Chinese Military Secrets of Deterrence in Cyberspace
January 6th 2016
China’s National Defence University
Given the recent People’s Liberation Army (PLA) restructuring and renewed emphasis on strategic forces and cyberwarfare units it is no surprise that military experts in the People’s Republic of China (PRC) are discussing how to use military force in cyberspace effectively.
when the opposing sides have the ability to ensure invade destroy the other network when you can bring two-way network containment, the two sides have, under certain conditions, to comply with and do not attack the other network rules of the game, forming an invisible safety valve, even will form international networks and do not attack each other customary agreements or conventions, cyberspace became strategic areas can generate a huge deterrent effect. After following the nuclear deterrence deterrence in cyberspace, began to enter the strategic vision of the big country politicians and military strategist. Research cyberspace deterrence characteristics, type and use points, a must consideration and necessary action network power, network and strong army. China Military Online publication Yuan Yi of PLA Military Academy of Sciences, said the article, along with human society’s dependence on cyberspace continues to deepen, cyberspace has become the “fifth dimension of human production and life of the” second class living space “and military confrontation battle space. ” States initiative, control over the right to speak about the world of cyberspace in a fierce competition, competition in cyberspace has reached a level of survival, fate of the country and the success of the military struggle of human solidarity. Thinking of cyberspace deterrence capacity building of great practical and theoretical value. First, analyze the pros and cons of deterrence in cyberspace cyberspace deterrence refers to various actions taken in cyberspace, cyberspace display paralyze enemy control, and cross-domain control of the enemy’s determination and strength of the physical space through cyberspace to achieve deterrence enemy, the enemy stops, stopping the enemy, stop the enemy in the form of a strategic deterrence purposes. Cyberspace and physical space has compared to the “actual situation biphasic” network warfare, compared with the traditional style of warfare has unique nature determines the advantages and disadvantages of deterrence in cyberspace are very obvious.
(A) Advantages of cyberspace deterrence. Deterrence advantage of cyberspace, mainly reflected in: First, become more civilized and humane way of deterrence. Compared with nuclear and biological weapons, physical, biological, chemical destruction mechanism-based, direct killing and destruction effects of network warfare weapons is far smaller than the former, usually does not cause permanent damage and pollution of the natural environment, it will not cause a lot of people casualties, and trigger a humanitarian disaster. Second, the cost of deterrence to cost-inefficient. Network warfare weapons to viruses, Trojan horses and other software-based, relatively low cost, low technology threshold, and damage caused by the effect has been amazing. Cyber Defense broad area, are very hard to improve network security level of a grade each input costs increase exponentially. Low-cost network attack and defense of the high cost of network contrast, making the network attack and defense presented “spear shield thin” features, network warfare weapon which is called “poor atomic bomb.” Third, diverse practical means of deterrence. A variety of network warfare weapons, cyber-attacks target pluralism, the decision has diverse cyberspace deterrent to choose from. Network attack effect to a certain extent is recoverable, if used properly implemented, the initiation and escalation of the war to promote war risk is relatively small. In a sense, the deterrent value of nuclear weapons is much greater than the actual value, and network warfare weapons is both practical value and deterrent value. Fourth, deterrence using reusable flexibility. “Nuclear threshold” Once across the full nuclear war will break out, both sides in the nuclear balance of mutual destruction will fall into the state, easily a nuclear deterrent against non-nuclear countries in particular, nuclear deterrence, but also lead to international condemnation, these factors which greatly limits the use of the nuclear deterrent. The cyberspace deterrence Flex, controllable power characteristics, which can be determined according to the change and the need for military struggle situation, timely regulatory deterrence strength, the initial use, full use, repeated use, with strong flexibility.
Original Mandarin Chinese:
(B) Lack of deterrence in cyberspace
Cyberspace is insufficient when it comes to a deterrent effect, mainly reflected in the following:
First, the credibility of the deterrent effect has not been fully verified. The credibility of nuclear deterrence has been verified in actual combat. However, as of now, the war in the true sense of the network have not really broken out. People cyberwarfare amazing destructive power, more of a speculation and worry, the real power of cyber warfare only after the actual test, we can really convincing.
Second, the reliability of the means of deterrence is not too high. Cyberwar is a dynamic process two sides of continuous interaction network attack and defense, the network against complex, highly technical characteristics, determine the effect of cyber warfare attacks with greater uncertainty, and there may not achieve the desired objective of the operation, so that the deterrent effect greatly reduced. For example, when you attack the enemy in cyberspace combat deter enemy if promptly take all effective means of defense, it will increase the difficulty of one’s own cyber-attacks and reduce the destructive effect, and even lead to the failure of the attack.
Third, deterrence scope for further improvement in controllability. Virus weapons as an important weapon cyber warfare, the spread of resistance, controllability is poor, affecting relatively wide range, it is difficult for the enemy to launch specialized computers and networks, highly targeted attacks. If you cannot control its effective scope, it will spread to a third-party neutral countries and even make itself a victim, thus using viral weapons are “legislator” of the suffering. Four is selectively limited deterrence object. Nuclear deterrence for any country is clear and effective, and the degree of information in cyberspace deterrent effect of a great relationship with the enemy. Cyberspace deter high degree of information is extremely effective countries, and for that information infrastructure is weak, not strong network dependent LDCs, the effect is difficult to play, or even completely ineffective. Five is relatively complex organization deterrence implementation. Various nuclear countries in the world are all focused on the implementation of the strategic nuclear forces unified management, command and control of the highly centralized organization and implementation of nuclear deterrence when action can be accurately controlled to each combat unit, very well organized and implemented. The organization and implementation of deterrence in cyberspace, to be involved in reconnaissance, attack, control, prevention and other support forces, personnel, large scale, and scattered in different departments and units of the military, the organization is very complex and not easy to form a joint force.
Second, the main types of cyberspace deterrence.
Deterrence in cyberspace includes the following; there are cyberspace technology test deterrence measures, deterrence in cyberspace display equipment, network space and cyberspace combat exercise deterrence. There are four types of deterrence operations. Among them, the first three are shown in form of deterrence, the latter is the real deterrent.
(A) Technical trial deterrence in cyberspace
Original Mandarin Chinese:
Cyberspace technology test of deterrence, is in the field of cyber warfare, regularly carry out new operational concepts early exploratory trials, new attacks and tactical mechanism confirms test results, new technologies weaponization practical tests, and through the media and disclose to demonstrate their strong information technology infrastructure research capabilities, and network warfare capability into the enormous potential to achieve deterrence opponent’s goal. Currently, the network attack and defense technology is still rapid development, a key breakthrough technology, cyberspace and often have a significant impact on operations, or even lead to revolutionary change. Who is the first to occupy the strategic high ground network attack and defense technology, who will be able to achieve significant advantages in the future network warfare.
(B) Deterrence in cyberspace equipment display.
Equipment display deterrence in cyberspace, is planning to develop cyber warfare equipment development, technology development, targeting all stages of development testing, stereotypes production, appropriate disclosure network warfare equipment models, performance, features needed, parameters and development progress, etc., in order to achieve deterrence opponent’s goal. Its methods are mainly two: one is by the defense white paper, diplomatic communiques and newspapers, periodicals, websites and other large-scale public disclosure of authoritative media from official sources, the implementation of explicit deterrence; the other is through a network of social media or other unofficial channels, deliberately leaked equipment relevant circumstances, the implementation of implicit deterrence. Cyberspace equipment display deterrence, one can fictitious new mechanism, the new concept of the new cyber-warfare equipment, and render their unique combat capability; on the other hand can be deliberately exaggerated the combat effectiveness of the existing network warfare equipment. There are virtual reality, real There are virtual, the implementation of a policy of ambiguity, so that the other lost in one’s own truth and strength, fear and psychological fear. For example, the US military’s “chute” airborne network attack system electrical integration has been repeatedly put into practical use, its hostile air defense system of the country pose a serious threat, but the basic principle, the working mechanism, tactical and technical indicators have neither publicly disclosed, nor by his country fully grasp cracks, has been shrouded in secrecy, it is difficult to distinguish the actual situation, played a very good deterrent.
(C) Cyberspace exercise deterrence.
In cyberspace combat exercise deterrence, is the way real soldiers or virtual exercises launched in cyberspace, and through various media channels to combat potential rival to show their cyber capabilities, strength and determination to achieve deterrence opponent’s goal. Cyberspace war exercises and military exercises can be divided into two kinds of virtual exercises. The former is usually the country or jointly with allies, generally joint military exercises in cyberspace defense action-oriented. In recent years, the United States and its allies held a number of “Cyber Storm” series of network warfare exercises, and “Schriever” series of space – cyberspace exercise, a good show cyberwarfare mobilization strength, overall defense level, and the implementation of network warfare determination. The latter is usually the national large-scale integrated network Range held generally exercise the power of the military professional network warfare offensive action-oriented.
Original Mandarin Chinese:
(D) Operations in cyberspace deterrence.
Deterrence in cyberspace operations, refers to a particular network targets Attack effect to make sure to deter fighting a real opponent deterrence. The timing of its use are two: First, when one’s own perceived enemy is about to wage war on one’s own, the focus of one’s own choice of enemy defenses against network-critical objectives targeted, preventive, dissuasive deterrence; the second is when the enemy When the party through one’s own network launched probing attacks, the implementation of deterrence in cyberspace, one’s own need for effective retaliatory, punitive deterrence immediately. Network warfare operations deterrent effect of a variety. For example, infiltration and sabotage the enemy telecommunications network, the phone sends a large number of people to its anti-war message enemy; the enemy to attack the power grid, causing the enemy’s major cities short of blackouts; broadcast television network to attack the enemy in one’s own prime-time spots a special video program, and so on.
Third, the use of elements of deterrence in cyberspace.
Cyberspace deterrence general use requirements are: deterrence of war combined with strength, combat capability and determination to demonstrate, and strive to reflect the small war deterrence to ensure deterrence fine fight, with little cost to achieve deterrence purpose. Specifically, you should do the following.
(A) Both peacetime and wartime, long-term preparations, “Rome was not built in a day.” The successful implementation of cyberspace deterrence, peacetime and wartime needs, will be carried out in the usual full detailed preparation. First, we must conduct a comprehensive and thorough network reconnaissance. Requires intelligence reconnaissance and surveillance technology, wireless surveillance and reconnaissance wired combined network enemy targets long-term sustainability of the network reconnaissance, and gradually find out the basic situation of the enemy network, draws its network topology map, especially soft and hard analysis to find out the enemy Vulnerability member system. The second is to carry out a large number of effective strategies presets. Using hacking tools, through the use of loopholes in the system or other measures to decipher passwords, secret penetration into enemy various types of networks, leaving the back door, set the stepping stones, planted logic bombs and Trojans, cyber-attacks aside for the future launch breakthrough. Third, pre-network defenses are prepared. When the enemy to implement cyberspace deterrence, adjust the network’s own defense deployment in advance, so that the enemy attack path predesigned expected use of system vulnerabilities to attack the program scheduled to be executed difficult to implement, or to implement greatly reduced, to minimize the enemy Network revenge losses.
Original Mandarin Chinese:
(B) Careful decision-making.
Control the intensity of decision-making Sun Tzu said: “Lord, not anger and Xingshi, will not be indignant caused the war.” Cyberspace deterrence strategy game behavior between countries, especially real deterrence and sensitivity, we must do rational, beneficial, section, must not because deterrence “threshold” low abuse indiscriminate use, or their effect may be counterproductive. Cyberspace real deterrent to combat the strength of the control of demanding. On the one hand, if the intensity is too small, an enemy government and people will not have fear, not achieve the desired deterrent effect, the person may also take the same means to implement anti-deterrence, eventually leading to confrontation upgrade, make one’s own deterrence fail. On the other hand, if the intensity is too large, to the enemy causing huge economic losses and casualties caused by the international community to condemn and enemy government, people’s hatred, it could lead to the use of conventional enemy forces massive retaliation, possibly even nuclear states will be spent on nuclear power, so not only can not deter war ended, it will play the role of the fuse of war.
(C) Unity of command, well-organized.
Military organizations implement deterrence in cyberspace, to centralized command, unified planning, improve collaboration. First, the well-organized force. Unified organization of military reconnaissance, attack, defense, control four forces, actively coordinate military forces the parties to form a joint force cyberwarfare. In particular, to organize and coordinate the civil non-professional cyber warfare forces especially patriotic hackers, cannot appear “rashness” phenomenon, so as not to lead to friction, misfires, causing cyber warfare upgrades, or premature disclosure attack intentions, a handle , resulting in uncontrollable situation or action fails. Second, the precise and appropriate choice target. Should affect a wide selection, easy to produce significant deterrent effect of the goal. For example, the ratings ranking of radio and television channels, access to a huge amount of portals, many users of wireless communication networks. You cannot select innocuous, the impact was small, and the public indifference to attack targets, easily mistaken for network security incidents ordinary hackers manufactured not achieve the desired deterrent effect. Also, consider the constraints of international law and the laws of war, you cannot select targets could easily lead to a humanitarian catastrophe, try not to choose the network destination railway, aviation, financial, medical and other sectors, so as not to provoke the international community and other public condemnation and resentment.
Third, the precise control of the process. Before implementing cyberspace deterrent against, to issue a warning to the enemy hit by extensive propaganda campaign, declared to the world the justice of one’s own actions, to gain the understanding and support of international public opinion. To highlight the deterrent effect, can one’s own network announced high-profile target enemy to attack, then break the enemy defense layers of the network, implement firm and effective network attacks, and finally, if necessary, but also on the effect of timing recovery network attacks to demonstrate one’s own superb network attack techniques and tools, so that policy makers and the public to produce enemy off guard, overwhelming psychological frustration, thereby forming a strong deterrent effect.
(D) Actual situation, focusing on strategy.
Sun Tzu said, “it can and cannot be shown, and illustrates it with no”, applied to cyberspace deterrence, summed up the gist of “show undeclared, declared and not shown.” “Show undeclared”, is the use of cyber-attacks is difficult to track the location of this, cyber-attacks on specific targets, but not announced is that of one’s own, both showing one’s own ability, but also makes the enemy, although suspicion is that as one’s own, but no evidence, not be pursued. “Vision does not show”, is publicity or inadvertently disclose one’s own research or advanced network warfare equipment fictional models, performance, features, deliberately exaggerate their operational effectiveness, falsehoods, actual situation, make the enemy unable to figure out the true strength of one’s own to produce a deterrent effect. Network warfare operations traceable having difficulty tracing, forensics complex features, the initiator can either admit to be denied, or put the blame on civil hackers.
Original Mandarin Chinese:
Original Source: www.crntt.iw/888