中國的網絡空間治理或衝突的困境選擇 –
China’s Dilemma Choice of Cyberspace Governance or Conflict
First, the changes and challenges of
cyberspace conflict Network space conflict from the behavior of the network threat to the perception and the resulting response. Network threats can be broadly divided into two categories: one is called cyber attacks, is deliberately destroying the behavior of the network system; the other is called cyber exploitation (cyber exploitation), that is, the use of network infrastructure to achieve illegal purposes, but Will not harm the network system itself. [1] The target of cyber attacks is aimed at national and non-state actors, including sovereign states, organizations and individuals, which can disrupt both hardware and software and other aspects of the computer, or by improperly invasive computer operating systems Information or implement remote control. Network attacks can cause network conflicts, and network conflicts can be upgraded to cyber warfare. A cyber war generally refers to the destruction and disruption of a nation or nation that infiltrates another country’s computer or network. [2] cyber war can seriously endanger the country’s political, economic and social security and stability, is the highest form of network conflict. <A I = 3> Network information technology has the immediacy, convenience, cheap nature, so that conflict and war becomes easy to operate and implement. Network information technology to the traditional conflict and war has undergone a subversive change. As long as there is a network of computers, a few people can implement a network attack, launched a small-scale war without smoke. Network space weapons development costs are very low, as long as there are one or two computers, and can achieve network connectivity, and then equipped with several high-level hackers, is enough to create a very lethal network weapons. [3] Therefore, the impact of the Internet on national security will be comprehensive, thorough and unprecedented. Network information technology from the continuous innovation and development of communication technology. The emergence and continuous updating of instant messaging technology has enhanced the efficiency of political decision-making on the battlefield. Network information technology for the innovation of weapons technology has an important role in promoting, especially in the era of nuclear weapons, computer technology to make nuclear weapons more accurate, reliable and high speed. During the Cold War, the United States and the Soviet Union attached great importance to the development of information processing technology. With the comprehensive development of computer technology, the United States first proposed the “information warfare doctrine” (information warfare doctrine), that is, the use of information technology, tactics and means beyond the opponent. Western scholars said that the current international society is no greater risk of weapons of mass destruction, but large-scale destructive weapons (weapons of mass disruption). [4] In the technical breakthrough, cyber space conflict and war more profound changes reflected in the behavior of the main, means of attack and the consequences of conflict and so on. (I) Increasing diversity of actors The cyberspace provides a broader platform for non-State actors to move beyond the limits of territory and sovereignty and to play a greater role in reality and in the virtual world. Traditional conflicts and wars occur between different groups, generally monopolized by powerful states, and individual individuals are difficult to attack groups. Network information technology has greatly enlarged the power of relatively weak behavior. With the help of a network information platform, small countries can challenge the hegemonic countries, small groups can attack the powerful sovereign states, individuals can also attack the group. The United States has always regarded North Korea as a threat in cyberspace. According to the US Fox News Network reported that the beginning of 2010, the report shows that North Korea has trained thousands of top computer students to become excellent “cyber warrior” (cyber Warrior), whose operational targets are locked for the United States and South Korea. [⑤] In recent years, terrorism has also gained the “new life” with the help of network carrier and information tools. Al Qaeda uses Internet technology to promote its extreme ideas, and use the network platform to implement member recruitment, online training, fund raising, remote command and other activities. It can be said that the cyber space of the hidden and open features to increase the international community to prevent and combat the difficulty of terrorism. [⑥] In 2008, a 14-year-old boy in Poland, through the invasion and control of the Lodz tram system, caused confusion, resulting in four trams derailed, 12 people were injured, the accident did not cause death. [⑦] for the increasingly diverse network attackers, the US Strategic Command Command Kevin Hilton (Gen. Kevin P. Chilton) vividly believes that “our enemy range, including not only the boring young hackers, but also criminal organizations, but also related to national actors.” [ 2] Attack means to constantly update the original intention of the development of the Internet is to facilitate the effective flow of information to achieve resource sharing, interoperability. Open environment will often bring more risks and challenges to security, cyberspace and thus appeared in the “offensive and defensive imbalance” problem. This structural imbalance triggers cyber malicious attacks, thereby reducing confidence in deterrence and effective defense. [⑨] static defense in cyberspace (static defenses), that is, passive defense, refers to the most powerful hackers as a new challenge or to be resolved. [⑩] Skilled cyber attackers can easily find network vulnerabilities and successfully bypass security defense software. Compared with the traditional conflict, cyber space in the attackers in a shelter, and specifically attack the target of the weak links. In the “offensive side of the defensive side” in the context of the network of offensive weapons has become very common. The general network of offensive weapons, including computer viruses, malware, logic bombs (logic bombs, denial of service (denial of service) and so on. Low-end network weapons, the goal is simply to steal information, access to passwords, modify the program, generally do not produce significant harm. By contrast, high-end network weapons can cause data or critical facilities to be interrupted or severely damaged. A series of cyber attacks can evolve into major emergencies, breaking critical services over a period of time, including disrupting military command or information systems, shutting down power supply or oil pipelines, and stopping financial services. In 2008, the US Department of Defense to store encrypted military information on the computer network had infected with malicious code. Malicious code diffuses to encrypted and unencrypted file systems without being perceived. Although it was found in time, but the US military is very scared that such an event may make its military confidential documents are uploaded to foreign intelligence agencies, and even unknown hostile forces, the consequences will be disastrous. [11] Complex high-end malicious code has a strong self-camouflage ability, it is difficult to be found, often has been caused after serious injury will be found. In 2010, Iran’s nuclear facilities were attacked by “Stuxnet” (Stuxnet), making Iran’s Natanz uranium enrichment plant 1 More than 1,000 IR-1 centrifuges have to be replaced due to abnormal operation and damage. The fact that the “shock virus” attack target is very accurate or single, that is, the German Siemens control system (SIMATIC WinCC). This is a data acquisition and monitoring (SCADA) system, widely used by Iran in the defense of basic industrial facilities. “Seismic virus” in the invasion of a computer, it will automatically find the Siemens software to confirm the software found, the virus will be unaware of the state control of industrial computer systems, and control the computer software to other factories on the computer Issue a given order. Network security experts believe that the “earthquake network virus” is the first physical world infrastructure for the target “precision guidance” worm. [12] As the first disclosure of “shock virus” German well-known network security experts, Ralph Langner (Ralph Langner) through systematic analysis, that “shock network virus” structure than imagined even more complex , Including two different “digital warhead” (digital warhead), respectively, for different offensive targets, uranium enrichment facilities and Bushehr nuclear power plant external turbine. He believes that the power of the second warhead is equivalent to the Bushehr nuclear power plant for a precise air strike. [13] US information security expert Kevin Clayman (Kevin Coleman) 2010 in the United States National Defense Science and Technology published an article that the number of network attacks will be a sharp upgrade. To support this assertion, he mentioned that the number of malware in 2009 reached the highest level in the past 20 years, with multiple reports showing that more than 25 million malware was confirmed, and that growth would continue. [14] Through the above examples, it is easy to see the cyber space in the offensive weapon technology content is high and has a strong pertinence. Such weapons are more subtle, more precise, more offensive and destructive than conventional weapons. At the same time, network offensive weapons can not be reused, must be constantly upgrading. Matin Libici, a digital warfare expert at the famous American think tank, argues that it is no longer a weapon once someone knows how the cyber warfare works. The best weapon is the enemy does not know, but they already have. [15] (c) the consequences of conflict unpredictable <a I = 11> opponents in traditional conflicts are clearly visible, and the results of the conflict are predictable. In the conflict of cyberspace, once the offensive weapon is in power, the damage scale and influence caused by it are constantly copied and disseminated, and it is difficult to get effective control as the traditional conflict. More seriously, cyber attacks can bring serious panic to society, which is more serious than traditional wars. All kinds of infrastructure in modern society are controlled by computer and Internet systems. Once the network attacks are affected by water, electricity and financial control systems, the losses will be immeasurable and may even cause serious social unrest. American scholars envisioned the serious consequences of cyber attacks: no air control system or airport security system, no electronic control of rail traffic, no reliance on electronic computer day and night delivery of parcels or e-mails, no employer through payment software to pay workers wages Check, no electronic withdrawal record, no automatic teller machine, hospital or health center No reliable digital record, no electricity leads no light, no heat, no refueling system or fuel, petrol, no traffic lights, no phone, no internet service , There is no police effective security management, this series of problems will make the American society into a short-term paralysis. [16] According to the CIA revealed that the number of cyber attacks against the US public utility network in 2007 showed that the person in charge of the power company was even reluctant to talk about the risk of these events because of fear of serious social panic. In addition, the openness of cyberspace makes the network attacks happen and its scope of influence will be diffuse. In April 2013, hackers stole the Associated Press’s Twitter account and posted a false message that US President Barack Obama was injured in an explosion at the White House. A few minutes later, the Associated Press official used another Twitter account before the account was stolen. White House spokesman also clarified by President Obama did not hurt the radio. But many people have seen the news of the stolen Twitter account, the event led to the Dow Jones Industrial Average and S & P500 index both fell, after the two trading index and rapid rebound. Alert alleged that the Twitter account has 2 million audiences, the release of instant messaging is very influential. [17] The incident also sounded the alarm to the US government, with a simple account stolen event is likely to trigger a financial panic, which seriously disrupt the social order. The above new features of cyber conflict governance have had serious consequences. The diversity of the behavior makes it difficult to change the concept in a short time to overcome the differences and differences of cognition. The continuous innovation of the network attack means makes the international legal system and deterrence difficult to play the role. The unpredictable consequence is aggravating the inter- Mutual suspicion. These factors will seriously hinder the formation of cyberspace conflict management mechanism and play a role. Second, the network space conflict governance mechanism of the plight of cyberspace conflict and the traditional sense of the international conflict is very different. The main actors in the current global governance mechanism are sovereign states, who propose a series of rules and regulations on the basis of understanding and understanding of traditional armed conflicts. But in cyberspace, the effective regulation of the behavior of non-State actors is a matter of law and morality. And “structural dilemma” and other practical problems also exacerbated the difficulty of cyber conflict. (A) cognitive differences hinder effective governance At present, countries on the core concept of network security understanding of the network security events and their attribution (attribution) and identified there are deep differences. For example, the United States, Britain, Japan, Germany, France and the European Union have developed a network security strategy, through comparison can be found, the parties to “cyberspace”, “network security”, “network war” and other core concepts defined difference. [18] In cyberspace, how to determine that some of the acts have violated the basic norms of international law and can be used to combat Can individuals and organizations become the target of a national network attack? How do you define the national sovereignty of cyberspace? For these questions, the current international legal system has no ready answers. The United Nations, as a broadly representative international organization for the maintenance of international peace and security, has its own limitations, highlighting the development of the Charter of the United Nations much earlier than the arrival of the cyber-information age and therefore does not take into account the issue of cyber attacks. It is difficult to define cyber attacks as the use of force in accordance with prevailing norms of international law. During the three weeks before the 2008 Russian-Russian war, Unknown Acts used a commercial IP address to launch a decentralized denial service in several countries to attack the Georgian president’s website. The outside world believes that the relevant malware (named MachBo) was written in Russia and used by Russian hackers, although there is no definite proof that the Russian government has planned and implemented cyber attacks. Another dilemma faced by current international legal norms is the blurring boundary between cybercrime and cyber warfare. Realistic disagreement is manifested in the fact that the attacked state considers cybercrime to be a cybercrime and encourages implementation or support in the back of the country that cyber attacks are a cyber warfare for the maintenance of national interests. It can be seen that the lack of unified cognitive standards and operational guidelines make cyberspace conflict management difficult to carry out. In general, cyberspace behavior can be divided into three categories, one is legal (recognized is legal); the second is crime (illegal, the current legal norms that it is a crime); three is not legal (by the state and Non-state actors are found to be malicious, but the existing legal framework is not clearly defined). To be sure, cyber attacks should first fall within the jurisdiction of domestic law. If the attacker violates domestic law, the government of the host country is bound to enforce the jurisdiction. If the attacker attacked the target of another country, and the relationship between the target country and the host country is not friendly, there is a realistic problem. Especially for intelligence gathering, disruption of communications, or network behavior such as issuing erroneous directives to the enemy, it is easy for the implementer to be deemed to be a cyber attack because of being favored by the host country, So that it will not be punished. [19] (b) difficult to effectively govern international legal norms <a There are indeed many problems with the current international legal system and governance mechanisms. First, the existence of existing rules on armed conflict applied to cyberspace issues; second, the existing international rules can be applied to cyberspace governance, the majority of international rules focus on inter-State conflict, and cyberspace in the unconventional conflict But the more and more; third, the lack of legal experts; Fourth, the current rules focus on how to limit the network war, but the physical and collateral damage and other potential issues less concerned. [20] These problems make the existing international legal system not only effective control of cybercrime behavior, nor can it provide legal protection for civilian infrastructure and ordinary civilians. The Law of War and Armed Conflict (“the Law of Armed Conflict”) originated in the mid-19th century and is a humanitarian norm that regulates violence and conflict. The law of armed conflict applies exclusively to the conflict between the regular forces of the state. Countries in 1864 on the “Geneva Convention” to reach a consensus in 1868 in St. Petersburg officially signed. But the law of armed conflict, the Charter of the United Nations in the legal control of the war and wartime war behavior constraints are not applicable to cyberspace. And the existing legal norms do not clearly define the “war behavior” (war of act) concept. In general, war refers to the legal consequences of the use of force between States. The law of armed conflict is based on the use of force and aggression. In cyberspace, there is a great deal of controversy over whether cyber attacks are equal to the use of force and should be governed by the law of armed conflict. On the one hand, although not explicitly defined, it is generally believed that cyber attacks are hostile in cyberspace using network and information technology to achieve a certain purpose or effect; on the other hand, whether a cyber attack can be called For the conflict or war, still need the international community generally recognized. [21] There are gaps in the existing international legal norms for the control network space conflict. Within the existing international legal framework, the international legal norms governing conflict are the law of armed conflict, whose main legal sources are international treaties and international customs. It is the sum of binding principles, rules and regulations, and systems that adjust the relations between the warring parties and the warring parties and the neutral States in war and armed conflict. [twenty two] The subject of the law of armed conflict rests with the State and does not involve the question of the exercise of jurisdiction over individuals and international organizations. In addition, in the network attack, how to effectively distinguish between military and non-military objectives is also a real challenge. In the field of traditional warfare, military and non-military objectives are clearly defined, just as green tanks carry soldiers, and yellow cars carry students. But in the absence of clear boundaries in the cyberspace, the boundaries of the two are vague. The blurring of boundaries will lead to bias and shift of offensive targets, such as the blow to a country’s military facilities likely to shift to civilian infrastructure targets. In the network war, for the commander, it is difficult to distinguish which networks have military strategic objectives, which goals are civil. The more difficult problem is that it is difficult to determine the attacker’s long-range attack. Even if it is possible to determine the presence of the attacker and the attack itself, it is difficult to determine the identity of the attacker. Cyber space conflict also exists on the application of the right of self-defense in traditional war. If a cyber attack against a country has occurred, the State under attack has the right to self-defense in accordance with the provisions of the Charter of the United Nations. But how to determine the implementation of the main body to determine whether the attack on the country’s attack, to define the extent of the attack, there is no uniform standard. Although the existing international legal system clearly stipulates that conventional wars can not use weapons of mass destruction, they are almost equivalent to the use of weapons of mass destruction if they are likely to be devastated by malicious code and malware. If this assumption is true, it will pose a serious challenge to the above principles. And if the network army in the public website embedded malicious code, and the infection code of the non-military system than the military system, which should be considered a violation of the principle of abuse of weapons. Whether there is a “network of weapons of mass destruction” in cyberspace, and the international community has not reached a consensus on the use and co-operation of these weapons that can cause serious consequences. In addition, the development of network information technology in the 21st century makes the soldiers separated from their war behavior. The closer the separation of the acts of war, the harder it is to preserve the humanitarian spirit implicit in the law of armed conflict. At the same time, the openness of cyberspace makes the public and private, government and private network mutual penetration, overlap each other. This will result in a joint attack on the consequences of a network attack and may cause physical damage and injury. (C) the network deterrence lost utility <a I = 25> cyberspace The international legal system is not yet sound is an existing fact, then can the cyber deterrence strategy be effectively implemented and achieve the intended purpose? The deterrence strategy emphasizes the strength and the will of the contest. Deterance refers to the strength of one party is strong enough to make its opponents can not attack, otherwise it will pay a significant price. The prerequisite for deterrence is the possibility and credibility: the possibility that one party has the absolute ability to launch retaliation and counterattack, credible means that at the crucial moment one party decides to impose the necessary blow to its opponent. To achieve the purpose of affecting the opponent’s decision-making, you need to let the opponent clearly understand and perceive the deterrent implementation of the absolute strength and revenge. In reality, there are serious limitations in the use of deterrence strategies in cyberspace: first, deterrence theory is generally applied between two powerful opponents, the deterrent can be effective to assume that the other is rational, can not bear the cost of attack. But in cyberspace, there may be a serious asymmetry between the attacking entity and the attacked object, and even if effective retaliation is implemented, the purpose of deterrence can not be achieved. Second, the asymmetry of retaliatory means would disrupt the existing international rules. If the network attacker only launched a general decentralized denial of attack, only led to the attacking country network system paralysis, if the attacking countries using conventional military and nuclear forces to fight back, will cause a lot of economic losses and casualties, which will Deviation from the “principle of proportionality” in international law, the return action will be the loss of legal legitimacy. Finally, cyber attacks are instantaneous, one-off, successful, or failing only in the twinkling of an eye. Successful attacks can cause harm, and the victim is retaliated after being attacked, and deterrence will be completely lost because the injury has arisen. In a cyber environment, a party that initiates a cyber attack usually attacks an attack through a “zombie computer” (a computer that has been hijacked after it invades), which adds significant difficulty to the attacker’s determination of the attacker. In addition, the process of determining the identity of the attacker takes a long time, after the confirmation is correct, the loss has been generated and irreversible. Re-implementation of such retaliation under such conditions would challenge the “self-defense principle” under international law, since Article 51 of the Charter of the United Nations clearly stipulates that “self-defense” is prerequisite for action against force. The more challenging issue is that if the attackers are identified as being an organization or an individual, the various norms of international law will not work. Former deputy secretary of the United States Department of Defense William Lynn Lynn) also mentioned the difficulty of the network deterrent, “deterrence credible prerequisite for the identity of the adversaries to confirm no doubt, but in the cyberspace almost no such case.” [23] (d) “structural problems” threat to international cooperation and the real world, cyberspace is also in anarchy. In this state, there is no absolute authority, so the relationship between the cyberspace state is facing a “structural problem.” This is highlighted as two aspects: First, the network developed countries and emerging network power between the competitive relationship, which is reflected in the network security issues on the two camps, “different voices.” The first camp is the United States led the Western countries group, they have introduced the corresponding national network security strategy, and put forward the values of Western countries to reflect the cooperation and governance philosophy. In March 2014, the United States stated that it had strengthened bilateral and multilateral coordination and cooperation with the EU in matters related to the Internet. The United States made it clear that US-European cooperation is based on shared values, common interests, multi-stake governance concepts, cyber freedom and the protection of cyberspace human rights. [24] Early 2015, the United States and the United Kingdom expressed the need to protect key infrastructure, strengthen network defense, support network academic research and other aspects of pragmatic cooperation. [25] In June the same year, the United States and Japan to enhance network deterrence and strengthen information and intelligence sharing agreement. [26] It is not difficult to find that the first camp headed by the United States places more emphasis on the values of freedom and democracy in cyberspace and strengthens its own network deterrent. The second camp is China, Russia and other emerging countries group. “Prism door incident” occurred, China and Russia and other countries are very concerned about maintaining the network of national sovereignty, called on the international community to pay attention to the United States to cyberspace open, free in the name of the actual violation of the sovereignty of other countries. At the BRICS National Summit in Brazil in 2014, Russia proposed strengthening the BRIC network security cooperation. [27] Russia and China as the representative of the BRIC countries that “WikiLeaks” and “prism door incident” shows that the United States and other Western countries in the network security issues on the implementation of double standards: on the one hand advocate the so-called absolute freedom of cyberspace, On the other hand use the network to steal other countries information. One of the two camps advocated “network freedom first”, the other side advocated “network sovereignty first”, the two sides views obvious and difficult to eliminate. <A I = 32> Second is the inequality between developed and developing countries. Developed countries because of the advantages of early development, has been in the network information technology has the initiative; and the majority of developing countries due to historical, economic development and technical conditions and other factors, network information technology has long been lagging behind. According to the statistics of the International Telecommunication Union and other relevant agencies, the number of online online users has reached 2.3 billion by 2011, the Internet penetration rate in developing countries is about 25%, the penetration of the Internet in developed countries is 70%, and the per capita Internet users in Europe Bandwidth is equivalent to 25 times the bandwidth of Africa’s per capita. [28] Inequality in status will allow the vast majority of developing countries to remain marginal and passive. Although the United States and other Western countries put forward on the network security issues to the vast number of developing countries to provide the necessary assistance, but because they are in the implementation of assistance along with the concept of Western values, in fact, the majority of developing countries, “value output.” The majority of developing countries are very worried about the United States and other Western countries to form a network security technology level of “dependency”, the network space conflict governance North-South cooperation is also difficult to achieve. Third, the network space conflict mechanism of governance mechanism to explore the war has entered the information age, the existing international law should be necessary to improve and upgrade. The diversity of actors, the escalating offensive technology, and the uncertainty of the consequences call global governance of cyberspace conflicts. People are aware that cybercrime, cybercriminals, and cyber-terrorism have become global problems that can not be solved by the power of individual countries alone. Thus, the issue of cybersecurity is not just the domestic security of individual countries, but it is necessary to carry out long-term, extensive and in-depth international cooperation. At the same time, the existing international legal norms need to be updated and perfected. In the case of international legal norms governing the international conflict, prevention and control of cyberspace conflicts should be increased. At the same time, cyberspace cooperation requires the cultivation of peace and cooperation, development and win-win governance philosophy. Only the concept of governance enjoys popular support, international cyberspace conflict governance action will be concerned about, but also in the international community is widely recognized. (A) the transformation of global governance awareness Although there are Estonia, the Georgia network attack and “earthquake network virus” on Iran’s nuclear facilities caused serious damage and other typical cases, but so far there has been no large-scale inter-country network conflict. Nevertheless, people are still highly concerned about the cyberspace conflict, the urgent need to change the corresponding sense of governance. <A First, the most important subject involved in the management of cyberspace conflict is still the sovereign state. Although the role of individuals and groups is magnified by cyberspace, their power is still limited. Individuals and groups lead to large-scale network conflict and even the possibility of war is still minimal. Therefore, the focus on the network conflict should still be the country. Only countries in accordance with the law to effectively manage and regulate their own and their domestic organizations, individual behavior, cooperation between countries can play a role. Second, to coordinate and integrate the power and resources. Need to pay special attention to is that cyberspace itself beyond the borders, can not fully rely on government and national power. The United States and Europe and other Western countries in the network defense is the most worth learning experience is the full integration of civil resources, to achieve effective interaction between the official and civil. Should be aware of non-state actors in the field of cybersecurity in the important role, rather than national actors also hope to cooperate with the government to reduce network risk. [29] In 2010, the National Security Agency (NSA) in the Google company suffered high persistence attacks (Advanced Persistent Threat, APT), to provide information and technical assistance. [30] The basic elements of cyberspace are individuals and social groups, only to stimulate the vitality of individuals and social organizations, to enhance their network security and cooperation awareness, cyberspace will be more secure. In the government’s active promotion, the integration of technical personnel, experts and scholars, social groups, enterprises, government and other resources in order to effectively eliminate all kinds of cyberspace threats. In some cases, the need to deal with cyberspace problems also need to find answers in the network. In reality, the use of “white off” is an important strategic choice. In January 2014, the Russian Federation Committee proposed the use of “white off” (no criminal criminal record, can find a system of loopholes and experienced network of experts) services to deal with complex and volatile network attacks. [31] US network security software vendor experts also stressed that should be concerned about the “white” group, can not let it be tempted by the dark forces or even use. [32] Third, the implementation of hierarchical management of network behavior. The biggest challenge facing the international community is that countries can not agree on many cyberspace governance issues. From the point of view of harm, low to high behavior includes cyber vandalism, cyber espionage and cybercrime, denial of service, cyber attacks and large-scale cyber attacks. The first three categories already exist, and network attacks and large-scale network attacks have not yet occurred, although it is the most concern, but also the most likely to lead to network conflict behavior. Because cyber attacks and large-scale cyber attacks are targeted at key infrastructure, it can lead to serious social unrest in the attacked countries. Thus, such acts are almost intolerable and can cause reprisals by the injured State. For the first three categories of relatively light sabotage, the parties can be resolved through consultation and cooperation; for possible serious consequences of network attacks and large-scale attacks, countries should be through consultation to achieve a clear ban on such acts of cyberspace international code of conduct The (B) to cultivate the concept of cooperation in cyberspace “attack side overwhelming” reality makes cyberspace deterrence difficult to achieve, which will encourage the network intruder from another direction, eventually leading to network arms race. On the surface, the attack can bring some benefits and produce a sense of security, but the consequences will be cyberspace behavior between the competition, mutual hostility. Therefore, in the Internet, open network space is impossible to obtain absolute security. <A I = 42> On the contrary, if the defensive side is dominant, the behavior is more inclined to cooperate. Any threatened intrusion is carried out on the basis of successful defensive measures. Therefore, to enhance the defense capacity in order to obtain positive and lasting security. This requires the establishment of two types of mechanisms: one is the early warning mechanism, so that the attacked countries can early detection and take the necessary preventive measures. From the “network virus” attacks can be seen in the case, the virus invasion must bypass the victim’s security firewall. If you take a security defense measures, “earthquake network virus” is unable to implement the damage. Second, the information sharing mechanism, the parties to coordinate and cooperate with each other will help to achieve common security. This first requires the sharing of information between countries, which can increase mutual trust, is conducive to pragmatic and effective cooperation to achieve mutually beneficial win-win goal. Second, the sharing of information between government and private enterprises is also necessary. In many cases, the country’s infrastructure is operated by private enterprises, but there are obvious shortcomings in the information and intelligence collection channels, quantity and quality compared with the country. Third, in the network space conflict management should also focus on cultivating the “humanitarian” spirit, in the physical space to attack the party has the obligation to minimize the harm of civilians. Any country with strong technical capacity must also consider minimizing civilian damage when using cyber weapons. Some scholars even believe that the degree of damage caused by network weapons should be limited to less than a bomb damage. [33] (c) the establishment of conflict governance mechanism The international community has been advocating the creation of international mechanisms for conflict resolution, its purpose is through the policy coordination between countries, on the basis of consensus on the formation of network conflict management mechanism, and gradually establish cyberspace International order, and thus cultivate a global network of space management culture. [34] The international community attaches great importance to the inconceivable destructive power and influence of cyber space conflicts. In practice, attempts are made to bilateral and multilateral cooperation and have achieved some results, which can provide the necessary reference for the construction of global cyberspace governance mechanism. As the most influential intergovernmental organization, the United Nations should play a leading role in the governance of cyberspace conflict. The United Nations cyberspace conflict management mechanism is not widely represented and is not universally recognized by the international community. As early as 2006, the United Nations set up an open Internet Governance Forum (Internet Governance Forum, IGF). [35] As of 2014, the Internet Governance Forum has been held for nine consecutive sessions. In April 2015, the United Nations launched a dialogue with Russia on the International Convention on Cybercrime, but there was no consensus on the serious differences between developed countries and developed countries and organizations such as the United States, Canada and the European Union. This shows that countries have opened the door to dialogue for a global agreement. [36] As a specialized agency of the United Nations, the International Telecommunication Union (ITU) has also played an important role, actively advocating the “stakeholder” (stakeholder) concept, called on countries around the world to participate in the process of safeguarding the international community network security. The exploration and attempt of the international community shows that cyberspace governance itself is part of global governance. Every country faces the threat of cyber attacks, network conflicts and even cyber warfare. Participation in multilateral cooperation is the best choice for all countries to safeguard their own interests. At the same time, regional international organizations are also exploring new models of cyberspace governance. The 7th SCO Council of the Shanghai Cooperation Organization (SCO), held in 2007, proposed the Action Plan for information security, emphasizing the state’s control over the network system and information content. At the beginning of 2008, NATO convened an emergency meeting of the North Atlantic Council for the Estonian incident and introduced a cyber-defense policy, which for the first time established cyber security issues as the content of its collective defense obligations. NATO claims that if its member countries are subjected to catastrophic cyber attacks, the new cybersecurity policy will provide an effective counterattack tool. In April, NATO Cyber Defense Management Authority (CDMA) was established to form a unified deployment of allied network action capabilities. In May, the Cooperative Cyber Defense Center of Excellence, CCS COE) was formally established in Tallinn to strengthen the comprehensive capabilities of NATO’s network defense, and the establishment of the two institutions became a symbol of NATO’s network defense. [37] NATO officials also expressed their intention to cooperate safely with cyberspace in South Korea and other East Asian countries. In the current global governance mechanism, the success of cyberspace conflict management is the Mutual Legal Assistance Treaties (MLATs). It is aimed at nationally recognized cybercrime, which stipulates that participating countries share information, evidence and other forms of cooperation. The treaty is mainly applicable to the use of the network system to implement the crime. The Council of Europe Convention on Cybercrime (CEC) was signed by the Council of Europe in 2001 to define and punish the deterrence of cybercrime. The Cybercrime Convention is the most important multilateral cooperation agreement against cyber attacks and the world’s first international convention against cybercrime, which will have a significant impact on the legislation of many countries. Some scholars have suggested that international justice cooperation in the fight against cybercrime be carried out in accordance with the Convention. [38] Joseph Chennai believes that restricting all cybercrime is impossible, but it can be done from combating cybercrime and cyber-terrorism, and the great powers have many common interests on these issues. [39] Whether it is the United Nations or other regional international organizations, through their own practice to explore the global model of cyberspace governance. These practices will greatly enrich the theoretical basis and practical experience of cyberspace conflict management, which is of great significance to promote the international community to construct the relevant governance mechanism. The ultimate goal of cyberspace conflict management is to break through the differences of ideas, on the basis of common interests, to achieve beyond the borders, areas, levels of all-round, three-dimensional cooperation, and ultimately clean up the network space, to good governance. This process may take a long time and requires the joint efforts of the international community. China’s role and contribution in cyberspace conflict management According to China’s Internet Center (CNNIC) released the 36th “China Network Development Statistics Report” shows that by June 2015, the number of Internet users in China has reached 668 million, the Internet Penetration rate of 48%. 4%. This shows that China is already the largest number of Internet users in the country, but also shows that the Chinese people’s production and life, economic growth and innovation are closely related with the network, China has become a veritable global network power. As a global power, China has always positioned itself as a participant, builder and practitioner in cyberspace security governance. China’s national strategy is to develop from a network of major powers as a network power, and to promote the development of balanced development, sound rules and reasonable order of the global network space and make unremitting efforts. As the largest developing country, China has long been committed to the struggle for the vast number of developing countries, and actively participate in the construction of peace, security, openness and cooperation of cyberspace, and promote the establishment of multilateral, democratic and transparent global Internet governance system. At the same time, the Chinese government has put forward the principle of network governance with Chinese characteristics on the basis of the existing experience of governance, such as the rule of law, the order priority and the positive integration, which is similar to those of China. Furniture has important reference value and reference significance. [41] In September 2015, when the Chinese President visited the United States, he said in a written interview with The Wall Street Journal that China was a strong defender of cybersecurity. On the one hand, China will strengthen cooperation with the United States, the European Union, Russia, through the establishment of bilateral and multilateral cooperation mechanism to increase mutual trust, and is committed to building network security code of conduct. On the other hand, China will be more active in cyberspace global governance, and strive to incorporate the concept of safeguarding network sovereignty, network fairness and pragmatic cooperation advocated by China into cyberspace international standards. At the same time, China will also fulfill its commitments to actively promote the construction of cyberspace global order. In addition, China is working on the development of national network security for the relevant legal norms. In June 2015, the National People’s Congress for the first time considered the “People’s Republic of China Network Security Law (Draft)”. Article 5 of the General Regulations clearly states that “China will actively strengthen international exchanges and cooperation in the areas of cyberspace governance, network technology research and development and standard setting, and crack down on crimes against the Internet, and promote the construction of peaceful, safe, open and cooperative cyberspace. [42] This shows that China is committed to the law through the definition of network security, safeguarding network sovereignty, standardize network behavior, promote international cooperation in cyberspace. At the same time, China is also actively advocated in cyberspace governance to play the leading role of the United Nations. In 2011, China and Russia jointly submitted the International Code of Conduct for Information Security to the 66th Session of the General Assembly, put forward a series of basic principles of national conduct on the maintenance of information and cybersecurity, and called on countries to carry out further discussions within the framework of the United Nations. [43] In June 2013, China and the United States and other 15 countries in the United Nations network security dialogue, clearly advocated the “United Nations Charter” applies to cyberspace. [44] In 2014, China and the United Nations jointly organized the International Symposium on Information and Internet Security, which is an important manifestation of China’s international rules for promoting cyberspace. In December 2015, Chinese President Xi Jinping delivered a speech at the Second World Internet Conference to elaborate on China’s basic position on cyberspace development and security, demonstrating China’s forward-looking thinking about the future development of cyberspace and calling for Countries around the world should strengthen communication, expand consensus, deepen cooperation, and jointly build the network space fate community. [45] In addition, China is also actively safeguarding the cyberspace interests of developing countries and “network sovereignty”. China advocates bridging the digital divide on multiple international occasions. Cyber space threat is no border, its impact is transnational. Network vulnerabilities in many developing countries will be targets of attack, and they may also be manipulated into “bonnet” (bonnet) to attack other countries. In the field of Internet technology applications and development, there is a clear gap between China and Western countries. China advocates that the network is primarily used for commercial purposes and not for political and military purposes. In the future, China will continue to carry out independent research and development and innovation in network security technology. These network security technologies can become an important part of China’s foreign technical assistance. At present, China is promoting the “one way along the road” construction, which focus on cooperation, including the promotion of national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation. In 2014, China and the United Nations jointly organized the International Symposium on Information and Internet Security, which is an important manifestation of China’s international rules for promoting cyberspace. In December 2015, Chinese President Xi Jinping delivered a speech at the Second World Internet Conference to elaborate on China’s basic position on cyberspace development and security, demonstrating China’s forward-looking thinking about the future development of cyberspace and calling for Countries around the world should strengthen communication, expand consensus, deepen cooperation, and jointly build the network space fate community. [45] In addition, China is also actively safeguarding the cyberspace interests of developing countries and “network sovereignty”. China advocates bridging the digital divide on multiple international occasions. Cyber space threat is no border, its impact is transnational. Network vulnerabilities in many developing countries will be targets of attack, and they may also be manipulated into “bonnet” (bonnet) to attack other countries. In the field of Internet technology applications and development, there is a clear gap between China and Western countries. China advocates that the network is primarily used for commercial purposes and not for political and military purposes. In the future, China will continue to carry out independent research and development and innovation in network security technology. These network security technologies can become an important part of China’s foreign technical assistance. At present, China is promoting the “one way along the road” construction, which focus on cooperation, including the promotion of national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation. In 2014, China and the United Nations jointly organized the International Symposium on Information and Internet Security, which is an important manifestation of China’s international rules for promoting cyberspace. In December 2015, Chinese President Xi Jinping delivered a speech at the Second World Internet Conference to elaborate on China’s basic position on cyberspace development and security, demonstrating China’s forward-looking thinking about the future development of cyberspace and calling for Countries around the world should strengthen communication, expand consensus, deepen cooperation, and jointly build the network space fate community. [45] In addition, China is also actively safeguarding the cyberspace interests of developing countries and “network sovereignty”. China advocates bridging the digital divide on multiple international occasions. Cyber space threat is no border, its impact is transnational. Network vulnerabilities in many developing countries will be targets of attack, and they may also be manipulated into “bonnet” (bonnet) to attack other countries. In the field of Internet technology applications and development, there is a clear gap between China and Western countries. China advocates that the network is primarily used for commercial purposes and not for political and military purposes. In the future, China will continue to carry out independent research and development and innovation in network security technology. These network security technologies can become an important part of China’s foreign technical assistance. At present, China is promoting the “one way along the road” construction, which focus on cooperation, including the promotion of national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation. The focus will include advancing national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation. The focus will include advancing national and regional network infrastructure. At the same time, China is also willing to assume more responsibility and play an active role in cyberspace cooperation.
Original Mandarin Chinese:
簡介
網絡空間安全治理問題正日益引起國際社會的普遍關注;其中,網絡空間衝突治理問題更是備受關注。與現實的物理空間衝突相比,網絡空間衝突具有行為體多元化、進攻手段快速更新、衝突後果不可預知等新特點。這導致網絡空間衝突治理面臨認知分歧嚴重、規範難以有效管轄、威懾無效和“結構性難題”等現實挑戰。因而,網絡空間衝突治理需要轉變治理理念,通過國家間務實合作,整合各方優勢資源,構建網絡空間全球治理機制,並培育合作、共享的治理文化。作為全球網絡大國,中國一直以來都積極倡導建立多邊、民主、透明的全球治理體系。同時中國將在創新治理理念,彌合數字鴻溝,開展雙邊、多邊國際合作等方面,為構建網絡空間國際規則和全球網絡治理機製作出積極貢獻。
正文
隨著網絡信息技術在全球範圍內的廣泛應用和快速發展,網絡與國家安全的關係日趨緊密且受到各國高度重視。在安全議題中,最引人關注的是網絡空間衝突。網絡空間被軍事戰略學家和未來學家稱為“下一個戰爭空間”(next battlespace)。各國政府在網絡空間中的首要目標是確保本國的核心利益不受損害,保障國民免受網絡襲擊的侵擾。但現實情況是絕大多數網絡襲擊並非由政府直接發動和實施,而是由非國家行為體直接策劃操作。而且,發動網絡襲擊的成本低廉、行動隱蔽,且能引發嚴重後果。這也造成網絡空間容易爆發衝突甚至網絡戰爭(cyber warfare)。一旦網絡空間發生衝突或戰爭,其規模和影響範圍將難以估量。網絡空間衝突也可能導致國家間在現實世界中的直接敵對與衝突。此外,由於缺乏必要的國際法律管轄與規範,網絡空間衝突治理也面臨著嚴峻挑戰。有效控製網絡空間衝突的烈度,制定網絡空間國家行為準則,將是國際社會探索網絡空間衝突治理的新課題。
一、網絡空間衝突的變化與挑戰
網絡空間衝突源於行為體對網絡威脅的感知和由此作出的反應。網絡威脅大致可分為兩類:一類被稱為網絡襲擊,是指蓄意破壞網絡系統的行為;另一類被稱為網絡牟利(cyber exploitation),即利用網絡基礎設施來達到非法目的,但不會對網絡系統本身造成傷害的行為。 [①] 網絡襲擊針對的目標是國家和非國家行為體,包括主權國家、組織和個人,既可以破壞軟硬件和計算機的其他方面,也可以通過非法入侵計算機操作系統,運用不正當的手段獲取信息或實施遠程控制。網絡襲擊可能引發網絡衝突,而網絡衝突又可能升級為網絡戰爭。網絡戰爭一般是指一個民族國家為滲入另一個國家的計算機或網絡所進行的破壞和擾亂行為。 [②] 網絡戰爭可能嚴重危害國家的政治、經濟和社會安全與穩定,是網絡衝突的最高形式。
網絡信息技術所具備的即時性、便捷性、廉價性特質,使衝突和戰爭變得易於操作和實施。網絡信息技術使傳統的衝突與戰爭發生了顛覆性變革。只要有一台聯網的計算機,少數人就可以實施網絡攻擊,發動一場沒有硝煙的小規模戰爭。網絡空間的武器開發成本極低,只要有一兩台計算機,且能夠實現網絡連接,再配備幾名高水平的黑客,就足以製造極具殺傷力的網絡武器。 [③] 因此,互聯網對國家安全的影響都將是全面的、徹底的和前所未有的。網絡信息技術源自通訊技術的不斷創新與發展。即時通訊技術的出現和不斷更新,提升了戰場上的政治決策效率。網絡信息技術對於武器技術的革新具有重要推動作用,尤其是在核武器時代,計算機技術使核武器更加精準、可靠和高速。冷戰時期,美、蘇兩國十分重視發展信息處理技術。隨著計算機技術的全面發展,美國率先提出了“信息戰理念”(information warfare doctrine),也就是利用信息技術力量,在策略和手段方面超越對手。西方學者表示,目前國際社會最大的隱患不再是大規模殺傷性武器,而是大規模破壞性武器(weapons of mass disruption)。 [④] 在技術突破之外,網絡空間衝突與戰爭更深刻的變革體現在行為主體、攻擊手段和衝突後果等方面。
(一)行為主體日益多元化
網絡空間為非國家行為體提供了更加廣闊的活動平台,使其可以超越領土和主權的限制,在現實和虛擬世界發揮更大的作用。傳統的衝突與戰爭發生在不同群體之間,一般被實力強大的國家所壟斷,而單獨個體難於發動對群體的攻擊。網絡信息技術極度放大了相對弱小行為體的力量。借助於網絡信息平台,小國可以向霸權國發起挑戰,規模小的群體可以向實力強大的主權國家發動襲擊,個人也可以發動對群體的攻擊。美國一直以來都將朝鮮視為網絡空間中的威脅。據美國福克斯新聞網透露,2010年年初的報告顯示,朝鮮已經培訓了數千名頂級的計算機專業學生成為出色的“網絡戰士”(cyber warrior),其行動目標鎖定為美國和韓國。 [⑤] 近年來,恐怖主義也藉助網絡載體和信息工具獲得了“新生”。基地組織利用互聯網技術宣傳其極端理念,並利用網絡平台實施成員招募、在線培訓、資金募集、遠程指揮等活動。可以說,網絡空間的隱蔽性和開放性特徵加大了國際社會防範和打擊恐怖主義的難度。 [⑥] 2008年,波蘭一名14歲少年通過入侵並控制洛茲市(Lodz)的有軌電車系統,從而引發混亂,導致4輛電車脫軌,12人受傷,所幸事故未造成人員死亡。 [⑦] 對於日益多元化的網絡襲擊者,美國戰略司令部司令凱文·希爾頓(Gen. Kevin P. Chilton)曾形像地認為,“我們的敵人范圍,不僅包括令人厭煩的年輕黑客,也包括犯罪組織,還涉及國家行為體”。 [⑧]
(二)攻擊手段不斷更新
互聯網發展的初衷是便於信息的有效流動,實現資源共享、互聯互通。開放的環境往往會給安全防禦帶來更多風險和挑戰,網絡空間中因而出現了“攻守不平衡”問題。這種結構上的不平衡會激發網絡惡意攻擊,從而降低對威懾和有效防禦的信心。 [⑨] 網絡空間中的簡單靜態防禦(static defenses),即被動防禦,是指最多被強大的黑客視為一個新挑戰或待解決的問題。 [⑩] 技術嫻熟的網絡襲擊者能夠輕鬆找到網絡漏洞並成功繞開安全防禦軟件。與傳統的衝突相比,網絡空間中的襲擊者處於隱蔽處,並專門攻擊目標的薄弱環節。在“攻方壓倒守方”的背景下,網絡進攻性武器變得十分普遍。一般的網絡進攻武器,包括計算機病毒、惡意軟件、邏輯炸彈(logic bomb)、拒絕式服務(denial of service)等。低端網絡武器的目標只是簡單的竊取信息、獲取密碼、修改程序等,一般不會產生重大危害。相比較而言,高端網絡武器能夠造成數據和關鍵設施的中斷或嚴重受損。一系列的網絡攻擊能夠演變為重大突發事件,在一段時期內中斷關鍵服務,包括破壞軍事指揮或信息系統,關閉電力供應或石油管道,停止金融服務等。 2008年,美國國防部儲存加密軍事信息的電腦網絡就曾感染惡意代碼。惡意代碼在未被察覺的情況下擴散到加密和未加密文件系統。雖然被及時發現,但美國軍方對此十分恐慌,認為此類事件可能會使其軍事機密文件被上傳給國外情報機構,甚至是未知的敵對勢力,後果將不堪設想。 [11]
複雜高端的惡意代碼具有很強的自我偽裝能力,很難被發現,往往是在已經造成嚴重傷害後才會被發現。 2010年,伊朗核設施受到“震網病毒”(Stuxnet)的攻擊,使伊朗納坦茲鈾濃縮工廠的1 000多台IR-1型離心機由於非正常運轉並遭到破壞而不得不更換。事實表明,“震網病毒”的攻擊目標非常精確或單一,即德國西門子公司控制系統(SIMATIC WinCC)。這是一款數據採集與監視控制(SCADA)系統,被伊朗廣泛使用於國防基礎工業設施。 “震網病毒”在入侵一台電腦後,就會自動尋找西門子軟件,確認找到軟件後,這種病毒會在無人察覺的狀態下控制工業用的電腦系統,並控制電腦軟件對工廠其他電腦發出既定指令。網絡安全專家認為,“震網病毒”是第一個以物理世界基礎設施為攻擊目標的“精確制導”蠕蟲病毒。 [12] 作為第一個披露“震網病毒”的德國著名網絡安全問題專家,拉爾夫·朗納(Ralph Langner)經過系統分析,認為“震網病毒”的結構比想像中的還要復雜,包含兩個不同的“數字彈頭”(digital warhead),分別針對不同的進攻目標,鈾濃縮設施和布什爾核電站的外部渦輪機。他認為第二個彈頭的威力相當於對布什爾核電站進行一次精確的空中打擊。 [13] 美國信息安全問題專家凱文·克萊曼(Kevin Coleman)2010年在美國國防科技網上發表的文章認為,網絡襲擊的數量將會急劇升級。為支持這一論斷,他提到2009年惡意軟件的數量達到了此前20年來的最高水平,多份報告顯示超過2 500萬個惡意軟件被確認,而且這種增長趨勢還將繼續。 [14]
通過以上事例,不難看出網絡空間中的進攻武器技術含量高且具有極強的針對性。這樣的武器比常規武器更隱蔽、更精準、更具進攻性和破壞性。與此同時,網絡進攻性武器不能重複使用,必須不斷升級換代。美國著名智庫蘭德公司的數字戰專家馬丁·利比奇(Matin Libici)認為,一旦有人了解了網絡戰武器的工作原理,它就不再是一種武器了。最好的武器是敵人所不知,但自己卻已擁有的。 [15]
(三)衝突後果不可預知
傳統衝突中的對手是清晰可見的,衝突的結果也是可以預測的。在網絡空間的衝突中,進攻武器一旦發揮威力,所造成的破壞規模和影響力一般都會不斷地複制和散播,很難像傳統衝突那樣能夠得到有效控制。更為嚴重的是,網絡襲擊會給社會帶來嚴重恐慌,其後果比傳統戰爭更為嚴重。現代社會中的各類基礎設施都是由計算機和互聯網系統控制,一旦網絡襲擊波及水、電、金融控制系統,帶來的損失將是無法估量的,甚至可能造成嚴重的社會動盪。美國學者設想了網絡攻擊可能引發的嚴重後果:沒有航空控制系統或者機場安監系統,沒有電子管控的鐵路交通,沒有依賴電子計算機日夜投遞的包裹或郵件,沒有雇主通過支付軟件支付工人工資的電子支票,沒有電子取款記錄,沒有自動取款機,醫院或者健康中心沒有可信賴的數字記錄,沒有電力導致沒有燈光,沒有熱力,沒有加油系統或者燃料、汽油,沒有交通信號燈,沒有電話,沒有網絡服務,沒有警察有效的治安管理,這一系列問題將使美國社會陷入短時癱瘓。 [16] 據美國中央情報局透露的發生在2007年針對美國公用電力網的多起網絡襲擊事件表明,由於擔心會造成嚴重的社會恐慌,電力公司的負責人甚至不願談及這些事件的風險。
此外,網絡空間的開放性特徵使網絡襲擊一旦發生,其影響範圍將具有擴散性。 2013年4月,黑客竊取了美聯社的推特賬號,發布了美國總統奧巴馬在白宮的一次爆炸中受傷的虛假消息。幾分鐘後,美聯社官方使用另一個推特賬號聲明之前的賬戶已被盜。白宮發言人也通過廣播澄清奧巴馬總統沒有受傷。但已有很多人看到了被盜推特賬號發布的消息,該事件導致道瓊斯工業指數和S&P500指數雙雙下挫,之後兩個交易指數又快速反彈。據稱美聯社的推特賬號有200萬受眾,其發布的即時消息影響力十分巨大。 [17] 這一事件也給美國政府敲響了警鐘,一起簡單的賬戶被盜事件很可能引發一場金融恐慌,從而嚴重擾亂社會秩序。
網絡衝突治理的上述新特點產生了嚴重的後果。行為體的多樣性使人們很難在短時間內轉變觀念,克服認知差異與分歧;網絡攻擊手段的不斷革新使國際法律制度和威懾很難發揮作用;而後果的難以預測則加重了國家間的相互猜疑。這些因素將嚴重阻礙網絡空間衝突治理機制的形成並發揮作用。
二、網絡空間衝突治理機制的困境
網絡空間衝突與傳統意義上的國際衝突有很大差異。現行全球治理機制的主要行為體是主權國家,它們在對傳統武裝衝突理解和認知的基礎上提出一系列管控規則。但在網絡空間中,對非國家行為體的行為進行有效規範在法律和道德方面是一個空白。而“結構性困境”等現實問題也加劇了網絡空間衝突治理的難度。
(一)認知分歧阻礙有效治理
當前,各國對網絡安全核心概念的理解以及對網絡安全事件的歸因(attribution)和認定都存在深刻分歧。例如,美、英、日、德、法和歐盟等都制定了網絡安全戰略,通過對比可以發現,各方對“網絡空間”、“網絡安全”、“網絡戰爭”等核心概念的界定存在明顯差別。 [18] 在網絡空間中,如何確定一些行為已經違反了國際法基本準則,並可以實施武力打擊?個人和組織是否可以成為國家發動網絡進攻的目標?如何界定網絡空間的國家主權?對
注释:
[①] Abraham D. Sofaer, David Clark, Whitfield Diffie, “Cyber Security and International Agreements,” in Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy, Washington, D.C.: The National Academies Press, 2010, pp. 179-180.
[②] Richard A. Clarke and Robert Knake, Cyber War: The Next Threat to National Security and What to Do about It, New York: Harper Collins, 2010, p. 10.
[③] 樊高月、赵力昌主编:《不流血的战争:网络攻防经典之战》,解放军出版社2014年版,第117页。
[④] Craig B. Greathouse, “Cyber War and Strategic Thought: Do the Classic Theorists Still Matter?” in Jan-Frederik Kremer and Benedikt Muller, eds, Cyberspace and International Relations: Theory, Prospects and Challenges, Verlag Berlin and Heidelberg: Spinger, 2014, p. 23.
[⑤] Kelley Beaucar Vlahos, “Special Report: The Cyberwar Threat from North Korea,” Fox News, February 14, 2014, http://www.foxnews.com/tech/2014/02/14/cyberwar-experts-question– north-korea-cyber-capabilities.
[⑥] 丛培影、黄日涵:《网络恐怖主义对国家安全的新挑战》,载《江南社会学院学报》2012年第2期,第2页。
[⑦] John Leyden, “Polish Teen Derails Tram after Hacking Train Network,” The Register, January 11, 2008, http://www.theregister.co.uk/2008/01/11/tram_hack/.
[⑧] Kelvin P. Chilton, “Cyberspace Leadership Towards New Culture, Conduct and Capabilities,” Air & Space Power Journal, Fall 2009, p. 7.
[⑨] Kenneth Lieberthal and Peter W. Singer, “Cybersecurity and U.S.-China Relations,” Brookings Institution, February 23, 2012, http://www.brookings.edu/~/media/research/files/papers/ 2012/2/23 cybersecurity china us singer lieberthal/0223_cybersecurity_china_us_lieberthal_singer_pdf_english.pdf.
[⑩] Erik M. Mudrinich, “Cyber 3.0: The Department of Defense Strategy for Operating in Cyberspace and Attribution Problem,” The Air Force Law Review, Vol. 68, p. 181.
[11] William J. Lynn, “Defending a New Domain: The Pentagon’s Cyber Strategy,” Foreign Affairs, September/October 2010, Vol. 89, No. 5, p. 97.
[12] 樊高月、赵力昌主编:《不流血的战争:网络攻防经典之战》,第123页。
[13] Jerusalem Post, “Stuxnet Specifically Targeted Iranian Nuclear Program,” The Jerusalem Post, November 20, 2010, http://www.jpost.com/Iranian-Threat/News/Stuxnet-specifically– targeted-Iranian-nuclear-program.
[14] Paul A. Matus, “Strategic Impact of Cyber Warfare Rules for the United States,” Homeland Security Digital Library, March 23, 2010, http://www.handle.dtic.mil/100.2/ADA522001.
[15] 《源代码之战》,载《国际金融报》2011年8月1日,第4版,http://paper.people.com.cn/ gjjrb/html/2011-08/01/content_885812.htm?div=-1。
[16] Michael J. Glennon, “State-level Cybersecurity,” Policy Review, February/March, 2012, p. 85.
[17] “Hacked AP Twitter Account Sends Dow Jones Down,” Southern California Public Radio, April 24, 2013, http://www.scpr.org/programs/airtalk/2013/04/23/31465/hacked-ap-twitter-account -sends-dow-jones-down/.
[18] 蒋丽、张晓兰、徐飞彪:《国际网络安全合作的困境与出路》,载《现代国际关系》2013年第9期,第56页。
[19] Yoram Dinstein, “Cyber War and International Law: Concluding Remarks at the 2012 Naval War College International Law Conference,” International Law Studies, Vol. 89, 2013, p. 284.
[20] Duncan B. Hollis, “Why States Need an International Law for Information Operations,” Lewis & Clark Law Review, Vol. 11, No. 4, 2007, pp. 1023-1024.
[21] Scott W. Beidleman, “Defining and Deterring Cyber War,” Military Technology, Vol. 11, 2011, p. 60.
[22] 顾德欣编:《战争法概论》,国防大学出版社1991年版,第9页。
[23] William Lynn, “Cyber Security,” Speech at the Center for Strategic and International Studies, June 15, 2009.
[24] “Fact Sheet: U.S.-EU Cyber Cooperation,” The White House Office of the Press Secretary, March 26, 2014, https://www.whitehouse.gov/the-press-office/2014/03/26/fact-sheet-us-eu-cyber– cooperation.
[25] “Fact Sheet: U.S.-United Kingdom Cybersecurity Cooperation,” The White House Office of the Press Secretary, January 16, 2015, https://www.whitehouse.gov/the-press-office/2015/01/16/ fact-sheet-us-united-kingdom-cybersecurity-cooperation.
[26] Franz-Stefan Gady, “Japan and the United States to Deepen Cybersecurity Cooperation,” The Diplomat, June 2, 2015, http://thediplomat.com/2015/06/japan-and-the-united-states-to– deepen-cybersecurity-cooperation.
[27]“China, Russia to Sign Information Security Pact: Report,” The Brics Post, October 21, 2014, http://thebricspost.com/china-russia-to-sign-information-security-pact-report/#.Vg4sYi-hdMs.
[28] 复旦国务智库编:《增量改进——全球治理体系的改进和升级》,复旦全球治理报告2014,复旦大学国际关系与公共事务学院,2014年,http://www.sirpa.fudan.edu.cn/_upload/arti cle/8e/7e/f72c6ae04f998c052fe4230493c5/b3ef8190-df38-40fb-829f-1a0c6f6f49a5.pdf,第36页。
[29] Salma Shaheen: “Offense-Defense Balance in Cyber Warfare,” in Jan-Frederik Kremer and Benedikt Muller, eds., Cyberspace and International Relations, Berlin: Springer, 2014, p. 91.
[30] Jon R. Lindsay: “The Impact of China on Cybersecurity,” International Security, Vol. 39, No. 3, 2014, p. 27.
[31] 《俄联邦委员会拟利用“白色黑客”应对网络攻击》,人民网,2014年1月26日,http://world.people.com.cn/n/2014/0126/c157278-24226902.html。
[32] “The Chinese Cyber Threat: Challenges and Solutions,” AEI, July 22, 2015, http://www.aei.org/events/the-chinese-cyber-threat-challenges-and-sollutions/.
[33] “Cyber Security and International Law,” Chatham House, May 29, 2012, https://www. chathamhouse.org/sites/files/chathamhouse/public/Research/International Law/290512summary.pdf.
[34] 黄日涵:《网络战山雨欲来 安全困境亟须破局》,载《中国社会科学报》2014年12月10日,第B02版。
[35] 《联合国互联网治理论坛(IGF)简介》,国家工信部网站,2008年2月21日,http://www.miit.gov.cn/n11293472/n11295361/n11296722/11642344.html。
[36] Mark Ballard, “UN Rejects International Cybercrime Treaty,” ComputerWeekly.com, April 20, 2010, http://www.computerweekly.com/news/1280092617/UN-rejects-international-cyber crime-treaty.
[37] 毛雨:《北约网络安全战略及其启示》,载《国际安全研究》2014年第4期,第112页。
[38] 王孔祥:《网络安全的国际合作机制探析》,载《国际论坛》2013年第5期,第4页。
[39] Joseph S. Nye, Jr, “From Bombs to Bytes: Can Our Nuclear History Inform Our Cyber Future?” Bulletin of the Atomic Scientists, 2013, Vol. 69, No. 5, p. 13.
[40] 《共同构建和平、安全、开放、合作的网络空间 建立多边、民主、透明的国际互联网治理体系》,人民网,2014年11月20日,http://politics.people.com.cn/n/2014/1120/c1024– 26057363.html。
[41] 丛培影、黄日涵:《中国网络治理模式的世界意义》,光明网,2014年12月15日,http://theory.gmw.cn/2015-12/15/content_18098761.htm。
[42] 《中华人民共和国网络安全法(草案)》,中国人大网,2015年7月6日,http://www.npc. gov.cn/npc/xinwen/lfgz/flca/2015-07/06/content_1940614.htm。
[43] 《中俄等国向联合国提交“信息安全国际行为准则”文件》,新华网,2011年9月13日,http://news.xinhuanet.com/2011-09/13/c_122022390.htm。
[44] Patrick Goodenough, “U.S., China Among 15 Countries Agreeing U.N. Charter Applies in Cyberspace,” CNS News, June 10, 2013, http://cnsnews.com/news/article/us-china-among-15– countries-agreeing-un-charter-applies-cyberspace.
[45] 《习近平在第二届世界互联网大会开幕式上的讲话》,新华网,2015年12月17日,http://news.xinhuanet.com/zgjx/2015-12/17/c_134925295.htm。