Tag Archives: China’s Informatization – 中國信息化

China’s Cyberspace National Security Strategy: Actively Defending Network Sovereignty! // 中國的網絡空間國家安全戰略:積極捍衛網絡主權!

China’s Cyberspace National Security Strategy: Actively Defending Network Sovereignty! //

中國的網絡空間國家安全戰略:積極捍衛網絡主權!

According to CCTV news client reports, today (27th) morning, the National Internet Information Office released the “National Cyberspace Security Strategy “, which is the first time China released a strategy on cyberspace security. The “Strategy” clarifies China’s major positions and propositions on the development and security of cyberspace, clarifies the strategic guidelines and main tasks, and is a programmatic document guiding national cybersecurity work.

“Strategy” pointed out that information networks such as the Internet have become a new channel for information dissemination, a new space for production and life, a new engine for economic development, a new carrier for cultural prosperity, a new platform for social governance, a new bond for exchanges and cooperation, and a national sovereignty. New territory. With the in-depth development of information technology, the network security situation is becoming more and more serious. The use of network interference in other countries’ internal affairs and large-scale network monitoring and stealing activities seriously endangers national political security and user information security. The critical information infrastructure has been attacked and destroyed, and major security incidents have occurred. Harmful to national economic security and public interests, network rumors, decadent culture and obscenity, violence, superstition and other harmful information eroding cultural security and youth physical and mental health, cyber terror and illegal crimes directly threaten people’s lives and property security, social order, around cyberspace The international competition for resource control, rulemaking, and strategic initiative is becoming increasingly fierce, and the cyberspace arms race challenges world peace. Cyberspace opportunities and challenges coexist, and opportunities outweigh challenges. We must adhere to active use, scientific development, management according to law, ensure security, resolutely safeguard network security, maximize the utilization potential of cyberspace, better benefit more than 1.3 billion Chinese people, benefit all mankind, and firmly safeguard world peace.

The “Strategy” requires that the overall national security concept should be taken as a guide to implement the development concept of innovation, coordination, green, openness, and sharing, enhance risk awareness and crisis awareness, coordinate the two domestic and international situations, and coordinate the development of two major events. Actively defend and effectively respond to promote the peaceful, secure, open, cooperative, and orderly cyberspace, safeguard national sovereignty, security, and development interests, and realize the strategic goal of building a network power.

The Strategy emphasizes that a safe, stable and prosperous cyberspace is of great significance to all countries and the world. China is willing to work with other countries to respect and uphold cyberspace sovereignty, peacefully utilize cyberspace, manage cyberspace according to law, coordinate network security and development, strengthen communication, expand consensus, deepen cooperation, actively promote global Internet governance system reform, and jointly maintain cyberspace. Peace and security. China is committed to safeguarding the sovereignty, security, and development interests of the country’s cyberspace, promoting the Internet for the benefit of mankind, and promoting the peaceful use and common governance of cyberspace.

The Strategy clarifies that the strategic task of national cyberspace security work in the current and future period is to firmly defend cyberspace sovereignty, resolutely safeguard national security, protect key information infrastructure, strengthen network culture construction, combat cyber terrorism and crimes, and improve the network. Governance system, solid foundation of network security, improvement of cyberspace protection capability, and strengthening international cooperation in cyberspace.

The full text of the National Cyberspace Security Strategy

On December 27th, approved by the Central Network Security and Informatization Leading Group, the National Internet Information Office released the National Cyberspace Security Strategy, the full text of which is as follows.

The widespread use of information technology and the development of cyberspace have greatly promoted economic and social prosperity and progress, but also brought new security risks and challenges. Cyberspace security (hereinafter referred to as cybersecurity) is related to the common interests of mankind, to world peace and development, and to national security. Safeguarding China’s cybersecurity is an important measure to coordinate and promote the comprehensive construction of a well-off society, comprehensively deepen reforms, comprehensively ruling the country according to law, and comprehensively and strictly manage the party’s strategic layout. It is to achieve the goal of “two hundred years” and realize the great Chinese rejuvenation of the Chinese nation. An important guarantee. In order to implement the “Four Principles” of Chairman Xi Jinping’s promotion of the global Internet governance system reform and the “five-point proposal” for building a community of cyberspace destiny, clarify China’s important position on cyberspace development and security, guide China’s cybersecurity work, and maintain The state develops this strategy in the interests of sovereignty, security, and development of cyberspace.

I. Opportunities and challenges

(1) Major opportunities

With the rapid development of the information revolution, the cyberspace composed of the Internet, communication networks, computer systems, automation control systems, digital devices and their applications, services and data is transforming people’s production and life styles and profoundly affecting the history of human society. Development process.

New channels for information dissemination. The development of network technology has broken through the limitations of time and space, expanded the scope of communication, and innovated the means of communication, which triggered a fundamental change in the pattern of communication. The Internet has become a new channel for people to obtain information, learn and communicate, and become a new carrier of human knowledge transmission.

A new space for production and life. In today’s world, the depth of the network is integrated into people’s learning, life, and work. Online education, entrepreneurship, medical care, shopping, and finance are becoming more and more popular. More and more people exchange ideas, achieve careers, and realize their dreams through the Internet.

The new engine of economic development. The Internet has increasingly become the leading force for innovation-driven development. Information technology has been widely used in various industries of the national economy, promoting the upgrading and upgrading of traditional industries, and has spawned new technologies, new formats, new industries, and new models, and promoted the adjustment of economic structure and the transformation of economic development mode. It has injected new impetus into economic and social development.

A new carrier of cultural prosperity. The network promotes cultural exchanges and knowledge popularization, releases the vitality of cultural development, promotes cultural innovation and creation, enriches people’s spiritual and cultural life, and has become a new means of disseminating culture and providing new means of public cultural services. Network culture has become an important part of cultural construction.

A new platform for social governance. The role of the network in promoting the modernization of the national governance system and governance capacity has become increasingly prominent. The application of e-government has become more in-depth, and government information has been publicly shared. It has promoted the scientific, democratic, and rule-based government decision-making, and has smoothed the channels for citizens to participate in social governance. An important way to protect citizens’ right to know, participate, express, and supervise.

A new link for exchanges and cooperation. The interweaving of informationization and globalization has promoted the global flow of information, capital, technology, talents and other factors, and has enhanced the exchange and integration of different civilizations. The Internet has turned the world into a global village, and the international community has increasingly become a community of destiny among you and me.

The new territory of national sovereignty. Cyberspace has become a new field of human activity that is as important as land, sea, sky and space. The expansion of national sovereignty extends to cyberspace, and cyberspace sovereignty has become an important part of national sovereignty. Respecting cyberspace sovereignty, maintaining cybersecurity, seeking common governance, and achieving win-win results are becoming the consensus of the international community.

(2) Severe challenges

The cyber security situation is becoming increasingly severe. The country’s political, economic, cultural, social, and national defense security and citizens’ legitimate rights and interests in cyberspace are facing serious risks and challenges.

Network penetration harms political security. Political stability is the basic prerequisite for national development and people’s happiness. The use of the network to interfere in his internal affairs, attack the political system of other countries, incite social unrest, subvert the political power of other countries, and large-scale network monitoring, network theft and other activities seriously endanger the political security of the country and the security of user information.

Cyber ​​attacks threaten economic security. Network and information systems have become the backbone of critical infrastructure and the entire economic society. Attacks and destruction and major security incidents will lead to rampant infrastructure such as energy, transportation, communications, and finance, causing disastrous consequences and seriously jeopardizing national economic security. And the public interest.

Harmful information on the Internet erodes cultural security. Various ideological and cultural networks on the Internet are in conflict and confrontation, and excellent traditional culture and mainstream values ​​are facing impact. Internet rumors, decadent culture and obscenity, violence, superstition and other harmful information that violates the core values ​​of socialism erodes the physical and mental health of young people, ruin the social atmosphere, mislead value orientation and endanger cultural security. Online morality is out of order, lack of integrity is frequent, and the degree of network civilization needs to be improved.

Cyber ​​terror and illegal crimes undermine social security. Terrorism, separatism, extremism and other forces use the Internet to incite, plan, organize and implement violent terrorist activities, directly threatening people’s lives and property, and social order. Computer viruses, Trojans, etc. spread in the cyberspace. Internet fraud, hacker attacks, intellectual property infringement, and misuse of personal information are abundant. Some organizations deliberately steal user information, transaction data, location information, and corporate trade secrets, seriously damaging the country. , corporate and personal interests, affecting social harmony and stability.

The international competition in cyberspace is on the rise. The international competition for competing for and controlling cyberspace strategic resources, seizing the rule-making power and strategic commanding heights, and seeking strategic initiative is becoming increasingly fierce. Individual countries have strengthened their network deterrence strategies and intensified the cyberspace arms race, and world peace has been challenged by new challenges.

Cyberspace opportunities and challenges coexist, and opportunities outweigh challenges. We must adhere to active use, scientific development, management according to law, ensure security, resolutely safeguard network security, maximize the utilization potential of cyberspace, better benefit more than 1.3 billion Chinese people, benefit all mankind, and firmly safeguard world peace.

Second, the goal

Guided by the overall national security concept, we will implement the development concept of innovation, coordination, green, openness, and sharing, enhance risk awareness and crisis awareness, coordinate the two major domestic and international situations, and coordinate the development of two major events, actively defending and responding effectively. Promote cyberspace peace, security, openness, cooperation, orderly, safeguard national sovereignty, security, development interests, and achieve the strategic goal of building a network power.

Peace: Information technology abuse has been effectively curbed, and activities such as the cyberspace arms race that threaten international peace have been effectively controlled, and cyberspace conflicts have been effectively prevented.

Security: The network security risks are effectively controlled, the national network security assurance system is sound and complete, the core technical equipment is safe and controllable, and the network and information systems are stable and reliable. Network security talents meet the needs, and the society’s cyber security awareness, basic protection skills and confidence in using the network have increased significantly.

Openness: Information technology standards, policies and markets are open and transparent, product circulation and information dissemination are smoother, and the digital divide is increasingly bridging. Regardless of size, strength, or wealth, countries around the world, especially developing countries, can share development opportunities, share development results, and participate fairly in cyberspace governance.

Cooperation: All countries in the world have closer cooperation in the fields of technology exchange, combating cyber terrorism and cybercrime. The multilateral, democratic and transparent international Internet governance system is sound and perfect, and the cyberspace destiny community with cooperation and win-win as the core has gradually formed.

Orderly: The public’s right to know, participation, expression, and supervision in the cyberspace is fully protected, and the privacy of cyberspace is effectively protected and human rights are fully respected. The domestic and international legal systems and standards of cyberspace have been gradually established. The cyberspace has been effectively governed according to law. The network environment is honest, civilized and healthy. The free flow of information and the maintenance of national security and public interests are organically unified.

Third, the principle

A safe, stable and prosperous cyberspace is of great significance to all countries and the world. China is willing to work with other countries to strengthen communication, expand consensus, deepen cooperation, actively promote the transformation of the global Internet governance system, and jointly safeguard cyberspace peace and security.

(1) Respect for maintaining cyberspace sovereignty

The cyberspace sovereignty is inviolable and respects the right of countries to choose their own development path, network management model, Internet public policy and equal participation in international cyberspace governance. The network affairs within the sovereignty of each country are the responsibility of the people of each country. The countries have the right to formulate laws and regulations concerning cyberspace according to their national conditions and draw on international experience, and take necessary measures to manage their own information systems and network activities on their own territory. The domestic information systems and information resources are protected from intrusion, interference, attacks and destruction, guarantee the legitimate rights and interests of citizens in cyberspace; prevent, prevent and punish harmful information that endangers national security and interests from spreading in the domestic network and maintain the cyberspace order. No country engages in cyber hegemony, does not engage in double standards, does not use the network to interfere in its internal affairs, and does not engage in, condone or support network activities that endanger the national security of other countries.

(2) Peaceful use of cyberspace

The peaceful use of cyberspace is in the common interest of mankind. All countries should abide by the UN Charter’s principle of not using or threatening to use force, prevent information technology from being used for the purpose of maintaining international security and stability, and jointly resist the cyberspace arms race and prevent cyberspace conflicts. Adhere to mutual respect, treat each other as equals, seek common ground while reserving differences, embrace mutual trust, respect each other’s security interests and major concerns in cyberspace, and promote the building of a harmonious network world. Oppose the use of national security as an excuse to use technological superiority to control other countries’ networks and information systems, collect and steal data from other countries, and not to seek their own absolute security at the expense of other countries’ security.

(3) Governing cyberspace according to law

We will comprehensively promote the rule of law in cyberspace, adhere to the rule of law, establish networks according to law, and go online according to law, so that the Internet can operate healthily on the rule of law. Establish a good network order according to law, protect the cyberspace information in a legal and orderly free flow, protect personal privacy, and protect intellectual property rights. Any organization or individual who enjoys freedom and exercise rights in cyberspace must abide by the law, respect the rights of others, and be responsible for their words and deeds on the Internet.

(4) Coordinating network security and development

Without cybersecurity, there is no national security. Without informationization, there will be no modernization. Network security and informationization are two wings of the two wings and the drive. Correctly handle the relationship between development and security, adhere to safety and development, and promote safety through development. Security is a prerequisite for development, and any development at the expense of security is difficult to sustain. Development is the foundation of security, and development is the biggest insecurity. Without information development, network security is not guaranteed, and existing security may even be lost.

Fourth, strategic tasks

China’s number of Internet users and network scale is the highest in the world. Maintaining China’s network security is not only its own needs, but also of great significance for maintaining global network security and even world peace. China is committed to safeguarding the sovereignty, security, and development interests of the country’s cyberspace, promoting the Internet for the benefit of mankind, and promoting the peaceful use and common governance of cyberspace.

(1) Firmly defending cyberspace sovereignty

In accordance with the Constitution and laws and regulations, we will manage the network activities within the scope of our sovereignty, protect the security of our information facilities and information resources, and adopt all measures including economy, administration, science and technology, law, diplomacy, and military, and unswervingly safeguard China’s cyberspace sovereignty. Resolutely oppose all acts of subverting our state’s political power and undermining our national sovereignty through the Internet.

(2) Resolutely safeguard national security

Prevent, stop and punish any use of the Internet for treason, secession, sedition, subversion or incitement to subvert the people’s democratic dictatorship; prevent, deter and punish the use of the Internet for theft, disclosure of state secrets and other acts that endanger national security; Prevent, stop and punish foreign forces in the use of the network for infiltration, destruction, subversion and separatist activities.

(iii) Protection of critical information infrastructure

National key information infrastructure refers to information facilities that are related to national security, national economy and people’s livelihood. Once data leakage, destruction or loss of function may seriously endanger national security and public interest, including but not limited to providing services such as public communication and radio and television transmission. Information networks, important information systems in the fields of energy, finance, transportation, education, scientific research, water conservancy, industrial manufacturing, medical and health care, social security, public utilities, and state agencies, and important Internet application systems. Take all necessary steps to protect critical information infrastructure and its critical data from attack. Adhere to the combination of technology and management, focus on protection, prevention, detection, early warning, response, disposal, etc., establish and implement key information infrastructure protection systems, and increase investment in management, technology, talents, and capital. Comprehensively implement policies to effectively strengthen the security protection of key information infrastructure.

The protection of key information infrastructure is the common responsibility of the government, enterprises and the whole society. The competent authorities, operating units and organizations must take necessary measures to ensure the security of key information infrastructures in accordance with the requirements of laws, regulations and system standards, and gradually realize the first evaluation and use. Strengthen risk assessment of key information infrastructure. Strengthen the security protection of party and government organs and websites in key areas, and build and operate the website of grassroots party and government organs in an intensive mode. Establish an orderly sharing mechanism for cyber security information of government, industry and enterprises, and give full play to the important role of enterprises in protecting key information infrastructure.

Adhere to opening up and maintain network security in an open environment. Establish and implement a network security review system, strengthen supply chain security management, conduct security reviews on important information technology products and services purchased by party and government organs and key industries, improve the security and controllability of products and services, and prevent product service providers. And other organizations use the advantages of information technology to implement unfair competition or harm the interests of users.

(4) Strengthening the construction of network culture

Strengthen the construction of online ideological and cultural positions, vigorously cultivate and practice the core values ​​of socialism, implement network content construction projects, develop a positive and upward network culture, spread positive energy, unite powerful spiritual strength, and create a good network atmosphere. Encourage the development of new business, create new products, create a network culture brand that reflects the spirit of the times, and continuously improve the scale of the network culture industry. Implement the China Excellent Culture Online Communication Project and actively promote the digitalization, network production and dissemination of excellent traditional culture and contemporary cultural products. Give full play to the advantages of the Internet communication platform, promote the exchange of excellent cultural exchanges between China and foreign countries, let the people of all countries understand the excellent Chinese culture, let the Chinese people understand the excellent culture of each country, jointly promote the prosperity and development of the network culture, enrich people’s spiritual world, and promote the progress of human civilization.

Strengthen the network ethics and network civilization construction, give play to the role of moral education, and use the excellent results of human civilization to nourish cyberspace and repair the network ecology. Building a civilized and honest network environment, advocating civilized network and civilized Internet access, and forming a safe, civilized and orderly information dissemination order. Resolutely crack down on illegal and harmful information such as rumors, obscenity, violence, superstition, and cults in the cyberspace. Improve the network civilization of young people, strengthen the protection of minors online, and create a good network environment for the healthy growth of young people through the joint efforts of the government, social organizations, communities, schools, and families.

(5) Combating cyber terror and illegal crimes

Strengthen the network’s anti-terrorism, anti-espionage and anti-stealing capabilities, and crack down on cyber terror and cyber espionage activities.

Adhere to comprehensive governance, source control, and legal prevention, and severely crack down on illegal activities such as online fraud, cyber theft, drug trafficking, infringement of citizens’ personal information, dissemination of obscene pornography, hacking, and infringement of intellectual property rights.

(6) Improve the network governance system

Adhere to the rule of law, open and transparent management of the network, and earnestly do the law, the law must be enforced, the law enforcement must be strict, and the law must be investigated. We will improve the network security laws and regulations, formulate laws and regulations such as the Cyber ​​Security Law and the Minor Network Protection Regulations, clarify the responsibilities and obligations of all aspects of society, and clarify the requirements for network security management. Accelerate the revision and interpretation of existing laws to make them applicable to cyberspace. Improve the network security related system, establish a network trust system, and improve the scientific and standardized level of network security management.

Accelerate the construction of a network governance system that combines legal norms, administrative supervision, industry self-discipline, technical support, public supervision, and social education, promotes network social organization management innovation, and improves basic management, content management, industry management, and network crime prevention and combat. Work linkage mechanism. Strengthen the protection of cyberspace communication secrets, freedom of speech, trade secrets, and the legitimate rights and interests of property rights and property rights.

Encourage social organizations to participate in network governance, develop online public welfare undertakings, and strengthen the construction of new types of network social organizations. Encourage netizens to report cyber violations and bad information.

(7) Consolidating the foundation of network security

Adhere to innovation-driven development, actively create a policy environment conducive to technological innovation, pool resources and strength, take enterprises as the main body, combine production, study and research, coordinate research, point-to-face, and overall advancement, and make breakthroughs in core technologies as soon as possible. Pay attention to software security and accelerate the promotion and application of security and trusted products. Develop network infrastructure and enrich cyberspace information content. Implement the “Internet +” initiative and vigorously develop the network economy. Implement national big data strategy, establish a big data security management system, and support next-generation information technology innovation and application such as big data and cloud computing. Optimize the market environment, encourage network security enterprises to become bigger and stronger, and consolidate the industrial foundation for safeguarding national network security.

Establish and improve the national network security technology support system. Strengthen the basic theory of network security and research on major issues. Strengthen network security standardization and certification and accreditation, and make greater use of standards to standardize cyberspace behavior. Do basic work such as level protection, risk assessment, and vulnerability discovery, and improve the network security monitoring and early warning and network security major incident emergency response mechanism.

Implement network security talent project, strengthen the construction of network security disciplines, build a first-class network security college and innovation park, and form an ecological environment conducive to talent cultivation and innovation and entrepreneurship. We will do a good job in the network security publicity week and vigorously carry out publicity and education on the national network security. Promote cybersecurity education into teaching materials, enter the school, enter the classroom, improve the network media literacy, enhance the cyber security awareness and protection skills of the whole society, and improve the identification and resilience of the majority of netizens on illegal criminal activities such as network illegal information and online fraud.

(8) Improving the ability of cyberspace protection

Cyberspace is a new frontier of national sovereignty. We will build a network space protection force that is commensurate with China’s international status and compatible with the network powers. We will vigorously develop network security defense methods, timely discover and resist network intrusion, and build a strong backing for national security.

(9) Strengthening international cooperation in cyberspace

On the basis of mutual respect and mutual trust, we will strengthen international cyberspace dialogue and cooperation and promote the transformation of the Internet global governance system. We will deepen dialogue and exchanges and information communication with bilateral and multilateral networks in various countries, effectively control differences, actively participate in network security cooperation between global and regional organizations, and promote the internationalization of basic resource management such as Internet addresses and root name servers.

Support the United Nations to play a leading role in promoting the development of universally accepted international rules on cyberspace, cyberspace international counter-terrorism conventions, sound judicial assistance mechanisms against cybercrime, deepening policy and law, technological innovation, standards and norms, emergency response, and critical information infrastructure International cooperation in areas such as protection.

Strengthen support for Internet technology diffusion and infrastructure construction in developing and underdeveloped regions, and strive to bridge the digital divide. Promote the construction of the “Belt and Road”, improve the level of international communication and interconnection, and smooth the information silk road. Establish a global Internet sharing and governance platform, such as the World Internet Conference, to jointly promote the healthy development of the Internet. Through active and effective international cooperation, we will establish a multilateral, democratic and transparent international Internet governance system to jointly build a peaceful, secure, open, cooperative and orderly network space.

Original Mandarin Chinese:

據央視新聞客戶端報導,今天(27日)上午,國家互聯網信息辦公室發布了《國家網絡空間安全戰略》,這是我國首次發布關於網絡空間安全的戰略。 《戰略》闡明了中國關於網絡空間發展和安全的重大立場和主張,明確了戰略方針和主要任務,是指導國家網絡安全工作的綱領性文件。

《戰略》指出,互聯網等信息網絡已經成為信息傳播的新渠道、生產生活的新空間、經濟發展的新引擎、文化繁榮的新載體、社會治理的新平台、交流合作的新紐帶、國家主權的新疆域。隨著信息技術深入發展,網絡安全形勢日益嚴峻,利用網絡干涉他國內政以及大規模網絡監控、竊密等活動嚴重危害國家政治安全和用戶信息安全,關鍵信息基礎設施遭受攻擊破壞、發生重大安全事件嚴重危害國家經濟安全和公共利益,網絡謠言、頹廢文化和淫穢、暴力、迷信等有害信息侵蝕文化安全和青少年身心健康,網絡恐怖和違法犯罪大量存在直接威脅人民生命財產安全、社會秩序,圍繞網絡空間資源控制權、規則制定權、戰略主動權的國際競爭日趨激烈,網絡空間軍備競賽挑戰世界和平。網絡空間機遇和挑戰並存,機遇大於挑戰。必須堅持積極利用、科學發展、依法管理、確保安全,堅決維護網絡安全,最大限度利用網絡空間發展潛力,更好惠及13億多中國人民,造福全人類,堅定維護世界和平。

《戰略》要求,要以總體國家安全觀為指導,貫徹落實創新、協調、綠色、開放、共享的發展理念,增強風險意識和危機意識,統籌國內國際兩個大局,統籌發展安全兩件大事,積極防禦、有效應對,推進網絡空間和平、安全、開放、合作、有序,維護國家主權、安全、發展利益,實現建設網絡強國的戰略目標。

《戰略》強調,一個安全穩定繁榮的網絡空間,對各國乃至世界都具有重大意義。中國願與各國一道,堅持尊重維護網絡空間主權、和平利用網絡空間、依法治理網絡空間、統籌網絡安全與發展,加強溝通、擴大共識、深化合作,積極推進全球互聯網治理體系變革,共同維護網絡空間和平安全。中國致力於維護國家網絡空間主權、安全、發展利益,推動互聯網造福人類,推動網絡空間和平利用和共同治理。

《戰略》明確,當前和今後一個時期國家網絡空間安全工作的戰略任務是堅定捍衛網絡空間主權、堅決維護國家安全、保護關鍵信息基礎設施、加強網絡文化建設、打擊網絡恐怖和違法犯罪、完善網絡治理體系、夯實網絡安全基礎、提升網絡空間防護能力、強化網絡空間國際合作等9個方面。

資料圖

《國家網絡空間安全戰略》全文

12月27日,經中央網絡安全和信息化領導小組批准,國家互聯網信息辦公室發布《國家網絡空間安全戰略》,全文如下。

信息技術廣泛應用和網絡空間興起發展,極大促進了經濟社會繁榮進步,同時也帶來了新的安全風險和挑戰。網絡空間安全(以下稱網絡安全)事關人類共同利益,事關世界和平與發展,事關各國國家安全。維護我國網絡安全是協調推進全面建成小康社會、全面深化改革、全面依法治國、全面從嚴治黨戰略佈局的重要舉措,是實現“兩個一百年”奮鬥目標、實現中華民族偉大復興中國夢的重要保障。為貫徹落實習近平主席關於推進全球互聯網治理體系變革的“四項原則”和構建網絡空間命運共同體的“五點主張”,闡明中國關於網絡空間發展和安全的重大立場,指導中國網絡安全工作,維護國家在網絡空間的主權、安全、發展利益,制定本戰略。

一、機遇和挑戰

(一)重大機遇

伴隨信息革命的飛速發展,互聯網、通信網、計算機系統、自動化控制系統、數字設備及其承載的應用、服務和數據等組成的網絡空間,正在全面改變人們的生產生活方式,深刻影響人類社會歷史發展進程。

信息傳播的新渠道。網絡技術的發展,突破了時空限制,拓展了傳播範圍,創新了傳播手段,引發了傳播格局的根本性變革。網絡已成為人們獲取信息、學習交流的新渠道,成為人類知識傳播的新載體。

生產生活的新空間。當今世界,網絡深度融入人們的學習、生活、工作等方方面面,網絡教育、創業、醫療、購物、金融等日益普及,越來越多的人通過網絡交流思想、成就事業、實現夢想。

經濟發展的新引擎。互聯網日益成為創新驅動發展的先導力量,信息技術在國民經濟各行業廣泛應用,推動傳統產業改造升級,催生了新技術、新業態、新產業、新模式,促進了經濟結構調整和經濟發展方式轉變,為經濟社會發展注入了新的動力。

文化繁榮的新載體。網絡促進了文化交流和知識普及,釋放了文化發展活力,推動了文化創新創造,豐富了人們精神文化生活,已經成為傳播文化的新途徑、提供公共文化服務的新手段。網絡文化已成為文化建設的重要組成部分。

社會治理的新平台。網絡在推進國家治理體系和治理能力現代化方面的作用日益凸顯,電子政務應用走向深入,政府信息公開共享,推動了政府決策科學化、民主化、法治化,暢通了公民​​參與社會治理的渠道,成為保障公民知情權、參與權、表達權、監督權的重要途徑。

交流合作的新紐帶。信息化與全球化交織發展,促進了信息、資金、技術、人才等要素的全球流動,增進了不同文明交流融合。網絡讓世界變成了地球村,國際社會越來越成為你中有我、我中有你的命運共同體。

國家主權的新疆域。網絡空間已經成為與陸地、海洋、天空、太空同等重要的人類活動新領域,國家主權拓展延伸到網絡空間,網絡空間主權成為國家主權的重要組成部分。尊重網絡空間主權,維護網絡安全,謀求共治,實現共贏,正在成為國際社會共識。

(二)嚴峻挑戰

網絡安全形勢日益嚴峻,國家政治、經濟、文化、社會、國防安全及公民在網絡空間的合法權益面臨嚴峻風險與挑戰。

網絡滲透危害政治安全。政治穩定是國家發展、人民幸福的基本前提。利用網絡干涉他國內政、攻擊他國政治制度、煽動社會動亂、顛覆他國政權,以及大規模網絡監控、網絡竊密等活動嚴重危害國家政治安全和用戶信息安全。

網絡攻擊威脅經濟安全。網絡和信息系統已經成為關鍵基礎設施乃至整個經濟社會的神經中樞,遭受攻擊破壞、發生重大安全事件,將導致能源、交通、通信、金融等基礎設施癱瘓,造成災難性後果,嚴重危害國家經濟安全和公共利益。

網絡有害信息侵蝕文化安全。網絡上各種思想文化相互激盪、交鋒,優秀傳統文化和主流價值觀面臨衝擊。網絡謠言、頹廢文化和淫穢、暴力、迷信等違背社會主義核心價值觀的有害信息侵蝕青少年身心健康,敗壞社會風氣,誤導價值取向,危害文化安全。網上道德失範、誠信缺失現象頻發,網絡文明程度亟待提高。

網絡恐怖和違法犯罪破壞社會安全。恐怖主義、分裂主義、極端主義等勢力利用網絡煽動、策劃、組織和實施暴力恐怖活動,直接威脅人民生命財產安全、社會秩序。計算機病毒、木馬等在網絡空間傳播蔓延,網絡欺詐、黑客攻擊、侵犯知識產權、濫用個人信息等不法行為大量存在,一些組織肆意竊取用戶信息、交易數據、位置信息以及企業商業秘密,嚴重損害國家、企業和個人利益,影響社會和諧穩定。

網絡空間的國際競爭方興未艾。國際上爭奪和控製網絡空間戰略資源、搶占規則制定權和戰略制高點、謀求戰略主動權的競爭日趨激烈。個別國家強化網絡威懾戰略,加劇網絡空間軍備競賽,世界和平受到新的挑戰。

網絡空間機遇和挑戰並存,機遇大於挑戰。必須堅持積極利用、科學發展、依法管理、確保安全,堅決維護網絡安全,最大限度利用網絡空間發展潛力,更好惠及13億多中國人民,造福全人類,堅定維護世界和平。

二、目標

以總體國家安全觀為指導,貫徹落實創新、協調、綠色、開放、共享的發展理念,增強風險意識和危機意識,統籌國內國際兩個大局,統籌發展安全兩件大事,積極防禦、有效應對,推進網絡空間和平、安全、開放、合作、有序,維護國家主權、安全、發展利益,實現建設網絡強國的戰略目標。

和平:信息技術濫用得到有效遏制,網絡空間軍備競賽等威脅國際和平的活動得到有效控制,網絡空間衝突得到有效防範。

安全:網絡安全風險得到有效控制,國家網絡安全保障體系健全完善,核心技術裝備安全可控,網絡和信息系統運行穩定可靠。網絡安全人才滿足需求,全社會的網絡安全意識、基本防護技能和利用網絡的信心大幅提升。

開放:信息技術標準、政策和市場開放、透明,產品流通和信息傳播更加順暢,數字鴻溝日益彌合。不分大小、強弱、貧富,世界各國特別是發展中國家都能分享發展機遇、共享發展成果、公平參與網絡空間治理。

合作:世界各國在技術交流、打擊網絡恐怖和網絡犯罪等領域的合作更加密切,多邊、民主、透明的國際互聯網治理體系健全完善,以合作共贏為核心的網絡空間命運共同體逐步形成。

有序:公眾在網絡空間的知情權、參與權、表達權、監督權等合法權益得到充分保障,網絡空間個人隱私獲得有效保護,人權受到充分尊重。網絡空間的國內和國際法律體系、標準規範逐步建立,網絡空間實現依法有效治理,網絡環境誠信、文明、健康,信息自由流動與維護國家安全、公共利益實現有機統一。

三、原則

一個安全穩定繁榮的網絡空間,對各國乃至世界都具有重大意義。中國願與各國一道,加強溝通、擴大共識、深化合作,積極推進全球互聯網治理體系變革,共同維護網絡空間和平安全。

(一)尊重維護網絡空間主權

網絡空間主權不容侵犯,尊重各國自主選擇發展道路、網絡管理模式、互聯網公共政策和平等參與國際網絡空間治理的權利。各國主權範圍內的網絡事務由各國人民自己做主,各國有權根據本國國情,借鑒國際經驗,制定有關網絡空間的法律法規,依法採取必要措施,管理本國信息系統及本國疆域上的網絡活動;保護本國信息系統和信息資源免受侵入、干擾、攻擊和破壞,保障公民在網絡空間的合法權益;防範、阻止和懲治危害國家安全和利益的有害信息在本國網絡傳播,維護網絡空間秩序。任何國家都不搞網絡霸權、不搞雙重標準,不利用網絡干涉他國內政,不從事、縱容或支持危害他國國家安全的網絡活動。

(二)和平利用網絡空間

和平利用網絡空間符合人類的共同利益。各國應遵守《聯合國憲章》關於不得使用或威脅使用武力的原則,防止信息技術被用於與維護國際安全與穩定相悖的目的,共同抵製網絡空間軍備競賽、防範網絡空間衝突。堅持相互尊重、平等相待,求同存異、包容互信,尊重彼此在網絡空間的安全利益和重大關切,推動構建和諧網絡世界。反對以國家安全為藉口,利用技術優勢控制他國網絡和信息系統、收集和竊取他國數據,更不能以犧牲別國安全謀求自身所謂絕對安全。

(三)依法治理網絡空間

全面推進網絡空間法治化,堅持依法治網、依法辦網、依法上網,讓互聯網在法治軌道上健康運行。依法構建良好網絡秩序,保護網絡空間信息依法有序自由流動,保護個人隱私,保護知識產權。任何組織和個人在網絡空間享有自由、行使權利的同時,須遵守法律,尊重他人權利,對自己在網絡上的言行負責。

(四)統籌網絡安全與發展

沒有網絡安全就沒有國家安全,沒有信息化就沒有現代化。網絡安全和信息化是一體之兩翼、驅動之雙輪。正確處理髮展和安全的關係,堅持以安全保發展,以發展促安全。安全是發展的前提,任何以犧牲安全為代價的發展都難以持續。發展是安全的基礎,不發展是最大的不安全。沒有信息化發展,網絡安全也沒有保障,已有的安全甚至會喪失。

四、戰略任務

中國的網民數量和網絡規模世界第一,維護好中國網絡安全,不僅是自身需要,對於維護全球網絡安全乃至世界和平都具有重大意義。中國致力於維護國家網絡空間主權、安全、發展利益,推動互聯網造福人類,推動網絡空間和平利用和共同治理。

(一)堅定捍衛網絡空間主權

根據憲法和法律法規管理我國主權範圍內的網絡活動,保護我國信息設施和信息資源安全,採取包括經濟、行政、科技、法律、外交、軍事等一切措施,堅定不移地維護我國網絡空間主權。堅決反對通過網絡顛覆我國國家政權、破壞我國國家主權的一切行為。

(二)堅決維護國家安全

防範、制止和依法懲治任何利用網絡進行叛國、分裂國家、煽動叛亂、顛覆或者煽動顛覆人民民主專政政權的行為;防範、制止和依法懲治利用網絡進行竊取、洩露國家秘密等危害國家安全的行為;防範、制止和依法懲治境外勢力利用網絡進行滲透、破壞、顛覆、分裂活動。

(三)保護關鍵信息基礎設施

國家關鍵信息基礎設施是指關係國家安全、國計民生,一旦數據洩露、遭到破壞或者喪失功能可能嚴重危害國家安全、公共利益的信息設施,包括但不限於提供公共通信、廣播電視傳輸等服務的基礎信息網絡,能源、金融、交通、教育、科研、水利、工業製造、醫療衛生、社會保障、公用事業等領域和國家機關的重要信息系統,重要互聯網應用系統等。採取一切必要措施保護關鍵信息基礎設施及其重要數據不受攻擊破壞。堅持技術和管理並重、保護和震懾並舉,著眼識別、防護、檢測、預警、響應、處置等環節,建立實施關鍵信息基礎設施保護製度,從管理、技術、人才、資金等方面加大投入,依法綜合施策,切實加強關鍵信息基礎設施安全防護。

關鍵信息基礎設施保護是政府、企業和全社會的共同責任,主管、運營單位和組織要按照法律法規、制度標準的要求,採取必要措施保障關鍵信息基礎設施安全,逐步實現先評估後使用。加強關鍵信息基礎設施風險評估。加強黨政機關以及重點領域網站的安全防護,基層黨政機關網站要按集約化模式建設運行和管理。建立政府、行業與企業的網絡安全信息有序共享機制,充分發揮企業在保護關鍵信息基礎設施中的重要作用。

堅持對外開放,立足開放環境下維護網絡安全。建立實施網絡安全審查制度,加強供應鏈安全管理,對黨政機關、重點行業採購使用的重要信息技術產品和服務開展安全審查,提高產品和服務的安全性和可控性,防止產品服務提供者和其他組織利用信息技術優勢實施不正當競爭或損害用戶利益。

(四)加強網絡文化建設

加強網上思想文化陣地建設,大力培育和踐行社會主義核心價值觀,實施網絡內容建設工程,發展積極向上的網絡文化,傳播正能量,凝聚強大精神力量,營造良好網絡氛圍。鼓勵拓展新業務、創作新產品,打造體現時代精神的網絡文化品牌,不斷提高網絡文化產業規模水平。實施中華優秀文化網上傳播工程,積極推動優秀傳統文化和當代文化精品的數字化、網絡化製作和傳播。發揮互聯網傳播平台優勢,推動中外優秀文化交流互鑑,讓各國人民了解中華優秀文化,讓中國人民了解各國優秀文化,共同推動網絡文化繁榮發展,豐富人們精神世界,促進人類文明進步。

加強網絡倫理、網絡文明建設,發揮道德教化引導作用,用人類文明優秀成果滋養網絡空間、修復網絡生態。建設文明誠信的網絡環境,倡導文明辦網、文明上網,形成安全、文明、有序的信息傳播秩序。堅決打擊謠言、淫穢、暴力、迷信、邪教等違法有害信息在網絡空間傳播蔓延。提高青少年網絡文明素養,加強對未成年人上網保護,通過政府、社會組織、社區、學校、家庭等方面的共同努力,為青少年健康成長創造良好的網絡環境。

(五)打擊網絡恐怖和違法犯罪

加強網絡反恐、反間諜、反竊密能力建設,嚴厲打擊網絡恐怖和網絡間諜活動。

堅持綜合治理、源頭控制、依法防範,嚴厲打擊網絡詐騙、網絡盜竊、販槍販毒、侵害公民個人信息、傳播淫穢色情、黑客攻擊、侵犯知識產權等違法犯罪行為。

(六)完善網絡治理體系

堅持依法、公開、透明管網治網,切實做到有法可依、有法必依、執法必嚴、違法必究。健全網絡安全法律法規體系,制定出台網絡安全法、未成年人網絡保護條例等法律法規,明確社會各方面的責任和義務,明確網絡安全管理要求。加快對現行法律的修訂和解釋,使之適用於網絡空間。完善網絡安全相關製度,建立網絡信任體系,提高網絡安全管理的科學化規範化水平。

加快構建法律規範、行政監管、行業自律、技術保障、公眾監督、社會教育相結合的網絡治理體系,推進網絡社會組織管理創新,健全基礎管理、內容管理、行業管理以及網絡違法犯罪防範和打擊等工作聯動機制。加強網絡空間通信秘密、言論自由、商業秘密,以及名譽權、財產權等合法權益的保護。

鼓勵社會組織等參與網絡治理,發展網絡公益事業,加強新型網絡社會組織建設。鼓勵網民舉報網絡違法行為和不良信息。

(七)夯實網絡安全基礎

堅持創新驅動發展,積極創造有利於技術創新的政策環境,統籌資源和力量,以企業為主體,產學研用相結合,協同攻關、以點帶面、整體推進,盡快在核心技術上取得突破。重視軟件安全,加快安全可信產品推廣應用。發展網絡基礎設施,豐富網絡空間信息內容。實施“互聯網+”行動,大力發展網絡經濟。實施國家大數據戰略,建立大數據安全管理制度,支持大數據、雲計算等新一代信息技術創新和應用。優化市場環境,鼓勵網絡安全企業做大做強,為保障國家網絡安全夯實產業基礎。

建立完善國家網絡安全技術支撐體系。加強網絡安全基礎理論和重大問題研究。加強網絡安全標準化和認證認可工作,更多地利用標準規範網絡空間行為。做好等級保護、風險評估、漏洞發現等基礎性工作,完善網絡安全監測預警和網絡安全重大事件應急處置機制。

實施網絡安全人才工程,加強網絡安全學科專業建設,打造一流網絡安全學院和創新園區,形成有利於人才培養和創新創業的生態環境。辦好網絡安全宣傳周活動,大力開展全民網絡安全宣傳教育。推動網絡安全教育進教材、進學校、進課堂,提高網絡媒介素養,增強全社會網絡安全意識和防護技能,提高廣大網民對網絡違法有害信息、網絡欺詐等違法犯罪活動的辨識和抵禦能力。

(八)提升網絡空間防護能力

網絡空間是國家主權的新疆域。建設與我國國際地位相稱、與網絡強國相適應的網絡空間防護力量,大力發展網絡安全防御手段,及時發現和抵禦網絡入侵,鑄造維護國家網絡安全的堅強後盾。

(九)強化網絡空間國際合作

在相互尊重、相互信任的基礎上,加強國際網絡空間對話合作,推動互聯網全球治理體系變革。深化同各國的雙邊、多邊網絡安全對話交流和信息溝通,有效管控分歧,積極參與全球和區域組織網絡安全合作,推動互聯網地址、根域名服務器等基礎資源管理國際化。

支持聯合國發揮主導作用,推動制定各方普遍接受的網絡空間國際規則、網絡空間國際反恐公約,健全打擊網絡犯罪司法協助機制,深化在政策法律、技術創新、標準規範、應急響應、關鍵信息基礎設施保護等領域的國際合作。

加強對發展中國家和落後地區互聯網技術普及和基礎設施建設的支持援助,努力彌合數字鴻溝。推動“一帶一路”建設,提高國際通信互聯互通水平,暢通信息絲綢之路。搭建世界互聯網大會等全球互聯網共享共治平台,共同推動互聯網健康發展。通過積極有效的國際合作,建立多邊、民主、透明的國際互聯網治理體系,共同構建和平、安全、開放、合作、有序的網絡空間。

Original Referring URL: https://military.china.com/important/

 

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

Chinese Military Intent to Defeat US Military Cyber Forces Using the “Thirty-Six” Strategy of Cyber Warfare //

中國軍事意圖利用“三十六”網絡戰策略擊敗美國軍事網絡部隊

■ cyberspace is easy to attack and defend, traditional passive defense is difficult to effectively deal with organized high-intensity attacks

■ Improve network security, the defense side can not rely solely on the technology game, but also need to win the counterattack on the concept

The new “Thirty-six” of network security

  ■Chen Sen

点击进入下一页

Fisher

  News reason

  In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

  The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

  The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

  Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

  Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

  As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

  Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

  Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

  In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

  At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

  Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

  In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

  The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

  Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

  The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

  The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

  Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

  Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Related Links–

Network attack and defense

“Shenzhen”: the pioneer of network physics warfare

点击进入下一页

  In August 2010, Iran built the Bushehr nuclear power plant with the help of Russia. However, the nuclear power plant, which was scheduled to be put into operation in October of that year, was postponed several times. A year later, according to media reports, it was caused by a computer network virus attack of unknown source. More than 30,000 computers were “in the middle”. Thousands of centrifuges in Natans were scrapped. The newly capped Bushehr nuclear power plant had to be taken out. Nuclear fuel was delayed and the Iranian nuclear development plan was forced to shelve. This virus, later named “Shenzhen”, pioneered the control and destruction of entities through the network.

“Flame”: the most powerful spy in history

点击进入下一页

  Network intelligence activities are the most active part of the cyberspace strategy game and security struggle. In 2012, a large amount of data from the Iranian oil sector was stolen and cleared, making it impossible for oil production and exports to function properly. In order to avoid continuing to create hazards, Iran was urgently disconnected from the network of the oil facilities on the Halk Island near the Gulf. After a large-scale investigation, a new virus emerged, which later appeared in the “flame” virus in Israel, Palestine and other Middle Eastern countries. The “Flame” virus combines the three characteristics of worms, backdoors and Trojans. It combines the interception of screen images, recording audio dialogues, intercepting keyboard input, and stealing Bluetooth devices. It has become a new type of electronic company that steals secret information from other countries. spy”.

“Shut”: System breaks

点击进入下一页

  In 2007, in order to kill the Syrian nuclear program in the bud, 18 F-16 fighters of the 69th Fighter Squadron of the Israeli Air Force quietly broke through the advanced Russian “Dor”-M1 air defense deployed by Syria on the Syrian-Israeli border. The system carried out precise bombing of a nuclear facility about 100 kilometers west of the Syrian-Israeli border and about 400 kilometers northeast of Damascus, and returned safely from the original road.

  According to the disclosure, the “Orchard Action” has made the US “Shuter” attack system shine. “Shut” invaded by remote radio, 瘫痪 radar, radio communication system, is the “behind the scenes” to make the Syrian air defense system in a state of failure. As a new type of network power attack system for networked weapon platforms and networked information systems, “Shut” represents the development trend of military technology and combat methods, and is bound to bring a new war landscape.

“Shadow Network”: Invisible Internet

点击进入下一页

  The complicated situation of ideological struggle caused by the Internet has created an alternative channel for information penetration and “colonization” of thought. In the “Jasmine Revolution” in North Africa and the “Arab Spring” in the Middle East, there are “shadow networks”.

  A ghost-like “shadow network” can bypass the traditionally regulated Internet, form an invisible and independent wireless local area network, realize mutual information communication, and access the Internet at any time as needed, and access the network resources “unrestricted”. The New York Times disclosed that the US State Department and the Pentagon have invested heavily in building an independent system in Afghanistan and using a launch tower located in the military camp to transmit signals to protect them from Taliban militants. Subsequently, an “invisible communication system” was established in Iran, Syria and Libya to help local anti-government organizations to communicate with each other or with the outside world.

“X Plan”: To control the network battlefield

点击进入下一页

  Foreign media revealed that the Pentagon is building a 22nd century war plan, the “X Plan.” The “X Plan” is dedicated to building an advanced global computer map. With this “network map” that can be continuously updated and updated, the US military can easily lock the target and make it embarrassing. “If this plan is completed, the US military will be able to control the network battlefield as it controls the traditional battlefield.”

  It is not difficult to foresee that after the deployment of the “X Plan”, it is definitely not just “get rid of the constraints of the keyboard”, but also enables situational awareness and cyber attacks on a global scale.

Original Mandarin Chinese

■網絡空間易攻難守,傳統的被動式防禦難以有效應對有組織的高強度攻擊

■提高網絡安全性,防禦一端不能只靠技術博弈,還需打贏理念上的反擊戰

網絡安全之新“三十六計”

■陳 森

點擊進入下一頁

費雪 繪

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

相關鏈接——

各顯其能的網絡攻防戰

“震網”:網絡物理戰先驅

點擊進入下一頁

2010年8月,伊朗在俄羅斯幫助下建成布什爾核電站,但這座計劃於當年10月正式發電運轉的核電站,卻多次推遲運行。一年後,據媒體揭秘,是因為遭到來源不明的計算機網絡病毒攻擊,超過3萬台電腦“中招”,位於納坦斯的千台離心機報廢,剛封頂的布什爾核電站不得不取出核燃料並延期啟動,伊朗核發展計劃則被迫擱置。這種後來被冠名為“震網”的病毒,開創了通過網絡控制並摧毀實體的先河。

“火焰”:史上最強大間諜

點擊進入下一頁

網絡情報活動,是網絡空間戰略博弈和安全斗爭最活躍的部分。 2012年,伊朗石油部門大量數據失竊並遭到清除,致使其無法正常進行石油生產和出口。為避免繼續製造危害,伊朗被迫切斷了海灣附近哈爾克島石油設施的網絡連接。大規模的調查後,一種新的病毒浮出水面,即後來又現身於以色列、巴勒斯坦等中東國家的“火焰”病毒。 “火焰”病毒兼具蠕蟲、後門和木馬三重特點,集截取屏幕畫面、記錄音頻對話、截獲鍵盤輸入、偷開藍牙設備等多種數據盜竊功能於一身,成為專門竊取他國機密情報的新型“電子間諜”。

“舒特”:體系破擊露鋒芒

點擊進入下一頁

2007年,為將敘利亞核計劃扼殺於萌芽之中,以色列空軍第69戰鬥機中隊的18架F-16戰機,悄無聲息地突破敘利亞在敘以邊境部署的先進俄製“道爾”-M1防空系統,對敘以邊境以西約100千米、大馬士革東北部約400千米的一處核設施實施精確轟炸,並從原路安全返回。

據披露,讓“果園行動”大放異彩的是美軍“舒特”攻擊系統。 “舒特”通過遠程無線電入侵,癱瘓雷達、無線電通信系統,是使敘防空系統處於失效狀態的“幕後真兇”。作為針對組網武器平台及網絡化信息系統的新型網電攻擊系統,“舒特”代表著軍事技術和作戰方式的發展趨勢,勢必將帶來全新戰爭景觀。

“影子網絡”:隱形國際互聯網

點擊進入下一頁

國際互聯網導致意識形態鬥爭的複雜局面,造成了信息滲透、思想“殖民”的另類通道。在北非“茉莉花革命”和中東“阿拉伯之春”中,均有“影子網絡”踪跡。

像幽靈一樣的“影子網絡”可繞過傳統監管的互聯網,形成隱形和獨立的無線局域網,實現相互間信息溝通,一旦需要又可隨時接入國際互聯網,“不受限制”地訪問網絡資源。 《紐約時報》披露稱,美國國務院和五角大樓斥巨資在阿富汗建造了獨立的系統,並利用設在軍營內的發射塔傳遞信號,以免遭塔利班武裝分子破壞。隨後在伊朗、敘利亞和利比亞設立“隱形通訊系統”,幫助當地反政府組織相互聯繫或與外界溝通。

“X計劃”:欲掌控網絡戰場

點擊進入下一頁

外媒披露,五角大樓正在打造一項22世紀的戰爭計劃,即“X計劃”。 “X計劃”致力於建立先進的全球計算機分佈圖,有了這張能夠不斷升級更新的“網絡地圖”,美軍就可以輕易鎖定目標令其癱瘓。 “如果完成了這個計劃,美軍將能夠像控制傳統戰場那樣控製網絡戰場。”

不難預見,“X計劃”部署後,絕對不只是“擺脫鍵盤的束縛”,更可以實現在全球範圍內進行態勢感知和網絡攻擊。

Original Referring URL: http://www.chinanews.com/mil/2016/08-11/

America Instigating Cyber Warfare – How China Will Realize the Chinese Dream in the Age of American Cyber ​​Warfare // 美國煽動網絡戰 – 中國如何在美國網絡戰時代實現中國夢

America Instigating Cyber Warfare – How China Will Realize the Chinese Dream in the Age of American Cyber ​​Warfare //

美國煽動網絡戰 – 中國如何在美國網絡戰時代實現中國夢

If a power-state wants to realize the dream of the empire, it was a world war 100 years ago, a nuclear war 50 years ago, and now it is a cyber war.

How does the United States face the cyber war era?

來源:中國國防報·軍事特刊作者:郝葉力責任編輯:黃楊海

Core tips

In recent years, the United States has taken a number of measures to accelerate the development of cyber warfare. After the Obama administration took office, it continued to play the “eight-one” “combination boxing” to improve its cyber warfare capabilities.

Because the United States adheres to the concept of absolute security in cyberspace, this will not only aggravate the insecurity of the United States, but will also induce instability in the objective, resulting in instability of the cyberspace situation.

Recently, foreign media reported the latest progress of the US military in cyber warfare: the US military has spent five years developing advanced cyber weapons and digital combat capabilities, and these weapons may soon be deployed more publicly and will be considered for the next few years. “Network militia.” The US’s measures to accelerate the development of cyber war deserve our high attention and in-depth study.

The era of cyber war has arrived

Today, one-third of the world’s population uses the Internet, and billions of people accept the services provided by the Internet. The arrival of cyber warfare is an inevitable historical necessity. The network revolution is also reshaping the new pattern of world political, economic, social and cultural development.

Cyber ​​warfare in many fields. Cyber ​​warfare has broken through the traditional warfare field, making war a veritable development in economic, political, and military fields. First, the cyber warfare in the economic field is aggressive. In particular, cyber warfare in the financial sector has been described as “a modern version of the bank.” Second, the cyber war in the political arena has intensified. Social networking as a tool for political change represents an amazing power. From the turmoil in West Asia and North Africa to the “Autumn Wall Street”, social networks are everywhere to participate and help. Under the conditions of informationization, the destructive power of network penetration even exceeds military intervention. The third is the initial test of the cyber warfare in the military field. The network has changed the traditional war mode, from the Gulf War embedded virus attack to the Russian-Georgian conflict to use the network “bee colony” attack, each war has a network war “shadow.”

Cyber ​​warfare has become the “atomic bomb” of the information age. The research of RAND Corporation puts forward: “The strategic war in the industrial era is nuclear war, and the strategic war in the information age is mainly cyber warfare.” Why can cyber warfare compare with nuclear war? Because the two have similarities in the “fission reaction” and the destruction effect. If the computer network is abstracted into the weaving of points and lines, the point is the computer and the router, the line is the network channel and the TCP/IP transmission protocol extending in all directions, and the network viruses such as Trojans and worms are the potential “uranium” in the network. Why do viruses in the network cause fission? There are two main reasons: First, the inherent defects of the computer architecture provide a “soil and hotbed” for the virus. The weapon of cyber warfare is a virus such as a Trojan, a worm (which is essentially a malicious code). The reason why malicious code can be raging is because there are exploitable vulnerabilities in the system, and the source of the vulnerability lies in the inherent shortcomings of the von Neumann architecture used by computers. The principle is to store data and programs in the read and write memory (RAM), the data can be read and written, and the program can be changed. In the cybersecurity incidents that occur in today’s world, more than 50% of the exploits that are exploited are mainly due to this mechanism. Second, the open shared Internet provides a path and bridge for the fission of the virus. “Network warfare: The next threat to national security and countermeasures” clearly states that there are five major flaws in the Internet: fragile domain name service systems, unverified routing protocols, malicious traffic without censorship, decentralized network structures, and Clear text transmission. Once these defects are exploited, they may form a flood of attacks on the network, which acts like a weapon of mass destruction, and is as powerful as the “atomic bomb” of the industrial age.

In the process of changing times and the evolution of war, who can take the lead in shifting the focus from the traditional field of human activities to new important areas, who can gain huge strategic benefits. It can be said that mastering the right to make nets in the 21st century is as decisive as mastering the sea power in the 19th century and mastering the air power in the 20th century.

Original Mandarin Chinese:

強權國家要想實現帝國夢想,100年前是發動世界大戰,50年前是籌劃核大戰,現在則是策動網絡戰

美國如何迎戰網絡戰時代

核心提示

近年來,美國採取多項舉措加快網絡戰的發展。奧巴馬政府上台以後,更是連續打出“八個一”的“組合拳”,提升網絡戰能力。

由於美國在網絡空間秉持絕對安全的理念,這不僅會加劇美國的不安全感,而且還會在客觀上誘發不安定因素,造成網絡空間態勢的不穩定。

近日,外媒報導美軍在網絡戰方面的最新進展:美軍已經花了5年時間開發先進的網絡武器和數字作戰能力,可能很快就會將這些武器進行更公開部署,並考慮未來數年建立“網絡民兵”。美國加快網絡戰發展的舉措值得我們高度重視和深入研究。

網絡戰時代已經到來

今天,全世界1/3人口使用國際互聯網,數十億人接受著網絡提供的各種服務。網絡戰的到來是不可阻擋的歷史必然,網絡革命也正在重塑世界政治、經濟、社會、文化發展的新格局。

多個領域迎來網絡戰。網絡戰已經突破傳統戰爭領域,使戰爭名副其實地在經濟、政治、軍事多個領域展開。一是經濟領域的網絡戰攻勢凌厲。特別是金融領域的網絡戰,被形容為“現代版的搶銀行”。二是政治領域的網絡戰愈演愈烈。社交網絡作為政治變革的工具體現了驚人的威力。從西亞北非動亂到“華爾街之秋”,處處都有社交網絡參與其中、推波助瀾。信息化條件下,網絡滲透的破壞力甚至超過軍事干預。三是軍事領域的網絡戰初試鋒芒。網絡改變了傳統戰爭模式,從海灣戰爭預埋病毒攻擊、到俄格衝突動用網絡“蜂群”攻擊,每一場戰爭都有網絡戰“影子”。

網絡戰成為信息時代的“原子彈”。蘭德公司研究提出:“工業時代的戰略戰是核戰爭,信息時代的戰略戰主要是網絡戰。”網絡戰為什麼能與核戰爭比肩?因為二者在“裂變反應”和破壞效果上極具相似之處。如果把計算機網絡抽象為點和線的編織,點就是計算機和路由器,線則是四通八達的網絡信道和TCP/IP傳輸協議,而木馬、蠕蟲等網絡病毒正是網絡中潛在的“鈾”。網絡中的病毒為什麼會產生裂變?主要有兩個原因:一是計算機體系結構的固有缺陷給病毒的產生提供了“土壤和溫床”。網絡戰的武器是木馬、蠕蟲(其實質是惡意代碼)等病毒。惡意代碼之所以能夠肆虐,是因為系統內存在可利用的漏洞,而漏洞的本源在於計算機採用的馮·諾依曼體系結構的先天不足。其原理是把數據和程序都統一存儲在讀寫存儲器(RAM)內,數據是可以讀寫的,程序也是可以改變的。當今世界發生的網絡安全事件,50%以上被利用的漏洞主要是源於這個機理。二是開放共享的互聯網為病毒的裂變提供了途徑和橋樑。 《網絡戰:國家安全的下一個威脅及對策》一書明確指出,互聯網存在五大缺陷:脆弱的域名服務系統、不經過驗證的路由協議、不進行審查的惡意流量、非集中式的網絡結構以及明文傳送。這些缺陷一旦被利用,就可能形成對網絡的攻擊洪流,其作用類似於大規模毀傷性武器,威力不亞於工業時代的“原子彈”。

在時代更迭、戰爭演變的進程中,誰能夠率先把關注點從人類活動的傳統領域轉入新的重要領域,誰就能獲得巨大戰略利益。可以說,21世紀掌握製網權與19世紀掌握制海權、20世紀掌握制空權一樣具有決定意義。

The main measures for the United States to accelerate the development of cyber war

Obama, who relies on the success of the network operator, attaches great importance to the construction of cyberspace. He delivered a “5·29” speech when he came to power, and believed that protecting the network infrastructure would be the top priority for maintaining US national security. During his tenure, Obama successively launched the “eight-one” “combination boxing”, which made the US cyber war into a period of rapid development.

The first is to launch a report. In the “Network Space Security Policy Assessment Report”, it emphasizes that cyber war is related to national security, affects social stability, is related to economic development, and determines the outcome of war.

The second is to strengthen a strategy. It has established a “three-in-one” national security strategy supported by the deterrent strategy of nuclear weapons, the preemptive strategy of space, and the network’s control strategy.

The third is to form a headquarters. In 2009, the US military established the Cyberspace Command, which is the main function of commanding cyber warfare. In May 2013, the US military set up a “joint network center” at each theater headquarters, and its cyber warfare command system was gradually improved. At the same time, the US military also plans to upgrade the Cyberspace Command to a formal combatant command, making it a level of organization with other theater headquarters. This will directly shorten the chain of command of the US cyber warfare forces and the military.

The fourth is to develop a road map. In 2010, the US Army officially issued the “Network Space Combat Capability Conception”, which is considered to be the first roadmap for the development of cyber warfare capabilities developed by the US military.

The fifth is to start a shooting range. In 2009, the US Department of Defense launched the “National Network Shooting Range” project, which was officially delivered in 2012. The US cyber warfare training and weapon evaluation have a realistic environment.

The sixth is to develop a series of weapons. The US military has developed and stocked more than 2,000 virus weapons, and these weapons are gradually moving toward a systemic direction. There are mainly anti-smuggling weapons represented by “seismic net” virus and “digital cannon”, intelligence warfare weapons represented by “flame” and “Gauss” virus, and psychology represented by “shadow network” and “digital water army”. War weapons.

The seventh is to plan a series of exercises. From 2006 to the present, the United States has organized several cross-border cross-border “network storm” exercises. Every time, the Internet is listed as an offensive and defensive target, targeting key infrastructure such as finance, transportation, electricity, energy, and communications. This reveals the main battlefield of cyberspace, which is an open Internet rather than a closed tactical network.

Eight is to support a number of social networking sites. A number of social networking sites such as “Twitter” and “Facebook” have become strategic tools to interfere in his internal affairs. This is a punch in the combination punch. In February 2013, after the overthrow of the opposition government in Tunisia and Egypt, Obama fully affirmed the important role played by Internet companies such as “Twitter” and “Facebook”. According to statistics, only “Facebook” social networking sites have more than 1.3 billion users worldwide.

Published the “Network War Declaration.” Obama’s move after the ruling shows that the United States has officially incorporated cyber warfare into the category of war and classified cyberspace as a new operational domain, reflecting the US’s advanced forecast and preemptive design for future wars. There are two main reasons for its deep motivation: First, to ensure its own network security – reflecting the United States’ concerns about its information security. The second is to ensure global cyber hegemony – reflecting the new concept of the American war.

In 2014, the US military actually promoted the “Network Space Warfare Rules” and “Network Space Warfare Joint Order”, which led to the international strategic competition to focus on the new global public domain of the Internet. The actions of the United States from the domestic to the international, the slave network to the use of force, from the declaration to the action, from the colonial land to the colonial thinking reflect the United States attempting to format the whole world with American values ​​through the Internet. As one reporter said: “Modern American colonization is thought, not land.”

In April 2015, the United States released a new version of the Network Strategy Report, which comprehensively revised the 2011 Cyberspace Action Strategy Report issued by the US Department of Defense. It has the following new changes:

First, it provides a new basis for enhancing the important position of network power construction. The report further raises the threat of US cyberspace to a “first-tier” threat. At the same time, the report also regards China, Russia, Iran, and North Korea as potential “network opponents” in the United States. This is the latest and most serious judgment on the cyber threat situation.

The second is to provide new guidance for speeding up the construction of cyber warfare forces. The report focused on the three major tasks and five major goals of the Ministry of Defense in cyberspace, and further refined the construction goals of 133 cyber warfare detachments.

The third is to create a new pillar for maintaining a comprehensive military advantage. The report clearly stated that when the United States faces an attack against the interests of the United States or the United States in cyberspace, the US military can conduct cyber operations and implement cyber attacks. This is the most important adjustment to this cyberspace strategy. In the future, the US military will use cyber attacks as an important means of warfare. This is the main manifestation of the United States’ concept of “moving the Internet with the use of force” in cyberspace.

The fourth is to create new conditions for reshaping the international network system. The report emphasizes the emphasis on strengthening the coordination between the military and the civilians; the key external development and cooperation with allies. The main goal of the cooperation is to share the costs and risks, promote the international code of conduct that is beneficial to the United States, and seize the right to speak and lead in the formulation of cyberspace rules.

Original Mandarin Chinese:

美國加快網絡戰發展的主要舉措

依靠網絡運營商競選成功的奧巴馬,對網絡空間的建設非常重視,一上台就發表了“5·29”講話,認為保護網絡基礎設施將是維護美國國家安全的第一要務。在任期間,奧巴馬連續打出了“八個一”的“組合拳”,使美國網絡戰進入快速發展時期。

一是推出一個報告。其在《網絡空間安全政策評估報告》中強調:網絡戰事關國家安全、影響社會穩定、關乎經濟發展、決定戰爭勝負。

二是強化一個戰略。其確立了以核武器的威懾戰略、太空的搶先戰略、網絡的控制戰略為支撐的“三位一體”國家安全戰略。

三是組建一個司令部。 2009年,美軍成立了以指揮網絡戰為主要職能的網絡空間司令部。 2013年5月,美軍在各戰區總部組建“聯合網絡中心”,其網絡戰指揮體係日漸完善。同時,美軍還計劃將網絡空間司令部升格為正式的作戰司令部,使其成為與其他戰區司令部平級的機構。此舉將直接縮短美國網絡戰部隊與軍方最高層的指揮鏈。

四是製定一個路線圖。 2010年,美陸軍正式出台《網絡空間作戰能力構想》,這被認為是美軍制定的首份網絡作戰能力發展路線圖。

五是啟動一個靶場。 2009年,美國防部啟動了“國家網絡靶場”項目,2012年正式交付使用,美國網絡戰演習訓練、武器測評擁有了逼真環境。

六是研發一系列武器。美軍已研發儲備了2000多種病毒武器,這些武器逐漸向體系化方向發展。主要有以“震網”病毒、“數字大砲”為代表的阻癱戰武器,以“火焰”“高斯”病毒為代表的情報戰武器和以“影子網絡”“數字水軍”為代表的心理戰武器。

七是策劃系列演習。從2006年到現在,美國已經組織了多次跨界跨國跨域“網絡風暴”演習。每一次都把互聯網列為攻防目標,瞄準的都是金融、交通、電力、能源、通信等關鍵基礎設施。這揭示了網絡空間的主戰場,是開放的國際互聯網而不是封閉的戰術網。

八是扶持一批社交網站。把“推特”“臉書”等一批社交網站變為乾涉他國內政的戰略利器。這是組合拳中的一記重拳。 2013年2月,在突尼斯、埃及政府被反對派推翻後,奧巴馬充分肯定了“推特”“臉譜”等網絡公司在其中發揮的重要作用。據統計,僅“臉譜”社交網站的全球用戶已超過13億。

發表“網絡戰宣言”。奧巴馬執政後的舉措,表明美國已經正式將網絡戰納入戰爭範疇,把網絡空間列為新的作戰域,這反映出美國對未來戰爭的超前預測和搶先設計。其深層動因主要有兩點:一是確保自身網絡安全———反映了美國對其信息安全的擔憂。二是確保全球網絡霸權———反映了美國戰爭的新理念。

2014年,美軍實案化推進《網絡空間作戰規則》和《網絡空間作戰聯合條令》,牽動國際戰略競爭向互聯網這一新全球公域聚焦。美國這些從國內到國際、從動網到動武、從宣言到行動、從殖民土地到殖民思想的行動舉措,反映出美國企圖通過互聯網,用美式價值觀格式化整個世界。正如一位記者所說:“現代美國殖民的是思想,而不是土地”。

2015年4月,美國又發布了新版網絡戰略報告,對2011年美國國防部出台的《網絡空間行動戰略報告》進行了全面修訂。其主要有以下幾個新變化:

一是為提升網絡力量建設重要地位提供新的依據。該報告進一步把美國在網絡空間的威脅上升為“第一層級”的威脅。同時,該報告還將中國、俄羅斯、伊朗、朝鮮視為美國潛在的“網絡對手”,這是其對網絡威脅形勢做出的最新、最嚴峻的判斷。

二是為加快網絡戰力量建設提供新的指導。報告重點明確了國防部在網絡空間的三大任務和五大目標,並進一步細化133支網絡戰分隊的建設目標。

三是為維持全面的軍事優勢打造新的支柱。報告明確提出,當美國面臨針對美國本土或美國在網絡空間利益的攻擊時,美軍可以進行網絡作戰,實施網絡攻擊。這是此次網絡空間戰略最重要的調整。未來,美軍將把網絡攻擊作為重要的作戰手段使用。這是美國在網絡空間“動網就動武”理念的主要體現。

四是為重塑國際網絡體系創造新條件。報告強調,對內重點加強軍民協同;對外重點發展與盟友合作。合作的主要目標是分擔成本和風險,推行對美有利的國際行為準則,搶奪網絡空間規則制定的話語權和主導權。

The three key pillars of the United States to accelerate the development of cyber war

There are three key pillars for the United States to accelerate the development of cyber warfare:

Technical pillar. The “Prism Gate Incident” further confirms that the United States has been monitoring the global network to the point of pervasiveness. The United States occupies the upstream of the industrial chain. From basic chips to hardware applications, from operating systems to commercial software, Midea has an absolute technological advantage, forming a complete set of industrial chains, supply chains and information chains. The overwhelming advantages of technology and the monopoly in many core markets are key to the acceleration of cyber warfare in the United States.

Discourse pillar. The powerful ability of the United States to act in cyberspace determines its strong voice in online diplomacy. No matter what double standards it exhibits in cyberspace, it can influence the global public opinion space under the support of powerful discourse. Without the emergence of the “Prism Gate Incident,” the United States has created two “lie” that have become truths around the world: first, the West is a victim of cyberattacks; and second, China is a source of cyberattacks. This has greatly damaged China’s national image, reputation and international status in the international community, seriously affecting China’s high-tech exports, and achieving the “four-two-pound” effect that is difficult to achieve using trade protection and WTO rules. Even if the “Prism Gate Incident” tears open the “fair of justice” of the United States, it still shows superior combat capability, claiming to be monitored by itself, and placing national security on the basis of personal privacy in the name of counter-terrorism. Firmly control the right to speak in cyberspace.

Strategic pillar. A higher level than the technical pillar and discourse pillar is the strategic pillar. The core of the US strategic pillar is reflected in the pre-emptive global strategy and the overall layout of the game power. First, the advantages of multiple forces complement each other. At present, the United States is actively cultivating cyber security companies such as “Fire Eyes”, using their technological advantages and unofficial background to globally control, long-term tracking, collecting evidence, and acting as a pioneer, while the government and the military are hiding behind the scenes. This has earned the US diplomacy a flexible space for attack and retreat. Second, the network attack and defense and theft of intelligence are clear. The clear strategic division of labor has brought the benefit to the United States. Even if the “Prime Gate Incident” broke the news, the National Security Agency was “spoken” by the world, but there was no such thing as its cyberspace command. Instead, the cyberspace command made the cyberspace command The maintenance of national security is an excuse to accelerate the expansion of the army and develop at a high level. The United States has two clear main lines in cyberspace, namely: the National Security Agency is in charge of the network, and the Cyberspace Command is in charge of the network. This clear strategic thinking has provided strong support for the United States to accelerate the development of cyber warfare.

Original Mandarin Chinese:

美國加快網絡戰發展的三個關鍵支柱

美國加快網絡戰發展有三個關鍵性支柱:

技術支柱。 “棱鏡門事件”進一步證實美國對全球網絡的監控達到了無孔不入的程度。美國占據了產業鏈上游,從基礎芯片到硬件應用,從操作系統到商用軟件,美都具有絕對的技術優勢,形成了一整套完整的產業鏈、供應鍊和信息鏈。技術領域的壓倒性優勢和在眾多核心市場的壟斷地位是美國能加快網絡戰發展的關鍵。

話語支柱。美國在網絡空間強大的行動能力決定了其在網絡外交上強大的話語權。無論它在網絡空間展現怎樣的雙重標準,都能在強大的話語支撐下影響全球輿論空間。要是沒有“棱鏡門事件”的出現,美國已在全球製造出兩個已經成為真理的“謊言”:第一,西方是網絡攻擊受害者;第二,中國是網絡攻擊源。這在國際社會極大地損害了中國的國家形象、信譽和國際地位,嚴重影響了中國的高科技出口,達到了利用貿易保護和WTO規則博弈難以實現的“四兩撥千斤”效果。即便是“棱鏡門事件”撕開了美國的“正義面紗”,它仍然表現出超強的戰鬥能力,對外聲稱自己被監控;對內以反恐為名,將國家安全置於個人隱私之上,牢牢掌握著網絡空間的話語權。

戰略支柱。比技術支柱和話語支柱更高一層的是戰略支柱。美方的戰略支柱核心體現在先發製人的全球戰略和博弈力量的整體佈局。一是多元力量的優勢互補。目前,美國積極培植“火眼”這樣的網絡安全企業,利用他們的技術優勢和非官方背景在全球布控、長期跟踪、蒐集證據、充當先鋒,而政府和軍隊則躲在背後,水到渠成時再投入博弈,這為美國的外交贏得了進可攻、退可守的彈性空間。二是網絡攻防和竊取情報涇渭分明。清晰的戰略分工對美國帶來的好處是,即使“棱鏡門事件”的爆料讓美國國家安全局被世界“吐槽”,但是卻絲毫沒有殃及其網絡空間司令部,反而使網絡空間司令部以維護國家安全為藉口,理直氣壯加速擴軍,高調發展。美國在網絡空間有兩條清晰的主線,即:國家安全局主管網絡獲情,網絡空間司令部主管網絡攻防。這種清晰的戰略思路為美國加快網絡戰發展提供了強有力的支撐。

Absolute Security: Double Standards and Realistic Paradox of American Cybersecurity Concept

It can be seen that on the issue of network security, the United States pursues the concept of absolute security and attempts to use force to move the military to achieve absolute control over cyberspace. It can be seen from Snowden’s breaking news that the US network monitoring of the international community is systematic, large-scale, and uninterrupted, but it requires other countries to strictly control itself, and it cannot be half-step. This is an asymmetrical mindset and a double standard.

Is it feasible? The problem of cyberspace is very complicated, and the processing methods cannot be too simple. To deal with these problems, new rules, new methods, and new thinking are needed. First, there are many kinds of cyberspace actors, and they are mixed. Second, the attack path and source can be virtual forged, and the source of evidence must rely on multiple parties. Due to the complexity and uncertainty of virtual space, many rules of armed conflict law for physical space are difficult to use in cyberspace. For example: How to define war and peace in cyberspace? How to distinguish between military targets and civilian targets? How does the neutral concept apply? In a country that declares neutrality, it is difficult to control the computer malicious code of others without flowing through the network equipment in its own territory, and it is difficult to avoid the control and utilization of the network facilities of the belligerents. For example, in the case of cyber attacks in foreign countries, network equipment in China has also been used by hackers as “broilers” and “springboards”. China is an innocent victim. If “the state responsibility of cyberattacks launched through the country is not properly prevented by “neutral state standards” and “the destruction of cyberattacks by force”, China may suffer innocent blame. And the United States has such a strong technology that it is difficult to completely prevent being exploited, attacked, and controlled. Cyberspace cannot easily be judged or written. Management methods and patterns suitable for physical space may not be suitable for virtual space. Feel free to reduce the trajectory of cyberspace, and at the same time push up the risk of conflict escalation. Therefore, any dispute arising out of cyberspace should be resolved in a peaceful manner and should not be threatened by force or by force.

Is the effect controllable? There are two situations in which a consequence assessment is required. First, what should I do if I misjudge? Simplifying the threshold of attack can make a neutral country or an innocent suffer a disaster. Second, can you solve the problem? In 2014, local conflicts such as the Ukrainian crisis and the Palestinian-Israeli conflict led to cyber conflicts, and large-scale cyber attacks continued to take place. Western countries headed by the United States have imposed sanctions on Russian banks and enterprises, resulting in a clear upward trend in cyberattacks against the US financial industry. It can be seen from the effect evaluation that it cannot be said that deterrence and force have no effect on the solution of the problem, but it is not a panacea. If a big country like the United States and Russia uses force in cyberspace, what kind of negative effects and consequences will this bring to world peace?

Is it desirable to think? Although the United States has the most powerful army and the most advanced technology in the world, it is still constantly looking for opponents, rendering crises and exaggerating threats. This makes the whole world lack of security, objectively induces unstable factors, and stimulates negative energy and potential threats. It is precisely because the United States pays too much attention to its own national interests and is unwilling to adjust its strategic demands for the sound development of the international system. This has led the United States to continually fall into the “security dilemma” and “more anti-terrorism” circles since the “9.11” incident. This phenomenon deserves the United States to ponder.

(The author is the vice president of the National Innovation and Development Strategy Research Association)

Original Mandarin Chinese:

絕對安全:美國網絡安全觀的雙重標準及現實悖論

可以看出,在網絡安全問題上,美國奉行絕對安全的理念,企圖通過動網就動武,實現對網絡空間的絕對控制。通過斯諾登的爆料可以看出,美國對國際社會的網絡監控是系統的、大規模的、不間斷的,但是其要求其他國家嚴格自我管控,不能越雷池半步。這是一種不對稱的思維,也是一種雙重標準。

方法上是否可行?網絡空間的問題非常複雜,處理方法不能過於簡單,處理這些問題需要有新規則、新方法、新思維。一是網絡空間行為體多種多樣,“魚龍混雜”。二是攻擊路徑、源頭可以虛擬偽造,溯源取證要靠多方配合。由於虛擬空間的複雜性、不確定性,用於實體空間的武裝衝突法的很多規則很難在網絡空間使用。例如:在網絡空間戰爭與和平如何界定?軍用目標和民用目標如何區分?中立概念如何適用?一個宣布中立的國家,很難控制他人的計算機惡意代碼不流經自己領土內的網絡設備,也很難躲避交戰方對其網絡設施的控制和利用。例如在外國發生的網絡攻擊事件中,中國境內的網絡設備也被黑客用作“肉雞”和“跳板”,中國是無辜的受害方。如果以“中立國標準追究沒有適時阻止經由本國發動的網絡攻擊的國家責任”,“以武力毀傷摧毀網絡攻擊來源”,中國可能會遭受無辜的非難。而美國有那麼強的技術也難以完全阻止被利用、被攻擊、被控制。網絡空間不能輕易下判書、下戰書。適合實體空間的管理方法和模式未必適合虛擬空間。隨意降低網絡空間動武門檻,同時會推高衝突升級的風險。因此,網絡空間發生的任何爭端應以和平方式解決,不應使用武力或以武力相威脅。

效果上是否可控?有兩種情況需要作後果評估。第一,誤判了怎麼辦?簡單化地降低打擊門檻可能會讓中立國或無辜者蒙受災難。第二,能否解決問題? 2014年,烏克蘭危機、巴以沖突等局部地區對抗導致網絡衝突不斷,大規模網絡攻擊事件持續上演。以美國為首的西方國家對俄銀行、企業進行製裁,導致對美金融行業的網絡攻擊呈明顯上升趨勢。由此可見,從效果評估看,不能說威懾和武力對問題的解決沒有效果,但它不是萬能的。如果美俄這樣的大國在網絡空間動武,這會給世界和平帶來什麼樣的負面效應和惡果?

思維上是否可取?儘管美國擁有世界上最強大的軍隊、最先進的科技,但仍然在不斷尋找對手、渲染危機、誇大威脅。這讓整個世界缺少安全感,客觀上誘發不安定因素,激發負能量和潛在威脅。正是因為美國過度關注自身的國家利益,不願意為了國際體系良性發展,調整戰略訴求,才導緻美國從“9·11”事件以來,不斷陷入“安全困境”和“越反越恐”的怪圈,這種現象值得美國深思。

(作者係國家創新與發展戰略研究會副會長)。

Original Referring URL:  http://www.81.cn/wjsm/2016-02/17/

 

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security // 中國網絡戰如何拒絕外國入侵者關注國家安全

How Chinese Cyber Warfare Rejects Foreign Intruders Focuses on National Security //

中國網絡戰如何拒絕外國入侵者關注國家安全

In the information age, cybersecurity has taken the lead in national security. The Outline of the National Informatization Development Strategy emphasizes that it should actively adapt to the new changes in the national security situation, new trends in information technology development, and new requirements for strong military objectives, build an information security defense system, and comprehensively improve the ability to win localized information warfare. Cyberspace has become a new field that affects national security, social stability, economic development and cultural communication. Cyberspace security has become an important topic of increasing concern to the international community.

The United States has clearly declared that cyberspace is a new field of operations, and has significantly expanded its network command and combat forces to continue to focus on cyberspace weapons development. Since entering the summer, the US military network exercises have been one after another, and the invisible wars are filled with smoke. At the beginning of March, “Network Storm 5” took the lead in kicking off the drill; in April, “Network Aegis 2016” completed the fifth-generation upgrade; in June, “Network Defense” and “Network Capture” as the core re-installation of the annual joint exercise Debut.

The essence of network security lies in the ability to attack and defend both ends. Currently, static, isolated, passive defenses such as firewalls, intrusion detection technologies, and anti-virus software are difficult to effectively deal with organized high-intensity network attacks. To build a cyberspace security defense line, we need to get rid of the idea of ​​falling behind and win the counterattack on the defensive concept.

New “Thirty-six” mobile target defense

Increase the difficulty of attack by building a dynamic network

Network attacks require a certain amount of time to scan and research the target network, detect and utilize system “vulnerabilities” to achieve intrusion control purposes. In theory, the attacker has unlimited time to start the scanning and detecting work, and always find the weak point of defense, and finally achieve the purpose of the invasion. To this end, the network pioneer USA is committed to planning and deploying security defense transformation work, striving to break through the traditional defense concept and develop revolutionary technology that can “change the rules of the game”. Mobile target defense is one of them.

Mobile target defense is called the new paradigm of cyberspace security defense. The technical strategy is to construct a dynamic network through the processing and control of the protection target itself, increasing randomness and reducing predictability to improve the difficulty of attack. If the static cyberspace is likened to a constant “city defense deployment”, it is difficult to stick to it; and the dynamic network configuration can be called the ever-changing “eight squad”, which is difficult to crack. At present, mobile target defense technology has priority in various US government and military research, covering dynamic platform technology, dynamic operating environment technology, dynamic software and data technology. In August 2012, the US Army awarded Raytheon’s “Deformation Network Facility” project to study the dynamic adjustment and configuration of networks, hosts and applications in case the enemy could not detect and predict, thus preventing, delaying or blocking the network. attack.

As a new idea in the field of cyberspace security, mobile target defense reflects the technological development trend of future network defenses to turn “dead” networks into “live” networks.

The new “Thirty-six” honey cans deceive defense

Reduce cyberattack threats by consuming attacker resources

Conventional network security protection is mainly to defend against cyber attacks from the front. Although the defensive measures have made great progress, they have not changed the basic situation of cyberspace “easy to attack and defend”. In recent years, the development of “Honeypot Deception Defense” has proposed a new concept of “bypass guidance”, which is to reduce the threat of cyber attacks to the real protection target by absorbing network intrusion and consuming the resources of attackers, thereby winning time. Strengthen protection measures to make up for the shortcomings of the traditional cyberspace defense system.

Similar to the intentional setting of false positions on the battlefield, honeypot deception defense is to actively use the computer network with lower security defense level to lure all kinds of network attacks, monitor its attack means and attributes, and set corresponding defenses on the target system that needs to be protected. System to stop similar attacks. Honeypots can be divided into two types, product-type honeypots and research-type honeypots. The main purpose of the former is to “attract firepower” and reduce the pressure of defense. The latter is designed for research and acquisition of attack information. It is an intelligence gathering system that not only needs network attack resistance but also strives to monitor powerfully to capture the attack behavior data to the maximum extent.

In addition to the establishment of a virtual network environment attack and defense laboratory consisting of four sub-networks of gray, yellow, black and green, the US military has also carefully deployed a honeypot decoy system on the Internet. What is certain is that the network defense idea based on deception will be further emphasized, and the technical means to achieve deception will be more and more.

New “Thirty-six Meters” linkage synergy defense

Integrate multiple defense technologies to “reject enemy from outside the country”

At present, most of the security protection devices and defense technologies are “individually fighting”. The data between network protection nodes is difficult to share, and the protection technologies are not related. As a result, the current defense system is isolated and static, which cannot meet the increasingly complex network security situation. need. The original motivation of the US “Einstein Plan” was that all federal agencies had exclusive access to the Internet, making overall security difficult to guarantee. Through the collaborative linkage mechanism, the relatively independent security protection devices and technologies in the network are organically combined to complement each other and cooperate with each other to defend against various attacks. It has become an inevitable choice for the future development of cyberspace security defense.

Collaborative collaborative defense refers to the use of existing security technologies, measures and equipment to organically organize multiple security systems that are separated in time, spatially distributed, and work and interdependent, so that the entire security system can maximize its effectiveness. Vertically, it is the coordinated defense of multiple security technologies, that is, one security technology directly includes or links to another security technology through some communication method. For example, the “deep defense” mechanism adopted by the US Navy network defense system targets the core deployment layer protection measures, including flag-based attack detection, WAN security audit, vulnerability alert, etc., and the attacker must break through multiple defense layers to enter the system. Thereby reducing its attack success rate. When a node in the system is threatened, it can forward the threat information to other nodes in time and take corresponding protective measures to adjust and deploy the protection strategy.

In the past, individual combat operations have been unable to meet the needs of today’s network security defenses, and coordinated collaborative defense will leap into the mainstream of network security. Integrate a variety of defense technologies, establish an organized defense system, and “reject the enemy outside the country” to effectively prevent problems before they occur.

The optimal strategy defense of the new “Thirty-six”

Seeking a balance between cybersecurity risks and investments

The attacks in cyberspace are more and more complicated. The ideal network security protection is to protect all the weak or attack behaviors. However, from the perspective of defense resources limitation, it is obviously unrealistic to pursue absolute security defense. Based on the concept of “moderate security”, the optimal strategy defense is on the horizon.

Optimal policy defense can be understood as seeking a balance between cyber security risks and inputs, and using limited resources to make the most reasonable decision defense. As far as investment is concerned, even the strong United States is trying to build a collective defense system for cyberspace. The United States and Australia cyberspace defense alliance agreement, as well as the Japan-US network defense cooperation joint statement, its “share of results” behind the “cost sharing” shadow. From the perspective of risk, the pursuit of absolute security will adhere to the principle of safety supremacy. When formulating relevant strategic objectives and responding to threats, it is easy to ignore the limited and legitimacy of the resources and means available, and it is difficult to grasp the advance and retreat.

The optimal strategy defense is mainly focused on the “optimal” strategy of game theory, focusing on the research direction of cyberspace security assessment, cost analysis, security defense model construction and evolution. Applying the idea of ​​game theory to cyber attacks and defenses provides a new way to solve the problem of optimal defense decision-making.

The new “Thirty-six” intrusion tolerance defense

Create a “last line of defense” for cyberspace security

The threats to cyberspace are unpredictable, irresistible, and unpredictable. Protection can’t completely avoid system failure or even collapse. Traditional reliability theory and fault-tolerant computing technology are difficult to meet the actual needs, which has to consider more comprehensive and deeper problems than pure protection. In this context, a new generation of intrusion-tolerance defenses has received increasing attention.

Intrusion tolerance is the third-generation network security technology, which belongs to the category of information survival technology and is called the “last line of defense” for cyberspace security defense. Unlike traditional cybersecurity defenses, intrusion-tolerant defenses recognize the existence of vulnerabilities and assume that some of them may be exploited by attackers to attack the system. When the target of protection is attacked or even some parts have been destroyed or manipulated, the target system can “kill the tail” like a gecko to complete the healing and regeneration of the target system.

Intrusion-tolerance technology is no longer based on “defense”, but on how to reduce losses and recover as soon as the system has been damaged. However, intrusion tolerance is an emerging research field. Its cost, cost and benefit will be the next research direction.

Original Mandarin Chinese:

新聞緣由

信息時代,網絡安全對國家安全牽一發而動全身。 《國家信息化發展戰略綱要》強調,積極適應國家安全形勢新變化、信息技術發展新趨勢和強軍目標新要求,構建信息安全防禦體系,全面提高打贏信息化局部戰爭能力。網絡空間已經成為影響國家安全、社會穩定、經濟發展和文化傳播的全新領域,網絡空間安全隨之成為國際社會日益關注的重要議題。

美國明確宣稱網絡空間為新的作戰領域,大幅擴編網絡司令部和作戰部隊,持續聚力網絡空間武器研發。進入夏季以來,美軍網絡演習接二連三,隱形戰火硝煙瀰漫。 3月初,“網絡風暴5”率先拉開演練戰幕;4月,“網絡神盾2016”完成第五代升級;6月,“網絡防衛”“網絡奪旗”作為年度聯合演習的核心重裝登場。

網絡安全的本質在於攻防兩端能力較量,目前依賴防火牆、入侵檢測技術和反病毒軟件等靜態的、孤立的、被動式防禦難以有效應對有組織的高強度網絡攻擊。構築網絡空間安全防線,需要革除落伍思想,打贏防禦理念上的反擊戰。

新“三十六計”之移動目標防禦

通過構建動態網絡增加攻擊難度

網絡攻擊行動均需要一定的時間用於掃描和研究目標網絡,探測並利用系統“漏洞”,達到入侵控制目的。從理論上說,攻擊者有無限的時間展開掃描探測工作,總能找到防禦薄弱點,最終達成入侵目的。為此,網絡先行者美國致力於籌劃和部署安全防禦轉型工作,力求突破傳統防禦理念,發展能“改變遊戲規則”的革命性技術,移動目標防禦即是其中之一。

移動目標防禦被稱為網絡空間安全防禦新範式,技術策略上通過對防護目標本身的處理和控制,致力於構建一種動態的網絡,增加隨機性、減少可預見性,以提高攻擊難度。若將靜態的網絡空間比喻為一成不變的“城防部署”,勢難固守;而動態的網絡配置堪稱變幻無窮的“八卦陣”,難以破解。目前,移動目標防禦技術在美國政府和軍方各類研究中均享有優先權,涵蓋動態平台技術、動態運行環境技術、動態軟件和數據技術等方面。 2012年8月,美陸軍授予雷神公司“變形網絡設施”項目,主要研究在敵方無法探測和預知的情況下,對網絡、主機和應用程序進行動態調整和配置,從而預防、遲滯或阻止網絡攻擊。

作為網絡空間安全領域的新思路,移動目標防禦反映了未來網絡防禦將“死”網絡變成“活”網絡的技術發展趨勢。

新“三十六計”之蜜罐誘騙防禦

通過消耗攻擊者的資源減少網絡攻擊威脅

常規的網絡安全防護主要是從正面抵禦網絡攻擊,雖然防禦措施取得了長足進步,但仍未能改變網絡空間“易攻難守”的基本局面。近年來發展的“蜜罐誘騙防禦”則提出了一個“旁路引導”的新理念,即通過吸納網絡入侵和消耗攻擊者的資源來減少網絡攻擊對真正要防護目標的威脅,進而贏得時間以增強防護措施,彌補傳統網絡空間防禦體系的不足。

與戰場上有意設置假陣地相仿,蜜罐誘騙防禦是主動利用安全防禦層級較低的計算機網絡,引誘各類網絡攻擊,監測其攻擊手段和屬性,在真正需要做防護的目標系統上設置相應防禦體系,以阻止類似攻擊。蜜罐可分為兩種類型,即產品型蜜罐和研究型蜜罐。前者主要目的是“吸引火力”,減輕防禦壓力,後者則為研究和獲取攻擊信息而設計,堪稱情報蒐集系統,不僅需要網絡耐攻擊而且力求監視能力強大,以最大限度捕獲攻擊行為數據。

美軍除了建立由灰網、黃網、黑網、綠網4個子網絡組成的虛擬網絡環境攻防實驗室外,還在國際互聯網上精心部署有蜜罐誘騙系統。可以肯定的是,基於誘騙的網絡防禦思想將被進一步重視,實現誘騙的技術途徑也將會越來越多。

新“三十六計”之聯動協同防禦

整合多種防禦技術“拒敵於國門之外”

目前的安全防護設備和防禦技術大都是“各自為戰”,網絡防護節點間的數據難共享,防護技術不關聯,導致目前的防禦體係是孤立和靜態的,已不能滿足日趨複雜的網絡安全形勢需要。美國“愛因斯坦計劃”最初的動因就在於各聯邦機構獨享互聯網出口,使得整體安全性難以保障。通過協同聯動機制把網絡中相對獨立的安全防護設備和技術有機組合起來,取長補短,互相配合,共同抵禦各種攻擊,已成為未來網絡空間安全防禦發展的必然選擇。

聯動協同防禦是指利用現有安全技術、措施和設備,將時間上分離、空間上分佈而工作上又相互依賴的多個安全系統有機組織起來,從而使整個安全系統能夠最大程度地發揮效能。縱向上,是多個安全技術的聯動協同防禦,即一種安全技術直接包含或是通過某種通信方式鏈接另一種安全技術。如美國海軍網絡防禦體係採用的“縱深防禦”機制,針對核心部署層層防護措施,包括基於標誌的攻擊檢測、廣域網安全審計、脆弱性警報等,攻擊方須突破多個防禦層才能進入系統,從而降低其攻擊成功率。當系統中某節點受到威脅時,能夠及時將威脅信息轉發給其他節點並採取相應防護措施,進行一體化調整和部署防護策略。

昔日的單兵作戰已不能適應當今網絡安全防禦的需要,聯動協同防禦將躍升為網絡安全領域的主流。整合多種防禦技術,建立有組織性的防禦體系,“拒敵於國門之外”才能有效防患於未然。

新“三十六計”之最優策略防禦

在網絡安全風險和投入之間尋求一種均衡

網絡空間的攻擊越來越複雜,理想的網絡安全防護當然是對所有的弱項或攻擊行為都做出對應的防護,但是從防禦資源限制等情況考慮,追求絕對安全的防禦顯然是不現實的。基於“適度安全”的理念,最優策略防禦呼之欲出。

最優策略防禦可以理解為在網絡安全風險和投入之間尋求一種均衡,利用有限的資源做出最合理決策的防禦。就投入而言,即便是實力雄厚的美國,也是盡量打造網絡空間集體防禦體系。美國與澳大利亞網絡空間防禦同盟協定,以及日美網絡防禦合作聯合聲明,其“成果共享”背後亦有“成本分攤”的影子。從風險角度看,對絕對安全的追求將會秉持安全至上原則,在製定相關戰略目標和對威脅作出反應時,易忽視所擁有資源和手段的有限性、合法性,難以掌握進退。

最優策略防禦主要圍繞博弈論的策略“最優”而展開,集中在網絡空間安全測評、代價分析、安全防禦模型構建與演化等研究方向上。將博弈論的思想應用到網絡攻擊和防禦中,為解決最優防禦決策等難題研究提供了一種新思路。

新“三十六計”之入侵容忍防禦

打造網絡空間安全 “最後一道防線”

網絡空間面臨的威脅很多是不可預見、無法抗拒和防不勝防的,防護再好也不能完全避免系統失效甚至崩潰的發生。傳統的可靠性理論和容錯計算技術難以滿足實際需要,這就不得不思考比單純防護更全面、更深層次的問題。在此背景下,新一代入侵容忍防禦愈發受到重視。

入侵容忍是第三代網絡安全技術,隸屬於信息生存技術的範疇,被稱作是網絡空間安全防禦“最後一道防線”。與傳統網絡安全防禦思路不同,入侵容忍防禦承認脆弱點的存在,並假定其中某些脆弱點可能會被攻擊者利用而使系統遭到攻擊。防護目標在受到攻擊甚至某些部分已被破壞或被操控時,防護目標系統可以像壁虎一樣“斷尾求生”,完成目標系統的癒合和再生。

入侵容忍技術不再以“防”為主,而是重在系統已遭破壞的情況下如何減少損失,盡快恢復。但入侵容忍畢竟是一個新興研究領域,其成本、代價、效益等將是下一步的研究方向。

Original Referring URL:  http://www.81.cn/jskj/2016-08/11/

Core Task of The Chinese Military Winning Localized War under Conditions of Informationization // 打贏信息化條件下局部戰爭是軍隊核心任務

Core Task of The Chinese Military Winning Localized War under Conditions of Informationization //

打贏信息化條件下局部戰爭是軍隊核心任務

2009/01/08 Article source: Liberation Army Daily

Focusing on local wars under the conditions of informatization and vigorously strengthening preparations for military struggle is a successful experience and an important guiding method for army building and a major strategic task for our military. Strategic tasks are numerous. In accordance with the established decision-making arrangements of the Central Military Commission, the People’s Army has made strides toward preparing for a new journey in military struggle.

Take the road of military struggle and prepare for rational development

New China has gone through nearly 60 years of history. For decades, the country once had a strong enemy and a crisis, but it has always stood firm and unyielding. There are many successful experiences. One important one is to prepare for a comprehensive and solid military struggle. It can be said that it is precisely with the people’s army “always ready” that it has built the steel great wall of the motherland’s security, safeguarded the happiness and tranquility of the people, and guaranteed the prosperity and development of the economy and society. Looking back on the stormy journey of preparations for military struggles for decades, behind the glory of achievements, we must also clearly see places that are not scientific enough. For example, many units are preparing for military struggles, overemphasizing specific threats in guiding ideology, relying too much on “situational stimuli”, causing the level of combat readiness to be weak and strong, and the construction of combat effectiveness to be high and low. The preparation for military struggle has not maintained autonomous and healthy. development of.

When things happen, things change, things change. At present, the preparations for military struggle are standing at a new historical starting point. The national security situation has undergone complex and profound changes. On the one hand, the traditional security threats and non-traditional security threats we are facing are increasing. The world’s major powers are increasingly competing in geostrategic competition around the country. The political situation in neighboring countries continues to be turbulent, and there are many hidden dangers in the regional security environment. The domestic separatist forces and their activities are rampant, the instability and uncertainties affecting national security are increasing, and the preparations for military struggle are facing unprecedented challenges. On the other hand, international unilateralism is frustrated, and the financial crisis has delayed global hegemonic expansion. The situation has been significantly eased, my main strategic direction has eased, and the preparations for military struggle are facing unprecedented opportunities. This opportunity is both strategic and historical. How to seize the opportunity, use the opportunity, and take advantage of the momentum is a realistic proposition that needs to be answered in preparation for the current military struggle. After 30 years of reform and development, our military has undergone a qualitative leap, with more comprehensive and informatized units, more technologically intensive and quality-efficiency features, and a wealth of achievements and advances in military struggle preparation. basic condition. Entering the new stage of the new century, President Hu focused on the special requirements of the party for national defense and army building, and endowed the military with the historical mission of “providing three to provide and play one”, emphasizing that “our army must enhance its ability to win local wars under conditions of informationization.” At the core, we are constantly improving our ability to respond to multiple security threats and accomplish diverse military tasks.” This series of major strategic ideas has adjusted the basic point of preparation for military struggle and expanded the task of preparing for military struggle. The establishment of this important guiding principle of the scientific concept of development puts forward higher requirements for the pursuit of military struggle, and is based on comprehensive, coordinated, sustainable development and people-oriented standards. There are still many ideas that need liberation, and many jobs. Innovation is needed and many aspects need to be improved.

In order to advance the preparations for military struggle under the new situation, we must seek changes based on the situation and make decisions based on the situation, and base ourselves on a new starting point for new development. We should strengthen preparations based on threats, strengthen all-round “threat awareness” and “enemy feelings”, fully recognize the grim reality that war is not far away and not only one, and unswervingly push forward preparations for military struggle. The task of the military should be based on the preparation of the task. The fundamental task of the army is to fight and prepare for war. You can not fight for a hundred years, but you can’t relax for a moment. You must comprehensively and systematically advance the preparations for military struggle in accordance with the standards for effectively fulfilling its functional mission. Based on the ability to prepare for the situation, jump out of the passive emergency preparedness mode led by the enemy, actively design the future war, plan and plan to improve the ability to deal with multiple security threats, complete diversified military tasks, and steadily and scientifically advance the preparations for military struggle.

Breaking through key points to improve the quality of military struggle preparation

Without a focus, there is no strategy, and without a focus, it is difficult to break through. Making full use of the important strategic opportunity period and grasping the key content to seek breakthroughs is not only an objective requirement to follow the inherent laws of military struggle preparation, but also an urgent need to comprehensively improve the actual combat capability of the troops.

As the most basic practical activity of the armed forces in peacetime, military training is the basic way to generate and develop combat power and is the most direct and effective preparation for military struggle. It is necessary to further raise the awareness of the importance of military training, effectively put military training in a strategic position, and truly form a new upsurge in the military training and vigorously promote the transformation of training. We should seize the key link in the formation of joint training, strengthen joint consciousness, improve joint quality, improve joint training regulations, improve joint training mechanism, and promote military training from form to substance. Training should be carried out in a complex electromagnetic environment as an important entry point and grasper, actively explore effective methods of organizing command training, combat technical countermeasures training and weaponry operation and use training, and accelerate the military training under the conditions of mechanization under military training conditions. change. We should use the mission subject training as a carrier to actively construct a battlefield environment that is close to actual combat, and explore the main methods of confrontation training, field training and base training, simulation training, and network training, with the test of truth, difficulty, and reality. Standards, taking the test, comparison, and pull as the practical training path of the implementation mechanism, enhance the effectiveness of training. Non-war military operations training should be actively carried out to improve the professional skills of non-war military operations and enhance the ability of the troops to complete diversified military missions.

Man is the most active and active element among the elements of combat effectiveness. Talent preparation is the most important and arduous preparation in the preparation for military struggle. The victory of the war depends on the battlefield, but the link that determines the outcome is in the usual competition, the focus of which is talent. At present, the key is to highlight the two “strategic graspers” of joint operational command talents and high-level professional and technical personnel, and to promote and promote the overall development of the talent team’s capacity building. Highlight the training of joint operations command personnel, focus on establishing and improving the training mode for commanders at the strategic level, focus on improving the training system for joint operations personnel, reform the content and methods of joint operations, increase the rotation and cross-training of commanding officers, and intensify joint operations. Strengthen emergency response and improve the relevant measures. Highlight the cultivation of high-level professional and technical personnel. In accordance with the principle of focusing on the key points, taking into account the general, grasping the leading, and driving the whole, we will focus on cultivating scientific and technological leaders who can organize major projects in interdisciplinary fields, and can guide the promotion of academic and technological innovation and development of top-notch talents, and can solve the complex technical support of equipment. The technical experts of the puzzles provide strong intellectual support for the construction of information technology.

The speed of the soldiers is the iron law of war guidance. Under the conditions of informationization, the “speed advantage” is emphasized. Rapid response capability has become an important indicator of the level of combat readiness and actual combat capability of an army. A sensitive and efficient emergency command mechanism should be improved. On the basis of summarizing the practical experience of our military in completing various military tasks in recent years, we will do a good job in solidifying and transforming relevant results, establish an emergency mechanism, improve laws and regulations, improve institutional setup, formulate response plans, and organize relevant training to ensure that once something happens. Quick response, efficient command, and correct action. An advanced and reliable command information system should be established. According to the requirements of good interoperability, responsiveness, security and confidentiality, and information sharing, an information network with vertical and horizontal to the edge and a comprehensive and simple command system are established, relying on information technology to improve emergency command and rapid response capability. Grasp the characteristics of strategic investment capacity building, focus on the development of strategic transport aircraft (ships), military helicopters and new types of aircraft, take into account the construction of traffic battlefields, explore the establishment of a smooth and efficient command and management mechanism, and promote the strategic transport capacity building as a whole.

Security is also a fighting force. Any combat action in modern warfare is a systemic confrontation, and the requirements for comprehensive guarantees are getting higher and higher. To advance preparations for military struggle, it is necessary to comprehensively improve the comprehensive support capabilities such as operational support, logistics support, and equipment support. Our military has always paid attention to the coordination and promotion of combat forces and the construction of combat support forces. The support capabilities of reconnaissance and early warning, command and communication, surveying and mapping, meteorological and hydrological, and engineering defense have all been simultaneously improved. However, with the development of the situation and the continuous expansion of the battlefield space, the battle support capability system has begun to appear a new “short board”, which must be completed as soon as possible to form the overall advantage of the joint operations of the full-dimensional battlefield. The focus of logistics support is to improve the level of modernization. In accordance with the requirements of the development of the times, we will steadily implement the logistics reform, and promote the security system to the integration, the security mode to the socialization, the security means to the informationization, the logistics management to the scientific transformation, and promote the sound and rapid development of logistics. The focus of equipment support is to strengthen supporting construction. Improve the ability of independent innovation, accelerate the development of new weapons and equipment, and continuously optimize the structure of our military’s weapons and equipment. Pay attention to equipment system support, system support and support construction, improve equipment serialization, generalization, and standardization level, gradually promote equipment into system to form combat capability and support capability, and accelerate the establishment of weapons and equipment for military-civilian integration and military integration. Scientific research and production system and maintenance guarantee system, further improve the way of military and civilian integration and development of equipment.

Adhere to scientific development and innovation, preparation for military struggle

To advance the preparations for military struggle at a new starting point, we must adhere to the scientific development concept as a guide, and effectively use the way of thinking that meets the requirements of the times to explore the development path for the preparation of innovative military struggles.

Continue to emancipate the mind and advance the preparations for military struggle in the tide of military reform. The deeper the preparations for military struggle, the more deep-seated contradictions and problems that touch on development concepts, institutional mechanisms, policies and systems, and the greater the difficulty of advancing. The fundamental way to solve these problems lies in continuing to emancipate the mind and deepen the reform of national defense and army building. The strategic goal of the military reform is to build an information-based army and win an information-based war. This is consistent with the basic point of preparation for military struggle. Preparation for military struggle is the leader and traction of military reform. Military reform is an important content and optimization condition for military struggle preparation. The two goals are consistent and mutually reinforcing. Therefore, in order to advance the preparations for military struggle under the new situation, we must combine the promotion of national defense and military reform, take the improvement of combat effectiveness as the starting point and the foothold of reform, unify the reform thinking with combat effectiveness standards, measure reform measures, test the effectiveness of reforms, and promote reforms. Preparation for military struggle.

Strengthen scientific co-ordination and coordinate the preparations for military struggle in the process of military modernization. The modernization of the military is a big system, and the preparation for military struggle is the key to taking the initiative and moving the whole body. When the military struggle is ready, it will provide clear and specific needs for the overall development of our military’s modernization drive, provide a real grasp and form a huge traction force. We must stand at the height of the overall development of the military’s modernization drive, effectively coordinate the relationship between the primary and secondary, far and near, construction and use, turn the process of preparation for military struggle into a process of strengthening the modernization of the military, and transform the process of military modernization. In order to serve the military struggle preparation process, the two will promote each other and coordinate development.

Adhere to information-led and innovate to advance military struggle preparations in the transformation of combat capability generation mode. At present, information technology is profoundly changing the combat generation model, and it is also changing all aspects of army building. To advance the preparations for military struggle, we must be keenly adapted to this new situation, take the initiative to jump out of the mechanized mindset, strengthen the information-led concept, focus on relying on scientific and technological progress to improve combat effectiveness, and explore innovative military concepts, military technology, military organizations, and military that meet the requirements of informationized warfare. Management, focus on improving the level of informationization of military personnel training, weapon and equipment development, and the best combination of man and weapon, accelerate the transformation of military training, gradually establish an effective mechanism for the formation and improvement of new combat capabilities, and promote the preparation of military struggle to achieve a qualitative leap.

Highlight the actual combat and accelerate the preparation of military struggles in completing various military tasks. Practice tells us that no matter how the international situation evolves, how the military’s functional mission expands, and how diversified military tasks are, it is always the top priority of our military to contain wars, win wars, and maintain peace. Local war is always the core task of our army. Only with the core military capabilities and a diversified military mission can there be a solid foundation. We must always put the core military capabilities at the forefront, aim at the fundamental functions and promote comprehensive preparations, and do more preparations without “single-on-one”, sorting preparations rather than “one size fits all”, deep preparations instead of “surfaced”, and efforts to make troops Ability to adapt to various conditions, respond to various situations, and complete diverse military tasks.

Original Mandarin Chinese:

以打贏信息化條件下局部戰爭為重點,大力加強軍事鬥爭準備,是軍隊建設的一條成功經驗和重要指導方式,是我軍一項重大的戰略任務。戰略任務重千鈞。人民軍隊按照中央軍委既定的決策部署,向著軍事鬥爭準備新征程闊步邁進。

走軍事鬥爭準備理性化發展之路

新中國走過近60年曆程。幾十年來,國家一度強敵環伺、危機四伏,卻始終屹立不屈,不斷生息壯大。成功的經驗有很多,很重要的一條就是靠全面紮實的軍事鬥爭準備。可以說,正是有了人民軍隊“時刻準備著”,才鑄就了祖國安全的鋼鐵長城,守護了人民群眾的幸福安寧,保障了經濟社會的繁榮發展。回顧幾十年軍事鬥爭準備的風雨征程,在成績的榮耀光環背後,我們也要清醒看到不夠科學的地方。比如不少單位抓軍事鬥爭準備,在指導思想上過於強調具體威脅,過度依賴“情況刺激”,造成戰備水平忽強忽弱,戰鬥力建設忽高忽低,軍事鬥爭準備沒有保持自主、健康地持續發展。

時異則事移,事異則備變。當前,軍事鬥爭準備又站在了一個嶄新的歷史起點上。國家安全形勢發生復雜深刻變化,一方面,我們面臨的傳統安全威脅和非傳統安全威脅都在增加,世界主要大國在我周邊地緣戰略競爭不斷加劇,周邊國家政局持續動盪,地區安全環境存在諸多隱患,國內民族分裂勢力及其活動猖獗,影響國家安全的不穩定、不確定因素增多,軍事鬥爭準備面臨前所未有的挑戰;另一方面,國際上單邊主義受挫,金融危機拖延了全球霸權擴張,台海形勢明顯緩和,我主要戰略方向壓力有所減輕,軍事鬥爭準備面臨前所未有的機遇。這個機遇既是戰略性的,也是歷史性的。怎樣抓住機遇、用好機遇、乘勢推進,是當前軍事鬥爭準備需要回答的現實命題。經過30年改革發展,我軍建設出現質的跨越,部隊合成化、信息化程度更高,科技密集型、質量效能型特徵更加明顯,軍事鬥爭準備有了可資利用的豐富成果和推進躍升的基礎條件。進入新世紀新階段,胡主席著眼黨對國防和軍隊建設的特殊要求,賦予軍隊“三個提供、一個發揮”的歷史使命,強調“我軍必須以增強打贏信息化條件下局部戰爭能力為核心,不斷提高應對多種安全威脅、完成多樣化軍事任務的能力”。這一系列重大戰略思想,調整了軍事鬥爭準備的基點,拓展了軍事鬥爭準備的任務內容。科學發展觀這一重要指導方針的確立,對軍事鬥爭準備提出了好中求快的更高要求,按照全面、協調、可持續發展和以人為本的標準來衡量,還有很多思想需要解放,很多工作需要創新,很多方面需要提高。

新形勢下推進軍事鬥爭準備,必須因勢求變、因情定策,立足新的起點,謀求新的發展。應基於威脅抓準備,強化全方位的“威脅意識”和“敵情觀念”,充分認清戰爭並不遙遠且不只一種的嚴峻現實,堅定不移地推進軍事鬥爭準備。應基於任務抓準備,軍隊的根本任務是打仗和準備打仗,仗可以百年不打,但準備一刻也不能放鬆,必須按照有效履行職能使命的標準,全面系統地推進軍事鬥爭準備。應基於能力抓準備,跳出被敵情牽著走的被動應急準備模式,主動設計未來戰爭,有規劃有計劃地提高應對多種安全威脅、完成多樣化軍事任務能力,穩步科學地推進軍事鬥爭準備。

以重點突破提高軍事鬥爭準備質量

沒有重點就沒有戰略,沒有重點就難以突破。充分利用重要戰略機遇期,抓住重點內容謀求突破,既是遵循軍事鬥爭準備內在規律的客觀要求,更是全面提高部隊實戰能力的迫切需要。

軍事訓練作為和平時期軍隊最基本的實踐活動,是戰鬥力生成和發展的基本途徑,是最直接、最有效的軍事鬥爭準備。必須進一步提高對軍事訓練重要性的認識,切實把軍事訓練擺到戰略位置,真正在部隊形成大抓軍事訓練、大力推進訓練轉變的新高潮。應抓住聯合訓練這個戰鬥力生成的關鍵環節,強化聯合意識,提高聯合素質,健全聯訓法規,完善聯訓機制,推動軍事訓練從形式到實質的聯合。應以復雜電磁環境下訓練為重要切入點和抓手,積極探索組織指揮訓練、戰技術對策研練和武器裝備操作使用訓練的有效辦法,加速推進機械化條件下軍事訓練向信息化條件下軍事訓練轉變。應以使命課題訓練為載體,積極構設近似實戰的戰場環境,探索以對抗訓練、野戰化訓練和基地化訓練、模擬化訓練、網絡化訓練等為主要方式,以真、難、實為檢驗標準,以考、比、拉為落實機制的實戰化訓練路子,增強訓練實效。應積極開展非戰爭軍事行動訓練,提高部隊遂行非戰爭軍事行動專業技能,增強部隊完成多樣化軍事任務的能力。

人是戰鬥力諸要素中最積極、最活躍的要素,人才准備是軍事鬥爭準備中最重要、最艱鉅的準備。戰爭勝負決於戰場,但決定勝負的環節卻在平時的競爭之中,其中的重點就是人才。當前,關鍵是要突出聯合作戰指揮人才和高層次專業技術人才兩個“戰略抓手”,牽引和推動人才隊伍能力建設的整體發展。突出聯合作戰指揮人才培養,重點建立健全戰略戰役層次指揮員培養提高模式,圍繞完善聯合作戰人才培訓體系、改革聯合作戰教學內容和方法、加大指揮軍官崗位輪換和交叉培訓力度、加緊聯合作戰指揮人才應急培訓等,加強和完善有關措施。突出高層次專業技術人才培養。按照突出重點、兼顧一般、抓住龍頭、帶動整體的原則,重點培養能夠跨學科領域謀劃組織重大項目攻關的科技領軍人才、能夠指導推進學術技術創新發展的學科拔尖人才、能夠解決裝備技術保障複雜難題的技術專家人才,為信息化建設提供強有力的智力支撐。

兵貴神速是戰爭指導的鐵律,信息化條件下更強調“速度優勢”。快速反應能力已成為衡量一支軍隊戰備水平和實戰能力的重要標誌。應健全靈敏高效的應急指揮機制。在總結梳理近年我軍完成多樣化軍事任務實踐經驗的基礎上,抓好相關成果的固化和轉化,建立應急機制,健全法規制度,完善機構設置,制定應對預案,組織相關研練,確保一旦有事能快速反應、高效指揮、正確行動。應建立先進可靠的指揮信息系統。按照互操作性好、反應靈敏、安全保密和信息共享的要求,建立縱向到底、橫向到邊的信息網絡和綜合一體、層級簡捷的指揮系統,依靠信息技術提高應急指揮與快速反應能力。把握戰略投送能力建設的特點規律,重點發展戰略運輸機(艦)、軍用直升機和新型航行器,統籌考慮交通戰場建設,探索建立順暢高效的指揮管理機制,整體推進戰略輸送能力建設。

保障也是戰鬥力。現代戰爭中的任何一次作戰行動,都是體系的對抗,對綜合保障的要求越來越高。推進軍事鬥爭準備,必須全面提高作戰保障、後勤保障和裝備保障等綜合保障能力。我軍歷來注重協調推進作戰力量與作戰保障力量建設,偵察預警、指揮通信、測繪導航、氣象水文、工程防化等保障能力總體實現了同步提高。但隨著形勢的發展變化和戰場空間的不斷拓展,作戰保障能力體系開始出現新的“短板”,必須盡快補齊,以形成全維戰場的聯合作戰整體優勢。後勤保障重點是提高現代化水平。按照時代發展要求,穩步實施後勤改革,將保障體制向一體化推進、保障方式向社會化拓展、保障手段向信息化邁進、後勤管理向科學化轉變,推動後勤建設又好又快發展。裝備保障重點是加強配套建設。提高自主創新能力,加快新型武器裝備建設發展,不斷優化我軍武器裝備結構體系。注重裝備的體系配套、系統配套和保障配套建設,提高裝備系列化、通用化、標準化水平,逐步推進裝備成系統成建制形成作戰能力和保障能力,加快建立軍民結合、寓軍於民的武器裝備科研生產體系和維修保障體系,進一步完善軍民融合發展裝備的路子。

堅持科學發展創新軍事鬥爭準備路徑

在新的起點上推進軍事鬥爭準備,必須堅持以科學發展觀為指導,切實運用符合時代要求的思維方式,探索創新軍事鬥爭準備的發展路徑。

繼續解放思想,在軍隊改革大潮中整體推進軍事鬥爭準備。軍事鬥爭準備越深入,觸及發展理念、體制機制、政策制度等方面的深層次矛盾和問題就越多,推進的難度也越大。解決這些問題的根本出路,在於繼續解放思想、深化國防和軍隊建設改革。軍隊改革的戰略目標是建設信息化軍隊、打贏信息化戰爭,這與軍事鬥爭準備的基點是一致的。軍事鬥爭準備是軍隊改革的龍頭和牽引,軍隊改革則是軍事鬥爭準備的重要內容和優化條件,二者目標一致、互為促進。因此,新形勢下推進軍事鬥爭準備,必須與推進國防和軍隊改革結合起來,把提高戰鬥力作為改革的出發點和落腳點,用戰鬥力標準統一改革思想,衡量改革措施,檢驗改革成效,在改革中推進軍事鬥爭準備。

加強科學統籌,在軍隊現代化建設進程中協調推進軍事鬥爭準備。軍隊現代化建設是個大系統,軍事鬥爭準備則是牽一發而動全身的關鍵。軍事鬥爭準備做好了,就能為我軍現代化建設整體發展提供明確具體的需求,提供實實在在的抓手,形成巨大的牽引力量。必須站在軍隊現代化建設發展全局的高度,切實統籌好主與次、遠與近、建與用等關係,把軍事鬥爭準備的過程變成加強軍隊現代化建設的過程,把軍隊現代化建設的過程變成服務軍事鬥爭準備的過程,使二者互為促進,協調發展。

堅持信息主導,在戰鬥力生成模式轉變中創新推進軍事鬥爭準備。當前,信息技術正在深刻改變著戰鬥力生成模式,也在改變著軍隊建設的方方面面。推進軍事鬥爭準備,必須敏銳地適應這個新形勢,主動跳出機械化思維定勢,強化信息主導觀念,注重依靠科技進步提高戰鬥力,探索創新適應信息化戰爭要求的軍事理念、軍事技術、軍事組織和軍事管理,著力提高軍事人才培養、武器裝備發展、人與武器最佳結合的信息化水平,加快推進軍事訓練轉變,逐步確立新型戰鬥力生成與提高的有效機制,推動軍事鬥爭準備實現質的躍升。

突出實戰牽引,在完成多樣化軍事任務中加速推進軍事鬥爭準備。實踐告訴我們,無論國際局勢如何演變、軍隊的職能使命如何拓展、多樣化軍事任務多麼繁重,遏制戰爭、打贏戰爭、維護和平始終是我軍職能的重中之重,打贏信息化條件下局部戰爭永遠是我軍的核心任務。只有具備了核心軍事能力,完成多樣化軍事任務才有堅實基礎。必須始終把提高核心軍事能力放在首要位置,瞄準根本職能推進全面準備,做到多手準備而不“單打一”,分類準備而不“一刀切”,深入準備而不“表面化”,努力使部隊具備適應各種條件、應對各種情況、完成多樣化軍事任務的能力。 (趙立德)

Original Referring URL:  http://www.china.com.cn/military/txt/2009-01/08/

Chinese Military Electromagnetic Spectrum Technology Determines the Future Development of Defeating the US at War

Chinese Military Electromagnetic Spectrum Technology Determines the Future Development of Defeating the US at War

For a long time, in order to solve the A2/AD dilemma and achieve a new offset strategy, the U.S. has launched combat operations such as open space/air-sea warfare, cyber-centric warfare, distributed killing, multi-domain warfare, and mixed warfare. With new ideas, we constantly seek military advantages such as missile offensive and defense, cyber-electromagnetics, and multi-domain space. Today, the electromagnetic spectrum war has become the new darling of leading a new round of military theory and technological innovation. Researching and analyzing the status quo and characteristics of the development of the US military’s electromagnetic spectrum combat has important practical significance for our military’s success in defeating the enemy in the information battlefield.

1  Development of Electromagnetic Spectrum Warfare

In 1956, Admiral Sergei Gorschkov, the former Soviet naval commander, pointed out: “Who controls the electromagnetic spectrum, who will win the next war.” Sixty years later, the electromagnetic spectrum has become one of the key battlefields of modern warfare. In order to compete for the advantages of the electromagnetic spectrum in the battlefield, the US military conducted in-depth explorations from combat theory to equipment technology and developed rapidly.

1.1 Evolution of theory

Electromagnetic spectrum control has a long history. In the early 1970s, Thomas H, chairman of the US Senate Association. Moorer said that the winner of World War III will be a party that can highly control and manage the electromagnetic spectrum. The United States “Old Ravens” Association first proposed the use of electromagnetic control (EMC) as the fourth component of the concept of electronic warfare. In 2009, Strategic Command launched the early concept of electromagnetic spectrum warfare (EMSW), and added tasks such as electromagnetic spectrum management (EMSM), electromagnetic spectrum control (EMSC), and electromagnetic battle control (EMBC) on the basis of electronic warfare [1]. In 2012, the Strategic Command established the Joint Electromagnetic Spectrum Control Center (JEMSCC) to achieve full integration of electronic warfare and electromagnetic spectrum management, and each of the units also established corresponding organizational coordination agencies and detachments [2]. In the same year, the US Navy proposed the concept of Electromagnetic Maneuver Warfare (EMMW) [3], and in March 2015 released the “21st Century Maritime Force Cooperation Strategy,” which outlines the goals, components, technology projects, and implementation paths of the electromagnetic maneuver warfare [4]. In December 2015, Terry Halvorsen, chief information officer of the US Department of Defense, pointed out that the electromagnetic spectrum is expected to be considered as the sixth battlefield following land, sea, air, space, and cyberspace [5]; in the same month, the Center for Strategic and Budgetary Assessments Defining Electromagnetic Waves: Regaining U.S. Dominance in the Electromagnetic Spectrum Field[6] The report proposes the concept of “low-zero-power” electromagnetic spectrum warfare, expounding concept ideas, trend features, capabilities and technical requirements and current obstacles, and presenting views, concepts, Procurement, technical, verification, etc. At the end of November 2016, the 53rd International Conference of the “Old Ravens” Association of the United States took the theme “Global Vision of Electromagnetic Spectrum Operations” as the theme to demonstrate the new concepts and technical achievements of electronic warfare, spectrum sensing and conflict resolution, and explored the electromagnetic spectrum operational environment. Policy regulations, equipment procurement, joint training and combat capabilities, etc. [7]. In January 2017, the new Secretary of Defense Ashton Carter signed the first “Electronic Warfare Strategy” document, officially establishing the electromagnetic spectrum as an independent operational domain and elaborating on how to conduct operations [8].

1.2 Policies and Orders

Strategic policies and military doctrines reflect the development of the US military’s combat theory. From 2006 to 2014, the US Department of Defense updated the “Electromagnetic Spectrum Strategy” to focus on advancing strategic objectives such as development of spectrum equipment, flexibility of spectrum operations, spectrum management, and improvement of policy response capabilities [9]; Strategic Command released in August 2010. Winning the 21st Century Economic and Security Advantage: Strategic Framework for Electromagnetic Spectrum Control, building an electromagnetic spectrum control system architecture from multiple perspectives including objectives, requirements, strategic development, etc. [10]; the Joint Venture Association has promulgated JP6-01 “Joint” in March 2012. “Electromagnetic Spectrum Management Action” joint publication [11], signed in December 2012 CJCSM3320.01C “Chairman’s Handbook of Joint Electromagnetic Spectrum Management Operations in Electromagnetic Operation Environment” [12], issued CJCSI3320.01D “Joint Electromagnetic Spectrum” in January 2013 Operational Instructions [13] and CJCSM 3320.04 “Electronic Warfare Supporting Combined Electromagnetic Spectrum Operations” Manual [14]. In March 2015, the “Electromagnetic Spectrum Operational Joint Concept” document [15] was signed, which systematically stated that the Joint Forces launched electromagnetic spectrum combat operations. Strategic vision, organizational structure and functions, command and management relationships, plan formulation and operational implementation, operational integration and action synergy, and gradually Tactical, technical, and program (TTP) refinement of control, interference cancellation, spectrum management, and electronic warfare reprogramming, etc.; US Army released TRADOC P525-7-16, “The US Army’s Future Modular Force Conceptual Capability in December 2007 Plan 2015-2024 – Electromagnetic Spectrum Operation Manual [16]. Field regulations FM6-02.70 “Army Electromagnetic Spectrum Operations” [17] were issued in May 2010. Field Manual FM3-38 “Network Electromagnetic Actions” was issued in January 2014. [18] Published in December 2015, ATP6-02. 70 “Electromagnetic Spectrum Management Combat Operations Skills” [19], updated in February 2016 AR525-15 “Network Reconfiguration of Electromagnetic Action Software” provisions [20], US Air Force updated 2017 AFI10-703 “electronic warfare integrated reprogramming” instructions [21] Define the concept of electromagnetic spectrum operations under the guidance of joint directives, and elaborate on issues such as organization and responsibilities, operational architecture, plan development and coordination control, task list and decision process, action team and management tools, and DOTMLPF, and promote electromagnetics. The integration of spectrum operations, electronic warfare, and cyberspace warfare. In addition, Kevin D, head of the United States Joint Force Development Department. In October 2016, Scott signed the JDN3-16 “Joint Electromagnetic Spectrum Operation” bulletin[22], standardized terminology and operational framework standards, and made a procedural description of the functional roles, organization, planning, operational implementation, and evaluation. It was awarded the Joint Spectrum Interference Cancellation Program CJCSM3320.02D signed in January and March 2013 by the Joint Committee, CJCSI3320.02F Joint Spectrum Interference Cancellation, and CJCSI3320.02E-1 Joint Spectrum Interference in February 2014. The three major regulations [23][24][25] to eliminate the confidentiality of the program were the important operational support and became the latest guidance for the US military’s electromagnetic spectrum warfare.

1.3 Equipment and Technology

Military technology leads and supports advanced operational concepts. To transform the concept of electromagnetic spectrum warfare from concept to capability, the U.S. military is striving to develop technological innovation and equipment development, and to develop new systems featuring networking, dexterity, multifunction, miniaturization, and adaptability.

On the spectrum management and control system[19][26], the US Department of Defense has developed and deployed the Allied Nations Joint Spectrum Management Planning Tool (CJSMPT) and the Global Electromagnetic Spectrum Information System (GEMSIS) since 2005, followed by the Spectrum XXI and the Modified Spectrum XXIO, Spectrum. Perception Management and Planning System (SSC-SSMPS), Spectrum Situational Sensing System (S2AS), Maritime Electromagnetic Spectrum Operational Action Project (AESOP), Joint Automatic Communication Electronic Action Instruction System (JACS), Host Country Global Online Spectrum Database, etc., with real-time spectrum Measurement and online analysis, spectrum planning and deduction and frequency allocation, electromagnetic interference analysis and conflict elimination, electromagnetic warfare environment modeling simulation, electromagnetic situation sharing and frequency efficiency evaluation, spectrum resource access and database functions and capabilities.

In combat equipment and technology projects [3][26][27], in 2011, the DARPA began to initiate behavioral learning adaptive electronic warfare (BLADE), adaptive radar confrontation (ARC), extreme radio frequency spectrum CommEx, Active Electronic Scan Array (AESA) technology, Near Zero-Power Radio Frequency and Sensor Operation (N-ZERO), under the conditions of the project, through the development of new technologies such as real-time evaluation of countermeasures, autonomous generation of measures, immediate feedback of effects, etc. Unknown waveform and behavioral electromagnetic spectrum threats Real-time tactical confrontation new capabilities; In 2010, the Air Force launched a Cognitive Jammer and HiPERDAC project based on Networked Software Defined Architecture (SDA) and passive RF PRIDE, SWEATER, and CHAMP (Eliminate High-Power Microwave Advanced Missiles) to develop active and passive target threat automatic recognition, real-time assessment and adaptive confrontation technologies and capabilities The US Navy conducts a maritime electronic warfare improvement (SEWIP-Block I/II/III) SLQ-32 shipboard electronic warfare system and ship signalling Equipment (SSEE), electromagnetic command and control (EMC2), integrated mast (InTop) shipborne antenna, next-generation jamming machine (NGJ) and other projects to improve real-time threat assessment and situational awareness, mission program modeling simulation, automatic distribution of electromagnetic spectrum , Combat Operations Analysis and other capabilities; the US Army launched the Electronic Warfare Planning and Management Tool (EWPMT) and Multi-Functional Electronic Warfare (MFEW), Defensive Electronic Assault (DEA) and Silencer Electronics scheduled for September 2016 Warfare and other systems enhance the electronic support for the perception of radio signals and the ability to send electronic signals that interfere with or deceive signals. Earlier this year, the Strategic Command Joint Electronic Warfare Center (JEWC) initiated research on new technologies that provide improved electromagnetic battle management capabilities for electromagnetic spectrum situational awareness and command and control, and plans to implement real-time strategy-based spectrum control and advanced electromagnetic battle sequences (EOB) within five years. ) Characterization and action plan modeling, simulation, analysis, and other capabilities and achieve 7-8 level of technology maturity [28]. Driven by cognitive EW and artificial intelligence technologies, DARPA launched the Radio Frequency Machine Learning System (RFMLS) and Spectrum Joint Challenge Program on August 11, 2017 to develop automatic identification and characterization of target signals from a large number of complex spectrum signals. New technology [29].

2  Joint Electromagnetic Spectrum Theory

The electromagnetic spectrum warfare is the latest theory of information warfare of the US military in the 21st century. As research and understanding continue to deepen, the U.S. military will gradually place new strategic ideas as tactics and tactical measures. In order to unify the battlefield electromagnetic spectrum utilization and control actions, the U.S. military issued a series of directives, regulations, regulations, and other documents to publish a summary of the JDN3-16 “Joint Electromagnetic Spectrum Operation” regulations, and standardized the operational concept, mission category, organization, and combat planning and implementation. Evaluation and so on.

2.1 Basic concepts

Electromagnetic Spectrum Operations (EMSO) is the conceptual starting point for the US military’s electromagnetic spectrum warfare theory. It is based on electronic warfare and spectrum management and is based on joint electromagnetic spectrum operations. The goal is to achieve electromagnetic spectrum advantages in electromagnetic operating environment (EMOE), involving spectrum management operations, joint electromagnetic spectrum operations (JEMSO) and joint electromagnetic spectrum. Management actions and other concepts. According to the US military regulations JP1-02 “Defense Ministry Military Terms Glossary” [30], JP6-01 “Joint Electromagnetic Spectrum Management Action”, JDN3-16 “Joint Electromagnetic Spectrum Operations” and ATP6-02.70 “Electromagnetic Spectrum Management Combat Operations Skills” , United electromagnetic spectrum operations are coordinated military operations carried out by two or more units for use, attacks, protection and management of operational electromagnetic environment. The electromagnetic spectrum management action refers to the interaction between the spectrum management, frequency allocation, host country coordination, policy compliance, and conflict resolution in the entire phase of military operations to jointly promote the planning, management, and implementation of operations within the electromagnetic operations environment. The relationship between various concepts and categories is shown in Figure 1.

Fig. 1 Diagram of related concepts of electromagnetic spectrum operations [19]

2.2 Task Domain Positioning

The U.S. military believes that the joint electromagnetic spectrum combat mission domain is composed of four-dimensional missions of electromagnetic spectrum utilization, management, attack, and protection. Among them, missions include signal intelligence gathering, distribution, and electronic warfare support. Management tasks include electromagnetic spectrum management and electromagnetic battle management. Missions have electronic attacks and navigation warfare, protection tasks have electronic protection and joint spectrum interference cancellation. The operational concept aims to operationally integrate the electromagnetic spectrum operations of the joint forces in the electromagnetic operating environment, establish key priorities, organize action coordination, and eliminate conflicts. Through the full integration of electromagnetic maneuvering schemes, strength and action to strengthen coordination and unification, the electromagnetic spectrum of the battlefield is realized. control. It plays a key role in the formation of joint operational capability in all operational areas, and has a profound impact on the joint forces’ command and control, intelligence, firepower strikes, adjustment and mobility, protection, and maintenance of operational capabilities.

2.3 Organizational Framework

The organization of the joint electromagnetic spectrum operations is responsible for the formulation and publication of policy directives and operational guidelines for commanders and commanders, and for combat planning, operational implementation, coordination of operations, and operational evaluation. The person in charge of electromagnetic spectrum control assigned by the Joint Force Commander shall assume the overall responsibility for the joint electromagnetic spectrum operations. The Joint Electromagnetic Spectrum Operations Unit (JEMSOC) is the chief staff of the Joint Force, and the person in charge of electromagnetic spectrum control assigns a supervisor to direct the command. Each service set up an electromagnetic spectrum operations division, each of which administers an electromagnetic spectrum operational unit, and assumes the functions of integrated network operations, electronic warfare, and spectrum management operations. They are the Army’s electronic warfare officer’s network of electromagnetic action units and the Navy’s maritime operations. The operational center electromagnetic spectrum operational unit, the Air Force air operations center electronic warfare coordination unit, the Marine Corps Combat Development and Integration Command’s cyberspace and electronic warfare coordination unit, and the Multinational Force Joint Staff Operations Department’s contracted electronic warfare coordination unit. The Joint Electromagnetic Spectrum Operational Organization of the Joint Force is shown in Figure 2. The joint electromagnetic spectrum combat unit architecture is shown in Figure 3.

Figure 2 Electromagnetic Spectrum Operational Organization

Figure 3 Joint Electromagnetic Spectrum Operations Unit Architecture

2.4 Combat Planning Process

Joint electromagnetic spectrum combat planning is jointly completed by all levels of joint electromagnetic spectrum combat units. During task analysis, the combat plan development team develops a staff assessment plan to determine the electromagnetic spectrum support degree in the formulation and analysis of the action plan as a strategic basis for achieving the advantages of the electromagnetic spectrum; after the action plan is selected, joint electromagnetics are developed. The spectrum operations appendix describes mission tasks, priorities, policy strategies, process steps, and implementation procedures for the entire operational phase, establishing coordination measures, specific procedures, and engagement rules for the use of electromagnetic battle management and control systems in the joint operations domain; The Ministry submits its own electromagnetic spectrum operations plan and integrates it into this appendix. During the planning and implementation of the plan, the Joint Electromagnetic Spectrum Operations Unit strengthens the electromagnetic spectrum operations plans of each division and participates in the development of various divisions, establishment of priorities, establishment of operational integration and operational coordination, and the creation of an electromagnetic spectrum control plan. Then, the updated electromagnetic spectrum control plan is adjusted to start the joint electromagnetic spectrum combat implementation cycle to generate an electromagnetic spectrum control sequence that guides the use of the electromagnetic spectrum of the joint force. The combat planning process is shown in Figure 4.

Figure 4 Joint Electromagnetic Spectrum Combat Plan Development Process

2.5 Operational methods

The joint electromagnetic spectrum operations implementation process is a continuous cycle of planning, implementation and evaluation. The united electromagnetic spectrum combat unit completes the formulation of the electromagnetic spectrum control plan and the electromagnetic spectrum control sequence, and establishes the combat cycle for combat operations. After the approval of the person in charge of electromagnetic spectrum control, it publishes and organizes the implementation to each branch’s combat unit and unit. The electromagnetic spectrum combat unit fully participates in the key combat flow of the joint force and adjusts the update plan and sequence in time according to the user needs of the subunits and the electromagnetic spectrum of the battlefield during the operation period to ensure that each electromagnetic spectrum control sequence is effectively generated and efficiently Released and executed. The basic processes are: Formulation and release of control plans, update of control plans for each division, preparation of operational plans, generation and distribution of control sequences, execution and adjustment of operational implementation plans and control sequences, and monitoring and guidance of operational processes. The operational implementation cycle is shown in Figure 5.

Figure 5 Joint Electromagnetic Spectrum Operational Implementation Cycle

3  Electromagnetic Spectrum Combat Development Characteristics

New military capabilities cannot be separated from the new system. As an operational concept that responds to new military challenges in the era of information networks, big data, and artificial intelligence, electromagnetic spectrum warfare has become a new direction for the development of the combat effectiveness of the US military. In order to deepen understanding and be efficient and practical, the U.S. military has pushed the new concept to the battlefield from many dimensions, including the development of policy directives, organization and force adjustment, equipment systems and new technology research and development.

3.1 Reinforce basic concepts and theoretical understanding based on policy directives, promote operational concepts and implement operations

Thought leads action. The U.S. military is good at innovative operational concepts and the concept of electromagnetic spectrum warfare is no exception. The first is to focus on clarifying the concept core and uniting the concept. During the early years of the development of the electromagnetic spectrum warfare, new concepts for the new combat domain were always being demonstrated. The military led high-level forums such as the “Old Ravens” and other professional military and military forums to analyze the related theories involved in the concept, exchange technology development and application methods, and promote deeper understanding. At the same time, in the strategic documents and top-level regulations, the relevant old and new policies were gradually sorted out. The links and distinctions between concepts, and the analysis of their categories and task areas, are increasingly contributing to the clear definition of concepts and the formation of theoretical systems. The second is to use operations on the battlefield, and refine the rules step by step. The U.S. military has always attached importance to the concept of combat to the implementation of warfare and technical measures. It took only about three years from the conception of the electromagnetic spectrum to the entry directives and from the joint directive to the arms and military operational manuals and the TTP. The US Army even established a concept blueprint for the use of battlefields before the Joint Staff. Joint operational and operational guidance for systemic operations at the level of the joint level to the unit level.

3.2 Establish an efficient and integrated force structure based on intrinsic power, and strive to use the full cycle of coordination and order in the battlefield

The troops are the carrier of operations. The U.S. military attaches great importance to the optimization and integration of new concept combat forces and existing capabilities. The first is to focus on the overall planning of the capability system. The trajectory of the capabilities of the US military’s electromagnetic spectrum warfare and cyberspace operations is similar. From the Joint Staff Headquarters, the Joint Forces Command to the military arms, set up combat seats and corresponding implementation teams, and establish a full-flow operation mechanism for operational planning, accusation, implementation, and evaluation to form an efficient and smooth capability integration system. The second is to emphasize the coordination and integration of existing institutions and new forces. Through the clarification of the responsibilities and interrelationships of institutions and forces involved in new capabilities in a timely manner, action-oriented operational procedures and implementation procedures are formulated, and even the relevant regulatory templates for coordination activities are promoted to facilitate the whole-system action coordination of electromagnetic spectrum operations and other mission domains. Orderly. The third is relying on actual drills to verify their capabilities in a timely manner. Based on the new concepts of combat and capability goals, the practice of offensive and defensive battles in the field of electromagnetic spectrum is rapidly promoted, and corrections are made during operational trials. The U.S. Army formed an independent electromagnetic spectrum warfare unit of the 1st battlefield network warfare group from February to May last year and plans to participate in an exercise organized by a regional battle commander at the end of the year [31]; the U.S. Air Force is in the “battle shield” exercise. In response to the “Spectrum Interference Elimination Project”, radar EW system evaluation [5] was implemented.

3.3 Promote the pre-research of the new concept equipment system with the support of scientific and technological strength, transform the high technology into the advantage of combat effectiveness

Strong army must have weapon. High-tech equipment is an important way to give birth to newcomer warfare capabilities. The first is to excavate new battlefield changes and assess new demands. The US Department of Defense’s “Electromagnetic Spectrum Strategy” in 2014 pointed out that it is necessary to quantify spectrum requirements and develop the equipment and technologies needed for the electromagnetic environment to enhance real-time spectrum operation and electromagnetic spectrum system real-time identification, prediction and interference cancellation capabilities [9]. From the bottom up to the top, the U.S. military has established a demand collection and integration mechanism for the deployment and deployment of equipment systems and applications. It collects and sorts regularly and conducts special investigations and demonstrations with the aid of the government audit department, Rand Corporation, and a special panel of institutes. The analysis results can be Directly providing decision support for the Ministry of Defense and the Joint Staff Association, it forms an unobstructed demand management evaluation system, and injects activators for the development of electromagnetic spectrum warfare equipment and the development of new combat capabilities. The second is to pay attention to the integration of pre-research technology to equipment system applications. The U.S. military equipment system development will be based on national defense information architecture standards. It will have system processes and capabilities such as simulation modeling, pre-research, technology integration, and application verification. It will focus on the simultaneous improvement of existing models and the development of new research and development of smart technology and equipment systems. “Determining Electromagnetic Waves” pointed out that the important features of the electromagnetic spectrum warfare in the new phase are passive sensor applications and the use of “low-zero-power” capabilities to counteract the enemy’s anti-electromagnetic confrontation, and intelligent technologies and equipment are the future dominant [6]. The pre-research and integration of electromagnetic spectrum warfare technology and equipment will also be able to achieve a more optimal way to upgrade military capabilities to technological capabilities, integrate cutting-edge technologies with mature methods, and integrate specialized systems into integrated platforms, thus achieving a seamless leap in combat effectiveness.

 

Original Mandarin Chinese:

电磁频谱技术决定未来战争赢家 美军发展现状需警惕

 

長期以來,為破解反進入/區域拒止(A2 / AD)困局,達成新的抵消戰略,美軍先後推出空地/空海一體戰,網絡中心戰,分佈式殺傷,多域戰和混合戰爭等作戰新思想,不斷謀求導彈攻防,網絡電磁和多域空間等軍事優勢。如今,電磁頻譜戰成為引領新一輪軍事理論和技術創新的新寵。研究和剖析美軍電磁頻譜作戰發展現狀與特點,對於我軍在信息戰場禦敵制勝具有重要現實意義。

1電磁頻譜戰發展現狀

1956年,前蘇聯海軍司令Sergei Gorschkov上將指出:“誰控制了電磁頻譜,誰將贏得下一場戰爭”。六十年後,電磁頻譜成為現代戰爭的關鍵作戰域之一。為爭奪戰場電磁頻譜優勢,美軍從作戰理論到裝備技術進行深入探索,發展迅猛。

1.1理論發展沿革

電磁頻譜控制由來已久。上世紀70年代初,美參聯會主席Thomas H. Moorer稱,第三次世界大戰的勝利者將是能高度控制和管理電磁頻譜的一方。美國“老鴇鴉”協會最早提出將電磁控制(EMC)作為電子戰概念的第四組成部分。2009年,戰略司令部推出電磁頻譜戰(EMSW)早期概念,在電子戰基礎上增加電磁頻譜管理(EMSM),電磁頻譜控制(EMSC),電磁戰鬥控制(EMBC)等任務內容[1]。2012年,戰略司令部建立聯合電磁頻譜控制中心(JEMSCC),旨在實現電子戰和電磁頻譜管理全面集成,各部隊也分別建立相應的組織協調機構和分隊[2]。美海軍同年提出電磁機動戰(EMMW)概念[3],並在2015年3月發布“21世紀海上力量合作戰略”,概要闡述了電磁機動戰目標,構成,技術項目和實現路徑[4]。2015年12月,美國防部首席信息官TerryHalvorsen指出,電磁頻譜有望被視作繼,海,空,天,賽博空間之後第六作戰域[5];同月,戰略與預算評估中心在“決勝電磁波:重拾美國電磁頻譜領域主宰地位”[6]報告中提出“低 – 零功率“電磁頻譜戰概念,闡述了概念思想,趨勢特點,能力和技術需求及當前障礙並提出視圖,概念,採辦,技術,驗證等方面建議。2016年11月底,美國”老鴇鴉“協會第53屆國際研討會以“電磁頻譜作戰全球視野”為主題,展示電子戰,頻譜感知與衝突消除的新概念與技術成果,探討電磁頻譜作戰環境,政策條令,裝備採辦,聯合訓練與作戰能力等[ 7]。2017年1月新任國防部長Ashton Carter簽署首部“電子戰戰略”文件,正式確立電磁頻譜為獨立作戰域並闡述如何實施作戰[8]。

1.2政策與條令

戰略政策與軍事條令集中體現美軍作戰理論發展。美國防部2006年至2014年多版更新“電磁頻譜戰略”,聚焦推進頻譜裝備發展,頻譜行動靈活性,頻譜管理和政策響應能力提升等戰略目標[ 9];戰略司令部2010年8月發布“贏得21世紀經濟與安全優勢:電磁頻譜控制戰略框架”,從目標,需求,戰略開發等多角度構建電磁頻譜控制體系架構[10];參聯會先後於2012年3月頒布JP6-01“聯合電磁頻譜管理行動”聯合出版物[11],2012年12月簽頒CJCSM3320.01C“電磁作戰環境中聯合電磁頻譜管理行動”主席手冊[12], 2013年1月簽發CJCSI3320.01D“聯合電磁頻譜作戰”指示[13]和CJCSM3320.04“電子戰支援聯合電磁頻譜作戰”手冊[14],2015年3月簽署“電磁頻譜作戰聯合概念”文件[ 15,系統闡明聯合部隊開展電磁頻譜作戰行動的戰略願景,組織機構與職能,指揮與管理關係,計劃制定與作實施,作戰集成與行動協同等內容,並逐步向電磁控制,干擾消除,頻譜管理和電子戰重編程等操作層的戰術,技術與程序(TTP)細化;美陸軍於2007年12月發布TRADOC P525-7-16“美陸軍未來模塊化部隊概念能力計劃2015-2024–電磁頻譜作戰”手冊[16],2010年5月頒布野戰條令FM6-02.70“陸軍電磁頻譜作戰”[17],2014年1月頒布野戰手冊FM3-38“網絡電磁行動”[18],2015年12月發布出版物ATP6-02.70“電磁頻譜管理作戰行動技能”[19],2016年2月更新AR525-15“網絡電磁行動軟件重編程“規定[20],美空軍2017年更新AFI10-703”電子戰集成重編程“指示[21],在聯合條令指導下界定電磁頻譜作戰概念範疇,深度闡述機構與職責,作戰架構,計劃制定與協調控制,任務清單與決策流程,行動分隊與管理工具及DOTMLPF等問題,並促進電磁頻譜作戰,電子戰與網絡空間戰的融合。此外,美聯合部隊開發部主管Kevin D. Scott於2016年10月簽署JDN3-16“聯合電磁頻譜作戰”條令紀要[22],規範了術語和作戰框架標準,對職能角色,組織機構,計劃制定,作戰實施和評估作了程序性描述,它以參聯會2013年1月和3月簽頒的CJCSM3320.02D“聯合頻譜干擾消除程序”,CJCSI3320.02F“聯合頻譜干擾消除”和2014年2月的CJCSI3320.02E-1“聯合頻譜干擾消除程序保密增本”三大條令[23] [24] [25]為重要操作支撐,成為美軍電磁頻譜戰最新指導。

1.3裝備與技術

軍事技術引領和支撐先進作戰理念。為將電磁頻譜戰從概念轉化為能力,美軍極力開展技術創新和裝備研發,發展具有網絡化,靈巧化,多功能,小型化和自適應等特徵的新系統。

在頻譜管控系統上[19] [26],美國防部自2005年開發部署同盟國聯合頻譜管理規劃工具(CJSMPT)與全球電磁頻譜信息系統(GEMSIS),隨後的頻譜XXI與改進型頻譜XXIO,頻譜感知管理與規劃系統(SSC-SSMPS),頻譜態勢感知系統(S2AS),海上電磁頻譜作戰行動項目(伊索),聯合自動通信電子行動指令系統(JACS),東道國全球在線頻譜數據庫等,具備實時頻譜測量與在線分析,頻譜籌劃推演與頻率分配,電磁干擾分析與衝突消除,電磁作戰環境建模仿真,電磁態勢共享與用頻效能評估,頻譜資源接入與數據庫等功能與能力。

在作戰裝備與技術項目上[3] [26] [27],2011年,預先研究計劃局(DARPA)開始啟動行為學習自適應電子戰(刀片),自適應雷達對抗(ARC),極端射頻頻譜條件下通信(CommEx),主動電子掃描陣列(AESA)技術,近零功耗射頻和傳感器運行(N-ZERO)等項目,通過對抗行為實時評估,措施自主生成,效果即時反饋等新技術開發針對未知波形和行為的電磁頻譜威脅實時戰術對抗新能力; 2010年,空軍啟動基於網絡化軟件定義架構(SDA)的認知干擾機與大功率高效射頻數模轉換器(HiPERDAC)項目以及無源射頻識別環境(PRIDE),頻譜戰評估技術工程研究(衫),反電子高功率微波先進導彈(CHAMP)等項目,發展有源和無源目標威脅自動感知識別,實時評估和自適應對抗技術與能力;美海軍開展海上電子戰改進(SEWIP-塊1 / II / III)SLQ-32艦載電子戰系統,艦船信號探裝備(SSEE),電磁指揮與控制(EMC2),集成桅杆(InTop)艦載天線,下一代干擾機(NGJ)等項目,提升實時威脅評估與態勢感知,任務方案建模仿真,電磁頻譜自動分配,作戰行動分析等能力;美陸軍啟動計劃在2016年9月投入使用的電子戰規劃與管理工具(EWPMT)和多功能電子戰(MFEW),防禦性電子攻擊(DEA)和“消音器”電子戰等系統,增強射頻信號感知的電子支援和發送干擾或欺騙信號的電子攻擊能力。今年初,戰略司令部聯合電子戰中心(JEWC)啟動面向電磁頻譜態勢感知與指揮控制提供改進電磁戰鬥管理能力的新技術研究,計劃5年內實現基於策略的實時頻譜管控,先進電磁戰鬥序列(EOB)表徵和行動方案建模仿真分析等能力並達到7-8級技術成熟度[28]。在認知電子戰和人工智能技術推動下,DARPA在2017年8月11日又啟動了射頻機器學習系統(RFM LS)和頻譜聯合挑戰項目,開發從大量複雜頻譜信號中自動區分和表徵目標信號的新技術[29]。

2聯合電磁頻譜作戰理論

電磁頻譜戰是美軍21世紀信息作戰最新理論。隨著研究和認識的不斷深化,美軍逐步將新的戰略思想落地為戰法和戰術措施。為統一戰場電磁頻譜利用與控制行動,美軍綜合一系列指示,條令,規程等文件出版JDN3-16“聯合電磁頻譜作戰”條令紀要,規範了作戰概念,任務範疇,組織機構,作戰籌劃與實施及評估等。

2.1基本概念

電磁頻譜作戰(EMSO)是美軍電磁頻譜戰理論的概念基點。它以電子戰和頻譜管理為基礎,以聯合電磁頻譜作戰為實現方式,目標是在電磁作戰環境(EMOE)中達成電磁頻譜優勢,涉及頻譜管理行動,聯合電磁頻譜作戰(JEMSO)和聯合電磁頻譜管理行動等概念。根據美軍條令JP1-02“國防部軍事術語詞典”[30],JP6-01“聯合電磁頻譜管理行動”,JDN3 -16“聯合電磁頻譜作戰”和ATP6-02.70“電磁頻譜管理作戰行動技能”界定,聯合電磁頻譜作戰是由兩個或兩個以上部隊開展的用於利用,攻擊,防護和管理電磁作戰環境的協同軍事行動。電磁頻譜管理行動是指在軍事行動全階段共同促成計劃,管理和實施電磁作戰環境內作戰行動的頻譜管理,頻率分配,東道國協調,政策遵循,衝突消除等相互聯繫的功能。各概念間關係與範疇如圖1。

圖1電磁頻譜作戰相關概念關係圖[19]圖1電磁頻譜作戰相關概念關係圖[19]

2.2任務域定位

美軍認為,聯合電磁頻譜作戰任務域由電磁頻譜利用,管理,攻擊和防護四維度任務構成,其中,利用任務有信號情報蒐集分發和電子戰支援,管理任務有電磁頻譜管理和電磁戰鬥管理,攻擊任務有電子攻擊和導航戰,防護任務有電子防護和聯合頻譜干擾消除。該作戰概念旨在對電磁作戰環境中的聯合部隊電磁頻譜行動進行作戰集成,確立重點優先事項,組織行動協同和衝突消除,通過充分集成電磁機動方案,力量和行動強化協調統一,實現戰場電磁頻譜控制。它在各作戰域的聯合作戰行動能力形成中扮演著關鍵角色,對聯合部隊的指揮控制,情報,火力打擊,調整與機動,防護,行動能力維持等職能作用發揮產生深刻影響。

2.3組織機構框架

聯合電磁頻譜作戰的組織機構負責為指揮官和司令部制定和發布政策指示與行動指南,進行作戰計劃制定,作戰實施,行動協調和作戰評估。由聯合部隊指揮官指派電磁頻譜控制負責人承擔聯合電磁頻譜作戰總職責。聯合電磁頻譜作戰單元(JEMSOC)是聯合部隊的主要參謀部,由電磁頻譜控制負責人委派一名主管統一指揮。各軍種設立電磁頻譜作戰分部,各下轄一個電磁頻譜作戰分隊,承擔集成網電作戰,電子戰和頻譜管理行動的職能,分別為陸軍的電子戰軍官所轄網絡電磁行動分隊,海軍的海上作戰中心電磁頻譜作戰分隊,空軍的空中作戰中心電子戰協調單元,海軍陸戰隊的戰鬥開發與集成司令部下屬網絡空間與電子戰協調單元,多國部隊聯合參謀部作戰處所屬合同電子戰協調單元。聯合部隊所屬聯合電磁頻譜作戰組織機構如圖2,聯合電磁頻譜作戰單元架構如圖3。

圖2電磁頻譜作戰組織機構圖2電磁頻譜作戰組織機構

圖3聯合電磁頻譜作戰單元架構圖3聯合電磁頻譜作戰單元架構

2.4作戰籌劃流程

聯合電磁頻譜作戰籌劃工作由各級聯合電磁頻譜作戰單元共同完成。在任務分析時,作戰計劃制定隊伍制定一份參謀部評估方案,用於在制定和分析行動方案中確定電磁頻譜支持度,作為達成電磁頻譜優勢的戰略基礎;行動方案選定後,制定聯合電磁頻譜作戰附錄,描述作戰全階段的使命任務,優先事項,政策策略,流程步驟和實施程序,為在聯合作戰域使用電磁戰鬥管控系統建立協調措施,具體程序和交戰規則;同時,聯合部隊各分部報送各自電磁頻譜作戰計劃並集成到該附錄在計劃制定與行動實施期間,聯合電磁頻譜作戰單元加強各分部電磁頻譜作戰計劃並參與各分部需求制定,優先事項確立,作戰集成與行動協同,並生成一份電磁頻譜控制計劃。隨後,調整更新後的電磁頻譜控制計劃啟動聯合電磁頻譜作戰實施週期環,生成指導聯合部隊磁頻譜使用的電磁頻譜控制序列。作戰籌劃流程如圖4。

圖4聯合電磁頻譜作戰計劃制定流程圖4聯合電磁頻譜作戰計劃制定

2.5作戰實施方式

聯合電磁頻譜作戰實施過程是一個計劃,實施和評估的連續循環週期。聯合電磁頻譜作戰單元完成電磁頻譜控制計劃和電磁頻譜控制序列的制定,確立作戰行動的戰鬥週期,經電磁頻譜控制負責人批准,向各分部作戰單元和分隊發布並組織實施。電磁頻譜作戰單元全週期完整參與聯合部隊關鍵戰鬥流程,並根據作戰時段內各分部所屬分隊的用戶需求和戰場電磁頻譜態勢及時調整更新計劃與序列,確保每份電磁頻譜控制序列有效生成,高效下達和執行基本過程為:制定與發布控制計劃,更新各分部控制計劃,準備作戰計劃,生成和分發控制序列,執行和調整作戰實施計劃與控制序列,監測和指導作戰進程,作戰實施週期如圖5。

圖5聯合電磁頻譜作戰實施週期圖5聯合電磁頻譜作戰實施週期

3電磁頻譜作戰發展特點

軍事新能力離不開新體系支撐。作為應對信息網絡,大數據和人工智能時代軍事新挑戰的作戰理念,電磁頻譜戰一經提出就成為美軍戰鬥力發展新方向。為力求深化認識且高效實用,美軍從政策條令建設,組織機構與部隊調整,裝備系統與新技術研發等多個維度將新概念推向戰場。

3.1以政策條令為依據強化基本概念與理論認知,推動作戰理念向執行操作落地

思想引領行動。美軍擅長創新作戰理念,電磁頻譜戰概念也不例外。一是注重釐清概念核心,統一理念認知。電磁頻譜戰發展的早期數年,始終在論證面向新作戰域的新概念。軍方主導“老鴇鴉”等專業性軍地高層論壇,分析概念所涉及的相關理論,交流技術發展和應用方式,推動認識深化,同時,在戰略性文件和頂層條令中,逐步梳理相關聯新舊概念間的聯繫與區別,剖析其範疇與任務域,以此日益促成概念的清晰界定和理論體系成型。二是面向戰場運用操作,逐層細化條令。美軍歷來重視將作戰概念向執行層戰,技術措施細化落地。電磁頻譜戰從概念提出到進入條令和從聯合條令到軍兵種配套行動手冊及戰技術規程(TTP)僅用三年左右的時間,美陸軍甚至在聯合參謀部之前建立戰場運用概念藍圖,形成從聯合層面到分隊層面層層銜接,逐項落的系統性作戰運用與操作指南。

3.2以固有力量為基礎建立高效集成的部隊架構,力求戰場運用全週期協調有序

部隊是行動載體。美軍非常重視新概念作戰力量與現有能力的優化集成。一是注重能力體系整體規劃。美軍電磁頻譜戰與網絡空間作戰的能力發展軌跡相似。從聯合參謀部,聯合部隊司令部到軍兵種部隊,設置作戰席位和相應實施分隊,建立作戰計劃,指控,實施和評估的全流程運行機制,形成高效流暢的能力集成體系。二是重視現有機構與新力量協調互融。通過及時明確新能力所涉及機構與力量的職責和相互關係,制定面向作戰的行動流程和實施程序,甚至規定有關協調活動中的制式模板,促成電磁頻譜作戰與其他任務域的全體系全程行動協同有序。三是依托實戰演練及時驗證能力。基於作戰新概念和能力目標迅速推進電磁頻譜領域戰場攻防研練實踐,在作戰試驗中邊驗證邊修正。美陸軍在去年2至5月成立第1戰場網電戰小組的電磁頻譜戰獨立分並計劃年底參加某一地域戰鬥司令部組織的演習[31];美空軍在“戰鬥護盾”演習中為響應“頻譜干擾消除項目”實施了雷達電子戰系統測評[5]。

3.3以科技實力為支撐推進新概念裝備系統預研,將高新技術向戰鬥力優勢轉化

強軍必需利器。高新技術裝備是催生新生作戰能力的重要途徑。一是善於發掘戰場新變化並評估新需求。美國防部2014年“電磁頻譜戰略”指出,要量化頻譜需求,發展電磁環境所需裝備和技術,增強實時頻譜操作和電磁頻譜系統實時識別,預測及干擾消除等能力[9]。美軍由底至頂建立了面向裝備系統研建與作戰部署應用的需求採集與集成機構,在定期蒐集梳理的同時借助政府審計署,蘭德公司和院所專題小組進行專項調研論證,分析結果可直接為國防部和參聯會提供決策支持,形成了暢通有力的需求管理評估體系,為研建電磁頻譜戰裝備和開發新型戰鬥力注入激活劑。二是注重預研技術向裝備系統集成應用。美軍裝備系統研建都會基於國防信息體系結構標準展開,具備仿真建模,預先研究,技術集成,應用驗證等系統流程和完善能力,注重同步進行原有型號改進和新研智能技術裝備系統開發“決勝電磁波”指出,新階段電磁頻譜戰重要特徵是無源傳感器應用和採用“低 – 零功率”。能力對敵進行反電磁對抗,智能化技術和裝備是未來主導[6]。電磁頻譜戰技術裝備預研與集成也將能夠以更優方式實現軍事問題向技術能力升級,前沿技術與成熟方法互融,專用系統向綜合平台集成,進而完成戰鬥力優勢無縫躍升。

Original Source:

http://mil.news.sina.com.cn/jssd/2018-05-03/

中國新的網絡安全法 // Internet Security Law of the People ‘s Republic of China

中國新的網絡安全法 // Internet Security Law of the People ‘s Republic of China

Table of Contents

    Chapter 1 General Provisions

Chapter 2 Network Security Support and Promotion

Chapter 3 Network Operation Safety

Section 1 General Provisions

SECTION 2: Operational safety of key information infrastructures

Chapter 4 Network Information Security

Chapter 5 Monitoring Early Warning and Emergency Handling

Chapter VI Legal Liability

Chapter VII Supplementary Provisions

Chapter 1 General Provisions

The first order to protect network security , safeguard cyberspace sovereignty and national security , public interests , protection of citizens , legal persons and other organizations , to promote the healthy development of economic and social information , this law is enacted .

Article in the territory of People’s Republic of China construction , operation , maintenance and use of the network , as well as supervision and management of network security , this Law shall apply .

Third countries adhere to both network security and information technology development , follow the active use , scientific development , according to management , to ensure the safety policy , promote the network infrastructure construction and interoperability , to encourage innovation and application of network technology , to support the development of network security personnel , Establish and improve the network security system , improve network security protection .

Article 4 The State shall formulate and continuously improve the network security strategy , clearly define the basic requirements and main objectives of the network security , and put forward the network security policies , tasks and measures in the key areas .

Article 5 The State shall take measures to monitor , defend and dispose of network security risks and threats arising from the territory of the People’s Republic of China , protect the critical information infrastructure from attack , intrusion , interference and destruction , punish the network for criminal activities and maintain the network Space security and order .

Article 6 The State shall promote the network behavior of honesty and trustworthiness , health and civilization , promote the dissemination of socialist core values , and take measures to raise the awareness and level of cybersecurity in the whole society and form a favorable environment for the whole society to participate in promoting network security .

Article VII countries active in cyberspace governance , network technology research and standards development , the fight against international exchange and cooperation network and other crimes , to promote the building of peace , security , open , cooperative cyberspace , multilateral , democratic , transparent network Governance system .

Article VIII of the National Network Information Department is responsible for co-ordination network security and related supervision and administration . State Council department in charge of telecommunications , public security departments and other relevant authorities in accordance with this Law and other relevant laws , administrative regulations , responsible for network security and supervision and administration within their respective areas of responsibility .

Local people’s governments above the county level of network security and regulatory functions , determined in accordance with relevant state regulations .

Article IX network and service operators to carry out business activities , must abide by laws , administrative regulations , respect social ethics , abide by business ethics , honesty and credit , fulfill the obligation to protect network security , and accept the supervision of government and society , social responsibility .

Article X build , operate or provide network services through a network , it should be in accordance with laws , regulations and national standards and administrative regulations of mandatory requirements , technical measures and other necessary measures , to ensure network security , stable operation , to effectively deal with network security incidents , Prevent cyber criminal activities , maintain the integrity of network data , confidentiality and usability .

Article XI  network-related industry organizations accordance with the constitution , strengthen self-discipline , to develop guidelines for network security behavior , guide members to strengthen network security , increase network security levels , and promote the healthy development of the industry .

Article XII of  the State protection of citizens , legal persons and other organizations the right to use the network in accordance with law , the promotion of universal access network , improve network service levels , and provide safe , convenient network services , to protect the free flow of network information according to law and orderly .

Any person and organization using the network should abide by the constitutional law , abide by the public order , respect social morality , not endanger the network security , shall not use the network to endanger national security , honor and interests , incite subversion of state power , overthrow the socialist system , incitement to split the country , The destruction of national unity , the promotion of terrorism , extremism , the promotion of national hatred , ethnic discrimination , the dissemination of violence , obscene pornography , fabricating and disseminating false information to disrupt economic order and social order , and infringe upon the reputation , privacy , intellectual property and other legitimate rights and interests of others And other activities .

Article XIII  countries to support research and development is conducive to healthy growth of minors networking products and services , punishing minors using the Internet to endanger physical and mental health activities according to law , to provide security for minors , healthy network environment .

Article 14  Any individual or organization shall have the right to report to the network , telecommunications , public security and other departments that are harmful to the safety of the Internet . The department that receives the report shall handle it in a timely manner and if it does not belong to the duties of the department , it shall promptly transfer the department to be handled .

The relevant departments shall keep the relevant information of the whistleblower and protect the legitimate rights and interests of the whistleblower .

Chapter 2 Network Security Support and Promotion

Article 15 The  State shall establish and improve the network security standard system . The department in charge of standardization of the State Council and other relevant departments under the State Council shall, in accordance with their respective duties , organize and formulate and revise the national standards and industry standards for network security management and network products , services and operation safety .

National support enterprises , research institutions , colleges and universities , network-related industry organizations to participate in network security national standards , industry standards .

Article 16 The   State Council and the people’s governments of provinces , autonomous regions and municipalities directly under the Central Government shall make overall plans , increase investment , support key network security technology industries and projects , support the research and development and application of network security technology , promote safe and reliable network products and services , Protection of network technology intellectual property rights , support enterprises , research institutions and colleges and universities to participate in national network security technology innovation projects .

Article 17 The   State shall promote the construction of a social security service system for network security and encourage the relevant enterprises and institutions to carry out safety services such as network security certification , testing and risk assessment .

Article 18 The   State encourages the development of network data security protection and utilization technology to promote the opening of public data resources and promote technological innovation and economic and social development .

State support innovative network security management , the use of new network technologies , enhance network security level .

Article XIX   governments at all levels and relevant departments should organize regular network security education , and guidance , and urge the relevant units to do network safety publicity and education work .

The mass media should be targeted to the community for network security publicity and education .

Article 20 The  State shall support enterprises and institutions of higher education , vocational schools and other educational and training institutions to carry out network safety-related education and training , and adopt a variety of ways to train network security personnel and promote the exchange of network security personnel .

Chapter 3 Network Operation Safety

Section 1 General Provisions

Article 21 The  State shall implement a system of network security protection . Network operators should be in accordance with the requirements of the network security level protection system , perform the following security obligations , to protect networks from interference , damage or unauthorized access , preventing data leakage or stolen , tampered with :

( 1 ) to formulate internal safety management systems and operating procedures , to determine the network security responsible person , the implementation of network security protection responsibility ;

( 2 ) to take precautions against computer viruses and network attacks , network intrusion and other hazards of network security behavior of technical measures ;

( 3 ) to take technical measures to monitor and record the operation status of the network and the network security incident , and to keep the relevant network log in accordance with the regulations for not less than six months ;

( D ) to take data classification , important data backup and encryption and other measures ;

( 5 ) other obligations stipulated by laws and administrative regulations .

Article 22 The  network products and services shall conform to the mandatory requirements of the relevant national standards . Network products , service providers may not set up malicious programs ; found their network products , services, security defects , loopholes and other risks , should immediately take remedial measures , in accordance with the provisions of the timely notification of the user and report to the relevant authorities .

The providers of network products and services shall provide continuous maintenance of their products and services ; they shall not terminate the provision of safety maintenance within the time limit prescribed by the parties or the parties .

Network products , services with the collection of user information function , the provider should be clear to the user and obtain consent ; involving the user’s personal information , but also should comply with this law and the relevant laws and administrative regulations on personal information protection requirements .

Article 23 The  network of key equipment and network security specific products should be in accordance with national standards of mandatory requirements , qualified by the agency safety certification or qualified safety testing to meet the requirements after , before they sell or provide . The State Network letter department in conjunction with the relevant departments of the State Council to develop and publish network key equipment and network security products directory , and promote safety certification and safety testing results mutual recognition , to avoid duplication of certification , testing .

Article 24 The  network operator shall handle the services such as network access , domain name registration service , fixed telephone and mobile telephone , or provide services such as information release and instant messaging , and enter into an agreement with the user or confirm the service when , should be required to provide true user identity information . If the user does not provide the true identity information , the network operator shall not provide the relevant service .

National implementation trusted identity network strategy , to support research and development of safe , convenient electronic authentication technology , to promote mutual recognition between different electronic authentication .

Article 25  network operators shall develop network security emergency response plan , timely disposal system vulnerabilities , computer viruses , network attacks , security risks and other network intrusions ; in the event of the occurrence of the harm network security , immediately launched the emergency plan , take the appropriate remedial measures , and report to the relevant authorities in accordance with the provisions .

Article 26   to carry out certification of network security , detection , risk assessment and other activities , released to the public system vulnerabilities , computer viruses , network attacks , network intrusions and other network information security , should comply with the relevant provisions of the State .

Article 27   No individual or organization may not engage in illegal intrusion into networks of others , interfere with the normal function of the network of others , active network data theft and other hazards network security ; not provide specifically for the network in the invasion , interfere with the normal function of the network and protective measures , theft Network data and other activities that endanger the network security activities , tools ; knowing that others engaged in activities that endanger network security , not to provide technical support , advertising , payment and settlement help .

Article 28 The   network operators shall provide technical support and assistance to the public security organs and the state security organs to safeguard the national security and the investigation of crimes according to law .

Article 29 The   State supports between network operators to collect information on network security , analysis , reporting and emergency response and other aspects of cooperation , to improve the security capabilities of network operators .

Relevant industry organizations to establish and improve network security norms and mechanisms for cooperation in this sector , to strengthen the analysis and evaluation of network security risks , regularly risk warning to the members , to support , to assist members to deal with network security risks .

Article 30   Network and Information Department and relevant information acquired in the performance of network security protection responsibilities , only for the need to maintain network security , shall not be used for other purposes .

SECTION 2: Operational safety of key information infrastructures

Article 31 The   state public communication and information services , energy , transportation , water conservancy , finance , public services , e-government and other important industries and fields , as well as other once destroyed , the loss of functionality or data leakage , could seriously endanger national security , people’s livelihood , the critical information infrastructure of public interest , on the basis of network security protection system on , special protection . The specific scope and safety protection of key information infrastructure shall be formulated by the State Council .

The country encourages network operators outside key information infrastructures to participate voluntarily in critical information infrastructure protection systems .

Article 32  in accordance with the division of duties prescribed by the State Council , responsible for the protection of critical information infrastructure security departments are working to formulate and implement the industry , the art of critical information infrastructure security planning , guidance and supervision of the safe operation of critical information infrastructure protection Work .

Article 33 The   construction of the critical information infrastructure to support business should ensure it has a stable , continuous operation performance , and technical measures to ensure the safety synchronized planning , simultaneous construction , simultaneous use .

Article 34   In addition to the provisions of Article 21 of this Law , critical information infrastructure operators shall perform the following security obligations :

( A ) set up a special safety management and safety management agency in charge of people , and the negative security background screening of responsibility and the key staff positions ;

( 2 ) regularly carry out network security education , technical training and skills assessment for employees ;

( Iii ) disaster recovery of critical systems and databases ;

( D ) the development of network security incident contingency plans , and regular exercise ;

( 5 ) other obligations stipulated by laws and administrative regulations .

Article 35 Where  a operator of a key information infrastructure purchases a network of products and services that may affect the safety of the State , it shall pass the national security review organized by the State Network Department in conjunction with the relevant departments of the State Council .

Article 36 of   the critical information infrastructure of network operators purchasing products and services , shall sign a confidentiality agreement with the security provider in accordance with the provisions , clear security and confidentiality obligations and responsibilities .

Article 37  Personal information and important data collected and produced by operators of key information infrastructure operators in the territory of the People’s Republic of China shall be stored in the territory . Due to business needs , do need to provide to the outside , should be in accordance with the State Network letter department in conjunction with the relevant departments of the State Council to develop a safety assessment ; laws and administrative regulations otherwise provided , in accordance with its provisions .

Article 38   critical information infrastructure operator shall himself or entrust their network security services and the possible risk of network security test and evaluation carried out at least once a year , and will assess the situation and improve the detection measures submitted to the responsible Key information Infrastructure Security protection work .

Article 39 The   State Network Letters shall coordinate the relevant departments to take the following measures for the protection of key information infrastructures :

( A ) the security risk of critical information infrastructure will be random testing , suggest improvements , can be entrusted network security services when necessary for the existence of network security risk assessment to detect ;

( 2 ) to organize the operators of key information infrastructures on a regular basis to conduct network security emergency drills to improve the level and coordination capability of responding to network security incidents ;

( 3 ) to promote the sharing of network security information between the relevant departments and operators of key information infrastructures and relevant research institutions and network security services ;

( Four ) emergency response network security incidents and recovery network functions, etc. , to provide technical support and assistance .

Chapter 4 Network Information Security

Article 40  network operators should collect information on its users strictly confidential , and establish and improve the user information protection system .

Article 41 Where a  network operator collects or uses personal information , it shall follow the principles of lawfulness , reason and necessity , publicly collect and use the rules , expressly collect and use the purpose , manner and scope of the information and agree with the collectors .

Services unrelated to the personal information of the network operator shall not collect its offer , shall not violate laws , administrative regulations and bilateral agreements to collect , use of personal information , and shall be in accordance with laws , administrative regulations and the agreement with the user , process save Of personal information .

Article 42   network operators shall not be disclosed , tampering , destruction of personal information it collects ; without the consent of the collectors , may not provide personal information to others . However , except that processing does not recognize a particular person and can not be recovered .

The network operator shall take technical measures and other necessary measures to ensure that the personal information collected by it is safe to prevent leakage , damage and loss of information . Or may occur in the event of leakage of personal information , damage , time lost the case , it should take immediate remedial measures , in accordance with the provisions promptly inform the user to the relevant competent authorities report .

Article 43   personal discovery network operators violate laws , administrative regulations or bilateral agreements to collect , use their personal information , the right to require network operators to delete their personal information ; find network operators to collect , store their personal The information is wrong , the right to require the network operator to be corrected . The network operator should take action to remove or correct it .

Article 44   No individual or organization may steal or acquire personal information in any other illegal manner and may not illegally sell or illegally provide personal information to others .

Article 45 The   departments and their staff members with network security supervision and administration according to law , must be aware of personal information in carrying out their duties , privacy and trade secrets strictly confidential , shall not disclose , sell or illegally available to others .

Article 46   No individual or organization shall be responsible for the use of network behavior , not set up to commit fraud , to teach criminal methods , production or sale of prohibited items , sites illegal and criminal activities of controlled items, etc. , communication groups , should not be used Internet publishing involves the implementation of fraud , the production or sale of prohibited items , control of goods and other criminal activities of the information .

Article 47   network operators should strengthen the management of information published by its users , we found that laws , administrative regulations prohibit the release or transfer of information , should immediately stop the transmission of the information , to take measures to eliminate the disposal, etc. , to prevent the diffusion of information , save The relevant records and report to the relevant authorities .

Article 48  electronic information sent by any individual and organization , application software provided , shall set up a malicious program , shall not contain laws , administrative regulations prohibit the release or transfer of information .

Send electronic information service providers and application software download service provider , shall perform the safety management obligations , know that the user is under the aforesaid acts , it should stop providing services , to take measures to eliminate the disposal, etc. , keep the relevant records , and the relevant authorities Report .

Article 49 The  network operators shall establish information such as complaints and reporting systems for network information security , announce complaints and report methods, and promptly accept and handle complaints and reports on the security of network information .

Supervision and inspection network operators to network and Information Department and relevant departments according to law , shall cooperate .

Article 50   National Grid and other departments concerned to fulfill the letter of network information security supervision and administration according to law , found legal , information and administrative regulations prohibit the release or transfer , should be required to stop the transmission network operator , to take measures to eliminate the disposal, etc. , keep the relevant records ; the above information comes from outside the People’s Republic of China , it shall notify the relevant agencies to take technical measures and other necessary measures to interrupt transmission .

Chapter 5 Monitoring Early Warning and Emergency Handling

Article 51 The   State shall establish a network security monitoring and early warning and information communication system . The national network letter department should coordinate the relevant departments to strengthen the network security information collection , analysis and notification work , in accordance with the provisions of unified release of network security monitoring and early warning information .

Article 52   is responsible for critical information infrastructure security affairs , shall establish and improve the industry , network security monitoring and early warning and communications systems in the art , and network security monitoring and early warning information submitted in accordance with the provisions .

Article 53   National Grid and Information Department to coordinate relevant departments to establish and improve network security risk assessment and emergency response mechanisms , the development of network security emergency response plan , and regular exercise .

Responsible for key information infrastructure security work departments should develop the industry , the field of network security incident contingency plans , and regularly organize exercises .

Network security emergency response plan should be in accordance with the degree of harm after the incident , the network security incidents were graded sphere of influence and other factors , and provides the appropriate emergency measures .

Article 54   of network security event that occurs when the risk increases , the provincial people’s governments shall, in accordance with statutory authorities and procedures , and the characteristics of the network security risks and possible harm , take the following measures :

( A ) asked the relevant authorities , institutions and personnel timely collection , reporting information , strengthening the monitoring of network security risks ;

( Two ) organizational departments , agencies and professionals , network security risk assessment information for analysis , predicting the likelihood of events , the scope and extent of harm ;

( C ) to the community release network security risk early warning , release to avoid , reduce the harm measures .

Article 55   of network security incidents , should immediately start emergency response plan network security , network security incident investigation and assessment , require network operators to take technical measures and other necessary measures , to eliminate safety hazards , prevent harm to expand , and in a timely manner Publish public-related warning messages to the community .

Article 56  above the provincial level people’s governments in the implementation of network safety supervision and management responsibilities , found that there is a big security risk or network security incidents , be in accordance with the authority and procedures of the legal representative of the network operator’s Person or main person in charge . The network operator shall take measures as required and carry out rectification and rectification to eliminate the hidden danger .

Article 57  because of network security incidents , the occurrence of unexpected events or production safety accidents , should be in accordance with the ” Emergency Response Law of People’s Republic of China “, ” Production Safety Law of People’s Republic of China ,” the relevant laws and so on , disposal and administrative regulations The

Article 58 for the maintenance of national security and public order , require major emergency incidents disposal of social security , the State Council decision or approval , can take temporary measures such as limiting network traffic in a particular area .

Chapter VI Legal Liability

Article 59 Where the   network operator fails to perform the obligations of the network security protection stipulated in Article 21 and Article 25 of this Law , the relevant competent department shall order it to make corrections and give a warning ; refusing to correct or cause harm to the network security and other consequences of , at 100,000 yuan fine of $ 10,000 or more , the person directly responsible for the 50,000 yuan fine of $ 5,000 or more .

If the operator of the key information infrastructure fails to perform the obligations of the network security protection as prescribed in Article 33 , Article 34 , Article 36 and Article 38 of this Law , the relevant competent department shall order it to make corrections and give a warning ; refuse to correct or cause harm network security consequences , at 1,000,000 yuan fine of $ 100,000 or more , the person directly responsible for at 100,000 yuan fine of $ 10,000 or more .

Article 60   in violation of the first paragraph of Article 22 of this Law , (2) and the first paragraph Article 48 , any of the following acts , ordered by the competent department of corrections , give a warning ; refuse to correct Or cause harm to the network security and other consequences , at 50,000 yuan to more than 500,000 yuan fine , the person in charge directly responsible for more than 10,000 yuan more than 100,000 yuan fine :

( A ) set up malicious programs ;

( Two ) of their products , security flaws services , risk exposure and other remedial measures are not taken immediately , or failing to promptly inform the user of the report to the relevant authorities ;

( 3 ) to terminate the security of its products and services .

Article 61   network operators who violate the provisions of Article 24 first paragraph , did not require users to provide real identity information , or provide related services for the user does not provide real identity information , by the competent authorities ordered to make corrections ; or refuse to correct the circumstances are serious , at five hundred thousand fine of $ 50,000 or more , and may be ordered by the competent authorities to suspend the relevant business , ordered to stop , to close the site , revoke the relevant business license or business license revoked , directly responsible for The person in charge and other directly responsible persons shall be fined not less than 10,000 yuan but not more than 100,000 yuan .

Article 62  in violation of Article 26 of this Law , to carry out certification of network security , detection , risk assessment and other activities , or to the public distribution system vulnerability , computer viruses , network attacks , network intrusions and other network security information , by the relevant the competent department shall order correction , given a warning ; refuse to correct or circumstances are serious , at 100,000 yuan fine of $ 10,000 or more , and may be ordered by the competent authorities to suspend the relevant business , ordered to stop , to close the site , revoked or related business license revoke the business license , the persons in charge and other directly responsible personnel directly responsible for 50,000 yuan fine of $ 5,000 or more .

Article 63   violation of Article 27 of this Law , engaged in activities that endanger network security , or to provide dedicated program to endanger network security activities , tools , technical support, or to endanger the security of network activity for others , advertising , payment settlement and other help , not constitute a crime , the public security authorities confiscate the illegal income , 5 days detention , can fine of over 50,000 yuan to 500,000 yuan fine ; the circumstances are serious , at least five days 15 days of detention , and may impose a fine of not less than 100,000 yuan but not more than one million yuan .

Units with the conduct of , the public security authorities confiscate the illegal income , at a fine of one million yuan more than 100,000 yuan , and directly in charge and other directly responsible personnel shall be punished in accordance with the preceding paragraph .

Violation of Article 27 of this Law , subject to administrative penalties for public security personnel , shall not engage in network security management and network operators work in key positions within five years ; people subject to criminal punishment , he may not engage in key positions in operations and network security management network Work .

Article 64 A  provider of a network operator , a network product or service shall , in violation of the provisions of Article 22 , paragraph 3 , and Article 41 to Article 43 of this Law , violate the right of the personal information to be protected according to law , ordered to make corrections by the competent authorities , can be a warning or a fine according to the seriousness single office , confiscate the illegal income , illegal income more than doubled a fine of ten times , there is no illegal income , at a fine of one million yuan , directly responsible Supervisors and other directly responsible persons shall be fined not less than 10,000 yuan but not more than 100,000 yuan ; if the circumstances are serious , they may order to suspend the relevant business , suspend business for rectification , close the website , revoke the relevant business license or revoke the business license .

Violation of the provisions of Article 44 of this Law , theft or other illegal means to obtain , illegally sell or illegally provide personal information to others , does not constitute a crime , the public security organs confiscated the illegal income , and more than double the illegal income ten times If there is no illegal income , a fine of not more than one million yuan shall be imposed .

Article 65 of the   critical information infrastructure of operators in violation of the provisions of Article 35 of this Law , used without safety review or not to review the security of the network through a product or service , by the competent authorities ordered to stop using , at the purchase amount More than ten times the fine ; the person directly in charge and other directly responsible persons shall be fined not less than 10,000 yuan but not more than 100,000 yuan .

Article 66   critical information infrastructure operators in violation of the provisions of Article 37 of this Law , outside the network data storage , or network data provided to the outside , ordered to make corrections by the competent authorities , be given a warning , confiscate the illegal income , of fifty yuan fine of $ 50,000 or more , and may be ordered to suspend the business , ordered to stop , to close the site , revoke the relevant business license or revoke the business license ; in charge and other directly responsible personnel directly responsible yuan and not Fine of not more than 100,000 yuan .

Article 67   in violation of the provisions of Article 46 of this Law , the website set up for the implementation of criminal activities , distribution group , or use the Internet release of information related to the implementation of criminal activities , does not constitute a crime , the public security organs 5 days detention , can impose a fine of 100,000 yuan ; the circumstances are serious , at least five days custody for 15 days or less , you can fine of over 50,000 yuan to 500,000 yuan fine . Close the website for the implementation of criminal activities , communication groups .

If the unit has the preceding paragraph , the public security organ shall be fined not less than 100,000 yuan but not more than 500,000 yuan , and shall be punished in accordance with the provisions of the preceding paragraph for the person directly in charge and other directly responsible persons .

Article 68  network operators in violation of the provisions of Article 47 of this Law , legal , administrative regulations prohibit the release or transfer of information transmission is not stopped , to take measures to eliminate the disposal, etc. , keep the relevant records , ordered by the competent department of corrections , given a warning , confiscation of illegal gains ; refuse to correct or circumstances are serious , at 500,000 yuan more than 100,000 yuan , and can be ordered to suspend the relevant business , ordered to stop , to close the site , revoke the relevant business license or business license revoked , A fine of not less than 10,000 yuan but not more than 100,000 yuan shall be imposed on the person directly in charge and other directly responsible persons .

Electronic messaging services provider , application software download service providers , non-compliance and safety management obligations specified in the second paragraph of Article 48 of this Law , in accordance with the preceding paragraph shall be punished .

Article 69   network operators in violation of the provisions of this Act , any of the following acts , by the competent authorities shall order rectification ; refuse to correct or circumstances are serious , at 500,000 Yuan more than 50,000 yuan , directly responsible for the charge and other directly responsible personnel , at one million yuan to 100,000 yuan fine :

( A ) not in accordance with the requirements of the relevant departments of the law , administrative regulations prohibit the release or the information’s transmission , taken to stop transmission , disposal measures to eliminate such ;

( 2 ) refusing or hindering the supervision and inspection carried out by the relevant departments according to law ;

( 3 ) refusing to provide technical support and assistance to the public security organs and the state security organs .

Article 70  issued or transmitted in Article 12 (2) and other laws , administrative regulations prohibit the release or transfer of information , in accordance with relevant laws , penalties and administrative regulations .

Article 71   of this Law prescribed offenses , in accordance with relevant laws , administrative regulations credited to the credit files , and to be publicized .

Article 72 Where  an operator of a government organ of a state organ fails to perform its obligations under the provisions of this Law , it shall be ordered by its superior organ or the relevant organ to make corrections , and the directly responsible person in charge and other directly responsible persons shall be punished according to law .

Article 73  Network and Information Department and relevant departments in violation of the provisions of Article 30 of this Law , the information acquired in the performance of network security protection responsibilities for other purposes , given to the persons in charge and other directly responsible personnel directly responsible according to law Punish .

The network department and the relevant departments of the staff neglected duty , abuse of power , favoritism , does not constitute a crime , according to the law to give punishment .

Article 74 Whoever , in violation of the   provisions of this Law , causes damage to others , shall bear civil liability according to law .

Violation of the provisions of this Law , constitute a violation of public security management behavior , according to the law to give security management punishment ; constitute a crime , shall be held criminally responsible .

Article 75   The organs , organizations and individuals engaged in activities , such as attack , intrusion , interference or destruction , which violate the key information infrastructure of the People’s Republic of China , cause serious consequences, and shall hold legal liabilities according to law ; the public security departments and relevant departments of the State Council the institution may decide , organize , to freeze property or other necessary personal sanctions .

Chapter VII Supplementary Provisions

Article 76   The meaning of the following terms in this Law :

( A ) network , refers to a computer or other information terminals and associated equipment consisting of the information collected in accordance with certain rules and procedures , storage , transmission , switching , the system processing .

( Two ) network security , refers to taking the necessary measures , to prevent attacks on the network , intrusion , interference , destruction and illegal use and accidents , the network is in a state of stable and reliable operation , integrity, and protect network data , privacy , The ability to be available .

( C ) network operators , refers to the network of owners , managers and network service providers .

( D ) network data , refers to the network through the collection , storage , transmission , processing and production of various electronic data .

( Five ) personal information , refer to various identification information can be used alone or in combination with other natural personal identity information electronically recorded or otherwise , including but not limited to a natural person’s name , date of birth , ID number , personal biometric information , Address , telephone number and so on .

Article 77 The   storage , processing network information involving state secrets operational security , in addition shall comply with this Act , shall also comply with privacy laws , administrative regulations .

Article 78   security protection of military networks , otherwise provided by the Central Military Commission .

Article 79   of this Law since 2017  6 June 1 from the date of implementation .

Original mandarin Chinese:

目    录

    第一章  总    则

第二章  网络安全支持与促进

第三章  网络运行安全

第一节  一般规定

第二节  关键信息基础设施的运行安全

第四章  网络信息安全

第五章  监测预警与应急处置

第六章  法律责任

第七章  附    则

第一章  总    则

第一条  为了保障网络安全,维护网络空间主权和国家安全、社会公共利益,保护公民、法人和其他组织的合法权益,促进经济社会信息化健康发展,制定本法。

第二条  在中华人民共和国境内建设、运营、维护和使用网络,以及网络安全的监督管理,适用本法。

第三条  国家坚持网络安全与信息化发展并重,遵循积极利用、科学发展、依法管理、确保安全的方针,推进网络基础设施建设和互联互通,鼓励网络技术创新和应用,支持培养网络安全人才,建立健全网络安全保障体系,提高网络安全保护能力。

第四条  国家制定并不断完善网络安全战略,明确保障网络安全的基本要求和主要目标,提出重点领域的网络安全政策、工作任务和措施。

第五条  国家采取措施,监测、防御、处置来源于中华人民共和国境内外的网络安全风险和威胁,保护关键信息基础设施免受攻击、侵入、干扰和破坏,依法惩治网络违法犯罪活动,维护网络空间安全和秩序。

第六条  国家倡导诚实守信、健康文明的网络行为,推动传播社会主义核心价值观,采取措施提高全社会的网络安全意识和水平,形成全社会共同参与促进网络安全的良好环境。

第七条  国家积极开展网络空间治理、网络技术研发和标准制定、打击网络违法犯罪等方面的国际交流与合作,推动构建和平、安全、开放、合作的网络空间,建立多边、民主、透明的网络治理体系。

第八条  国家网信部门负责统筹协调网络安全工作和相关监督管理工作。国务院电信主管部门、公安部门和其他有关机关依照本法和有关法律、行政法规的规定,在各自职责范围内负责网络安全保护和监督管理工作。

县级以上地方人民政府有关部门的网络安全保护和监督管理职责,按照国家有关规定确定。

第九条  网络运营者开展经营和服务活动,必须遵守法律、行政法规,尊重社会公德,遵守商业道德,诚实信用,履行网络安全保护义务,接受政府和社会的监督,承担社会责任。

第十条  建设、运营网络或者通过网络提供服务,应当依照法律、行政法规的规定和国家标准的强制性要求,采取技术措施和其他必要措施,保障网络安全、稳定运行,有效应对网络安全事件,防范网络违法犯罪活动,维护网络数据的完整性、保密性和可用性。

第十一条  网络相关行业组织按照章程,加强行业自律,制定网络安全行为规范,指导会员加强网络安全保护,提高网络安全保护水平,促进行业健康发展。

第十二条  国家保护公民、法人和其他组织依法使用网络的权利,促进网络接入普及,提升网络服务水平,为社会提供安全、便利的网络服务,保障网络信息依法有序自由流动。

任何个人和组织使用网络应当遵守宪法法律,遵守公共秩序,尊重社会公德,不得危害网络安全,不得利用网络从事危害国家安全、荣誉和利益,煽动颠覆国家政权、推翻社会主义制度,煽动分裂国家、破坏国家统一,宣扬恐怖主义、极端主义,宣扬民族仇恨、民族歧视,传播暴力、淫秽色情信息,编造、传播虚假信息扰乱经济秩序和社会秩序,以及侵害他人名誉、隐私、知识产权和其他合法权益等活动。

第十三条  国家支持研究开发有利于未成年人健康成长的网络产品和服务,依法惩治利用网络从事危害未成年人身心健康的活动,为未成年人提供安全、健康的网络环境。

第十四条  任何个人和组织有权对危害网络安全的行为向网信、电信、公安等部门举报。收到举报的部门应当及时依法作出处理;不属于本部门职责的,应当及时移送有权处理的部门。

有关部门应当对举报人的相关信息予以保密,保护举报人的合法权益。

第二章  网络安全支持与促进

第十五条  国家建立和完善网络安全标准体系。国务院标准化行政主管部门和国务院其他有关部门根据各自的职责,组织制定并适时修订有关网络安全管理以及网络产品、服务和运行安全的国家标准、行业标准。

国家支持企业、研究机构、高等学校、网络相关行业组织参与网络安全国家标准、行业标准的制定。

第十六条  国务院和省、自治区、直辖市人民政府应当统筹规划,加大投入,扶持重点网络安全技术产业和项目,支持网络安全技术的研究开发和应用,推广安全可信的网络产品和服务,保护网络技术知识产权,支持企业、研究机构和高等学校等参与国家网络安全技术创新项目。

第十七条  国家推进网络安全社会化服务体系建设,鼓励有关企业、机构开展网络安全认证、检测和风险评估等安全服务。

第十八条  国家鼓励开发网络数据安全保护和利用技术,促进公共数据资源开放,推动技术创新和经济社会发展。

国家支持创新网络安全管理方式,运用网络新技术,提升网络安全保护水平。

第十九条  各级人民政府及其有关部门应当组织开展经常性的网络安全宣传教育,并指导、督促有关单位做好网络安全宣传教育工作。

大众传播媒介应当有针对性地面向社会进行网络安全宣传教育。

第二十条  国家支持企业和高等学校、职业学校等教育培训机构开展网络安全相关教育与培训,采取多种方式培养网络安全人才,促进网络安全人才交流。

第三章  网络运行安全

第一节 一般规定

第二十一条  国家实行网络安全等级保护制度。网络运营者应当按照网络安全等级保护制度的要求,履行下列安全保护义务,保障网络免受干扰、破坏或者未经授权的访问,防止网络数据泄露或者被窃取、篡改:

(一)制定内部安全管理制度和操作规程,确定网络安全负责人,落实网络安全保护责任;

(二)采取防范计算机病毒和网络攻击、网络侵入等危害网络安全行为的技术措施;

(三)采取监测、记录网络运行状态、网络安全事件的技术措施,并按照规定留存相关的网络日志不少于六个月;

(四)采取数据分类、重要数据备份和加密等措施;

(五)法律、行政法规规定的其他义务。

第二十二条  网络产品、服务应当符合相关国家标准的强制性要求。网络产品、服务的提供者不得设置恶意程序;发现其网络产品、服务存在安全缺陷、漏洞等风险时,应当立即采取补救措施,按照规定及时告知用户并向有关主管部门报告。

网络产品、服务的提供者应当为其产品、服务持续提供安全维护;在规定或者当事人约定的期限内,不得终止提供安全维护。

网络产品、服务具有收集用户信息功能的,其提供者应当向用户明示并取得同意;涉及用户个人信息的,还应当遵守本法和有关法律、行政法规关于个人信息保护的规定。

第二十三条  网络关键设备和网络安全专用产品应当按照相关国家标准的强制性要求,由具备资格的机构安全认证合格或者安全检测符合要求后,方可销售或者提供。国家网信部门会同国务院有关部门制定、公布网络关键设备和网络安全专用产品目录,并推动安全认证和安全检测结果互认,避免重复认证、检测。

第二十四条  网络运营者为用户办理网络接入、域名注册服务,办理固定电话、移动电话等入网手续,或者为用户提供信息发布、即时通讯等服务,在与用户签订协议或者确认提供服务时,应当要求用户提供真实身份信息。用户不提供真实身份信息的,网络运营者不得为其提供相关服务。

国家实施网络可信身份战略,支持研究开发安全、方便的电子身份认证技术,推动不同电子身份认证之间的互认。

第二十五条  网络运营者应当制定网络安全事件应急预案,及时处置系统漏洞、计算机病毒、网络攻击、网络侵入等安全风险;在发生危害网络安全的事件时,立即启动应急预案,采取相应的补救措施,并按照规定向有关主管部门报告。

第二十六条  开展网络安全认证、检测、风险评估等活动,向社会发布系统漏洞、计算机病毒、网络攻击、网络侵入等网络安全信息,应当遵守国家有关规定。

第二十七条  任何个人和组织不得从事非法侵入他人网络、干扰他人网络正常功能、窃取网络数据等危害网络安全的活动;不得提供专门用于从事侵入网络、干扰网络正常功能及防护措施、窃取网络数据等危害网络安全活动的程序、工具;明知他人从事危害网络安全的活动的,不得为其提供技术支持、广告推广、支付结算等帮助。

第二十八条  网络运营者应当为公安机关、国家安全机关依法维护国家安全和侦查犯罪的活动提供技术支持和协助。

第二十九条  国家支持网络运营者之间在网络安全信息收集、分析、通报和应急处置等方面进行合作,提高网络运营者的安全保障能力。

有关行业组织建立健全本行业的网络安全保护规范和协作机制,加强对网络安全风险的分析评估,定期向会员进行风险警示,支持、协助会员应对网络安全风险。

第三十条  网信部门和有关部门在履行网络安全保护职责中获取的信息,只能用于维护网络安全的需要,不得用于其他用途。

第二节 关键信息基础设施的运行安全

第三十一条  国家对公共通信和信息服务、能源、交通、水利、金融、公共服务、电子政务等重要行业和领域,以及其他一旦遭到破坏、丧失功能或者数据泄露,可能严重危害国家安全、国计民生、公共利益的关键信息基础设施,在网络安全等级保护制度的基础上,实行重点保护。关键信息基础设施的具体范围和安全保护办法由国务院制定。

国家鼓励关键信息基础设施以外的网络运营者自愿参与关键信息基础设施保护体系。

第三十二条  按照国务院规定的职责分工,负责关键信息基础设施安全保护工作的部门分别编制并组织实施本行业、本领域的关键信息基础设施安全规划,指导和监督关键信息基础设施运行安全保护工作。

第三十三条  建设关键信息基础设施应当确保其具有支持业务稳定、持续运行的性能,并保证安全技术措施同步规划、同步建设、同步使用。

第三十四条  除本法第二十一条的规定外,关键信息基础设施的运营者还应当履行下列安全保护义务:

(一)设置专门安全管理机构和安全管理负责人,并对该负责人和关键岗位的人员进行安全背景审查;

(二)定期对从业人员进行网络安全教育、技术培训和技能考核;

(三)对重要系统和数据库进行容灾备份;

(四)制定网络安全事件应急预案,并定期进行演练;

(五)法律、行政法规规定的其他义务。

第三十五条  关键信息基础设施的运营者采购网络产品和服务,可能影响国家安全的,应当通过国家网信部门会同国务院有关部门组织的国家安全审查。

第三十六条  关键信息基础设施的运营者采购网络产品和服务,应当按照规定与提供者签订安全保密协议,明确安全和保密义务与责任。

第三十七条  关键信息基础设施的运营者在中华人民共和国境内运营中收集和产生的个人信息和重要数据应当在境内存储。因业务需要,确需向境外提供的,应当按照国家网信部门会同国务院有关部门制定的办法进行安全评估;法律、行政法规另有规定的,依照其规定。

第三十八条  关键信息基础设施的运营者应当自行或者委托网络安全服务机构对其网络的安全性和可能存在的风险每年至少进行一次检测评估,并将检测评估情况和改进措施报送相关负责关键信息基础设施安全保护工作的部门。

第三十九条  国家网信部门应当统筹协调有关部门对关键信息基础设施的安全保护采取下列措施:

(一)对关键信息基础设施的安全风险进行抽查检测,提出改进措施,必要时可以委托网络安全服务机构对网络存在的安全风险进行检测评估;

(二)定期组织关键信息基础设施的运营者进行网络安全应急演练,提高应对网络安全事件的水平和协同配合能力;

(三)促进有关部门、关键信息基础设施的运营者以及有关研究机构、网络安全服务机构等之间的网络安全信息共享;

(四)对网络安全事件的应急处置与网络功能的恢复等,提供技术支持和协助。

第四章  网络信息安全

第四十条  网络运营者应当对其收集的用户信息严格保密,并建立健全用户信息保护制度。

第四十一条  网络运营者收集、使用个人信息,应当遵循合法、正当、必要的原则,公开收集、使用规则,明示收集、使用信息的目的、方式和范围,并经被收集者同意。

网络运营者不得收集与其提供的服务无关的个人信息,不得违反法律、行政法规的规定和双方的约定收集、使用个人信息,并应当依照法律、行政法规的规定和与用户的约定,处理其保存的个人信息。

第四十二条  网络运营者不得泄露、篡改、毁损其收集的个人信息;未经被收集者同意,不得向他人提供个人信息。但是,经过处理无法识别特定个人且不能复原的除外。

网络运营者应当采取技术措施和其他必要措施,确保其收集的个人信息安全,防止信息泄露、毁损、丢失。在发生或者可能发生个人信息泄露、毁损、丢失的情况时,应当立即采取补救措施,按照规定及时告知用户并向有关主管部门报告。

第四十三条  个人发现网络运营者违反法律、行政法规的规定或者双方的约定收集、使用其个人信息的,有权要求网络运营者删除其个人信息;发现网络运营者收集、存储的其个人信息有错误的,有权要求网络运营者予以更正。网络运营者应当采取措施予以删除或者更正。

第四十四条  任何个人和组织不得窃取或者以其他非法方式获取个人信息,不得非法出售或者非法向他人提供个人信息。

第四十五条  依法负有网络安全监督管理职责的部门及其工作人员,必须对在履行职责中知悉的个人信息、隐私和商业秘密严格保密,不得泄露、出售或者非法向他人提供。

第四十六条  任何个人和组织应当对其使用网络的行为负责,不得设立用于实施诈骗,传授犯罪方法,制作或者销售违禁物品、管制物品等违法犯罪活动的网站、通讯群组,不得利用网络发布涉及实施诈骗,制作或者销售违禁物品、管制物品以及其他违法犯罪活动的信息。

第四十七条  网络运营者应当加强对其用户发布的信息的管理,发现法律、行政法规禁止发布或者传输的信息的,应当立即停止传输该信息,采取消除等处置措施,防止信息扩散,保存有关记录,并向有关主管部门报告。

第四十八条  任何个人和组织发送的电子信息、提供的应用软件,不得设置恶意程序,不得含有法律、行政法规禁止发布或者传输的信息。

电子信息发送服务提供者和应用软件下载服务提供者,应当履行安全管理义务,知道其用户有前款规定行为的,应当停止提供服务,采取消除等处置措施,保存有关记录,并向有关主管部门报告。

第四十九条  网络运营者应当建立网络信息安全投诉、举报制度,公布投诉、举报方式等信息,及时受理并处理有关网络信息安全的投诉和举报。

网络运营者对网信部门和有关部门依法实施的监督检查,应当予以配合。

第五十条  国家网信部门和有关部门依法履行网络信息安全监督管理职责,发现法律、行政法规禁止发布或者传输的信息的,应当要求网络运营者停止传输,采取消除等处置措施,保存有关记录;对来源于中华人民共和国境外的上述信息,应当通知有关机构采取技术措施和其他必要措施阻断传播。

第五章  监测预警与应急处置

第五十一条  国家建立网络安全监测预警和信息通报制度。国家网信部门应当统筹协调有关部门加强网络安全信息收集、分析和通报工作,按照规定统一发布网络安全监测预警信息。

第五十二条  负责关键信息基础设施安全保护工作的部门,应当建立健全本行业、本领域的网络安全监测预警和信息通报制度,并按照规定报送网络安全监测预警信息。

第五十三条  国家网信部门协调有关部门建立健全网络安全风险评估和应急工作机制,制定网络安全事件应急预案,并定期组织演练。

负责关键信息基础设施安全保护工作的部门应当制定本行业、本领域的网络安全事件应急预案,并定期组织演练。

网络安全事件应急预案应当按照事件发生后的危害程度、影响范围等因素对网络安全事件进行分级,并规定相应的应急处置措施。

第五十四条  网络安全事件发生的风险增大时,省级以上人民政府有关部门应当按照规定的权限和程序,并根据网络安全风险的特点和可能造成的危害,采取下列措施:

(一)要求有关部门、机构和人员及时收集、报告有关信息,加强对网络安全风险的监测;

(二)组织有关部门、机构和专业人员,对网络安全风险信息进行分析评估,预测事件发生的可能性、影响范围和危害程度;

(三)向社会发布网络安全风险预警,发布避免、减轻危害的措施。

第五十五条  发生网络安全事件,应当立即启动网络安全事件应急预案,对网络安全事件进行调查和评估,要求网络运营者采取技术措施和其他必要措施,消除安全隐患,防止危害扩大,并及时向社会发布与公众有关的警示信息。

第五十六条  省级以上人民政府有关部门在履行网络安全监督管理职责中,发现网络存在较大安全风险或者发生安全事件的,可以按照规定的权限和程序对该网络的运营者的法定代表人或者主要负责人进行约谈。网络运营者应当按照要求采取措施,进行整改,消除隐患。

第五十七条  因网络安全事件,发生突发事件或者生产安全事故的,应当依照《中华人民共和国突发事件应对法》、《中华人民共和国安全生产法》等有关法律、行政法规的规定处置。

第五十八条 因维护国家安全和社会公共秩序,处置重大突发社会安全事件的需要,经国务院决定或者批准,可以在特定区域对网络通信采取限制等临时措施。

第六章  法律责任

第五十九条  网络运营者不履行本法第二十一条、第二十五条规定的网络安全保护义务的,由有关主管部门责令改正,给予警告;拒不改正或者导致危害网络安全等后果的,处一万元以上十万元以下罚款,对直接负责的主管人员处五千元以上五万元以下罚款。

关键信息基础设施的运营者不履行本法第三十三条、第三十四条、第三十六条、第三十八条规定的网络安全保护义务的,由有关主管部门责令改正,给予警告;拒不改正或者导致危害网络安全等后果的,处十万元以上一百万元以下罚款,对直接负责的主管人员处一万元以上十万元以下罚款。

第六十条  违反本法第二十二条第一款、第二款和第四十八条第一款规定,有下列行为之一的,由有关主管部门责令改正,给予警告;拒不改正或者导致危害网络安全等后果的,处五万元以上五十万元以下罚款,对直接负责的主管人员处一万元以上十万元以下罚款:

(一)设置恶意程序的;

(二)对其产品、服务存在的安全缺陷、漏洞等风险未立即采取补救措施,或者未按照规定及时告知用户并向有关主管部门报告的;

(三)擅自终止为其产品、服务提供安全维护的。

第六十一条  网络运营者违反本法第二十四条第一款规定,未要求用户提供真实身份信息,或者对不提供真实身份信息的用户提供相关服务的,由有关主管部门责令改正;拒不改正或者情节严重的,处五万元以上五十万元以下罚款,并可以由有关主管部门责令暂停相关业务、停业整顿、关闭网站、吊销相关业务许可证或者吊销营业执照,对直接负责的主管人员和其他直接责任人员处一万元以上十万元以下罚款。

第六十二条  违反本法第二十六条规定,开展网络安全认证、检测、风险评估等活动,或者向社会发布系统漏洞、计算机病毒、网络攻击、网络侵入等网络安全信息的,由有关主管部门责令改正,给予警告;拒不改正或者情节严重的,处一万元以上十万元以下罚款,并可以由有关主管部门责令暂停相关业务、停业整顿、关闭网站、吊销相关业务许可证或者吊销营业执照,对直接负责的主管人员和其他直接责任人员处五千元以上五万元以下罚款。

第六十三条  违反本法第二十七条规定,从事危害网络安全的活动,或者提供专门用于从事危害网络安全活动的程序、工具,或者为他人从事危害网络安全的活动提供技术支持、广告推广、支付结算等帮助,尚不构成犯罪的,由公安机关没收违法所得,处五日以下拘留,可以并处五万元以上五十万元以下罚款;情节较重的,处五日以上十五日以下拘留,可以并处十万元以上一百万元以下罚款。

单位有前款行为的,由公安机关没收违法所得,处十万元以上一百万元以下罚款,并对直接负责的主管人员和其他直接责任人员依照前款规定处罚。

违反本法第二十七条规定,受到治安管理处罚的人员,五年内不得从事网络安全管理和网络运营关键岗位的工作;受到刑事处罚的人员,终身不得从事网络安全管理和网络运营关键岗位的工作。

第六十四条  网络运营者、网络产品或者服务的提供者违反本法第二十二条第三款、第四十一条至第四十三条规定,侵害个人信息依法得到保护的权利的,由有关主管部门责令改正,可以根据情节单处或者并处警告、没收违法所得、处违法所得一倍以上十倍以下罚款,没有违法所得的,处一百万元以下罚款,对直接负责的主管人员和其他直接责任人员处一万元以上十万元以下罚款;情节严重的,并可以责令暂停相关业务、停业整顿、关闭网站、吊销相关业务许可证或者吊销营业执照。

违反本法第四十四条规定,窃取或者以其他非法方式获取、非法出售或者非法向他人提供个人信息,尚不构成犯罪的,由公安机关没收违法所得,并处违法所得一倍以上十倍以下罚款,没有违法所得的,处一百万元以下罚款。

第六十五条  关键信息基础设施的运营者违反本法第三十五条规定,使用未经安全审查或者安全审查未通过的网络产品或者服务的,由有关主管部门责令停止使用,处采购金额一倍以上十倍以下罚款;对直接负责的主管人员和其他直接责任人员处一万元以上十万元以下罚款。

第六十六条  关键信息基础设施的运营者违反本法第三十七条规定,在境外存储网络数据,或者向境外提供网络数据的,由有关主管部门责令改正,给予警告,没收违法所得,处五万元以上五十万元以下罚款,并可以责令暂停相关业务、停业整顿、关闭网站、吊销相关业务许可证或者吊销营业执照;对直接负责的主管人员和其他直接责任人员处一万元以上十万元以下罚款。

第六十七条  违反本法第四十六条规定,设立用于实施违法犯罪活动的网站、通讯群组,或者利用网络发布涉及实施违法犯罪活动的信息,尚不构成犯罪的,由公安机关处五日以下拘留,可以并处一万元以上十万元以下罚款;情节较重的,处五日以上十五日以下拘留,可以并处五万元以上五十万元以下罚款。关闭用于实施违法犯罪活动的网站、通讯群组。

单位有前款行为的,由公安机关处十万元以上五十万元以下罚款,并对直接负责的主管人员和其他直接责任人员依照前款规定处罚。

第六十八条  网络运营者违反本法第四十七条规定,对法律、行政法规禁止发布或者传输的信息未停止传输、采取消除等处置措施、保存有关记录的,由有关主管部门责令改正,给予警告,没收违法所得;拒不改正或者情节严重的,处十万元以上五十万元以下罚款,并可以责令暂停相关业务、停业整顿、关闭网站、吊销相关业务许可证或者吊销营业执照,对直接负责的主管人员和其他直接责任人员处一万元以上十万元以下罚款。

电子信息发送服务提供者、应用软件下载服务提供者,不履行本法第四十八条第二款规定的安全管理义务的,依照前款规定处罚。

第六十九条  网络运营者违反本法规定,有下列行为之一的,由有关主管部门责令改正;拒不改正或者情节严重的,处五万元以上五十万元以下罚款,对直接负责的主管人员和其他直接责任人员,处一万元以上十万元以下罚款:

(一)不按照有关部门的要求对法律、行政法规禁止发布或者传输的信息,采取停止传输、消除等处置措施的;

(二)拒绝、阻碍有关部门依法实施的监督检查的;

(三)拒不向公安机关、国家安全机关提供技术支持和协助的。

第七十条  发布或者传输本法第十二条第二款和其他法律、行政法规禁止发布或者传输的信息的,依照有关法律、行政法规的规定处罚。

第七十一条  有本法规定的违法行为的,依照有关法律、行政法规的规定记入信用档案,并予以公示。

第七十二条  国家机关政务网络的运营者不履行本法规定的网络安全保护义务的,由其上级机关或者有关机关责令改正;对直接负责的主管人员和其他直接责任人员依法给予处分。

第七十三条  网信部门和有关部门违反本法第三十条规定,将在履行网络安全保护职责中获取的信息用于其他用途的,对直接负责的主管人员和其他直接责任人员依法给予处分。

网信部门和有关部门的工作人员玩忽职守、滥用职权、徇私舞弊,尚不构成犯罪的,依法给予处分。

第七十四条  违反本法规定,给他人造成损害的,依法承担民事责任。

违反本法规定,构成违反治安管理行为的,依法给予治安管理处罚;构成犯罪的,依法追究刑事责任。

第七十五条  境外的机构、组织、个人从事攻击、侵入、干扰、破坏等危害中华人民共和国的关键信息基础设施的活动,造成严重后果的,依法追究法律责任;国务院公安部门和有关部门并可以决定对该机构、组织、个人采取冻结财产或者其他必要的制裁措施。

第七章  附    则

第七十六条  本法下列用语的含义:

(一)网络,是指由计算机或者其他信息终端及相关设备组成的按照一定的规则和程序对信息进行收集、存储、传输、交换、处理的系统。

(二)网络安全,是指通过采取必要措施,防范对网络的攻击、侵入、干扰、破坏和非法使用以及意外事故,使网络处于稳定可靠运行的状态,以及保障网络数据的完整性、保密性、可用性的能力。

(三)网络运营者,是指网络的所有者、管理者和网络服务提供者。

(四)网络数据,是指通过网络收集、存储、传输、处理和产生的各种电子数据。

(五)个人信息,是指以电子或者其他方式记录的能够单独或者与其他信息结合识别自然人个人身份的各种信息,包括但不限于自然人的姓名、出生日期、身份证件号码、个人生物识别信息、住址、电话号码等。

第七十七条  存储、处理涉及国家秘密信息的网络的运行安全保护,除应当遵守本法外,还应当遵守保密法律、行政法规的规定。

第七十八条  军事网络的安全保护,由中央军事委员会另行规定。

第七十九条  本法自2017年6月1日起施行。

Communist Party of China referring URL:

http://www.npc.gov.cn/npc/xinwen/2016-11/07/content_2001605.htm

 

China’s Civilian & Military Informatization Development Strategy 国家信息化战略中的军民结合

China’s Civilian & Military Informatization Development Strategy

国家信息化战略中的军民结合

“中辦發〔2006〕11號各省、自治區、直轄市黨委和人民政府,中央和國家機關各部委,解放軍各總部、各大單位,各人民團體: 《2006—2020年國家信息化發展戰略》已經黨中央、國務院同意,現印發給你們,請結合實際認真貫徹落實。”

中共中央辦公廳

國 務 院 辦 公 廳

China Communist Party

“Affecting all Chinese provinces, autonomous regions, municipalities directly under the Communist Party of China, all committees and governments, central ministries and state organs, the People’s Liberation Army headquarters, major units, and people’s organizations:” This 2006–2020 National Informatization Development Strategy applies effective immediately”

[Foreign military and civilian strategy [1] ]

(A) legal form of integrating the armed forces to implement the strategy

The United States and other developed countries attach great importance to integrating the armed forces of institutional strengthening to the people, as a national strategy and to promote it in the form of legislation. After the Cold War, according to changes in the international situation, the US Congress and the Department of Defense issued a “National Defense Authorization Act ( 1993 ) “and” streamlining of the Federal Acquisition Act ( 1994 ), “affirmed the principle of legal form of military and civilian integration. The United States has enacted the “Defense transition strategy”, “National Security Strategy of Science and Technology ( 1995 ) “and” National Defense Science and Technology Strategy ( 2000 ) “, the strategic goal is:” to create a both to meet military requirements and meet the business needs of advanced national technology and industrial base. ” US Department of Defense in 2003, released in a new version of DOD5000.1 , stressing that “give priority to civilian products, technology and services”, provides that “to the extent feasible, the task can be modified requirements to facilitate civilian products, technology and services,” the procurement . British Ministry of Defense in 2001 for the promulgation of the 21 century national defense science and innovation strategy, clearly the long-term development of national defense science and technology point of view, the Ministry of Defence must attract the world advanced technology in the civilian sector to participate in defense research and development, accelerate weapons Update pace. French 1994 annual defense white paper also clearly announced that “the defense industry to consider the direction of the dual-use and military research and civilian research to combine as far as possible.”

(B) to promote the development of dual-use technology from both the investment and organization

The main countries in the world to start and accelerate new revolution in military affairs and military information technology, which is to implement the military strategy of the important people skills background. US Department of Defense in 1995 and published in “dual-use technology, aimed at obtaining affordable cutting-edge technology of the national defense strategy” and proposed to have important military needs but also has the potential transfer of dual-use technology, do need government intervention, clear by the government to invest in development. In 1998 the US Department of Defense promulgated the “National Defense Authorization Act”, asked the military to increase investment in the development of dual-use technology, and provides dual-use technology sharing principle of project funds. From the 20 century, 90 years began, the United States has implemented a variety of special programs to support the development of dual-use technology. In recent years, a substantial increase in the US defense budget, the 2007 fiscal year reached 5064 billion US dollars, compared with 2003, an increase of one-third of the defense budget in the 30-40% invested in the defense industry, it is worth noting that the US Department of Defense 20 Century 90 ‘s end total annual investment in IT is about 500 billion dollars in 2006 increased in 742 million US dollars, focus on supporting the development of dual-use of information technology. US Defense Advanced Research Projects Agency ( DARPA ) attaches great importance to the development and application of dual-use technology, which is half of the office responsible for the development of dual-use technology.

In order to facilitate the implementation of civil-military integration, the United States in 1993, including the establishment of the armed forces and the Ministry of Commerce, the Department of Energy, Department of Transportation, the National Aeronautics and Space Administration (year NASA ) and the National Science Foundation ( NSF ) and other units’ defense technology transition committee ” . The United States also developed a joint research and development agreement ( CRADA ), to support the development of federal technology transfer to the private sector, encouraging joint investment with industry to develop dual-use technologies and projects. If we say that the era of mechanization technologies accounted for all military and civilian technology military equipment 30-40% , then the era of military and civilian integration of information technology will account for 80-90% . In enhancing the economic competitiveness of key technologies and key defense technologies listed in the US Department of Defense Department of Commerce elected in respect of about 80% overlap. British Ministry of Defense and Trade and Industry jointly invest in the development of dual-use technology, including a number of areas, including aviation, the British set up a special bureau defense technology transfer, scientific research institutions engaged in management of civil defense projects and funding contracts, using competitive mechanisms to encourage having strong technical force of civilian institutions to develop military technology. France through the implementation of the space program, space program, nuclear programs and electronic, information and communication plans a number of projects to develop dual-use technology. Japanese defense procurement is mainly aimed at using defense contracts as a means to promote the development of advanced technologies, especially having a civilian or dual use of advanced technologies.

Accelerate the development of dual-use technologies in the military, while information technology and services in the national economy, resulting in huge economic benefits, a study reported that the US Congress, the second application of space technology, each invested one dollar, we can produce seven dollars efficiency [2] . 2006 early American NASA Goddard Space Flight Center will be awarded the development of a simple, safe and low cost of the patent license single-walled carbon nanotube manufacturing method of ISM company, formed a production capacity of single-walled carbon nanotubes, these Nanotubes can be widely used in various fields of medical, fuel cells, video displays, solar batteries, etc., to promote the economic development of the United States [3] .

Management and equipment procurement mechanisms (iii) the reform of research projects, encourage enterprises to participate in civilian research and production equipment

Civilian high-tech enterprise innovation system and a flexible, quick response, the results of many. Supporting civilian enterprises to develop products for the military, it has become the guidelines of the US military. 2003 introduced the “defense industrial transformation roadmap,” emphasized the need to change the main contractor control defense market situation, through the bidding and government procurement forms to encourage enterprises to participate in civilian research and production equipment, guide and encourage enterprises to master the innovative technology into the civil defense thereby forming the size of both, the new defense market structure of many vendors. For example, the US communications equipment maker Motorola Inc. have independent military communications equipment manufacturing sector, both the production of Boeing civil aviation with the machine also produces military aircraft, Lockheed – Martin, the company’s main business is system integration, aviation, aerospace and technical services, are dual-use technology. To support SMEs, the United States has enacted the Small Business Innovation program. The US scientists, engineers, nearly half of military-related research, about one-third of enterprises and military production, whereas the Ministry of Defence orders for the total order amount accounts for 90% . British military research facilities management reform measures, encourage the use of military research facilities in the civilian sector technology development. France set up an integrated project team from the Department of Defense Weaponry Department, the military services Staff, industry composition, management of weapons and equipment procurement program development and projects. French Defense Weaponry Department promptly inform the military to SMEs development plan, acquisition plan set aside 10% for small and medium enterprises, to encourage them to participate in the competitive procurement of weapons and equipment. German weaponry annual plan by the General Armament Department operations departments, the services bureau, defense technology and industry cooperation Acquisition Department developed together. Germany developed a “Federal Republic of Germany ordered assignments principles” clearly defined weaponry defense contractor general contractor in the task, the task must be assigned to military orders to subcontractors by means of competition, in the form of legislation to protect small and medium enterprises to participate in defense research mission competition. Note that the Japanese government has the military capacity to foster private enterprise, the Japanese are eligible to receive military orders of enterprises has reached two thousand, basically formed a technologically advanced, wide range and great potential of military research and production system. Russia’s two ways to establish the defense industry system integration of military and civilian, in the implementation of the defense industry group, the formation of large-scale military company at the same time, part of the military enterprises demutualization, privatization, so that military enterprises retain the core military production capacity at the same production civilian.

A greater proportion of military production undertaken by civilian enterprises, contribute to the formation of military bidding competition mechanism, thereby reducing costs, improving quality and production of military enterprises to civilian products companies face appeared, facilitate international technical exchange and absorption of foreign advanced technology. Military through purchase orders, to strengthen cooperation with the civilian high-tech enterprises, to provide abundant funds or venture capital, which has become a developed country WTO era important mode of government to support their strategy of industrial development, enhance international competitiveness, in addition, military and technical performance of the process of challenging requirements, promote the growth of civilian high-tech enterprise technological innovation and high-quality scientific and technological talents. The development of civilian high-tech enterprises to grow, for the defense industry has laid a solid foundation, also contributed to the national economic development, and enhance the strength of the country.

(Iv) open defense procurement, maximize the use of civilian norms and standards

In order to promote the development of civil-military integration, many countries have carried out reforms to military standards, the equipment acquisition process and vigorously promote the use of civil standards and commercial specifications. US forces continue to pursue the reform of military standards, based on the past all military standards and specifications to conduct a comprehensive clean-up review, the repeal of the 4000 military specification remainder (including single-piece specification) and 300 remainder military standards, adopted the 1784 item civilian standards ( non-governmental standard), the equipment acquisition process, limit the use of military norms and standards, not only does the civil standard is available to meet the military requirements when considering the use of military standards, and the use of military standards must be approved or existing civilian standards can not. UK Equipment Acquisition management, not to military standards and military specifications and performance-based specifications proposed procurement requirements, given enough freedom and flexibility contractor. Japan 1999-2002 years, a total amend or repeal the military technical standards and technical specifications 10231 , accounting for all military technical standards 74 percent . In 2003 , the Defense Agency also proposed in its new weapons and equipment procurement policy making, instead of using civilian technology standard about 18,000 entries Defense Agency dedicated military standards and norms.

US defense scientist famous Gansler estimate, the implementation of civil-military integration, the United States Department of Defense Department of Defense procurement could save the equivalent of the total annual fee of 20% or more. Although the US military R & D expenditure of the United States the proportion of total funding from the last century, 60 years of 50% is reduced to the current 15% , but the US military technology but gained rapid development, mainly due to integrating the armed forces of the new system.

[To change the information into a new military and civilian military features, integrating the armed forces]

A new era of international competition, information into the characteristics of modern military equipment is becoming one of the core content of the new revolution in military affairs of States. An information era notable feature is the combination of surface defense economy and social economy more widely, military technology and civilian technology deeper degree of integration, association technological innovation and new revolution in military affairs increasingly tight. Developed countries have the information technology as a strategic national research priorities, the United States and Japan in the field of R & D investment in information separately account for the total R & D investment of 40% or more, the United States Department of Defense 2005 budget on science and technology information systems and sensors accounted for 35.7% .

(A) information technology in all areas of civil industrial technology is the most easy to achieve also the people’s army also

Information industry is large in scale compared to other industrial sectors and technology updates quickly, there is no other information technology fields like civil industry as more people realize also the military also. The United States since 1999 years has launched the “fast bird”, “Ikonos” and other dual-use high-resolution satellite, in 2001 in Afghanistan, “Operation Enduring Freedom”, the US “fast bird” and “Yi Kenuo Sri Lanka “satellite to 20 US dollars / km ² price to US Department of Defense provides photographic reconnaissance image related operations area. IT-based civilian battlefield information network in the Iraq war also played an important role, via satellite, drones and other airborne sensors to obtain information on a computer map updated every friendly and enemy positions every five minutes. The Pentagon claims that China and the US Air Force, the war in Iraq, the extent of information the Navy reached 70% , ground forces also up 50 percent or more. US information technology has made ​​such rapid progress, China has played an important role in military technology.

(B) in the civilian market-wide test of IT applications in the military low-cost and reliable utility

Dedicated to the military use of information technology, although in training and military exercises, but without a real baptism after the test is limited. Civil information products market is large, hundreds of millions or even billions of people subjected to extensive tests using its technology, fierce competition in the market also contributed to accelerate its improvement and perfection, easy-to-use products, the cost to decline rapidly. From the military GPS and the Internet is a good example, which after a civilian market competition and popularity improvement to mature and reliable and cost-effective way reflect the greater value in military applications.

(C) Information technology can rapidly increase the combat effectiveness of military applications

Performance information weaponry is much higher than the mechanized weaponry, but the development of high risk, high investment, an increase in its cost of IT accounts for a large proportion. Many civilian high-tech product development of low cost, standard upgrade quickly, just put a small amount of money to improve its performance can meet the requirements of military systems, make full use of civilian IT achievements can significantly reduce costs. United States, Britain, Japan and other developed countries in the development of information technology weaponry and equipment system, especially when a variety of military information systems, directly from the market civilian technology sector and corporate purchasing high-tech equipment, such as communications equipment, all kinds of computers, all kinds of computer software, security anti-virus software, satellite image analysis equipment to minimize the risk of national defense research and development investment. US Department of Defense contractor is due to the direct use existing commercial software and hardware, greatly reducing development time information Weapon System.

In addition, the use of information technology to transform and upgrade weapons systems is rapidly effective measures to improve the combat effectiveness. A typical weapon system development cycle for up to 7-15 years, the high cost of its replacement. The typical development cycle civilian IT hardware and software business a few months to a few years, mobile phones and PC replacement is faster, with a civilian rapid development of information technology to transform weapons and equipment, only a few funds, Every few years the performance of existing weapons and equipment will be able to a higher level, thereby prolonging the service life. Western countries show a measure of existing mechanized weaponry information transformation, the development time and cost required, roughly equivalent production of new weaponry 1/4 to 1/3 .

 

(D) The information construction in the military use of civil IT and products beneficial to the national defense mobilization

Army civilian information technology products through the use of these technologies to deepen understanding, familiar with the use of these products, once wartime there is a need to quickly collect a large number of civilian products, and in the armed forces of these products can be quickly effective. US troops in 95 percent of the computer is in the civilian military communications conducted online, with commercial networks linked up to 15 million units changed hand, the Iraq war, the US military also requisitioned and rented some commercial satellites and civilian information networks, in order to bridge the information transfer capability deficiencies. IT complexity it becomes replace the faulty equipment maintenance module, civilian technology products helps to reduce the use of troops and equipment spare parts inventory. In addition, the use of civil information technology products also provide the possibility for civilian IT enterprises to participate in military equipment maintenance, thus reducing maintenance costs of troops and equipment. 2003 , the United States in the Iraq war, has with the world’s four 10,000 manufacturers signed a 50 million copies of material support contract, “the contractor battlefield” socialization of military logistical support.

(E) The development of intellectual property in the competition for civil defense information technology helps improve information security

IT field of international, market-oriented walking in front of other areas, competition is quite fierce patents, the United States, Japan and other developed countries to ten in 2005 by the end of the cumulative patent applications in China in 46.27% concentrated in the field of information. Many IT even basic technology is also likely to be used in the military field, the developed countries are often incorporated into this limit exports of the column, especially China, and therefore unable to equip our troops or through the introduction of foreign advanced weapons systems procurement. At a critical time in international politics, the military situation changes, do not rule out the possibility of the introduction of certain key parts weaponry stuck or certain functional failure exists. On the other hand, China’s civilian IT through international competition, hard work, has been the rapid development, the domestic IT companies are also corresponding increase innovation capability, some of the technology has reached the world advanced level, such as third generation mobile communication TD-SCDMA . In order to compete and reduce costs needs, many domestic enterprises have developed information technology products dedicated chip, to change the long-standing dependence on foreign chip status, while developing the capability to rapidly increase, to undertake the task of developing national defense to lay a good foundation dedicated chip . These chips use civilian high-tech and specialized in military equipment in the army would avoid the kinds of information security with its own technology.

(F) make full use of local advantages of network professionals prepared to deal with cyber warfare preparation

Information is double-edged sword, information technology to improve the combat capability of the armed forces but also requires special attention to the information network security. An essential feature of cyberwarfare is asymmetric, low cost and easy to attack and attack and hard to defend, particularity cyber warfare means will lead to future war ” civilians ” trend, “hackers” may become a war hero. To prevent ” network’9.11′ incident , ” President George W. Bush early in 2002 on the release of the first 16 numbers , ” National Security Presidential Directive , ” the history of the formation of the US military is the world’s first network hacker troops – cyber warfare capabilities constitute the Joint Command, The Army and Navy also have a computer emergency response unit, the Air Force is responsible for the implementation of the establishment of a network of Air Force attack these troops from the world’s top computer experts and ” hacker ” , and currently has formally incorporated into the order of battle in Las Vegas on the largest computer exhibition, former US Assistant Secretary of Defense Sihamoni had in his speech on the ” hacker ” who said: ” If you considered the rest of his life to doing, make sure you do not forget the Department of Defense. ” In addition, the US military also hired some hackers specialize in computer vulnerability testing. 2004 In September , the US set up by 28 international industry consortium composed of major companies specialized home – NCW Industries Alliance, to strengthen the military and civilian aspects of the field of information technology coordination.

(G) make full use of scientific and technological resources of a strong army and civil service

It was reported that the US Air Force in terms of the lack of high-tech professional officer Capt up to two-thirds of the Army Navy also facing the same problem. US Department of Defense, NASA and other very seriously the role of the United States Academy of Engineering and universities and other research institutions and companies in the defense consulting RAND research and personnel training. According to foreign military experts estimate that the United States, Britain, France, Germany, Japan and other major developed countries developing high-tech weapons and equipment information required for 80-90% from local businesses, 10-20% from their military research institutes that the basis of dual-use items and technology sector may bear the civil, defense, science and technology department and the military technology sector specializing in purely military projects, and overall system project. US military reconnaissance plane EP-3 electronic information system consists of a variety of functional equipment components, many of them readily available on the market and are not necessarily technologically advanced products, but its integrated performance of the system on a higher level, visible integrated innovation You can increase the value.

The total amount of scientific and technical personnel and research and development staff accounted for the world’s first and second place, to make good use of the intellectual resources will significantly enhance our military’s strength in the balance of forces. Establish civil-military integration of scientific and technological innovation system, the development of military and civilian science and technology co-ordinate the project and reasonable deployment of dual-use items, do not repeat and can complement each other to achieve the optimal combination of scientific and technological resources of the country, at the same time vigorously develop local resources by means of force personnel to ensure national defense construction in a strategic initiative. The Central Military Commission in 2007 issued a “attract and retain high-level military professional and technical personnel provisions”, the increased focus on the introduction and use of high-quality human resources community efforts to further improve the policy mechanism innovation. System established academicians, academicians hired as technical adviser, full use of the state’s top talent and intelligence resources to better serve the army major decision-making advice, major scientific research and high-level personnel training; in preparation for military struggle and closely related major research projects (project) and key disciplines, a chief expert positions, for the community to hire high-level professional and technical personnel.

[Seize the opportunities of information technology, to promote civil-military integration, integrating the armed forces]

China’s national defense scientific research and industrial system is set up on the basis of the planned economy, the planned economy of management concepts and tools still play a leading role in the management and self-contained closed hinder the establishment of a market-oriented philosophy, is not conducive to cooperation and innovation culture the formation, performance assessment indicators of military units rely on the lack of industrial development and promote the civil requirements or mission, in research programs and equipment procurement in military and civilian disjointed. Since reform and opening, the defense industry began with the development of a single military structure structure change, the nuclear industry, shipbuilding industry, information industry to the military and civilian, to benefit from the transfer of military technology to civilian use, the radiation leading role in the defense industry to the local economy and society significantly enhanced, but these transfers have not yet risen to the institutional level. On the other hand, our country has grown to a group of innovative and industrial capacity of civilian high-tech enterprises, capable military mission, but the lack of demand for military communication channels norms, policies and regulations related to the imperfection of reason, basically it less involved in national defense tasks. If there are no civilian technology sector urgent national security needs, it is impossible to obtain in the areas of national defense and security level of strong support, it is difficult to play a greater role in supporting the civilian sectors to support and not to assume the task of training defense, nor conducive to its development and growth. Compared with developed countries, China’s military and civilian from positive interaction and coordinated development goals are still many gaps, more prominent is the lag corresponding laws and regulations and institutions. Military and civilian national behavior and reflects the will of the state, not only to rely on technological innovation, but also to rely on innovation and institutional innovation to achieve.

In the CPC Central Committee and State Council in 2006 issued in ” 2006-2020 National Information Development Strategy “, pointed out the global information technology are causing profound changes in today’s world, reshaping the world political, economic, social, cultural and military a new pattern of development. Accelerate the development of information technology, it has become the common choice of all countries. And clearly put forward the development of China’s information technology strategic approach – the overall planning, resource sharing, deepen the application, seek practical, market-oriented, based on innovation, military and civilian, safe and reliable.

In the implementation of the national development strategy, we need to learn from foreign ideas, to address the constraints of institutional issues from military and civilian regulations, coordination mechanisms, standards and procurement policies and other strategic height. The current need to establish and improve the bidding system, the formation of fair and equitable competition, maximize the use of mature private standards, guidance and encouragement to master innovative technology enterprises, especially small and medium sized companies to enter the defense sector, so as to form a new multi-vendor defense industry system, led military mission to enhance the level of civilian development, adding vitality to economic development, to achieve military and civilian interaction.

In an important experience in promoting foreign military and civilian aspects of the information is from the start. Revolution in military affairs in the world today, is the rapid development of information technology and its wide range of applications in the military field for direct power, high-tech advantages of local wars in conditions of informationization to be achieved, relying solely on national defense science and technology sector and the military system itself to be ineffective, soldiers and civilians combined, integrating the armed forces is the key, information technology is one of the important starting point. In the task of industrialization, information technology integration and development of our country with the military mechanization and informatization complex development goals, information technology has become a very good combination of points overall economic construction and national defense construction. In particular, most of the reform of the State Council, gave birth to the Ministry of Industry and Information Technology, not only from the organic unity of the organization will be industrialization and information management, and the civilian industry and the defense industry closely, from the institutional to seize information strategic opportunity to strengthen civil-military integration provides an important guarantee. Ministry of Industry and Information Technology at the same time implementation of national information technology and new industrial development strategy, will give full consideration to the development needs of the defense industry and the development of weapons and equipment, the establishment of military and civilian national level to promote policies and coordination mechanisms to promote industrialization, information technology and defense comprehensive and coordinated development and enhance the independent innovation capability of science and technology industry, and actively explore market-oriented approach combining military and civilian, military and civilian industries planning to achieve convergence between supply and demand docking and resource sharing [4] , two-way play the leading role, promoting the national economy and national defense modernization.

Seventeenth Party Congress report pointed out that “national defense and army building, we must stand on national security and the development of strategic height, overall economic development and national defense building” . “To attain the building computerized armed forces and winning the information war strategic objectives, accelerate composite development of mechanization and information, and actively carry out military training under conditions of informationization, build a modern logistics, intensify training a large number of qualified military talent, effectively change the mode of generating combat. ““Reform of the defense industry to adjust and of weapons and equipment procurement, improve weapons and equipment developed by independent innovation capability and quality benefits. Establish and improve military and civilian, combine military weaponry and equipment research and production system to the people, military personnel training and military security system , adhere to thrift and hard work, out of a Chinese characteristics, civil-military integration path of development. “Discuss these important military and civilian strategic approach is to achieve scientific development. We must seize the opportunities of information technology, integrating the armed forces to do this great article, make our country prosperous and our armed forces powerful while building a moderately prosperous society in all respects.

Original Mandarin Chinese:

【國外軍民結合的戰略[1]】

(一)以法律形式落實寓軍於民戰略

美國等發達國家十分重視寓軍於民的體制建設,將其作為國家戰略並以立法的形式加以推動。冷戰結束後,根據國際形勢的變化,美國國會和國防部出台了《國防授權法(1993)》和《聯邦採辦精簡法案(1994)》以法律形式肯定了軍民一體化的原則。美國先後頒布了《國防轉軌戰略》、《國家安全科學技術戰略(1995)》和《國防科學技術戰略(2000)》,其戰略目標是:“建立一個既滿足軍事需求又滿足商業需求的先進的國家技術和工業基礎”。美國防部於2003年發布了新版的DOD5000.1,強調“優先採用民用產品、技術和勞務”,規定“在可行的情況下,可修改任務要求,以促成民用產品、技術和勞務”的採購。英國國防部於2001年頒布了面向21世紀的國防科技和創新戰略,明確提出從國防科技的長遠發展來看,國防部必須吸引世界範圍內技術先進的民用部門參與國防科研開發,加快武器裝備的更新步伐。法國1994年公佈國防白皮書也明確提出“國防工業要考慮向軍民兩用方向發展,軍用研究和民用研究要盡可能結合”。

(二)從投資和組織機構兩方面促進軍民兩用技術的發展

世界主要國家啟動和加速推進新軍事變革和軍隊信息化建設,這是推行民技軍用戰略的重要背景。美國國防部於1995年發表《兩用技術,旨在獲取經濟可承受的前沿技術的國防戰略》,提出了對有重要軍事需求同時又具有轉移潛力的兩用技術,確實需要政府介入的,明確由政府進行投資開發。 1998年美國國防部頒布的《國防授權法》,要求軍方必須加大對兩用技術開發的投資,並規定了兩用技術項目經費的分攤原則。從20世紀90年代開始,美國還實施了多種專項計劃,支持軍民兩用技術開發。美國近年來大幅度增加國防預算,2007財年達到5064億美元,比2003年增加了1/3,國防預算中30-40%投資到國防工業,值得注意的是,美國國防部20世紀90年代末每年對信息技術的投資總額約為500億美元,2006年增至742億美元,重點支持軍民兩用信息技術的開發。美國國防部國防先進技術研究計劃局(DARPA)十分重視軍民兩用技術的開發和應用,其半數辦公室負責軍民兩用技術的發展。

為了推動軍民一體化的實施,美國於1993年成立了包括三軍和商務部、能源部、運輸部、國家航空航天局(NASA)以及國家科學基金會(NSF)等單位的“國防技術轉軌委員會” 。美國還制定了聯合研究和發展協議(CRADA),支持聯邦開發的技術轉讓給私營部門,鼓勵與工業界聯合投資和合作開發兩用技術項目。如果說機械化時代軍民技術結合占到全部軍事裝備技術的30-40%,那麼,信息化時代軍民技術融合將會占到80-90%。在美國國防部推選的國防關鍵技術與商務部列出的提高經濟競爭力的關鍵技術中就有約80%是重疊的。英國國防部與貿工部聯合投資開發包括航空領域在內的多項軍民兩用技術,英國還專門成立國防技術轉化局,管理民用科研機構從事國防項目的合同和經費,採用競爭機制,鼓勵具有較強技術力量的民用機構開發軍用技術。法國通過實施航天計劃、航空計劃、核能計劃和電子、信息與通信計劃等多項計劃來開發軍民兩用技術。日本國防採購主要著眼於利用國防合同作為一種手段,促進先進技術特別是具有民用或兩用用途的先進技術的發展。

發展軍民兩用技術在加速軍隊信息化建設的同時,服務於國民經濟,產生巨大的經濟效益,美國國會一份研究報告稱,航天技術的二次應用,每投入1美元,能產出7美元的效益[2]。 2006年初美國NASA戈達德航天飛行中心將所開發的一種簡單、安全且費用較低的單壁碳納米管製造方法的專利許可權授予ISM公司,形成了單壁碳納米管生產能力,這些納米管可廣泛應用於醫療、燃料電池、視頻顯示器、太陽能電池等各個領域,推動了美國經濟的發展[3]。

(三)改革科研項目的管理和裝備採購機制,鼓勵民用企業參與裝備科研生產

民用高新技術企業創新體系機制靈活,反應快,成果多。扶持民用企業為軍方開發產品,已成為美軍方的指導方針。 2003年出台的《國防工業轉型路線圖》強調,必須改變主承包商控制國防市場的局面,通過招標和政府採購形式鼓勵民用企業參與裝備科研生產,引導和鼓勵掌握創新技術的民用企業進入國防領域,從而形成大小兼備、眾多供應商的新型國防市場格局。例如,美國的通信設備生產商摩托羅拉公司就有獨立的軍事通信設備生產製造部門,美國波音公司既生產民航用機也生產軍用機,洛克希德-馬丁公司的主營業務就是系統集成、航空、航天和技術服務,都是軍民兩用的技術。為了扶持中小企業,美國還專門製定了小企業創新計劃。目前美國的科學家、工程師中有近半從事與軍事有關的研究,約有1/3的企業與軍工生產有關,而訂貨量約佔國防部總訂貨量的90%。英國改革軍用科研設施管理辦法,鼓勵民用部門利用軍用科研設施進行技術開發。法國成立了由國防部武器裝備總署、軍種參謀部、工業界組成的一體化項目小組,參與武器裝備採辦計劃的製定和項目的管理。法國國防部武器裝備總署及時向中小企業通報軍品發展計劃,專門留出採辦計劃的10%給中小企業,鼓勵他們參加武器裝備採辦的競爭。德國的武器裝備年度計劃是由總裝備部各業務局、各軍種局、國防技術採辦總署和工業界一起合作制訂的。德國製訂了《聯邦德國訂貨任務分配原則》,明確規定武器裝備的總承包商在承包國防任務後,必須用競爭手段向分包方分配軍工訂貨任務,以法規形式保護中小型企業參與國防科研任務的競爭。日本政府注意扶植有軍工生產能力的民間企業,日本有資格接受軍品訂貨的企業已達兩千餘家,基本形成了一個技術先進、門類齊全、潛力巨大的軍事科研生產體系。俄羅斯從兩方面建立軍民一體化國防科技工業體制,在實行國防工業集團化、組建大型軍工集團公司的同時,將部分軍工企業股份化、私有化,讓軍工企業在保留核心軍工生產能力的同時生產民品。

較大比例的軍工生產由民用企業承擔,有助於形成軍品招投標競爭機制,從而降低成本,提高質量,生產軍品的企業以民用產品公司面貌出現,便於進行國際技術交流,吸收國外先進技術。軍方通過採購訂貨,加強與民用高技術企業的合作,為其提供雄厚的資金或風險投資,這已成為發​​達國家在WTO時代政府支持本國戰略產業發展、提高國際競爭力的重要模式,另外,軍品對產品的工藝和技術性能提出挑戰性的要求,促進了民用高技術企業技術創新和高素質科技人才的成長。民用高新技術企業的發展壯大,為國防工業打下了堅實的基礎,也推動了國民經濟發展,增強了國家的實力。

(四)開放國防採購,盡量採用民用規範和標準

為了推動軍民一體化的發展,許多國家都紛紛對軍用標准進行了改革,在裝備採辦過程中大力倡導利用民用標準和商業規範。美軍不斷推行軍事標準改革,在對過去所有軍用標準和規范進行全面清理審查的基礎上,廢止了4000餘項軍用規範(含單篇規範)和300餘項軍用標準,採納了1784項民用標準(非政府標準),在裝備採辦過程中,限制使用軍事規範和標準,只有在確實沒有民用標準可用,或現有民用標準不能滿足軍事要求時才考慮使用軍用標準,而且使用軍用標準必須經過批准。英國在裝備採辦管理中,不以軍用標準和軍用規範而以性能規範為主提出採購要求,給予承包商足夠的自由度和靈活性。日本1999-2002年間,共修改或廢止軍事技術標準及技術規範10231項,佔所有軍事技術標準的74%。 2003年,防衛廳在其製定的新武器裝備採辦政策中又提出,用民用技術標準取代約18000項防衛廳專用的軍品標準和規範。

美國著名防務學家Gansler估計,實行軍民一體化,美國國防部每年能節省相當於國防部採辦費總額的20%以上。雖然美國軍事研發經費占美總經費的支出比例從上世紀60年代的50%減到現在的15%,但美國的軍事技術反而獲得了突飛猛進的發展,主要就是得益於寓軍於民的新型體制。

【以信息化為新軍事變革特徵的軍民結合、寓軍於民】

面對新時代的國際競爭,以信息化為特徵的軍事裝備現代化正成為各國新軍事變革的核心內容之一。信息化時代的一個顯著特點是國防經濟與社會經濟的結合面越來越廣、軍用技術與民用技術融合度越來越深,科技創新和新軍事變革的關聯越來越緊。發達國家紛紛將信息技術作為國家研究戰略重點,美國和日本在信息領域的研發投入分別占到總研發投入的40%以上,美國國防部2005年科技預算中信息系統與傳感器佔35.7%。

(一)信息技術是所有民用工業技術中最容易實現亦軍亦民的領域

信息產業規模大而且相比其他工業領域技術更新快,沒有其他民用工業領域的技術像信息領域那樣更易實現亦軍亦民。美國自1999年先後發射了“快鳥”、“伊科諾斯”等高分辨率軍民兩用衛星,在2001年的阿富汗“持久自由行動”中,美國的“快鳥”和“伊科諾斯”衛星以20美元/km²的價格向美國防部提供了有關作戰地區的照相偵察圖像。基於民用信息技術的戰場信息網絡在伊拉克戰爭中也發揮了重要作用,通過衛星,無人機和其他機載傳感器獲得情報,在計算機地圖上每五分鐘更新一次友軍和敵軍位置。美國五角大樓聲稱,伊拉克戰爭中美空軍、海軍的信息化程度達到70%,地面部隊也達50%以上。美軍信息化建設取得如此迅速的進展,民技軍用扮演了重要角色。

(二)在民用市場廣泛考驗的信息技術在軍事上應用成本低且可靠實用

專用於軍事的信息技術雖然在訓練和軍事演習中也使用,但未經實戰洗禮畢竟考驗有限。民用信息產品市場規模大,上億人甚至數十億人的使用使其技術經受廣泛考驗,市場的激烈競爭也促使其加快改進和完善,產品方便易用,成本迅速下降。源於軍用的GPS和互聯網是一個很好的例子,它們在經過民用市場的競爭和普及完善後,以成熟可靠和低成本的方式在軍事應用中體現更大的價值。

(三)信息技術的軍事應用可以迅速提高戰鬥力

信息化武器裝備的性能要比機械化武器裝備高得多,但開發風險高、投資大,在其增加的造價中信息技術佔很大比重。很多民用高技術產品開發成本低廉,標準升級迅速,只需投入少量資金提高其性能指標就能達到軍用系統的要求,充分利用民用信息技術成果可以顯著降低成本。美、英、日等發達國家在發展信息化武器裝備體系,特別是各種軍事信息系統時,都直接從市場上民用科技部門和企業採購高技術設備,如通信器材、各種計算機、各類計算機軟件、安全防病毒軟件、衛星圖像分析設備等,最大限度地減少國防科研開發投資的風險。美國防部承包商就是由於直接採用現成的商用軟硬件,大大縮短了信息化武器系統的研製時間。

另外,利用信息技術改造和升級武器系統是迅速提高戰鬥力的有效措施。典型的武器系統的研製週期長達7-15年,其換代的成本很高。典型的民用信息技術商業硬件和軟件的研製週期是幾個月到幾年,手機和PC的更新換代就更快,用快速發展的民用信息技術對武器裝備進行改造,僅需很少的經費,每隔幾年原有武器裝備的性能就能上一個台階,從而延長了服役年限。西方國家的一項測算表明,對現有機械化武器裝備進行信息化改造,其研製時間和所需的費用,大約只相當於生產新型武器裝備的1/4至1/3。

(四)在軍隊信息化建設中民用信息技術和產品的使用有利於國防動員

軍隊通過使用民用信息技術產品加深了對這些技術了解,熟識這些產品的使用,戰時一旦有需要可以迅速徵集大量民用產品,而且在部隊中這些產品能迅速發揮效用。美軍中95%的軍事通信是在民用網上進行的,與商業網相聯的計算機達15萬台之多,伊拉克戰爭中美軍還徵用和租用了部分商業衛星和民用信息網絡,以彌補信息傳輸能力的不足。信息技術的複雜性使其裝備的維修變為故障模塊的更換,民用技術產品的採用有利於減少部隊裝備備件的庫存。另外,民用信息技術產品的使用也為民用信息技術企業參與部隊裝備維修提供了可能,從而也降低了部隊裝備的維修費用。 2003年,美國在伊拉克戰爭中,先後同全球4萬個生產商簽訂了50萬份物資保障合同,“承包商上戰場”實現軍隊後勤保障的社會化。

(五)在競爭中發展的民用信息技術的自主知識產權有助於改進國防信息安全

信息技術領域國際化、市場化走在了其他領域的前面,在專利方面的競爭也相當激烈,美日等十個發達國家到2005年底累計在華申請的發明專利中46.27%集中在信息領域。很多信息技術即便是基礎技術也很可能用在軍事領域,發達國家往往將此編入限制出口之列,尤其是對中國,因此無法通過引進或採購國外先進的武器系統來裝備我們的部隊。在國際政治、軍事形勢變化的關鍵時候,不排除存在引進的武器裝備某些關鍵配件被卡或某些功能失效的可能性。另一方面,我國民用信息技術經過國際競爭的打拼,得到了快速發展,國內信息技術企業創新能力也相應提高,一些技術已經達到了世界領先水平,例如第三代移動通信的TD-SCDMA。為了競爭和降低成本需要,國內很多企業的信息技術產品都有自主開發的專用芯片,改變了長期以來依賴國外芯片的狀況,同時開發能力迅速提高,為承接國防任務開發專用芯片打下很好的基礎。這些民用高技術和專用芯片在部隊裝備中的使用將以其自主技術避免我軍信息安全受制於人。

(六)充分利用地方網絡人才的優勢做好應對網絡戰的準備

信息化是雙刃劍,軍隊的信息化建設在提高作戰能力的同時也需要特別關注對信息網絡的安全防護。網絡戰的一個基本特點是不對稱性,攻擊成本低且易攻難守,網絡戰手段的特殊性將導致未來戰爭的“平民化”趨勢,“黑客”有可能成為戰爭的主角。為了防止出現“網絡’9·11’事件”,布什總統早在2002年就發布了第16號“國家安全總統令”,組建美軍歷史上也是世界上第一支網絡黑客部隊——網絡戰聯合功能構成司令部,陸軍和海軍也各有電腦應急反應分隊,空軍則建立了專門負責實施網絡進攻的航空隊。這些部隊由世界頂級電腦專家和“黑客”組成,目前已經正式編入了作戰序列。在美國拉斯維加斯最大的計算機展覽上,美國前助理國防部長莫尼曾在演講中對“黑客”們說:“如果你們考慮過餘生要幹些什麼,請務必不要忘記國防部。”此外,美軍還僱用一些黑客專門從事計算機漏洞測試工作。 2004年9月,美國成立了由28家專業化大公司組成的國際工業財團——網絡中心戰工業聯盟,加強信息技術領域方面的軍民協調。

(七)充分利用民用科技資源為強軍服務

據報導美國空軍在高科技專業方面缺少的上尉軍官多達2/3,陸軍海軍也面臨同樣的問題。美國防部、航天局等很重視發揮美國工程院和高校等科研機構及蘭德公司等在國防諮詢研究和人才培養的作用。據國外軍事專家估計,美、英、法、德、日等世界主要發達國家發展信息化武器裝備所需要的高新技術80-90%來自地方企業,10-20%來自軍方自己的科研院所,即基礎和兩用項目可由民用科技部門承擔,國防科技部門和軍隊科技部門專攻純軍事項目以及系統總體項目。美軍的偵察機EP-3的信息電子系統由多種功能設備組成,其中不乏市場上隨手可得的且技術上不見得先進的產品,但其集成後系統的性能上了一個台階,可見集成創新能提高價值。

我國科技人員和研發人員總量分別佔世界第一位和第二位,利用好這一智力資源將在敵我對比中顯著增強我軍的實力。建立軍民融合的科技創新體系,統籌軍民科技項目的發展,合理地部署軍民兩用項目,做到既不重複又能互補,在全國范圍內實現科技資源的優化組合,同時藉助地方資源大力培養部隊人才,保證國防建設處於戰略主動地位。中央軍委於2007年發出《軍隊吸引保留高層次專業技術人才的規定》,著眼加大引進和利用社會優質人才資源力度,進一步創新完善政策機制。建立院士顧問制度,聘請兩院院士擔任技術顧問,充分利用國家頂尖人才和智力資源,更好地為軍隊重大決策諮詢、重大科技攻​​關和高層次人才培養提供服務;在與軍事鬥爭準備密切相關的重大科研項目(課題)和重點建設學科,設立首席專家崗位,面向社會聘用高層次專業技術人才。

【抓住信息化機遇,促進軍民結合、寓軍於民】

我國的國防科研與工業體係是在計劃經濟基礎上建立起來的,計劃經濟的管理理念和手段仍然發揮著主導作用,封閉管理和自成體系妨礙了市場化理念的建立,也不利於合作創新文化的形成,軍工單位的績效考核指標中缺乏依靠和帶動民用產業發展的要求或使命,在科研計劃和裝備採購中軍品和民品脫節。改革開放以來,國防工業開​​始由單一軍品結構向軍民結合型結構的轉變,核工業、船舶工業、信息產業等的發展,受益於軍事技術向民品的轉移,國防工業對地方經濟社會的輻射帶動作用明顯增強,但是這些轉移還未上升到製度層面。另一方面,我國國內已經成長了一批具有創新和產業能力的民用高新技術企業,能夠勝任軍品任務,但因缺乏規範的軍品需求信息溝通渠道、有關的政策法規不完善等原因,基本上很少介入國防任務。民用科技部門如果沒有國家安全的迫切需求,也不可能在國防安全領域方面得到國家層次的有力支持,難以發揮更大的支撐作用,民用產業部門得不到承擔國防任務的扶持和鍛煉,也不利於其發展壯大。與發達國家相比,我國離軍民良性互動、協調發展的目標尚有不少差距,更為突出的是相應的法規和製度的滯後。軍民結合是國家行為和國家意志的反映,不僅要依靠技術創新,而且要依靠體制創新和機制創新來實現。

在中共中央辦公廳、國務院辦公廳2006年印發的《2006-2020年國家信息化發展戰略》中,指出全球信息化正在引發當今世界的深刻變革,重塑世界政治、經濟、社會、文化和軍事發展的新格局。加快信息化發展,已經成為世界各國的共同選擇。並明確提出了我國信息化發展的戰略方針——統籌規劃、資源共享,深化應用、務求實效,面向市場、立足創新,軍民結合、安全可靠。

在落實國家信息化發展戰略中,我們需要藉鑒國外思路,從法規、協調機制、標準和採購政策等戰略高度解決制約軍民結合的體制問題。當前需要建立健全招投標制度,形成公正公平的競爭態勢,盡量採用成熟的民間標準,引導和鼓勵掌握創新技術的企業特別是中小型公司進入國防領域,從而形成多供應商的新型國防產業體系,以軍工任務帶動民品開發​​水平提升,為國民經濟發展增添活力,實現軍民良性互動。

國外在促進軍民結合方面的一個重要經驗是從信息化入手。當今世界軍事變革,是以信息技術的飛速發展及其在軍事領域的廣泛應用為直接動力,信息化條件下局部戰爭所要達成的高技術優勢,單純依靠國防科技部門和軍隊系統自身難以奏效,軍民結合,寓軍於民是關鍵,信息技術是其中的重要抓手。在我國國家工業化、信息化融合發展的任務與軍隊機械化、信息化複合的發展目標中,信息化成為統籌經濟建設和國防建設的很好結合點。特別是國務院的大部製改革,催生了工業與信息化部,不但從組織上將工業化與信息化的管理有機統一,而且將民用產業與國防科技工業緊密結合,從體制上為抓住信息化戰略機遇加強軍民結合提供了重要保證。工業和信息化部在落實國家信息化和新型工業化發展戰略的同時,將充分考慮國防工業和武器裝備研製的發展需要,建立國家層面的軍民結合促進政策和協調機制,促進工業化、信息化和國防科技工業的全面協調發展和自主創新能力的提高,積極探索軍民結合市場化途徑,實現軍工與民用工業的規劃銜接、供需對接和資源共享[4],發揮雙向輻射帶動作用,推進國民經濟和國防現代化。

黨的十七大報告指出,“國防和軍隊建設,必須站在國家安全和發展戰略全局的高度,統籌經濟建設和國防建設”。 “堅持科技強軍,按照建設信息化軍隊、打贏信息化戰爭的戰略目標,加快機械化和信息化複合發展,積極開展信息化條件下軍事訓練,全面建設現代後勤,加緊培養大批高素質新型軍事人才,切實轉變戰鬥力生成模式”。 “調整改革國防科技工業體制和武器裝備採購體制,提高武器裝備研製的自主創新能力和質量效益。建立和完善軍民結合、寓軍於民的武器裝備科研生產體系、軍隊人才培養體系和軍隊保障體系,堅持勤儉建軍,走出一條中國特色軍民融合式發展路子”。上述重要論述是實現軍民結合科學發展的戰略方針。我們要抓住信息化的機遇,做好寓軍於民這篇大文章,在全面建設小康社會進程中實現富國和強軍的統一。

Original Source(s)

(1) http://www.cia.org.cn/subject/subject_08

(2) http://www.gov.cn/gongbao/content/2006/content