國家的網絡基礎設施,國家專屬的互聯網域名及其域內以及金融,電信,交通,能源等關係國計民生領域的國家核心網絡系統都應視為國家網絡邊疆的重要組成部分,不允許肆意破壞;另一方面,要正確認識值守網絡邊疆的重要性值守網絡邊疆,其實是一種授權關係,即必須符合要求,得到允許才能進入,否則,不能進入。比如,國家金融,電力,交通等系統的防護措施,防火牆以及銀行卡密碼系統等都是網絡邊疆的“值守者”。

(三)著力打造守護網絡邊疆的“新利劍”。守護網絡邊疆必須以強大的技術手段為支撐。各種防火牆,密碼系統等相當於在網絡邊疆上建起了粗線條的籬笆,但這不足以抵禦外來“入侵”,還需要“巡邏哨兵”和“邊防部隊”及時檢測“入侵”行為。2003年,美國用於監測政府部門和機構網絡關口非正常流量的“愛因斯坦計劃”,就是世界上第一個入侵檢測系統。到2008年年底,愛因斯坦系統已部署在600個政府機構網站系統中,形成了一個支撐動態保護的入侵檢測系統。

網絡國防 – 國家防禦的新長城

沒有武裝保護的主權是脆弱的主權,沒有國防捍衛的邊疆是瀕危的邊疆。因此,人們才產生了強烈的邊防,海防,空防意識。

(一)牢固樹立網絡國防理念是“前提”。世界各國,尤其是西方發達國家在網絡國防建設上,不僅醒得早,起得早,而且跑得快。其中,美國既是互聯網的締造者,也是最早關注網絡安全防護建設的國家。美國不僅率先制定了“確保網絡空間安全的國家戰略”等一系列政策文件,而且建立了強大的“網軍”和強大的網絡國防。

(二)大力建設網絡國防力量是“勢趨”。美國,英國,日本,俄羅斯等國以及中國台灣地區,紛紛組建了網絡戰部隊和指揮機構。加強網絡安全力量建設,提高國家網絡防衛能力,這既是大勢所趨,也是世界各國的成功做法,更是維護我國國家安全的一項緊迫任務。

(三)整體統籌網絡國防建設是“關鍵”應針對當前網絡空間鬥爭實際提出總體戰略構想,並在頂層設計上突出“三手”:即在輿論造勢上爭當“旗手”,在建設重點上選好“抓手”,在鬥爭策略上留有“後手”。

網絡戰爭 – 大國博弈的新戰場

當今世界,網絡戰場的全球化,網絡攻防的常態化,網絡攻心的白熱化等突出特點,使得科學高效地管控網絡空間,佔領網絡空間,成為大國戰略博弈的新戰場。

一是把網絡空間態勢感知能力作為力量體系建設核心。“網絡安全保障,態勢感知,網絡防禦,網絡威懾”四大能力,是全面推進網絡空間能力體系建設的核心能力。戰爭首先需要指揮員能夠掌握和理解敵方,己方態勢,根據實時態勢作出正確決策,網絡態勢瞬息萬變的特點決定了網絡作戰的成敗。因此,網絡態勢感知能力就成為網絡空間作戰對抗體系的首要能力。

二是將攻勢作戰作為奪取網絡空間主動權的主要方式。美軍在戰略上已將網絡空間的攻擊行為視為現實空間的侵略行為,並予以軍事打擊。目前美軍已建成100個小組在網絡空間活動。網絡空間作戰,攻防主體具有一定的分離性,攻防效果具有不對稱性。奪取網絡空間作戰的主動權,關鍵在於以攻勢行動遏制敵攻擊,保證我穩定。

三是建立國家統籌,軍民融合的網絡空間防禦力量體系。以攻助防,不是忽視防禦。因此,需要按照“優化整體現有力量,發展填補空白力量,組建新機理防護力量”的思路,依據“規模適度,結構優化,技戰一體,功能互補”的要求,構建由專業,支援和預備役等力量構成的新型網絡空間安全防禦力量體系,提升國家網絡反擊能力,形成網絡威懾力(李昊洋:中國人民大學附屬中學分校;李明海:國防大學網絡空間研究中心副主任)

Original Referring URL:  http://www.cac.gov.cn/2017-04/

Chinese Military Analysis of US Navy Cyber Warfare Efforts // 中國對美國海軍網絡戰爭的軍事分析

Chinese Military Analysis of US Navy Cyber Warfare Efforts //

中國對美國海軍網絡戰爭的軍事分析

2011/02/15

US Navy’s 10th Fleet. As the naval task force, the US Fleet cyber command is the Navy’s second-level command, which is part of the Naval Combat Command. Its main task is to guide the cyber operations in defense, and to support the combat troops to carry out deterrence, repel violations, and guarantee. Freedom of movement. Our mission is similar to that of other military cyberspace commanders. It is responsible for carrying out combat operations in the fields of network, password, signal intelligence, information warfare, cyberspace, electronic warfare, and space to support sea and land. Combat power. Naval operations require the integration of traditional combat capabilities, the expansion of new capabilities, and the development of capabilities across networks, signal intelligence systems, and electronic warfare systems to achieve the full development of our cyberspace combat capabilities. Similarly, we are also responsible for organizing and commanding the Navy’s global cryptographic operations, integrating information operations and space operations.

History

The Tenth Fleet was established during the Second World War and developed anti-submarine warfare capabilities primarily in the Atlantic. At that time, we were faced with a hostile threat that greatly exceeded the combat capability of World War I, and its ability to change the situation was very strong. The Tenth Fleet without any warships defeated the German submarines through intelligence fusion, innovative tactics, technology, and processes. Today, the rebuilt Tenth Fleet still adheres to these operational concepts. Together with information warfare experts, intelligence specialists, password and electronic warfare experts, and traditional military experts, we command operations to ensure the flexibility of operations and respond to changing hostile threats. The focus of the fleet cyber command is to enable the navy to quickly respond to cyber threats and maintain information superiority. This framework of action requires us to complete the task of cyber operations defense.

To win in modern warfare, we must have the ability to move freely in the full spectrum electromagnetic space, and its defense range has expanded from ordinary electromagnetic interference to advanced network intrusion and malicious attacks. The function of the fleet cyber command is to analyze this threat, innovate tactics, techniques, and processes to protect the network and ensure freedom of movement.

Naval operations are dynamic, and the naval network also has time and space complexity. The Navy must not only be deployed in various oceans, but also support ground operations in Afghanistan, Iraq and other places. We currently have more than 10,000 naval officers and men involved in these ground operations.

The Fleet Cyber ​​Command is a global command with the ability to maintain network strength and conduct cyber operations worldwide, and to ensure that the operational capabilities of the cyber operations are commanded in a full spectrum electromagnetic space. Since the Commander of the Tenth Fleet is a combat-level commander, our command is also based on the structure of a typical naval mission force. This power structure can assign subordinate missions to regional missions to support specific password requirements. This task force has been designed to take into account the changing intelligence, skills and responsibilities, has the ability to respond quickly to the fleet’s operational missions, and has facilitated local communication and collaboration with the US Cyber ​​Command and the Division. We have been working to develop a robust organizational structure that provides rapid and direct support for a variety of operations.

The Cyber ​​Warfare Command (CTF1010) is responsible for naval cyber operations, and its subordinate units include the Atlantic and Pacific Regional Naval Computer and Telecommunications Ground Master Station (NCTAMS), which provides network guidance, maintenance, and shoreline relay. The Navy Cyber ​​Defense Operations Command (CTF 1020) is responsible for network defense. The unit is responsible for monitoring cyber threats and monitoring network response.

Norfolk’s Naval Information Operations Command (CTF 1030) specializes in naval information operations, with its task force located in San Diego and Whidbey Island. Texas Naval Information Operations Command (CTF 1040), Georgia Naval Information Operations Command (CTF 1050), Maryland Naval Information Operations Command (CTF 1060), Colorado Naval Information Operations Command (CTF 1080 And its subordinate headquarters around the world to coordinate the fleet and theater operations. The password action is the responsibility of the CTF 1000 power structure.

The Hutland Naval Information Operations Center (CTF 1090) is based on our research and development brigade and its main mission is to provide battlefield preparation techniques for supporting fleet and joint operations missions.

The successful completion of the mission must be based on efficient recruitment and training of personnel who must have a keen technical insight and the ability to apply personal skills to fleet defensive operations. I have checked almost all of the combatant commands, and I can assure the committee that the Navy has a group of outstanding combatants who are ready to conduct cyberspace operations. Due to the dynamic nature of the cyberspace space, we must continue to advance the development of combat forces. We have taken the initiative to set up new expert officers including cyber engineers and warrants. The construction of the National Naval Academy cyber curriculum will also provide new opportunities for student education, and these students will become the backbone of the naval cyber operations command.

Task

As the fleet cyber command is maturing, we are also trying to learn to use the technology of the brother service. As the support command of the National Cyber ​​Command, we also contacted personnel from other service departments to establish a defense system to improve resilience and enhance the robustness and adaptability of global cyber defense. If a service department discovers, analyzes, or destroys a threat, the information is quickly distributed to other services, minimizing the damage and achieving a joint response.

In fact, we have already started to act. Since the establishment in January, we have been involved in supporting the National Pacific Command and Pacific Fleet exercises with the National Cyber ​​Command. We enhance shared situational awareness and collaborative surveillance security capabilities by examining cyber operations. We also work with industry, academia, and the Federal Fund Research and Development Center to learn to leverage their knowledge and capabilities. The business sector is driving the development of the cyberspace sector, and we must get their capabilities and financial support.

Inter-domain coordination and interaction are extremely important. Safeguarding system security or network defense work must be coordinated with preventing our system from unintentionally interfering with work. From navigation systems to network access, from the EA-18G Growler electronic warfare aircraft to the shipboard SLQ-32 jammers, the Tenth Fleet quickly integrates with other numbering fleets and regional naval department commanders to meet their mission requirements. The collaboration between the fleet staff is one of the key factors behind the achievements of the Tenth Fleet and one of the reasons for our initial success.

The ability of the staff and commanders at Ft. Meade has improved every month. At present, there are 130 staff officers and commanders in our department, which will increase to about 200 in recent years. This growth rate guarantees that the command will not only increase the number of technical experts, but also increase the number of people with operational experience who can get rid of the numerous challenges related to cyber security.

These challenges include: developing and maintaining the concept of viewing the network as a battle space; providing support across the services to maintain our freedom of movement in the cyberspace; developing cyber operations into a functional area and creating a series of detailed concepts .

As our capabilities continue to grow, we will have better support for fleet and joint exercise capabilities, and through their necessary feedback to improve our combat capabilities in hostile or cyberspace environments. This feedback is very important, and it enables us to assess and improve our capabilities to support freedom of action in the face of stronger threats. These threats will not only affect the Navy or the Department of Defense system, but also civilian users, and they may be sources of non-traditional threats. There is no doubt that the people of non-state entities are also looking for the means and capabilities that affect our networks, so as a country, we must be prepared to deal with these asymmetric challenges and threats.

The US Fleet Cyber ​​Command is also the authoritative operational arm of the Navy in electronic warfare and electromagnetic spectrum operations. By working with other services, we are working hard to develop a comprehensive joint electromagnetic spectrum operational plan. All radio frequency users have proven that it is not enough to defend against dynamic targeted network attacks. We must also have a network protection network in full-dimensional space. ability.

Every day, my staff are working hard to go beyond the traditional field and apply their expertise to the cyberspace field. I am very proud of it. This is the environment we create to nurture and use future domain experts. The Ministry of Defence is not comparable to the industry in terms of monetary subsidies, but we are able to provide our staff with a wider range of education and training opportunities and help them gain leadership experience that is not available elsewhere.

Original Mandarin Chinese:

美國艦隊賽博司令部和美國海軍第十艦隊司令。作為海軍特遣司令部的美國艦隊賽博司令部,是海軍二級司令部,隸屬於海軍作戰司令部,主要任務是指導防禦中的賽博作戰,支援作戰部隊實施威懾、擊退侵犯、保證行動自由。我部任務與其他軍種賽博特遣司令部類似,擔負有在網絡、密碼、信號情報、信息作戰、賽博空間、電子戰以及太空等領域實施作戰行動的獨特任務,以支援海上、陸上作戰力量。海軍作戰需要通過融合傳統作戰能力,拓展新型能力,發展跨越網絡、信號情報系統和電子戰系統的能力,從而實現我部在賽博空間作戰能力方面的全面發展。同樣,我們也擔負有組織指揮海軍全球範圍的密碼作戰,集成信息作戰和太空作戰的任務。

歷史

第十艦隊成立於二戰期間,主要在大西洋發展實施反潛戰能力。那時,我們面臨的是作戰能力大大超越一戰時期的敵對威脅,其改變戰局能力十分強大。沒有任何軍艦的第十艦隊,通過情報融合,創新戰術、技術、流程戰勝了德軍潛艇。如今,重建的第十艦隊仍恪守這些作戰理念。我們與信息戰專家,情報專家,密碼和電子戰專家,以及傳統軍事專家一起,指揮作戰行動,確保作戰行動的靈活性,應對日益變化的敵對威脅。艦隊賽博司令部作戰重點是使海軍具備快速應對網絡威脅能力,保持信息優勢。這一行動框架要求我們要完成網絡作戰防禦的任務。

在現代戰爭中取勝,我們必須要具備在全譜電磁空間內的自由行動能力,其防禦範圍已從普通的電磁干擾擴展到高級的網絡入侵和惡意攻擊。艦隊賽博司令部職能就是分析這種威脅,創新戰術、技術、流程,來防護網絡並保證自由行動能力。

結構

海軍作戰具有動態性,海軍網絡也具有時空複雜性。海軍不僅要配置在各大洋,還要在阿富汗、伊拉克等其它地方支援地面作戰,我們目前有超過1萬名海軍官兵參與這些地面作戰。

艦隊賽博司令部是一個全球性的司令部,具備在世界範圍內保持網絡優勢、實施網絡作戰的能力,並確保在全譜電磁空間指揮賽博作戰行動能力的發揮。由於第十艦隊指揮官是作戰級指揮官,我們司令部也是基於典型海軍任務力量結構而建立的。此力量結構能夠給下級特遣大隊分派地域性任務,為特定密碼需求提供支援。這種特遣部隊編成考慮了多變的情報通報,技術和職責,具備了保障艦隊作戰任務的快速反應能力,並且推動了與美國賽博司令部和軍種賽博部門在局部的交流協作。我們一直在致力於發展一種健壯的組織結構,能夠對各種作戰​​行動提供迅速直接的支援。

網絡戰司令部(CTF1010)負責海軍網絡作戰,其下屬單位包括大西洋和太平洋地區性海軍計算機與遠程通信地面主站(NCTAMS),該主站能夠提供網絡引導、維護和岸艦中繼。海軍賽博防禦作戰司令部(CTF 1020)負責網絡防禦,該單位主要負責監測網絡威脅和監控網絡響應。

諾福克的海軍信息作戰司令部(CTF 1030)專門負責海軍信息作戰,其特遣大隊位於聖地亞哥和惠德貝島。德克薩斯的海軍信息作戰司令部(CTF 1040),喬治亞州的海軍信息作戰司令部(CTF 1050),馬里蘭的海軍信息作戰司令部(CTF 1060),科羅拉多的海軍信息作戰司令部(CTF 1080 )及其覆蓋全球的下屬司令部來負責協同艦隊和戰區作戰。密碼行動由CTF 1000力量結構負責。

休特蘭海軍信息作戰中心(CTF 1090)在我們的研究與開發大隊基礎上建立,其主要任務是為支援艦隊和聯合作戰任務提供戰場準備技術。

外部和內部組織結構圖見下方。

任務的圓滿完成必須要以人員的高效徵募和培訓為基礎,這些人員必須具備敏銳的技術洞察力和將個人技能應用於艦隊網絡防禦行動的能力。我檢查過幾乎所有的作戰司令部,我能夠向委員會保證,海軍擁有一批傑出的作戰人員,他們已經做好準備遂行賽博空間作戰行動。由於賽博空間領域的動態性,我們必須持續推進作戰力量的發展,我們主動設置新的專家官員包括賽博工程師和準尉。國家海軍學院賽博課程的建設也將為學員教育提供新的機遇,這些學員將成為海軍賽博作戰指揮的骨幹力量。

任務

隨著艦隊賽博司令部日趨成熟,我們也在試圖學習利用兄弟軍種的相關技術。作為國家賽博司令部的支援司令部,我們還聯繫了其它軍種部門的人員共同建立深度防禦體系,提高應變能力,增強全球賽博防禦的健壯性和適應性。如果某軍種部門發現、分析、摧毀了某種威脅,該信息將會迅速被分發到其它軍種,使侵入破壞程度最小化並實現聯合響應。

實際上我們已經開始行動了,從一月份成立開始,我們就與國家賽博司令部軍種部門一起,一直在參與支援國家太平洋司令部和太平洋艦隊演習。我們通過考察網絡作戰行動,來增強共享態勢感知能力和協同監督安全能力。我們還與工業界、學術界和聯邦基金研究發展中心開展合作,學習利用他們的知識和能力。商業部門推動著賽博領域的發展,我們必須獲得他們的能力和資金支持。

跨領域間的協調與相互作用是極其重要的。保障系統安全或者網絡防禦工作必須要同阻止我方系統無意干擾工作協調開展。從導航系統到網絡訪問,從EA-18G咆哮者電子戰飛機到艦載SLQ-32干擾機,第十艦隊都迅速集成其它編號艦隊及地區海軍部門指揮官,並滿足其任務需求。艦隊參謀間的協作是第十艦隊成就背後的關鍵因素之一,也是我們取得初始成功的原因之一。

在Ft. Meade的參謀和指揮人員的能力素質每個月都有提高。目前我部指揮參謀人員有130名,在近幾年將會增加到200名左右。這個增長速率保證司令部不僅要增加技術專家型人員,還要增加哪些富有作戰經驗的人員,他們能夠從賽博安全相關的大量挑戰中擺脫出來。

這些挑戰包括:發展與保持將網絡視為一個作戰空間的觀念;跨軍種提供支援,保持我方在賽博空間的行動自由;將賽博作戰發展成一個職能領域,並創建一系列詳實的概念。

隨著我們作戰能力的持續發展,我們將具備更好的支援艦隊和聯合演習能力,並通過他們必要的反饋來提高我們在敵對或對抗賽博環境中的作戰能力。這種反饋是非常重要的,它能夠促使我們評估和改進自身能力,從而支持在面對更強大威脅時的行動自由。這些威脅將來不僅僅會影響海軍或者國防部的系統,也會威脅到平民用戶,並且它們可能是一些非傳統威脅來源。毫無疑問,非國家實體的人員也在尋找影響我們網絡的手段和能力,那麼作為一個國家,我們必須做好準備應對這些非對稱的挑戰與威脅。

美國艦隊賽博司令部也是海軍在電子戰和電磁頻譜作戰方面的權威作戰部門。通過與其它軍種協力合作,我們正在努力製定全面的聯合電磁頻譜作戰計劃,所有的無線電頻率用戶都證明,能夠防禦動態定向的網絡攻擊是不夠的,我們還必須具備在全維空間防護網絡行動的能力。

每天,我部人員都在努力超越傳統領域,並將他們的專業知識應用到賽博領域,我為此深感驕傲。這就是我們為培育和使用將來的領域專家所營造的環境。在金錢補助方面國防部是無法同業界進行比較的,但我們能夠為所屬人員提供更為廣泛的教育和培訓機會,並幫助他們獲得其它地方無法取得的領導經驗。

Original referring 2011 url:  http://www.china.com.cn/military/txt/2011-02

Chinese Military Cyber Warfare Capacity Building Achieving Situational Awareness in Cyberspace // 中國軍事網絡戰能力建設在網絡空間實現態勢感知

Chinese Military Cyber Warfare Capacity Building Achieving Situational Awareness in Cyberspace //

中國軍事網絡戰能力建設在網絡空間實現態勢感知

2017/05/20

Cyberspace has become a new territory alongside land, sea, air and space, and it is also the most extensive territory. Since the birth of the computer, computer and network-based information systems have gradually developed, and the software and resources on it have been continuously enriched, eventually forming a network space.

With the continuous development of the US military’s weapons and equipment and combat theory, the “cyberspace warfare” began to move from reality to reality. Compared with the traditional “platform center warfare”, the role of the command and control system “combat multiplier” in “cyberspace warfare” will be more prominent, and the impact on combat will be even greater. In the future modern war, in cyberspace Command and control should have its own characteristics and concerns.

In theory, cyberspace is synonymous with the digital society of all available electronic information and networks. The United States “National Security Presidential Decree No. 45 and General Homeland Security Order No. 23” defines cyberspace as: information technology infrastructure and interdependent networks, including the Internet, telecommunications networks, computer systems, and processors in key industries. And the controller, usually also includes the information virtual environment and the interaction between people.

Cyberspace has four elements: communication devices and lines; computers; software; data communication and resource sharing. Communication equipment and lines: It is one of the infrastructures of network space, including routing/switching equipment, wired/wireless communication equipment, cables, and so on. Computer: One of the infrastructures of cyberspace with computing, storage, and data processing capabilities. Software: It is the core supporting part of cyberspace, and software systems running various functions in communication devices and computers. Data communication and resource sharing: It is the basic capability of cyberspace, providing the required information for users at all levels.

Commanding operations in the vast new territory of cyberspace will inevitably require the linkage of multiple arms and services. First, it should have security protection capabilities, provide multiple levels of security, and secondly must master the battlefield situation. In addition, it must have resource scheduling capabilities, etc. Provide support for integrated joint operations.

Security protection refers to the protection of data in the hardware, software and systems of network systems by using various technologies and management measures so that they are not damaged, falsified or leaked due to accidental or malicious reasons, so that the system can continue Reliable and normal operation, network services are not interrupted.

In the cyberspace command operation, the whole process of generating, storing, transmitting and using all kinds of allegations is faced with one or the other security threats. The traditional form of conflict has been extended to cyberspace.

Security protection technology and attack technology have been developing together. The contest between “spear” and “shield” has existed since ancient times. Although the US military has consistently expressed its position through various channels, it claims that the “core of the US military’s cyberspace operations is to defend against cyberattacks, and defensive capabilities are the basis of all other combat capabilities.” However, a little analysis shows that the US military must achieve this in cyberspace. The goal is to combine attack and defense, build a network deterrent system, and consolidate its own “networking rights” in the military. US Deputy Defense Secretary Lynn has made it clear that the US will retain the right to respond to serious cyber attacks and will make a commensurate and legitimate military response at the time and place we choose. Former Defense Secretary Panetta has pointed out: “Now we live in a completely different world and face the cyberspace attack that can be compared with Pearl Harbor.” “We must be prepared to deal with it. In cyberspace, we have to Have a good network attack and network defense capabilities.” These speeches fully demonstrate that the US military pays attention to the deterrent effect of cyberspace, emphasizes the combination of attack and defense in cyberspace, and takes the initiative to launch cyberattacks when necessary. Its military goal is not only to ensure its own network security, but to discourage by improving its cyber attack capabilities. And deterrence all cyberattacks that are not conducive to oneself, to achieve its absolute freedom, absolute superiority and absolute security in cyberspace.

In the cyberspace, the offensive and defensive drills between the state and the country have never stopped. In July 2008, Russia used a covert injection of attack software to launch a comprehensive cyberattack against Georgia, causing the network to collapse. In December 2011, Iran declared that its “electronic warfare force” used a “hacker hijacking” method to cause an American RQ-170 stealth drone to leave the route and land in Iran. The “super flame” virus discovered in May 2012 spread widely in the Middle East, hiding in the computer and stealing data. In March 2014, the official website of the Russian president suffered a cyber attack. From the previous cyberattacks, the cyber attack is as good as the fire of conventional weapons. The security of cyberspace is the security of the country, and cyberspace has become a space in the field of national sovereignty.

Security protection in cyberspace should employ multiple levels of security mechanisms. At the national strategic level, it is a national-level network security protection; in key areas, there are network security protections in the military, government, and economic fields; in large enterprises, there are network security protections of state-owned and private enterprises and institutions; There are network security protections for individuals and families. Among them, the national level of security protection mainly includes border network security and backbone network security; enterprise-level (and military) security protection mainly includes border network security and intranet security; personal computer security protection mainly includes computer terminal security, terminal software security and terminal Data Security. At different levels of security, the content of protected information varies from national strategic planning to development routes to personal privacy and bank passwords. The leakage of information will undoubtedly have a blow and negative impact on the survival and development of the country, enterprises and individuals, and even undermine the security and stability of the country.

Situational awareness is the perception, understanding and prediction of environmental factors under certain time and space conditions. In 1988, Endsley divided situational awareness into three levels of information processing: perception, understanding, and prediction. In 1999, TimBass first proposed the concept of network situational awareness, and pointed out that “convergence-based network situational awareness” will become the development direction of network management.

“Know yourself and know each other, there is no war.” In the new battle space of cyberspace, how can we be confidant and know each other? It is necessary to grasp the situation of the battlefield and have the ability to sense the situation, that is, to acquire, understand and present the key factors that can cause changes in the state of the enemy and the enemy, and to predict the future development trend.

The battlefield situation in cyberspace has the characteristics of wide coverage, huge amount of information, and extremely complicated conditions. For all levels of commanders, they hope to clearly understand and master the current cyberspace operations from the situation map, so that they can make decisions quickly and issue correct command orders.

To gain insight into the state and situation of cyberspace battlefield development, it must have the ability to collect, transmit, store, monitor, analyze, and present state data. In the key position of the network space, the detection points are laid, the network running status is detected, and the state data is collected. Based on various state data, network posture, security situation, spectrum situation, etc. are formed. Then, it is transmitted to the node with data analysis and processing capability through various communication means to analyze the situation data, including situational integration, situation assessment and situation prediction. The results of the analysis and processing are transmitted to the command posts at all levels, and the battlefield situation is presented to the commanders at all levels in a layered, multi-dimensional, on-demand manner. The basic process of situational awareness is consistent with the traditional approach, but each process is different.

The battlefield situation of cyberspace should be layered, global, and partial, which puts higher demands on the situation. With the continuous development of rendering technology, simple planar situational maps can no longer meet the operational needs, especially in the cyberspace combat environment, the demand for stereoscopic and multidimensional situations is prominent. Even if you are in the command post, the commander should be able to understand the battlefield situation and face the real opponent through the situation map. In the American war movie, you can often see the stereoscopic, touchable electronic sandbox, and the multi-dimensional display of the real-time battlefield situation enables the commanding function to make quick and accurate decisions and improve command and control capabilities. The battlefield environment of cyberspace is extremely complex, network environment, equipment operation, software operation… Many places need to have clear and intuitive display. In order to improve the user experience and shorten the decision time, the cyberspace situation should have multi-dimensional dynamic characteristics, and can support multi-screen display, multi-screen linkage and so on. From the top-level situation map, you can understand the whole picture of the war. From the local situation map, you can understand the status of the combat units at all levels. The commanders at different levels can view different situation maps as needed based on their own authority.

As a new type of combat space, cyberspace has objective differences with traditional physical space, and there are special requirements for command and control of cyberspace. However, cyberspace command and control still faces many other problems, such as how to integrate cyberspace command and control with traditional physical space command and control systems, and how to conduct cyberspace command and control effectiveness evaluation.

Original Mandarin Chinese:

網絡空間已成為與陸地、海洋、空中、太空並列的一片新疆域,也是覆蓋面最廣的疆域。從計算機誕生之日起,以計算機和網絡為基礎的信息系統就逐漸發展起來,其上的軟件和資源也不斷豐富,最終形成了網絡空間。

隨著美軍武器裝備和作戰理論的不斷發展,“網絡空間戰”從設想開始走向現實。與傳統的“平台中心戰”相比,在“網絡空間戰”中指揮控制系統“戰鬥力倍增器”的作用將更加突出,對作戰的影響也更加巨大’在未來的現代化戰爭中,網絡空間中的指揮控制應有它自身的特點和關注點。

從理論上講,網絡空間是所有可利用的電子信息、網絡構成的數字社會的代名詞。美國《第45號國家安全總統令暨第23號國土安全總令》中將網絡空間定義為:信息技術基礎設施和相互依存的網絡,包括互聯網、電信網、電腦系統以及重要產業中的處理器和控制器,通常還包括信息虛擬環境以及人與人之間的互動。

網絡空間具有四個要素:通信設備和線路;計算機;軟件;數據通信與資源共享。通信設備和線路:是網絡空間的基礎設施之一,具體包括路由/交換設備、有線/無線通信設備、線纜等。計算機:是網絡空間的基礎設施之一,具有計算、存儲和數據處理等能力。軟件:是網絡空間的核心支撐部分,通信設備和計算機中均運行著各種功能的軟件系統。數據通信與資源共享:是網絡空間具備的基本能力,為各類各級用戶提供所需的信息。

在網絡空間這一遼闊的新疆域中指揮作戰,必然需要多個軍兵種聯動,首先應當具備安全防護能力,提供多級安全保障,其次必須掌握戰場態勢,另外還必須具有資源調度能力等,能夠為一體化聯合作戰提供支撐。

安全防護是指通過釆用各種技術和管理措施,保護網絡系統的硬件、軟件及系統中的數據,使其不因偶然的或者惡意的原因而遭受到破壞、篡改、洩露,使得系統能夠連續可靠正常地運行,網絡服務不中斷。

網絡空間指揮作戰中,各類指控信息的產生、存儲、傳輸和使用的全過程,均面臨著這樣或那樣的安全威脅,傳統的衝突形式已擴展到網絡空間。

安全防護技術和攻擊技術一直在共同發展著,“矛”與“盾”的較量自古就有。雖然美軍不斷通過各種渠道表態,宣稱美軍網絡空間行動的“核心是防禦網絡攻擊行為,防禦能力是其他一切作戰能力的基礎”,但稍加分析即可看出,美軍在網絡空間要達成的目標是:攻防結合,構建網絡威懾體系,在軍事上鞏固自己的“製網權”。美國國防部副部長林恩曾明確表示,美方將保留回應嚴重網絡攻擊的權利,會在“我們選擇的時間和地點做出相稱且正當的軍事回應”。前任國防部長帕內塔曾指出:“現在我們生活在一個完全不同的世界裡,要面對可與珍珠港比擬的網絡空間攻擊”,“我們必須做好應對準備,在網絡空間,我們要同時擁有良好的網絡進攻與網絡防禦能力”。這些講話充分顯示了美軍注重網絡空間威懾效應、在網絡空間強調攻防結合、必要時不惜主動發動網絡攻擊的心態,其軍事目標絕不僅僅是保證自身網絡安全,而是要通過提升網絡攻擊能力勸阻和威懾所有不利於己的網絡攻擊行為,實現其在網絡空間的絕對自由、絕對優勢和絕對安全。

在網絡空間中,國家與國家之間的攻防演練也從來沒有停止過。 2008年7月,俄羅斯利用攻擊軟件的隱蔽注入,對格魯吉亞實施了全面的網絡攻擊,導致網絡癱瘓。 2011年12月,伊朗宣稱其“電子戰部隊”用“黑客劫持”的方法使得美國的一架RQ-170隱形無人機脫離航線,降落在伊朗境內。 2012年5月被發現的“超級火焰”病毒在中東大範圍傳播,在計算機內隱蔽駐留、竊取數據。 2014年3月,俄羅斯總統官網遭遇網絡攻擊。從歷次的網絡攻擊事件來看,網絡攻擊效果不亞於常規武器的火力打擊。網絡空間的安全,就是國家的安全,網絡空間已成為國家主權領域空間。

網絡空間中的安全防護應採用多級安全保障機制。在國家戰略層面,是國家級網絡安全防護;在關鍵部位,有軍隊、政府、經濟等領域的網絡安全防護;在大型企業中,有國有、私有等企事業單位的網絡安全防護;在局部,有個人、家庭等範圍的網絡安全防護。其中,國家層面的安全防護主要包括邊界網絡安全和骨幹網絡安全;企業級(及軍隊)安全防護主要包括邊界網絡安全和內網安全;個人計算機安全防護主要包括計算機終端安全、終端軟件安全及終端數據安全。在不同的安全級別上,保護的信息內容各不相同,大到國家戰略規劃、發展路線,小到個人隱私、銀行密碼等。信息的洩漏,無疑會對國家、企業、個人的生存和發展帶來打擊和負面影響,甚至會破壞國家的安全和穩定。

態勢感知是在一定的時間和空間條件下,對環境因素的感知、理解以及對其發展趨勢的預測。 1988年,Endsley把態勢感知分為感知、理解和預測三個層次的信息處理。 1999年,TimBass首次提出了網絡態勢感知的概念,並且指出,“基於融合的網絡態勢感知”必將成為網絡管理的發展方向。

“知己知彼,百戰不殆。”在網絡空間這一新型作戰空間中,如何才能做到知己和知彼?必須掌握戰場態勢,具有態勢感知能力,即對能夠引起敵我狀態發生變化的關鍵因素進行獲取、理解和呈現,並能夠預測未來的發展趨勢。

網絡空間中的戰場態勢具有覆蓋面廣、信息量巨大、情況異常複雜等特點。對於各級指揮員來說,都希望能夠從態勢圖上清晰地了解和掌握當前網絡空間作戰狀況,以便能夠快速地進行決策,下達正確的指揮作戰命令。

要洞察網絡空間戰場發展的狀態和形勢,必須具備狀態數據釆集、傳輸、存儲、監控、分析處理和展現的能力。在網絡空間的關鍵位置,佈設檢測點,對網絡運行狀態進行檢測,並採集狀態數據。基於各類狀態數據,形成網絡態勢、安全態勢、頻譜態勢等。再通過各種通信手段傳輸到具有數據分析處理能力的節點上,進行態勢數據分析,主要包括態勢融合、態勢評估和態勢預測等。分析處理的結果再傳輸到各級指揮所,並以分層、多維、按需等方式將戰場態勢呈現給各級指揮員。態勢感知的基本流程與傳統方式一致,但每個處理環節都有不同之處。

網絡空間的戰場態勢應該是分層的,有全局的,也有局部的,這對態勢呈現效果提出了更高的要求。隨著呈現技術的不斷發展,簡單的平面態勢圖已不能滿足作戰需求,尤其是在網絡空間作戰環境下,立體、多維的態勢呈現需求凸顯。就算身在指揮所內,通過態勢圖,指揮員也應能洞悉戰場態勢,直面真正的對手。在美國戰爭大片中,經常能夠看到立體的、可觸控的電子沙盤,實時的戰場態勢多維展現,使得指揮官能快速準確決策,提高指揮控制能力。網路空間的戰場環境異常複雜,網絡環境、設備運行情況、軟件運行情況……很多地方都需要有清晰直觀的展現。為了提高用戶體驗,縮短決策時間,網絡空間態勢呈現應具有多維動態特性,並能支持多屏顯示,多屏聯動等。從頂層態勢圖能了解戰爭全貌,從局部態勢圖能了解各級作戰部隊的狀態;不同級別的指揮員基於自身的權限,能夠按需查看不同的態勢圖。

網絡空間作為一種新型的作戰空間,存在和傳統物理空間的客觀差異,網絡空間的指揮控制也存在特殊的需求。然而,網絡空間指揮控制還面臨著其他諸多問題,t匕如如何將網絡空間指揮控制與傳統物理空間指揮控制的體系互相融合、以及如何進行網絡空間指揮控制的效能評估等,這些都是有待進.

Referring url:  http://www.81.cn/

 

 

Chinese Cyber Conflict Discussions, Information & Reasearch