Tag Archives: #China #Cyber #Warfare #Information #Dominance

中國軍隊信息戰裝備的作戰運用 – Chinese Military Operation of Information Warfare Equipment

中國軍隊信息戰裝備的作戰運用

Chinese Military Operation of Information Warfare Equipment

Information warfare is the C4ISR system and C4ISR system of confrontation, is the advantage of information contention, the main purpose is to ensure that their own information system to run properly, from the enemy use, paralysis and destruction; the same time, trying to use, paralyzed and destroy the enemy’s information system, So that in a paralyzed, confused state. Information warfare includes two parts: strategic information warfare and battlefield information warfare.

Strategic information warfare and information warfare battlefield

strategic information warfare is mainly characterized by a wide range of sectors covering all key political, economic, technological, and military and other special areas; special way, relates to psychological warfare, media warfare, deception warfare, media warfare and other special Means that the target is special, mainly through the decadence war, psychological warfare, information deterrence attack the enemy’s understanding system and thinking system; great harm, can make the whole country’s economic, political or military paralyzed, and even make it happen alternately; Personnel special, the war is not necessarily military personnel, computer experts, international criminal groups, ulterior motives of hackers or terrorist organizations and so may become war personnel.

Battlefield information warfare is the information warfare in the battle space, refers to the preparation and conduct of a campaign, the integrated use of information technology and a variety of information technology weapons, information combat platform and C4ISR system, in reconnaissance detection and early warning, information processing and Transmission, weapons control and guidance, operational command and control, camouflage deception and interference, as well as military strategy and other aspects of the comprehensive confrontation and struggle. Battlefield information warfare is through the interference or disrupting the enemy decision-making process, so that the enemy can not effectively take concerted action. Therefore, we must first affect the enemy decision-making, and then affect its actions, that is, to win the air electromagnetic advantage, and then made the air superiority, and finally the use of conventional forces to take combat operations. To seize the right to information system, to seize the initiative to fight the space, but also for the fight for land rights, air supremacy, sea power and the system of the right to lay a good foundation and necessary conditions.

A The basic combat forces and means are digital forces and information weapons equipment, the main contents include combat confidentiality, military deception, electronic warfare, psychological warfare and fire destroyed, the core purpose is to compete for the battle space information access , Control and use rights. Battlefield information warfare is the confrontation of the information system, it directly affects the entire battle space, the whole process of war and success or failure. Battlefield information warfare The main combat style is the electronic warfare and cyber warfare. Electronic warfare is an important part of the battlefield information warfare, mainly for the enemy communications, radar and other electromagnetic radiation source for the lure, interference, destruction and destruction activities. In the Gulf War, the electronic warfare was not only for the first time on a large scale, but also as a campaign stage and a specific campaign in war. In the Kosovo war, NATO used a lot of electronic warfare equipment, and the first use of electromagnetic pulse bombs and the first time a network war. Network warfare is a cyber-confrontational activity in computer cyberspace, using the Internet, and is being used for the first time in the Kosovo war. NATO network warfare measures include: network advertising; hacker attacks; attacks on financial networks. The main feature of the network war in the Southern Alliance is the people’s war mode, fans, computer fans and computer enthusiasts spontaneously carried out a large number of network operations, such as online publicity, attack NATO website, the use of network transmission of information.

Information warfare equipment in war equipment electronic warfare equipment the trend of electronic warfare equipment increasingly integrated and universal, under the conditions of information technology in the local war, the battlefield of the electromagnetic environment is increasingly complex, the past that the separation of each other, a single function of electronic warfare equipment is far from Adapt to combat needs. Integration and generalization has become the focus of the development of electronic warfare equipment and future electronic warfare equipment overall development direction. In order to deal more effectively with the complex and volatile electromagnetic threat in the information warfare, the future of the new generation of electronic warfare equipment, will be widely used advanced computer technology, greatly improve the automation of the entire system to have better real-time capabilities, since Adaptability and full power management capability. Electronic warfare equipment, work areas continue to widen, increasing the transmission power, millimeter-wave technology and the development of optical technology, the modern electronic warfare equipment, the frequency of continuous development to a wider band. On the whole, the future range of electronic warfare equipment will be extended to the entire electromagnetic spectrum. GPS interference and anti-interference will be concerned about the practice of war has shown that if the loss of GPS support, it will greatly weaken the information advantage, so that command, control, reconnaissance, combat, military and other military aspects are facing severe tests, Combat effectiveness. Focusing on the development of anti-radiation and new electronic warfare jets, attention to the development of new, special electronic warfare technology and equipment, such as anti-satellite laser weapons, high-energy particle beam weapons, and meteor communication, neutrino communication and so on.

Computer virus weapon <a In the military information system, the battlefield information acquisition, transmission, processing and other functions need to complete the computer and network, computer network is the basis and pioneer of information warfare. The use of software-driven sniffers and hardware magnetic sniffers and other sniffing network is an important way to attack the network. These sniffing tools were originally a test device used to diagnose and assist in repairing the network, so it was a powerful tool for network management personnel to manage the network, but it was a terrible computer virus weapon in information warfare. It can make the network “service denied”, “information tampering”, information “halfway steal” and so on. In addition, will also focus on design “portal trap”. “Portal trap”, also known as “back door”, is a computer system designer in the system in advance of a structure, in the application appears or operating system, the programmer to insert some debugging agencies. System programmers in order to achieve the purpose of the attack system, deliberately left a small number of portal traps for familiar with the system staff to go beyond the normal system protection and sneak into the system. Network is an important infrastructure for information warfare, network-based warfare is mainly based on the network and the network is reliable to determine the outcome of the war. Therefore, to strengthen the network of offensive and defensive combat research, to win the future of information war is essential.   Electromagnetic pulse bombs

Iraq war, the US military used a lot of electronic warfare equipment, and the use of electromagnetic pulse bombs attacked the Iraqi radio and television system and the Iraqi military various types of electronic radiation source. Electromagnetic pulse bomb, also known as microwave pulse bomb, is through the micro-beam into electromagnetic energy, damage to each other’s electronic facilities and personnel of a new directional energy weapons. Its working principle is: high-power microwave through the antenna gathered into a very narrow, very strong electromagnetic waves fired at each other, relying on this beam of electromagnetic waves generated by high temperature, ionization, radiation and other integrated effects in the target internal electronic circuit to produce fatal voltage And the current, breakdown or burn the sensitive components, damage to the computer stored in the data, so that the other side of the weapons and command system paralyzed, loss of combat effectiveness. According to the test, a briefcase size of the microwave bomb, can produce power of 300 million watts of pulse waves. Will be more than one connection, it can become an adjustable radiation source, resulting in more than 2 billion watts of pulse waves. This pulse wave is somewhat similar to the nuclear pulse generated when the nuclear explosion can easily from the power and communication pipes into the underground bunker, which rely on radio, radar, computers, power grids and telephone modern weapons systems, chemical and biological arsenal and its production The shop was paralyzed in an instant.

GPS interference device <a I = 13> Iraq war, the Iraqi military use of GPS interferometer on the Tomahawk cruise missiles for effective interference, which is the first time in combat in the GPS guidance system interference. GPS signal is very weak, very easy to interfere. A Russian company offers a 4-watt power handheld GPS jammers that can be bought for less than $ 4,000. If you buy parts from a retail e-store, spend $ 400 to create a GPS jammer with a radius of 16 km or more. Before the war in Iraq, the United States had expected the Iraqi side to interfere with GPS signals. The United States has already been equipped with anti-jamming technology for its GPS bombs and missiles so that these GPS-guided weapons can continue to use GPS signals in the event of interference; even if the GPS signal is lost, these weapons can also use their own other guidance system Such as inertial navigation, laser guidance, etc., so that they reach the target. Nevertheless, the early Iraq war, the US military more than a dozen Tomahawk cruise missiles or because of interference from the scheduled route, falling in Turkey, Syria and Iran. Small GPS jitter problem alerted the US government, Powell personally come forward to investigate the source of Iraqi GPS jammers, Russia and other countries imposed no small pressure.

Gulf War, GPS navigator as a trial for the first time issued to the use of desert combat personnel, the effect is obvious. At that time, including cruise missiles, including all the weapons are not using GPS navigation device. During the war in Iraq, we saw almost all of the combat platforms, and every soldier, almost all of the missiles and bombs used this kind of navigation device, so that the tanks, planes, ships were more mobile so that the missiles and bombs were The probability error is reduced to 1-3 m, within a maximum of 10 m. <A I = 15> everything has a disadvantage. GPS navigation defects and information technology weapons and equipment of the drawbacks is the same, that is, electronic interference. From the perspective of the development of weapons and equipment, the purchase of a cruise missile needs more than 100 million dollars, and manufacturing a GPS jammers only a few hundred dollars, as a strategic defense side, if a large number of development and development of GPS jammers, not only for US missiles And bombs are a threat to their tanks, planes, ships and personnel navigation and positioning will also have a huge impact. Of course, you should also see the US military fight, further, after the end of the war in Iraq will be based on the lessons of the war to improve the GPS system. Is expected to be improved in three areas: First, GPS satellites, mainly to enhance the satellite launch signal, and as much as possible to launch GPS satellites; Second, improve the guidance system, mainly to increase the composite guidance device, after the GPS guidance is disturbed, Automatic recovery or transfer to inertia and other navigation methods to ensure the normal operation of the platform and weapons; Third, GPS anti-interference, mainly to improve the GPS receiver anti-jamming capability, the development of new GPS receiver, Machine and jamming machine for electronic suppression and interference.

 

Original Mandarin Chinese:

信息戰是C4ISR系統與C4ISR系統的對抗,是信息優勢的爭奪,主要目的是確保己方信息系統正常運行,免遭敵方利用、癱瘓和破壞﹔同時,設法利用、癱瘓和破壞敵人的信息系統,使之處於癱瘓、迷茫狀態。信息戰包括戰略信息戰和戰場信息戰兩大部分。

戰略信息戰和戰場信息戰

戰略信息戰主要特征是范圍廣泛,涉及國家政治、經濟、科技、軍事等各個要害部門和特殊領域﹔方式特殊,涉及心理戰、輿論戰、欺騙戰、媒體戰等特殊手段﹔目標特殊,主要是通過誘騙戰、心理戰、信息威懾等攻擊敵人的認識體系和思維體系﹔危害巨大,能使整個國家的經濟、政治或軍事陷入癱瘓,甚至能使其發生政權交替﹔人員特殊,參戰人員不一定軍人,計算機專家、國際犯罪集團、別有用心的黑客或恐怖組織等都可能成為參戰人員。

戰場信息戰是發生在戰斗空間內的信息戰,是指為准備和進行一場戰役,綜合運用信息技術手段和各種信息化武器、信息化作戰平台和C4ISR系統,在偵察探測及預警、信息處理與傳遞、武器控制和制導、作戰指揮與控制、偽裝欺騙與干擾以及軍事謀略等方面展開的全面對抗和斗爭。戰場信息戰是通過干擾或打亂敵方決策程序,使敵方無法有效採取協調一致的行動。因此,要先影響敵人決策,然后再影響其行動,即先贏得空中電磁優勢,再取得空中優勢,最后使用常規部隊採取作戰行動。奪取了制信息權,就奪取了戰斗空間的主動權,而且為爭奪制陸權、制空權、制海權和制天權奠定一個良好基礎和必要條件。

戰場信息戰的基本作戰力量和手段是數字化部隊及信息化武器裝備,主要內容包括作戰保密、軍事欺騙、電子戰、心理戰和火力摧毀,核心目的是爭奪戰斗空間的信息獲取權、控制權和使用權。戰場信息戰是信息體系的對抗,它直接影響到整個戰斗空間、整場戰爭的進程和成敗。戰場信息戰的主要作戰樣式是電子戰和網絡戰。電子戰是戰場信息戰的一個重要組成部分,主要是針對敵人通信、雷達等電磁輻射源進行的誘騙、干擾、破壞和摧毀活動。海灣戰爭中,電子戰不僅首次大規模使用,而且正式作為戰爭中的一個戰役階段和特定戰役行動。科索沃戰爭中,北約使用了大量電子戰裝備,並首次使用了電磁脈沖炸彈並首次進行了網絡戰。網絡戰是在計算機網絡空間,利用因特網進行的一種網絡對抗活動,並在科索沃戰爭中首次使用。北約網絡戰的措施包括:網絡宣傳﹔黑客攻擊﹔襲擊金融網絡等。南聯盟網絡戰的主要特征是人民戰爭模式,網迷、電腦迷和計算機愛好者自發地進行了大量網絡作戰行動,如開展網上宣傳、攻擊北約網站、利用網絡傳遞情報等。

戰爭中的信息戰裝備

電子戰裝備

電子戰裝備的發展趨勢日趨一體化和通用化,信息化條件下的局部戰爭中,戰場上的電磁環境日益復雜,以往那種彼此分立、功能單一的電子戰裝備已遠遠不能適應作戰需要了。一體化和通用化已成為當前電子戰裝備發展的重點和未來電子戰裝備總的發展方向。為了更有效地對付信息化戰爭中復雜多變的電磁威脅,未來新一代的電子對抗裝備,將廣泛採用先進的計算機技術,大幅度提高整個系統的自動化程度,以具備更好的實時能力、自適應能力和全功率管理能力。電子戰裝備的工作頻段不斷拓寬,發射功率不斷增大,毫米波技術和光電技術的發展,使現代電子戰裝備的工作頻率不斷向更寬的頻段發展。從整體上看,未來電子戰裝備的工作范圍必將擴展到整個電磁波頻譜。GPS干擾與反干擾將受到關注,戰爭實踐已經表明,如果失去GPS的支持,就會極大地削弱信息優勢,使指揮、控制、偵察、打擊、部隊機動等各個軍事環節都面臨嚴峻考驗,嚴重降低戰斗力。重點發展反輻射和新型電子戰干擾機,重視發展新型、特殊的電子戰技術裝備,如用於反衛星的激光武器、高能粒子束武器,以及流星余跡通信、中微子通信等等。

計算機病毒武器

在軍事信息系統中,戰場信息的獲取、傳遞、處理等功能需要計算機及網絡來完成,計算機網絡是進行信息戰的基礎和先鋒。利用軟件驅動嗅探器和硬件磁感應嗅探器等對網絡進行嗅探是進攻網絡的重要方法。這些嗅探工具原本是一種測試設備,用來診斷和協助修理網絡,因此它是網管人員管理網絡的一種得力工具,但在信息戰中卻是一種可怕的計算機病毒武器。它能使網絡“服務否認”、“信息篡改”、信息“中途竊取”等。另外,也將重視設計“門戶陷阱”。“門戶陷阱”又稱“后門”,是計算機系統設計者預先在系統中構造的一種機構,在應用出現或操作系統期間,程序員插入一些調試機構。系統程序員為了達到攻擊系統的目的,特意留下少數門戶陷阱,供熟悉系統的人員用以超越對方正常的系統保護而潛入系統。網絡是信息化戰爭的重要基礎設施,網絡中心戰主要是基於網絡而進行的,網絡是否可靠決定戰爭的勝負。因此,加強網絡攻防作戰的研究,對於贏得未來信息化戰爭至關重要。

電磁脈沖炸彈

伊拉克戰爭中,美軍使用了大量電子戰裝備,並使用電磁脈沖炸彈襲擊了伊拉克廣播電視系統及伊軍各類電子輻射源。電磁脈沖炸彈也稱微波脈沖炸彈,是通過把微波束轉化為電磁能,毀傷對方電子設施和人員的一種新型定向能武器。其工作原理是:高功率微波經過天線聚集成一束很窄、很強的電磁波射向對方,依靠這束電磁波產生的高溫、電離、輻射等綜合效應,在目標內部的電子線路中產生致命的電壓和電流,擊穿或燒毀其中的敏感元器件,毀損電腦中存貯的數據,從而使對方的武器和指揮系統陷於癱瘓,喪失戰斗力。據測試,一枚公文包大小的微波炸彈,可產生功率達3億瓦的脈沖波。將其多個聯接后,則能成為可調整的輻射源,產生20億瓦以上的脈沖波。這種脈沖波有點類似核爆炸時產生的電磁脈沖,可以輕易地從電力和通訊管道進入地下掩體,使其中依賴無線電、雷達、計算機、電網和電話等的現代化武器系統、生化武器庫及其生產車間在瞬間癱瘓。

GPS干擾設備

伊拉克戰爭中,伊軍利用GPS干擾儀對戰斧巡航導彈進行了有效的干擾,這是第一次在實戰中對GPS制導系統進行干擾。GPS信號很弱,很易於干擾。一家俄羅斯公司提供的一種4瓦功率的手持GPS干擾機,不到4000美元就能買到。如果從零售電子商店購買部件組裝,花400美元就可以制造一個干擾半徑16公裡以上的GPS干擾機。伊拉克戰爭開戰之前,美國就已經預料到伊拉克方面會干擾GPS信號。美國其實早已經給其GPS炸彈和導彈裝載了抗干擾技術,使這些GPS導引的武器能夠在干擾的情況下繼續使用GPS信號﹔即使GPS信號丟失,這些武器還可以使用自身的其他導引系統如慣性導航、激光制導等,使自己到達目標。盡管如此,伊拉克戰爭初期,美軍十幾枚戰斧式巡航導彈還是因受干擾偏離預定航線,落在土耳其、敘利亞和伊朗境內。小小的GPS干擾機問題驚動了美國朝野,鮑威爾親自出面調查伊拉克GPS干擾機的來源,對俄羅斯等國施加了不小的壓力。

海灣戰爭中,GPS導航儀作為試用品首次發放給沙漠作戰人員使用,效果明顯。當時,包括巡航導彈在內的所有武器都沒有採用GPS導航裝置。伊拉克戰爭中,我們看到幾乎所有的作戰平台,每一個單兵,幾乎全部的導彈和炸彈都採用了這種導航裝置,從而使坦克、飛機、艦艇的機動更加精確,使導彈和炸彈的原概率誤差縮小到1—3米,最大10米范圍之內。

凡事有一利必有一弊。GPS導航的弊端與信息化武器裝備的弊端是一樣的,就是電子干擾問題。從武器裝備發展角度來看,購買一枚巡航導彈需要100多萬美元,而制造一部GPS干擾機才幾百美元,作為戰略防御一方,如果能夠大量發展和研制GPS干擾機,不僅對於美軍導彈和炸彈是一種威脅,對其坦克、飛機、艦艇和人員的導航定位也將產生巨大影響。當然,也應看到美軍打一仗、進一步,伊拉克戰爭結束后必將根據戰爭中的教訓,改進GPS系統。預計將在三個方面進行改進:一是GPS衛星,主要是增強衛星發射信號,並盡可能多的發射GPS衛星﹔二是改進制導系統,主要是增加復合制導裝置,在GPS指導受到干擾之后,自動恢復或轉入慣性等其他導航方式,以保証平台和武器的正常運行﹔三是GPS反干擾,主要是提高GPS接收機抗干擾能力,研制新型GPS接收機,在戰區對地方軍民用GPS接收機和干擾機進行電子壓制和干擾等。

中國的網絡空間治理或衝突的困境選擇 – China’s Dilemma Choice of Cyberspace Governance or Conflict

中國的網絡空間治理或衝突的困境選擇 –

China’s Dilemma Choice of Cyberspace Governance or Conflict

Introduction
The problem of cyberspace security governance is attracting more and more attention from the international community. Among them, the problem of cyberspace conflict management is more and more concerned. Compared with the physical space conflict, the cyber space conflict has the characteristics of diversification of the actors, rapid updating of the attack means and unpredictability of the conflict. This leads to the reality that the cyberspace conflict management is faced with serious challenges such as serious cognitive differences, difficult to effectively govern, deterrence and “structural problems”. Therefore, the network space conflict governance needs to change the governance concept, through the pragmatic cooperation between countries, the integration of all the advantages of resources, to build a global network of governance mechanisms, and cultivate cooperation and sharing of governance culture. As a global network of countries, China has been actively advocating the establishment of multilateral, democratic and transparent global governance system. At the same time, China will make a positive contribution to the construction of international rules of cyberspace and the global network governance mechanism in the areas of innovation governance, bridging the digital divide, carrying out bilateral and multilateral international cooperation.
text
With the extensive application and rapid development of network information technology in the world, the relationship between network and national security is becoming more and more closely. Among the security issues, the most interesting is cyberspace conflict. Cyberspace is called “next battlespace” by military strategists and futurists. The primary objective of governments in cyberspace is to ensure that their core interests are not compromised and that nationals are protected from cyber attacks. But the reality is that the vast majority of cyber attacks are not directly initiated and implemented by the government, but are operated directly by non-state actors. Moreover, the cost of launching a network attack is low, action is hidden, and can cause serious consequences. This also causes cyberspace to burst out of clashes or even cyber warfare (cyber warfare). Once the cyberspace conflict or war, its size and scope of influence will be difficult to estimate. Cyber ​​space conflicts can also lead to direct hostility and conflict among nations in the real world. In addition, due to the lack of necessary international legal jurisdiction and norms, cyber conflict management is also facing serious challenges. Effective control of the intensity of cyberspace conflict, the development of cyberspace national code of conduct, will be the international community to explore new issues of cyber conflict.

First, the changes and challenges of

cyberspace conflict Network space conflict from the behavior of the network threat to the perception and the resulting response. Network threats can be broadly divided into two categories: one is called cyber attacks, is deliberately destroying the behavior of the network system; the other is called cyber exploitation (cyber exploitation), that is, the use of network infrastructure to achieve illegal purposes, but Will not harm the network system itself. [1] The target of cyber attacks is aimed at national and non-state actors, including sovereign states, organizations and individuals, which can disrupt both hardware and software and other aspects of the computer, or by improperly invasive computer operating systems Information or implement remote control. Network attacks can cause network conflicts, and network conflicts can be upgraded to cyber warfare. A cyber war generally refers to the destruction and disruption of a nation or nation that infiltrates another country’s computer or network. [2] cyber war can seriously endanger the country’s political, economic and social security and stability, is the highest form of network conflict. <A I = 3> Network information technology has the immediacy, convenience, cheap nature, so that conflict and war becomes easy to operate and implement. Network information technology to the traditional conflict and war has undergone a subversive change. As long as there is a network of computers, a few people can implement a network attack, launched a small-scale war without smoke. Network space weapons development costs are very low, as long as there are one or two computers, and can achieve network connectivity, and then equipped with several high-level hackers, is enough to create a very lethal network weapons. [3] Therefore, the impact of the Internet on national security will be comprehensive, thorough and unprecedented. Network information technology from the continuous innovation and development of communication technology. The emergence and continuous updating of instant messaging technology has enhanced the efficiency of political decision-making on the battlefield. Network information technology for the innovation of weapons technology has an important role in promoting, especially in the era of nuclear weapons, computer technology to make nuclear weapons more accurate, reliable and high speed. During the Cold War, the United States and the Soviet Union attached great importance to the development of information processing technology. With the comprehensive development of computer technology, the United States first proposed the “information warfare doctrine” (information warfare doctrine), that is, the use of information technology, tactics and means beyond the opponent. Western scholars said that the current international society is no greater risk of weapons of mass destruction, but large-scale destructive weapons (weapons of mass disruption). [4] In the technical breakthrough, cyber space conflict and war more profound changes reflected in the behavior of the main, means of attack and the consequences of conflict and so on. (I) Increasing diversity of actors The cyberspace provides a broader platform for non-State actors to move beyond the limits of territory and sovereignty and to play a greater role in reality and in the virtual world. Traditional conflicts and wars occur between different groups, generally monopolized by powerful states, and individual individuals are difficult to attack groups. Network information technology has greatly enlarged the power of relatively weak behavior. With the help of a network information platform, small countries can challenge the hegemonic countries, small groups can attack the powerful sovereign states, individuals can also attack the group. The United States has always regarded North Korea as a threat in cyberspace. According to the US Fox News Network reported that the beginning of 2010, the report shows that North Korea has trained thousands of top computer students to become excellent “cyber warrior” (cyber Warrior), whose operational targets are locked for the United States and South Korea. [⑤] In recent years, terrorism has also gained the “new life” with the help of network carrier and information tools. Al Qaeda uses Internet technology to promote its extreme ideas, and use the network platform to implement member recruitment, online training, fund raising, remote command and other activities. It can be said that the cyber space of the hidden and open features to increase the international community to prevent and combat the difficulty of terrorism. [⑥] In 2008, a 14-year-old boy in Poland, through the invasion and control of the Lodz tram system, caused confusion, resulting in four trams derailed, 12 people were injured, the accident did not cause death. [⑦] for the increasingly diverse network attackers, the US Strategic Command Command Kevin Hilton (Gen. Kevin P. Chilton) vividly believes that “our enemy range, including not only the boring young hackers, but also criminal organizations, but also related to national actors.” [ 2] Attack means to constantly update the original intention of the development of the Internet is to facilitate the effective flow of information to achieve resource sharing, interoperability. Open environment will often bring more risks and challenges to security, cyberspace and thus appeared in the “offensive and defensive imbalance” problem. This structural imbalance triggers cyber malicious attacks, thereby reducing confidence in deterrence and effective defense. [⑨] static defense in cyberspace (static defenses), that is, passive defense, refers to the most powerful hackers as a new challenge or to be resolved. [⑩] Skilled cyber attackers can easily find network vulnerabilities and successfully bypass security defense software. Compared with the traditional conflict, cyber space in the attackers in a shelter, and specifically attack the target of the weak links. In the “offensive side of the defensive side” in the context of the network of offensive weapons has become very common. The general network of offensive weapons, including computer viruses, malware, logic bombs (logic bombs, denial of service (denial of service) and so on. Low-end network weapons, the goal is simply to steal information, access to passwords, modify the program, generally do not produce significant harm. By contrast, high-end network weapons can cause data or critical facilities to be interrupted or severely damaged. A series of cyber attacks can evolve into major emergencies, breaking critical services over a period of time, including disrupting military command or information systems, shutting down power supply or oil pipelines, and stopping financial services. In 2008, the US Department of Defense to store encrypted military information on the computer network had infected with malicious code. Malicious code diffuses to encrypted and unencrypted file systems without being perceived. Although it was found in time, but the US military is very scared that such an event may make its military confidential documents are uploaded to foreign intelligence agencies, and even unknown hostile forces, the consequences will be disastrous. [11] Complex high-end malicious code has a strong self-camouflage ability, it is difficult to be found, often has been caused after serious injury will be found. In 2010, Iran’s nuclear facilities were attacked by “Stuxnet” (Stuxnet), making Iran’s Natanz uranium enrichment plant 1 More than 1,000 IR-1 centrifuges have to be replaced due to abnormal operation and damage. The fact that the “shock virus” attack target is very accurate or single, that is, the German Siemens control system (SIMATIC WinCC). This is a data acquisition and monitoring (SCADA) system, widely used by Iran in the defense of basic industrial facilities. “Seismic virus” in the invasion of a computer, it will automatically find the Siemens software to confirm the software found, the virus will be unaware of the state control of industrial computer systems, and control the computer software to other factories on the computer Issue a given order. Network security experts believe that the “earthquake network virus” is the first physical world infrastructure for the target “precision guidance” worm. [12] As the first disclosure of “shock virus” German well-known network security experts, Ralph Langner (Ralph Langner) through systematic analysis, that “shock network virus” structure than imagined even more complex , Including two different “digital warhead” (digital warhead), respectively, for different offensive targets, uranium enrichment facilities and Bushehr nuclear power plant external turbine. He believes that the power of the second warhead is equivalent to the Bushehr nuclear power plant for a precise air strike. [13] US information security expert Kevin Clayman (Kevin Coleman) 2010 in the United States National Defense Science and Technology published an article that the number of network attacks will be a sharp upgrade. To support this assertion, he mentioned that the number of malware in 2009 reached the highest level in the past 20 years, with multiple reports showing that more than 25 million malware was confirmed, and that growth would continue. [14] Through the above examples, it is easy to see the cyber space in the offensive weapon technology content is high and has a strong pertinence. Such weapons are more subtle, more precise, more offensive and destructive than conventional weapons. At the same time, network offensive weapons can not be reused, must be constantly upgrading. Matin Libici, a digital warfare expert at the famous American think tank, argues that it is no longer a weapon once someone knows how the cyber warfare works. The best weapon is the enemy does not know, but they already have. [15] (c) the consequences of conflict unpredictable <a I = 11> opponents in traditional conflicts are clearly visible, and the results of the conflict are predictable. In the conflict of cyberspace, once the offensive weapon is in power, the damage scale and influence caused by it are constantly copied and disseminated, and it is difficult to get effective control as the traditional conflict. More seriously, cyber attacks can bring serious panic to society, which is more serious than traditional wars. All kinds of infrastructure in modern society are controlled by computer and Internet systems. Once the network attacks are affected by water, electricity and financial control systems, the losses will be immeasurable and may even cause serious social unrest. American scholars envisioned the serious consequences of cyber attacks: no air control system or airport security system, no electronic control of rail traffic, no reliance on electronic computer day and night delivery of parcels or e-mails, no employer through payment software to pay workers wages Check, no electronic withdrawal record, no automatic teller machine, hospital or health center No reliable digital record, no electricity leads no light, no heat, no refueling system or fuel, petrol, no traffic lights, no phone, no internet service , There is no police effective security management, this series of problems will make the American society into a short-term paralysis. [16] According to the CIA revealed that the number of cyber attacks against the US public utility network in 2007 showed that the person in charge of the power company was even reluctant to talk about the risk of these events because of fear of serious social panic. In addition, the openness of cyberspace makes the network attacks happen and its scope of influence will be diffuse. In April 2013, hackers stole the Associated Press’s Twitter account and posted a false message that US President Barack Obama was injured in an explosion at the White House. A few minutes later, the Associated Press official used another Twitter account before the account was stolen. White House spokesman also clarified by President Obama did not hurt the radio. But many people have seen the news of the stolen Twitter account, the event led to the Dow Jones Industrial Average and S & P500 index both fell, after the two trading index and rapid rebound. Alert alleged that the Twitter account has 2 million audiences, the release of instant messaging is very influential. [17] The incident also sounded the alarm to the US government, with a simple account stolen event is likely to trigger a financial panic, which seriously disrupt the social order. The above new features of cyber conflict governance have had serious consequences. The diversity of the behavior makes it difficult to change the concept in a short time to overcome the differences and differences of cognition. The continuous innovation of the network attack means makes the international legal system and deterrence difficult to play the role. The unpredictable consequence is aggravating the inter- Mutual suspicion. These factors will seriously hinder the formation of cyberspace conflict management mechanism and play a role. Second, the network space conflict governance mechanism of the plight of cyberspace conflict and the traditional sense of the international conflict is very different. The main actors in the current global governance mechanism are sovereign states, who propose a series of rules and regulations on the basis of understanding and understanding of traditional armed conflicts. But in cyberspace, the effective regulation of the behavior of non-State actors is a matter of law and morality. And “structural dilemma” and other practical problems also exacerbated the difficulty of cyber conflict. (A) cognitive differences hinder effective governance At present, countries on the core concept of network security understanding of the network security events and their attribution (attribution) and identified there are deep differences. For example, the United States, Britain, Japan, Germany, France and the European Union have developed a network security strategy, through comparison can be found, the parties to “cyberspace”, “network security”, “network war” and other core concepts defined difference. [18] In cyberspace, how to determine that some of the acts have violated the basic norms of international law and can be used to combat Can individuals and organizations become the target of a national network attack? How do you define the national sovereignty of cyberspace? For these questions, the current international legal system has no ready answers. The United Nations, as a broadly representative international organization for the maintenance of international peace and security, has its own limitations, highlighting the development of the Charter of the United Nations much earlier than the arrival of the cyber-information age and therefore does not take into account the issue of cyber attacks. It is difficult to define cyber attacks as the use of force in accordance with prevailing norms of international law. During the three weeks before the 2008 Russian-Russian war, Unknown Acts used a commercial IP address to launch a decentralized denial service in several countries to attack the Georgian president’s website. The outside world believes that the relevant malware (named MachBo) was written in Russia and used by Russian hackers, although there is no definite proof that the Russian government has planned and implemented cyber attacks. Another dilemma faced by current international legal norms is the blurring boundary between cybercrime and cyber warfare. Realistic disagreement is manifested in the fact that the attacked state considers cybercrime to be a cybercrime and encourages implementation or support in the back of the country that cyber attacks are a cyber warfare for the maintenance of national interests. It can be seen that the lack of unified cognitive standards and operational guidelines make cyberspace conflict management difficult to carry out. In general, cyberspace behavior can be divided into three categories, one is legal (recognized is legal); the second is crime (illegal, the current legal norms that it is a crime); three is not legal (by the state and Non-state actors are found to be malicious, but the existing legal framework is not clearly defined). To be sure, cyber attacks should first fall within the jurisdiction of domestic law. If the attacker violates domestic law, the government of the host country is bound to enforce the jurisdiction. If the attacker attacked the target of another country, and the relationship between the target country and the host country is not friendly, there is a realistic problem. Especially for intelligence gathering, disruption of communications, or network behavior such as issuing erroneous directives to the enemy, it is easy for the implementer to be deemed to be a cyber attack because of being favored by the host country, So that it will not be punished. [19] (b) difficult to effectively govern international legal norms <a There are indeed many problems with the current international legal system and governance mechanisms. First, the existence of existing rules on armed conflict applied to cyberspace issues; second, the existing international rules can be applied to cyberspace governance, the majority of international rules focus on inter-State conflict, and cyberspace in the unconventional conflict But the more and more; third, the lack of legal experts; Fourth, the current rules focus on how to limit the network war, but the physical and collateral damage and other potential issues less concerned. [20] These problems make the existing international legal system not only effective control of cybercrime behavior, nor can it provide legal protection for civilian infrastructure and ordinary civilians. The Law of War and Armed Conflict (“the Law of Armed Conflict”) originated in the mid-19th century and is a humanitarian norm that regulates violence and conflict. The law of armed conflict applies exclusively to the conflict between the regular forces of the state. Countries in 1864 on the “Geneva Convention” to reach a consensus in 1868 in St. Petersburg officially signed. But the law of armed conflict, the Charter of the United Nations in the legal control of the war and wartime war behavior constraints are not applicable to cyberspace. And the existing legal norms do not clearly define the “war behavior” (war of act) concept. In general, war refers to the legal consequences of the use of force between States. The law of armed conflict is based on the use of force and aggression. In cyberspace, there is a great deal of controversy over whether cyber attacks are equal to the use of force and should be governed by the law of armed conflict. On the one hand, although not explicitly defined, it is generally believed that cyber attacks are hostile in cyberspace using network and information technology to achieve a certain purpose or effect; on the other hand, whether a cyber attack can be called For the conflict or war, still need the international community generally recognized. [21] There are gaps in the existing international legal norms for the control network space conflict. Within the existing international legal framework, the international legal norms governing conflict are the law of armed conflict, whose main legal sources are international treaties and international customs. It is the sum of binding principles, rules and regulations, and systems that adjust the relations between the warring parties and the warring parties and the neutral States in war and armed conflict. [twenty two] The subject of the law of armed conflict rests with the State and does not involve the question of the exercise of jurisdiction over individuals and international organizations. In addition, in the network attack, how to effectively distinguish between military and non-military objectives is also a real challenge. In the field of traditional warfare, military and non-military objectives are clearly defined, just as green tanks carry soldiers, and yellow cars carry students. But in the absence of clear boundaries in the cyberspace, the boundaries of the two are vague. The blurring of boundaries will lead to bias and shift of offensive targets, such as the blow to a country’s military facilities likely to shift to civilian infrastructure targets. In the network war, for the commander, it is difficult to distinguish which networks have military strategic objectives, which goals are civil. The more difficult problem is that it is difficult to determine the attacker’s long-range attack. Even if it is possible to determine the presence of the attacker and the attack itself, it is difficult to determine the identity of the attacker. Cyber ​​space conflict also exists on the application of the right of self-defense in traditional war. If a cyber attack against a country has occurred, the State under attack has the right to self-defense in accordance with the provisions of the Charter of the United Nations. But how to determine the implementation of the main body to determine whether the attack on the country’s attack, to define the extent of the attack, there is no uniform standard. Although the existing international legal system clearly stipulates that conventional wars can not use weapons of mass destruction, they are almost equivalent to the use of weapons of mass destruction if they are likely to be devastated by malicious code and malware. If this assumption is true, it will pose a serious challenge to the above principles. And if the network army in the public website embedded malicious code, and the infection code of the non-military system than the military system, which should be considered a violation of the principle of abuse of weapons. Whether there is a “network of weapons of mass destruction” in cyberspace, and the international community has not reached a consensus on the use and co-operation of these weapons that can cause serious consequences. In addition, the development of network information technology in the 21st century makes the soldiers separated from their war behavior. The closer the separation of the acts of war, the harder it is to preserve the humanitarian spirit implicit in the law of armed conflict. At the same time, the openness of cyberspace makes the public and private, government and private network mutual penetration, overlap each other. This will result in a joint attack on the consequences of a network attack and may cause physical damage and injury. (C) the network deterrence lost utility <a I = 25> cyberspace The international legal system is not yet sound is an existing fact, then can the cyber deterrence strategy be effectively implemented and achieve the intended purpose? The deterrence strategy emphasizes the strength and the will of the contest. Deterance refers to the strength of one party is strong enough to make its opponents can not attack, otherwise it will pay a significant price. The prerequisite for deterrence is the possibility and credibility: the possibility that one party has the absolute ability to launch retaliation and counterattack, credible means that at the crucial moment one party decides to impose the necessary blow to its opponent. To achieve the purpose of affecting the opponent’s decision-making, you need to let the opponent clearly understand and perceive the deterrent implementation of the absolute strength and revenge. In reality, there are serious limitations in the use of deterrence strategies in cyberspace: first, deterrence theory is generally applied between two powerful opponents, the deterrent can be effective to assume that the other is rational, can not bear the cost of attack. But in cyberspace, there may be a serious asymmetry between the attacking entity and the attacked object, and even if effective retaliation is implemented, the purpose of deterrence can not be achieved. Second, the asymmetry of retaliatory means would disrupt the existing international rules. If the network attacker only launched a general decentralized denial of attack, only led to the attacking country network system paralysis, if the attacking countries using conventional military and nuclear forces to fight back, will cause a lot of economic losses and casualties, which will Deviation from the “principle of proportionality” in international law, the return action will be the loss of legal legitimacy. Finally, cyber attacks are instantaneous, one-off, successful, or failing only in the twinkling of an eye. Successful attacks can cause harm, and the victim is retaliated after being attacked, and deterrence will be completely lost because the injury has arisen. In a cyber environment, a party that initiates a cyber attack usually attacks an attack through a “zombie computer” (a computer that has been hijacked after it invades), which adds significant difficulty to the attacker’s determination of the attacker. In addition, the process of determining the identity of the attacker takes a long time, after the confirmation is correct, the loss has been generated and irreversible. Re-implementation of such retaliation under such conditions would challenge the “self-defense principle” under international law, since Article 51 of the Charter of the United Nations clearly stipulates that “self-defense” is prerequisite for action against force. The more challenging issue is that if the attackers are identified as being an organization or an individual, the various norms of international law will not work. Former deputy secretary of the United States Department of Defense William Lynn Lynn) also mentioned the difficulty of the network deterrent, “deterrence credible prerequisite for the identity of the adversaries to confirm no doubt, but in the cyberspace almost no such case.” [23] (d) “structural problems” threat to international cooperation and the real world, cyberspace is also in anarchy. In this state, there is no absolute authority, so the relationship between the cyberspace state is facing a “structural problem.” This is highlighted as two aspects: First, the network developed countries and emerging network power between the competitive relationship, which is reflected in the network security issues on the two camps, “different voices.” The first camp is the United States led the Western countries group, they have introduced the corresponding national network security strategy, and put forward the values ​​of Western countries to reflect the cooperation and governance philosophy. In March 2014, the United States stated that it had strengthened bilateral and multilateral coordination and cooperation with the EU in matters related to the Internet. The United States made it clear that US-European cooperation is based on shared values, common interests, multi-stake governance concepts, cyber freedom and the protection of cyberspace human rights. [24] Early 2015, the United States and the United Kingdom expressed the need to protect key infrastructure, strengthen network defense, support network academic research and other aspects of pragmatic cooperation. [25] In June the same year, the United States and Japan to enhance network deterrence and strengthen information and intelligence sharing agreement. [26] It is not difficult to find that the first camp headed by the United States places more emphasis on the values ​​of freedom and democracy in cyberspace and strengthens its own network deterrent. The second camp is China, Russia and other emerging countries group. “Prism door incident” occurred, China and Russia and other countries are very concerned about maintaining the network of national sovereignty, called on the international community to pay attention to the United States to cyberspace open, free in the name of the actual violation of the sovereignty of other countries. At the BRICS National Summit in Brazil in 2014, Russia proposed strengthening the BRIC network security cooperation. [27] Russia and China as the representative of the BRIC countries that “WikiLeaks” and “prism door incident” shows that the United States and other Western countries in the network security issues on the implementation of double standards: on the one hand advocate the so-called absolute freedom of cyberspace, On the other hand use the network to steal other countries information. One of the two camps advocated “network freedom first”, the other side advocated “network sovereignty first”, the two sides views obvious and difficult to eliminate. <A I = 32> Second is the inequality between developed and developing countries. Developed countries because of the advantages of early development, has been in the network information technology has the initiative; and the majority of developing countries due to historical, economic development and technical conditions and other factors, network information technology has long been lagging behind. According to the statistics of the International Telecommunication Union and other relevant agencies, the number of online online users has reached 2.3 billion by 2011, the Internet penetration rate in developing countries is about 25%, the penetration of the Internet in developed countries is 70%, and the per capita Internet users in Europe Bandwidth is equivalent to 25 times the bandwidth of Africa’s per capita. [28] Inequality in status will allow the vast majority of developing countries to remain marginal and passive. Although the United States and other Western countries put forward on the network security issues to the vast number of developing countries to provide the necessary assistance, but because they are in the implementation of assistance along with the concept of Western values, in fact, the majority of developing countries, “value output.” The majority of developing countries are very worried about the United States and other Western countries to form a network security technology level of “dependency”, the network space conflict governance North-South cooperation is also difficult to achieve. Third, the network space conflict mechanism of governance mechanism to explore the war has entered the information age, the existing international law should be necessary to improve and upgrade. The diversity of actors, the escalating offensive technology, and the uncertainty of the consequences call global governance of cyberspace conflicts. People are aware that cybercrime, cybercriminals, and cyber-terrorism have become global problems that can not be solved by the power of individual countries alone. Thus, the issue of cybersecurity is not just the domestic security of individual countries, but it is necessary to carry out long-term, extensive and in-depth international cooperation. At the same time, the existing international legal norms need to be updated and perfected. In the case of international legal norms governing the international conflict, prevention and control of cyberspace conflicts should be increased. At the same time, cyberspace cooperation requires the cultivation of peace and cooperation, development and win-win governance philosophy. Only the concept of governance enjoys popular support, international cyberspace conflict governance action will be concerned about, but also in the international community is widely recognized. (A) the transformation of global governance awareness Although there are Estonia, the Georgia network attack and “earthquake network virus” on Iran’s nuclear facilities caused serious damage and other typical cases, but so far there has been no large-scale inter-country network conflict. Nevertheless, people are still highly concerned about the cyberspace conflict, the urgent need to change the corresponding sense of governance. <A First, the most important subject involved in the management of cyberspace conflict is still the sovereign state. Although the role of individuals and groups is magnified by cyberspace, their power is still limited. Individuals and groups lead to large-scale network conflict and even the possibility of war is still minimal. Therefore, the focus on the network conflict should still be the country. Only countries in accordance with the law to effectively manage and regulate their own and their domestic organizations, individual behavior, cooperation between countries can play a role. Second, to coordinate and integrate the power and resources. Need to pay special attention to is that cyberspace itself beyond the borders, can not fully rely on government and national power. The United States and Europe and other Western countries in the network defense is the most worth learning experience is the full integration of civil resources, to achieve effective interaction between the official and civil. Should be aware of non-state actors in the field of cybersecurity in the important role, rather than national actors also hope to cooperate with the government to reduce network risk. [29] In 2010, the National Security Agency (NSA) in the Google company suffered high persistence attacks (Advanced Persistent Threat, APT), to provide information and technical assistance. [30] The basic elements of cyberspace are individuals and social groups, only to stimulate the vitality of individuals and social organizations, to enhance their network security and cooperation awareness, cyberspace will be more secure. In the government’s active promotion, the integration of technical personnel, experts and scholars, social groups, enterprises, government and other resources in order to effectively eliminate all kinds of cyberspace threats. In some cases, the need to deal with cyberspace problems also need to find answers in the network. In reality, the use of “white off” is an important strategic choice. In January 2014, the Russian Federation Committee proposed the use of “white off” (no criminal criminal record, can find a system of loopholes and experienced network of experts) services to deal with complex and volatile network attacks. [31] US network security software vendor experts also stressed that should be concerned about the “white” group, can not let it be tempted by the dark forces or even use. [32] Third, the implementation of hierarchical management of network behavior. The biggest challenge facing the international community is that countries can not agree on many cyberspace governance issues. From the point of view of harm, low to high behavior includes cyber vandalism, cyber espionage and cybercrime, denial of service, cyber attacks and large-scale cyber attacks. The first three categories already exist, and network attacks and large-scale network attacks have not yet occurred, although it is the most concern, but also the most likely to lead to network conflict behavior. Because cyber attacks and large-scale cyber attacks are targeted at key infrastructure, it can lead to serious social unrest in the attacked countries. Thus, such acts are almost intolerable and can cause reprisals by the injured State. For the first three categories of relatively light sabotage, the parties can be resolved through consultation and cooperation; for possible serious consequences of network attacks and large-scale attacks, countries should be through consultation to achieve a clear ban on such acts of cyberspace international code of conduct The (B) to cultivate the concept of cooperation in cyberspace “attack side overwhelming” reality makes cyberspace deterrence difficult to achieve, which will encourage the network intruder from another direction, eventually leading to network arms race. On the surface, the attack can bring some benefits and produce a sense of security, but the consequences will be cyberspace behavior between the competition, mutual hostility. Therefore, in the Internet, open network space is impossible to obtain absolute security. <A I = 42> On the contrary, if the defensive side is dominant, the behavior is more inclined to cooperate. Any threatened intrusion is carried out on the basis of successful defensive measures. Therefore, to enhance the defense capacity in order to obtain positive and lasting security. This requires the establishment of two types of mechanisms: one is the early warning mechanism, so that the attacked countries can early detection and take the necessary preventive measures. From the “network virus” attacks can be seen in the case, the virus invasion must bypass the victim’s security firewall. If you take a security defense measures, “earthquake network virus” is unable to implement the damage. Second, the information sharing mechanism, the parties to coordinate and cooperate with each other will help to achieve common security. This first requires the sharing of information between countries, which can increase mutual trust, is conducive to pragmatic and effective cooperation to achieve mutually beneficial win-win goal. Second, the sharing of information between government and private enterprises is also necessary. In many cases, the country’s infrastructure is operated by private enterprises, but there are obvious shortcomings in the information and intelligence collection channels, quantity and quality compared with the country. Third, in the network space conflict management should also focus on cultivating the “humanitarian” spirit, in the physical space to attack the party has the obligation to minimize the harm of civilians. Any country with strong technical capacity must also consider minimizing civilian damage when using cyber weapons. Some scholars even believe that the degree of damage caused by network weapons should be limited to less than a bomb damage. [33] (c) the establishment of conflict governance mechanism The international community has been advocating the creation of international mechanisms for conflict resolution, its purpose is through the policy coordination between countries, on the basis of consensus on the formation of network conflict management mechanism, and gradually establish cyberspace International order, and thus cultivate a global network of space management culture. [34] The international community attaches great importance to the inconceivable destructive power and influence of cyber space conflicts. In practice, attempts are made to bilateral and multilateral cooperation and have achieved some results, which can provide the necessary reference for the construction of global cyberspace governance mechanism. As the most influential intergovernmental organization, the United Nations should play a leading role in the governance of cyberspace conflict. The United Nations cyberspace conflict management mechanism is not widely represented and is not universally recognized by the international community. As early as 2006, the United Nations set up an open Internet Governance Forum (Internet Governance Forum, IGF). [35] As of 2014, the Internet Governance Forum has been held for nine consecutive sessions. In April 2015, the United Nations launched a dialogue with Russia on the International Convention on Cybercrime, but there was no consensus on the serious differences between developed countries and developed countries and organizations such as the United States, Canada and the European Union. This shows that countries have opened the door to dialogue for a global agreement. [36] As a specialized agency of the United Nations, the International Telecommunication Union (ITU) has also played an important role, actively advocating the “stakeholder” (stakeholder) concept, called on countries around the world to participate in the process of safeguarding the international community network security. The exploration and attempt of the international community shows that cyberspace governance itself is part of global governance. Every country faces the threat of cyber attacks, network conflicts and even cyber warfare. Participation in multilateral cooperation is the best choice for all countries to safeguard their own interests. At the same time, regional international organizations are also exploring new models of cyberspace governance. The 7th SCO Council of the Shanghai Cooperation Organization (SCO), held in 2007, proposed the Action Plan for information security, emphasizing the state’s control over the network system and information content. At the beginning of 2008, NATO convened an emergency meeting of the North Atlantic Council for the Estonian incident and introduced a cyber-defense policy, which for the first time established cyber security issues as the content of its collective defense obligations. NATO claims that if its member countries are subjected to catastrophic cyber attacks, the new cybersecurity policy will provide an effective counterattack tool. In April, NATO Cyber ​​Defense Management Authority (CDMA) was established to form a unified deployment of allied network action capabilities. In May, the Cooperative Cyber ​​Defense Center of Excellence, CCS COE) was formally established in Tallinn to strengthen the comprehensive capabilities of NATO’s network defense, and the establishment of the two institutions became a symbol of NATO’s network defense. [37] NATO officials also expressed their intention to cooperate safely with cyberspace in South Korea and other East Asian countries. In the current global governance mechanism, the success of cyberspace conflict management is the Mutual Legal Assistance Treaties (MLATs). It is aimed at nationally recognized cybercrime, which stipulates that participating countries share information, evidence and other forms of cooperation. The treaty is mainly applicable to the use of the network system to implement the crime. The Council of Europe Convention on Cybercrime (CEC) was signed by the Council of Europe in 2001 to define and punish the deterrence of cybercrime. The Cybercrime Convention is the most important multilateral cooperation agreement against cyber attacks and the world’s first international convention against cybercrime, which will have a significant impact on the legislation of many countries. Some scholars have suggested that international justice cooperation in the fight against cybercrime be carried out in accordance with the Convention. [38] Joseph Chennai believes that restricting all cybercrime is impossible, but it can be done from combating cybercrime and cyber-terrorism, and the great powers have many common interests on these issues. [39] Whether it is the United Nations or other regional international organizations, through their own practice to explore the global model of cyberspace governance. These practices will greatly enrich the theoretical basis and practical experience of cyberspace conflict management, which is of great significance to promote the international community to construct the relevant governance mechanism. The ultimate goal of cyberspace conflict management is to break through the differences of ideas, on the basis of common interests, to achieve beyond the borders, areas, levels of all-round, three-dimensional cooperation, and ultimately clean up the network space, to good governance. This process may take a long time and requires the joint efforts of the international community. China’s role and contribution in cyberspace conflict management According to China’s Internet Center (CNNIC) released the 36th “China Network Development Statistics Report” shows that by June 2015, the number of Internet users in China has reached 668 million, the Internet Penetration rate of 48%. 4%. This shows that China is already the largest number of Internet users in the country, but also shows that the Chinese people’s production and life, economic growth and innovation are closely related with the network, China has become a veritable global network power. As a global power, China has always positioned itself as a participant, builder and practitioner in cyberspace security governance. China’s national strategy is to develop from a network of major powers as a network power, and to promote the development of balanced development, sound rules and reasonable order of the global network space and make unremitting efforts. As the largest developing country, China has long been committed to the struggle for the vast number of developing countries, and actively participate in the construction of peace, security, openness and cooperation of cyberspace, and promote the establishment of multilateral, democratic and transparent global Internet governance system. At the same time, the Chinese government has put forward the principle of network governance with Chinese characteristics on the basis of the existing experience of governance, such as the rule of law, the order priority and the positive integration, which is similar to those of China. Furniture has important reference value and reference significance. [41] In September 2015, when the Chinese President visited the United States, he said in a written interview with The Wall Street Journal that China was a strong defender of cybersecurity. On the one hand, China will strengthen cooperation with the United States, the European Union, Russia, through the establishment of bilateral and multilateral cooperation mechanism to increase mutual trust, and is committed to building network security code of conduct. On the other hand, China will be more active in cyberspace global governance, and strive to incorporate the concept of safeguarding network sovereignty, network fairness and pragmatic cooperation advocated by China into cyberspace international standards. At the same time, China will also fulfill its commitments to actively promote the construction of cyberspace global order. In addition, China is working on the development of national network security for the relevant legal norms. In June 2015, the National People’s Congress for the first time considered the “People’s Republic of China Network Security Law (Draft)”. Article 5 of the General Regulations clearly states that “China will actively strengthen international exchanges and cooperation in the areas of cyberspace governance, network technology research and development and standard setting, and crack down on crimes against the Internet, and promote the construction of peaceful, safe, open and cooperative cyberspace. [42] This shows that China is committed to the law through the definition of network security, safeguarding network sovereignty, standardize network behavior, promote international cooperation in cyberspace. At the same time, China is also actively advocated in cyberspace governance to play the leading role of the United Nations. In 2011, China and Russia jointly submitted the International Code of Conduct for Information Security to the 66th Session of the General Assembly, put forward a series of basic principles of national conduct on the maintenance of information and cybersecurity, and called on countries to carry out further discussions within the framework of the United Nations. [43] In June 2013, China and the United States and other 15 countries in the United Nations network security dialogue, clearly advocated the “United Nations Charter” applies to cyberspace. [44] In 2014, China and the United Nations jointly organized the International Symposium on Information and Internet Security, which is an important manifestation of China’s international rules for promoting cyberspace. In December 2015, Chinese President Xi Jinping delivered a speech at the Second World Internet Conference to elaborate on China’s basic position on cyberspace development and security, demonstrating China’s forward-looking thinking about the future development of cyberspace and calling for Countries around the world should strengthen communication, expand consensus, deepen cooperation, and jointly build the network space fate community. [45] In addition, China is also actively safeguarding the cyberspace interests of developing countries and “network sovereignty”. China advocates bridging the digital divide on multiple international occasions. Cyber ​​space threat is no border, its impact is transnational. Network vulnerabilities in many developing countries will be targets of attack, and they may also be manipulated into “bonnet” (bonnet) to attack other countries. In the field of Internet technology applications and development, there is a clear gap between China and Western countries. China advocates that the network is primarily used for commercial purposes and not for political and military purposes. In the future, China will continue to carry out independent research and development and innovation in network security technology. These network security technologies can become an important part of China’s foreign technical assistance. At present, China is promoting the “one way along the road” construction, which focus on cooperation, including the promotion of national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation. In 2014, China and the United Nations jointly organized the International Symposium on Information and Internet Security, which is an important manifestation of China’s international rules for promoting cyberspace. In December 2015, Chinese President Xi Jinping delivered a speech at the Second World Internet Conference to elaborate on China’s basic position on cyberspace development and security, demonstrating China’s forward-looking thinking about the future development of cyberspace and calling for Countries around the world should strengthen communication, expand consensus, deepen cooperation, and jointly build the network space fate community. [45] In addition, China is also actively safeguarding the cyberspace interests of developing countries and “network sovereignty”. China advocates bridging the digital divide on multiple international occasions. Cyber ​​space threat is no border, its impact is transnational. Network vulnerabilities in many developing countries will be targets of attack, and they may also be manipulated into “bonnet” (bonnet) to attack other countries. In the field of Internet technology applications and development, there is a clear gap between China and Western countries. China advocates that the network is primarily used for commercial purposes and not for political and military purposes. In the future, China will continue to carry out independent research and development and innovation in network security technology. These network security technologies can become an important part of China’s foreign technical assistance. At present, China is promoting the “one way along the road” construction, which focus on cooperation, including the promotion of national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation. In 2014, China and the United Nations jointly organized the International Symposium on Information and Internet Security, which is an important manifestation of China’s international rules for promoting cyberspace. In December 2015, Chinese President Xi Jinping delivered a speech at the Second World Internet Conference to elaborate on China’s basic position on cyberspace development and security, demonstrating China’s forward-looking thinking about the future development of cyberspace and calling for Countries around the world should strengthen communication, expand consensus, deepen cooperation, and jointly build the network space fate community. [45] In addition, China is also actively safeguarding the cyberspace interests of developing countries and “network sovereignty”. China advocates bridging the digital divide on multiple international occasions. Cyber ​​space threat is no border, its impact is transnational. Network vulnerabilities in many developing countries will be targets of attack, and they may also be manipulated into “bonnet” (bonnet) to attack other countries. In the field of Internet technology applications and development, there is a clear gap between China and Western countries. China advocates that the network is primarily used for commercial purposes and not for political and military purposes. In the future, China will continue to carry out independent research and development and innovation in network security technology. These network security technologies can become an important part of China’s foreign technical assistance. At present, China is promoting the “one way along the road” construction, which focus on cooperation, including the promotion of national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation. The focus will include advancing national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation. The focus will include advancing national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation.

 

Original Mandarin Chinese:

簡介
網絡空間安全治理問題正日益引起國際社會的普遍關注;其中,網絡空間衝突治理問題更是備受關注。與現實的物理空間衝突相比,網絡空間衝突具有行為體多元化、進攻手段快速更新、衝突後果不可預知等新特點。這導致網絡空間衝突治理面臨認知分歧嚴重、規範難以有效管轄、威懾無效和“結構性難題”等現實挑戰。因而,網絡空間衝突治理需要轉變治理理念,通過國家間務實合作,整合各方優勢資源,構建網絡空間全球治理機制,並培育合作、共享的治理文化。作為全球網絡大國,中國一直以來都積極倡導建立多邊、民主、透明的全球治理體系。同時中國將在創新治理理念,彌合數字鴻溝,開展雙邊、多邊國際合作等方面,為構建網絡空間國際規則和全球網絡治理機製作出積極貢獻。
正文
隨著網絡信息技術在全球範圍內的廣泛應用和快速發展,網絡與國家安全的關係日趨緊密且受到各國高度重視。在安全議題中,最引人關注的是網絡空間衝突。網絡空間被軍事戰略學家和未來學家稱為“下一個戰爭空間”(next battlespace)。各國政府在網絡空間中的首要目標是確保本國的核心利益不受損害,保障國民免受網絡襲擊的侵擾。但現實情況是絕大多數網絡襲擊並非由政府直接發動和實施,而是由非國家行為體直接策劃操作。而且,發動網絡襲擊的成本低廉、行動隱蔽,且能引發嚴重後果。這也造成網絡空間容易爆發衝突甚至網絡戰爭(cyber warfare)。一旦網絡空間發生衝突或戰爭,其規模和影響範圍將難以估量。網絡空間衝突也可能導致國家間在現實世界中的直接敵對與衝突。此外,由於缺乏必要的國際法律管轄與規範,網絡空間衝突治理也面臨著嚴峻挑戰。有效控製網絡空間衝突的烈度,制定網絡空間國家行為準則,將是國際社會探索網絡空間衝突治理的新課題。

一、網絡空間衝突的變化與挑戰

網絡空間衝突源於行為體對網絡威脅的感知和由此作出的反應。網絡威脅大致可分為兩類:一類被稱為網絡襲擊,是指蓄意破壞網絡系統的行為;另一類被稱為網絡牟利(cyber exploitation),即利用網絡基礎設施來達到非法目的,但不會對網絡系統本身造成傷害的行為。 [①] 網絡襲擊針對的目標是國家和非國家行為體,包括主權國家、組織和個人,既可以破壞軟硬件和計算機的其他方面,也可以通過非法入侵計算機操作系統,運用不正當的手段獲取信息或實施遠程控制。網絡襲擊可能引發網絡衝突,而網絡衝突又可能升級為網絡戰爭。網絡戰爭一般是指一個民族國家為滲入另一個國家的計算機或網絡所進行的破壞和擾亂行為。 [②] 網絡戰爭可能嚴重危害國家的政治、經濟和社會安全與穩定,是網絡衝突的最高形式。
網絡信息技術所具備的即時性、便捷性、廉價性特質,使衝突和戰爭變得易於操作和實施。網絡信息技術使傳統的衝突與戰爭發生了顛覆性變革。只要有一台聯網的計算機,少數人就可以實施網絡攻擊,發動一場沒有硝煙的小規模戰爭。網絡空間的武器開發成本極低,只要有一兩台計算機,且能夠實現網絡連接,再配備幾名高水平的黑客,就足以製造極具殺傷力的網絡武器。 [③] 因此,互聯網對國家安全的影響都將是全面的、徹底的和前所未有的。網絡信息技術源自通訊技術的不斷創新與發展。即時通訊技術的出現和不斷更新,提升了戰場上的政治決策效率。網絡信息技術對於武器技術的革新具有重要推動作用,尤其是在核武器時代,計算機技術使核武器更加精準、可靠和高速。冷戰時期,美、蘇兩國十分重視發展信息處理技術。隨著計算機技術的全面發展,美國率先提出了“信息戰理念”(information warfare doctrine),也就是利用信息技術力量,在策略和手段方面超越對手。西方學者表示,目前國際社會最大的隱患不再是大規模殺傷性武器,而是大規模破壞性武器(weapons of mass disruption)。 [④] 在技術突破之外,網絡空間衝突與戰爭更深刻的變革體現在行為主體、攻擊手段和衝突後果等方面。
(一)行為主體日益多元化
網絡空間為非國家行為體提供了更加廣闊的活動平台,使其可以超越領土和主權的限制,在現實和虛擬世界發揮更大的作用。傳統的衝突與戰爭發生在不同群體之間,一般被實力強大的國家所壟斷,而單獨個體難於發動對群體的攻擊。網絡信息技術極度放大了相對弱小行為體的力量。借助於網絡信息平台,小國可以向霸權國發起挑戰,規模小的群體可以向實力強大的主權國家發動襲擊,個人也可以發動對群體的攻擊。美國一直以來都將朝鮮視為網絡空間中的威脅。據美國福克斯新聞網透露,2010年年初的報告顯示,朝鮮已經培訓了數千名頂級的計算機專業學生成為出色的“網絡戰士”(cyber warrior),其行動目標鎖定為美國和韓國。 [⑤] 近年來,恐怖主義也藉助網絡載體和信息工具獲得了“新生”。基地組織利用互聯網技術宣傳其極端理念,並利用網絡平台實施成員招募、在線培訓、資金募集、遠程指揮等活動。可以說,網絡空間的隱蔽性和開放性特徵加大了國際社會防範和打擊恐怖主義的難度。 [⑥] 2008年,波蘭一名14歲少年通過入侵並控制洛茲市(Lodz)的有軌電車系統,從而引發混亂,導致4輛電車脫軌,12人受傷,所幸事故未造成人員死亡。 [⑦] 對於日益多元化的網絡襲擊者,美國戰略司令部司令凱文·希爾頓(Gen. Kevin P. Chilton)曾形像地認為,“我們的敵人范圍,不僅包括令人厭煩的年輕黑客,也包括犯罪組織,還涉及國家行為體”。 [⑧]
(二)攻擊手段不斷更新
互聯網發展的初衷是便於信息的有效流動,實現資源共享、互聯互通。開放的環境往往會給安全防禦帶來更多風險和挑戰,網絡空間中因而出現了“攻守不平衡”問題。這種結構上的不平衡會激發網絡惡意攻擊,從而降低對威懾和有效防禦的信心。 [⑨] 網絡空間中的簡單靜態防禦(static defenses),即被動防禦,是指最多被強大的黑客視為一個新挑戰或待解決的問題。 [⑩] 技術嫻熟的網絡襲擊者能夠輕鬆找到網絡漏洞並成功繞開安全防禦軟件。與傳統的衝突相比,網絡空間中的襲擊者處於隱蔽處,並專門攻擊目標的薄弱環節。在“攻方壓倒守方”的背景下,網絡進攻性武器變得十分普遍。一般的網絡進攻武器,包括計算機病毒、惡意軟件、邏輯炸彈(logic bomb)、拒絕式服務(denial of service)等。低端網絡武器的目標只是簡單的竊取信息、獲取密碼、修改程序等,一般不會產生重大危害。相比較而言,高端網絡武器能夠造成數據和關鍵設施的中斷或嚴重受損。一系列的網絡攻擊能夠演變為重大突發事件,在一段時期內中斷關鍵服務,包括破壞軍事指揮或信息系統,關閉電力供應或石油管道,停止金融服務等。 2008年,美國國防部儲存加密軍事信息的電腦網絡就曾感染惡意代碼。惡意代碼在未被察覺的情況下擴散到加密和未加密文件系統。雖然被及時發現,但美國軍方對此十分恐慌,認為此類事件可能會使其軍事機密文件被上傳給國外情報機構,甚至是未知的敵對勢力,後果將不堪設想。 [11]
複雜高端的惡意代碼具有很強的自我偽裝能力,很難被發現,往往是在已經造成嚴重傷害後才會被發現。 2010年,伊朗核設施受到“震網病毒”(Stuxnet)的攻擊,使伊朗納坦茲鈾濃縮工廠的1 000多台IR-1型離心機由於非正常運轉並遭到破壞而不得不更換。事實表明,“震網病毒”的攻擊目標非常精確或單一,即德國西門子公司控制系統(SIMATIC WinCC)。這是一款數據採集與監視控制(SCADA)系統,被伊朗廣泛使用於國防基礎工業設施。 “震網病毒”在入侵一台電腦後,就會自動尋找西門子軟件,確認找到軟件後,這種病毒會在無人察覺的狀態下控制工業用的電腦系統,並控制電腦軟件對工廠其他電腦發出既定指令。網絡安全專家認為,“震網病毒”是第一個以物理世界基礎設施為攻擊目標的“精確制導”蠕蟲病毒。 [12] 作為第一個披露“震網病毒”的德國著名網絡安全問題專家,拉爾夫·朗納(Ralph Langner)經過系統分析,認為“震網病毒”的結構比想像中的還要復雜,包含兩個不同的“數字彈頭”(digital warhead),分別針對不同的進攻目標,鈾濃縮設施和布什爾核電站的外部渦輪機。他認為第二個彈頭的威力相當於對布什爾核電站進行一次精確的空中打擊。 [13] 美國信息安全問題專家凱文·克萊曼(Kevin Coleman)2010年在美國國防科技網上發表的文章認為,網絡襲擊的數量將會急劇升級。為支持這一論斷,他提到2009年惡意軟件的數量達到了此前20年來的最高水平,多份報告顯示超過2 500萬個惡意軟件被確認,而且這種增長趨勢還將繼續。 [14]
通過以上事例,不難看出網絡空間中的進攻武器技術含量高且具有極強的針對性。這樣的武器比常規武器更隱蔽、更精準、更具進攻性和破壞性。與此同時,網絡進攻性武器不能重複使用,必須不斷升級換代。美國著名智庫蘭德公司的數字戰專家馬丁·利比奇(Matin Libici)認為,一旦有人了解了網絡戰武器的工作原理,它就不再是一種武器了。最好的武器是敵人所不知,但自己卻已擁有的。 [15]
(三)衝突後果不可預知
傳統衝突中的對手是清晰可見的,衝突的結果也是可以預測的。在網絡空間的衝突中,進攻武器一旦發揮威力,所造成的破壞規模和影響力一般都會不斷地複制和散播,很難像傳統衝突那樣能夠得到有效控制。更為嚴重的是,網絡襲擊會給社會帶來嚴重恐慌,其後果比傳統戰爭更為嚴重。現代社會中的各類基礎設施都是由計算機和互聯網系統控制,一旦網絡襲擊波及水、電、金融控制系統,帶來的損失將是無法估量的,甚至可能造成嚴重的社會動盪。美國學者設想了網絡攻擊可能引發的嚴重後果:沒有航空控制系統或者機場安監系統,沒有電子管控的鐵路交通,沒有依賴電子計算機日夜投遞的包裹或郵件,沒有雇主通過支付軟件支付工人工資的電子支票,沒有電子取款記錄,沒有自動取款機,醫院或者健康中心沒有可信賴的數字記錄,沒有電力導致沒有燈光,沒有熱力,沒有加油系統或者燃料、汽油,沒有交通信號燈,沒有電話,沒有網絡服務,沒有警察有效的治安管理,這一系列問題將使美國社會陷入短時癱瘓。 [16] 據美國中央情報局透露的發生在2007年針對美國公用電力網的多起網絡襲擊事件表明,由於擔心會造成嚴重的社會恐慌,電力公司的負責人甚至不願談及這些事件的風險。
此外,網絡空間的開放性特徵使網絡襲擊一旦發生,其影響範圍將具有擴散性。 2013年4月,黑客竊取了美聯社的推特賬號,發布了美國總統奧巴馬在白宮的一次爆炸中受傷的虛假消息。幾分鐘後,美聯社官方使用另一個推特賬號聲明之前的賬戶已被盜。白宮發言人也通過廣播澄清奧巴馬總統沒有受傷。但已有很多人看到了被盜推特賬號發布的消息,該事件導致道瓊斯工業指數和S&P500指數雙雙下挫,之後兩個交易指數又快速反彈。據稱美聯社的推特賬號有200萬受眾,其發布的即時消息影響力十分巨大。 [17] 這一事件也給美國政府敲響了警鐘,一起簡單的賬戶被盜事件很可能引發一場金融恐慌,從而嚴重擾亂社會秩序。
網絡衝突治理的上述新特點產生了嚴重的後果。行為體的多樣性使人們很難在短時間內轉變觀念,克服認知差異與分歧;網絡攻擊手段的不斷革新使國際法律制度和威懾很難發揮作用;而後果的難以預測則加重了國家間的相互猜疑。這些因素將嚴重阻礙網絡空間衝突治理機制的形成並發揮作用。

二、網絡空間衝突治理機制的困境

網絡空間衝突與傳統意義上的國際衝突有很大差異。現行全球治理機制的主要行為體是主權國家,它們在對傳統武裝衝突理解和認知的基礎上提出一系列管控規則。但在網絡空間中,對非國家行為體的行為進行有效規範在法律和道德方面是一個空白。而“結構性困境”等現實問題也加劇了網絡空間衝突治理的難度。
(一)認知分歧阻礙有效治理
當前,各國對網絡安全核心概念的理解以及對網絡安全事件的歸因(attribution)和認定都存在深刻分歧。例如,美、英、日、德、法和歐盟等都制定了網絡安全戰略,通過對比可以發現,各方對“網絡空間”、“網絡安全”、“網絡戰爭”等核心概念的界定存在明顯差別。 [18] 在網絡空間中,如何確定一些行為已經違反了國際法基本準則,並可以實施武力打擊?個人和組織是否可以成為國家發動網絡進攻的目標?如何界定網絡空間的國家主權?對

注释:

[①] Abraham D. Sofaer, David Clark, Whitfield Diffie, “Cyber Security and International Agreements,” in Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy, Washington, D.C.: The National Academies Press, 2010, pp. 179-180.
[②] Richard A. Clarke and Robert Knake, Cyber War: The Next Threat to National Security and What to Do about It, New York: Harper Collins, 2010, p. 10.
[③] 樊高月、赵力昌主编:《不流血的战争:网络攻防经典之战》,解放军出版社2014年版,第117页。
[④] Craig B. Greathouse, “Cyber War and Strategic Thought: Do the Classic Theorists Still Matter?” in Jan-Frederik Kremer and Benedikt Muller, eds, Cyberspace and International Relations: Theory, Prospects and Challenges, Verlag Berlin and Heidelberg: Spinger, 2014, p. 23.
[⑤] Kelley Beaucar Vlahos, “Special Report: The Cyberwar Threat from North Korea,” Fox News, February 14, 2014, http://www.foxnews.com/tech/2014/02/14/cyberwar-experts-question– north-korea-cyber-capabilities.
[⑥] 丛培影、黄日涵:《网络恐怖主义对国家安全的新挑战》,载《江南社会学院学报》2012年第2期,第2页。
[⑦] John Leyden, “Polish Teen Derails Tram after Hacking Train Network,” The Register, January 11, 2008, http://www.theregister.co.uk/2008/01/11/tram_hack/.
[⑧] Kelvin P. Chilton, “Cyberspace Leadership Towards New Culture, Conduct and Capabilities,” Air & Space Power Journal, Fall 2009, p. 7.
[⑨] Kenneth Lieberthal and Peter W. Singer, “Cybersecurity and U.S.-China Relations,” Brookings Institution, February 23, 2012, http://www.brookings.edu/~/media/research/files/papers/ 2012/2/23 cybersecurity china us singer lieberthal/0223_cybersecurity_china_us_lieberthal_singer_pdf_english.pdf.
[⑩] Erik M. Mudrinich, “Cyber 3.0: The Department of Defense Strategy for Operating in Cyberspace and Attribution Problem,” The Air Force Law Review, Vol. 68, p. 181.
[11] William J. Lynn, “Defending a New Domain: The Pentagon’s Cyber Strategy,” Foreign Affairs, September/October 2010, Vol. 89, No. 5, p. 97.
[12] 樊高月、赵力昌主编:《不流血的战争:网络攻防经典之战》,第123页。
[13] Jerusalem Post, “Stuxnet Specifically Targeted Iranian Nuclear Program,” The Jerusalem Post, November 20, 2010, http://www.jpost.com/Iranian-Threat/News/Stuxnet-specifically– targeted-Iranian-nuclear-program.
[14] Paul A. Matus, “Strategic Impact of Cyber Warfare Rules for the United States,” Homeland Security Digital Library, March 23, 2010, http://www.handle.dtic.mil/100.2/ADA522001.
[15] 《源代码之战》,载《国际金融报》2011年8月1日,第4版,http://paper.people.com.cn/ gjjrb/html/2011-08/01/content_885812.htm?div=-1。
[16] Michael J. Glennon, “State-level Cybersecurity,” Policy Review, February/March, 2012, p. 85.
[17] “Hacked AP Twitter Account Sends Dow Jones Down,” Southern California Public Radio, April 24, 2013, http://www.scpr.org/programs/airtalk/2013/04/23/31465/hacked-ap-twitter-account -sends-dow-jones-down/.
[18] 蒋丽、张晓兰、徐飞彪:《国际网络安全合作的困境与出路》,载《现代国际关系》2013年第9期,第56页。
[19] Yoram Dinstein, “Cyber War and International Law: Concluding Remarks at the 2012 Naval War College International Law Conference,” International Law Studies, Vol. 89, 2013, p. 284.
[20] Duncan B. Hollis, “Why States Need an International Law for Information Operations,” Lewis & Clark Law Review, Vol. 11, No. 4, 2007, pp. 1023-1024.
[21] Scott W. Beidleman, “Defining and Deterring Cyber War,” Military Technology, Vol. 11, 2011, p. 60.
[22] 顾德欣编:《战争法概论》,国防大学出版社1991年版,第9页。
[23] William Lynn, “Cyber Security,” Speech at the Center for Strategic and International Studies, June 15, 2009.
[24] “Fact Sheet: U.S.-EU Cyber Cooperation,” The White House Office of the Press Secretary, March 26, 2014, https://www.whitehouse.gov/the-press-office/2014/03/26/fact-sheet-us-eu-cyber– cooperation.
[25] “Fact Sheet: U.S.-United Kingdom Cybersecurity Cooperation,” The White House Office of the Press Secretary, January 16, 2015, https://www.whitehouse.gov/the-press-office/2015/01/16/ fact-sheet-us-united-kingdom-cybersecurity-cooperation.
[26] Franz-Stefan Gady, “Japan and the United States to Deepen Cybersecurity Cooperation,” The Diplomat, June 2, 2015, http://thediplomat.com/2015/06/japan-and-the-united-states-to– deepen-cybersecurity-cooperation.
[27]“China, Russia to Sign Information Security Pact: Report,” The Brics Post, October 21, 2014, http://thebricspost.com/china-russia-to-sign-information-security-pact-report/#.Vg4sYi-hdMs.
[28] 复旦国务智库编:《增量改进——全球治理体系的改进和升级》,复旦全球治理报告2014,复旦大学国际关系与公共事务学院,2014年,http://www.sirpa.fudan.edu.cn/_upload/arti cle/8e/7e/f72c6ae04f998c052fe4230493c5/b3ef8190-df38-40fb-829f-1a0c6f6f49a5.pdf,第36页。
[29] Salma Shaheen: “Offense-Defense Balance in Cyber Warfare,” in Jan-Frederik Kremer and Benedikt Muller, eds., Cyberspace and International Relations, Berlin: Springer, 2014, p. 91.
[30] Jon R. Lindsay: “The Impact of China on Cybersecurity,” International Security, Vol. 39, No. 3, 2014, p. 27.
[31] 《俄联邦委员会拟利用“白色黑客”应对网络攻击》,人民网,2014年1月26日,http://world.people.com.cn/n/2014/0126/c157278-24226902.html
[32] “The Chinese Cyber Threat: Challenges and Solutions,” AEI, July 22, 2015, http://www.aei.org/events/the-chinese-cyber-threat-challenges-and-sollutions/.
[33] “Cyber Security and International Law,” Chatham House, May 29, 2012, https://www. chathamhouse.org/sites/files/chathamhouse/public/Research/International Law/290512summary.pdf.
[34] 黄日涵:《网络战山雨欲来 安全困境亟须破局》,载《中国社会科学报》2014年12月10日,第B02版。
[35] 《联合国互联网治理论坛(IGF)简介》,国家工信部网站,2008年2月21日,http://www.miit.gov.cn/n11293472/n11295361/n11296722/11642344.html
[36] Mark Ballard, “UN Rejects International Cybercrime Treaty,” ComputerWeekly.com, April 20, 2010, http://www.computerweekly.com/news/1280092617/UN-rejects-international-cyber crime-treaty.
[37] 毛雨:《北约网络安全战略及其启示》,载《国际安全研究》2014年第4期,第112页。
[38] 王孔祥:《网络安全的国际合作机制探析》,载《国际论坛》2013年第5期,第4页。
[39] Joseph S. Nye, Jr, “From Bombs to Bytes: Can Our Nuclear History Inform Our Cyber Future?” Bulletin of the Atomic Scientists, 2013, Vol. 69, No. 5, p. 13.
[40] 《共同构建和平、安全、开放、合作的网络空间  建立多边、民主、透明的国际互联网治理体系》,人民网,2014年11月20日,http://politics.people.com.cn/n/2014/1120/c1024– 26057363.html。
[41] 丛培影、黄日涵:《中国网络治理模式的世界意义》,光明网,2014年12月15日,http://theory.gmw.cn/2015-12/15/content_18098761.htm
[42] 《中华人民共和国网络安全法(草案)》,中国人大网,2015年7月6日,http://www.npc. gov.cn/npc/xinwen/lfgz/flca/2015-07/06/content_1940614.htm。
[43] 《中俄等国向联合国提交“信息安全国际行为准则”文件》,新华网,2011年9月13日,http://news.xinhuanet.com/2011-09/13/c_122022390.htm
[44] Patrick Goodenough, “U.S., China Among 15 Countries Agreeing U.N. Charter Applies in Cyberspace,” CNS News, June 10, 2013, http://cnsnews.com/news/article/us-china-among-15– countries-agreeing-un-charter-applies-cyberspace.
[45] 《习近平在第二届世界互联网大会开幕式上的讲话》,新华网,2015年12月17日,http://news.xinhuanet.com/zgjx/2015-12/17/c_134925295.htm