● Cognitive domain warfare focuses on full-dimensional attacks, including both cognitive penetration in “peacetime” and cognitive coercion in “wartime”.
● Wartime cognitive domain operations are carried out around the achievement of military objectives, and are implemented in coordination with military operations and support each other.
●In cognitive domain warfare, as the sound of gunfire fades away, the clarion call for a new round of cognitive domain warfare may sound again, and there can be no slackness.
Cognitive domain operations are confrontations conducted at the level of consciousness and thinking. Through selective processing and transmission of information, it influences judgments, changes concepts, and competes for people’s hearts, thereby guiding the reality to develop in a direction that is beneficial to oneself. From the perspective of cognitive shaping, cognitive domain operations focus on full-dimensional attacks, including both cognitive penetration in “peacetime” and cognitive coercion in “wartime”. Therefore, cognitive domain operations do not have a clear boundary between peace and war; at the same time, according to the needs of political or military purposes, its targets can be individuals, organizations, and even countries. Therefore, cognitive domain operations should establish the concept of peacetime and wartime integration, military-civilian integration, cross-domain integration, and joint victory, and sort out basic tasks accordingly.
Focus on the layout tasks of ideology
Ideology is “a system of thought that systematically and consciously reflects the social and economic forms and political systems”. Ideology determines the rational foundation of cognition and has distinct camp characteristics. Although ideology covers all aspects of social life, in the confrontation between countries or political groups, the struggle around belief guidance, attitude acquisition, and concept assimilation is particularly fierce, becoming the focus of cognitive domain operations.
Shaping and guiding political cognition, seizing the initiative to break and establish beliefs. The confrontation between countries or political groups is not only a confrontation of national strength, but also a confrontation of national will, and the confrontation of political beliefs bears the brunt. Shaping and guiding political cognition aims to consolidate or destroy political consensus, strengthen or shake political beliefs, and expand or disintegrate political camps. In cognitive domain operations, through the cognitive guidance of various aspects such as the legitimacy of the ruling party, the rationality of political ideas and systems, and the health of the political ecology, cultivate feelings such as recognition or denial, support or hatred of political positions, beliefs, and practices, and lay a political cognitive layout that is beneficial to oneself and detrimental to the enemy. Political cognition is related to the survival foundation of a country or organization, and is the primary focus of cognitive domain operations.
Shape and guide war cognition, seize the leadership of war attitude. A country can live without war but cannot live without war awareness. War cognition is the basis for the formation and development of will, concept, psychology, and thinking of individuals, organizations, and countries in the war cycle. Through the guidance of cognition of the nature, properties, and legal concepts of war, it is a key issue to build a war cognition thinking system, guide the evaluation trend of the rationality, justice, and legitimacy of war, promote the formation of support or opposition to the possible war, and regulate the fluctuation of the willingness to assume war obligations. War cognition affects war attitude, and the struggle for control over it is a task that must be taken seriously in cognitive domain operations.
Shape and guide value cognition, and seize the control of emotional will. Values affect people’s judgment of beauty, ugliness, right and wrong, and social behavior orientation. In terms of identifying things and judging right and wrong, people’s emotions always tend to support propositions with similar values. Value cognition permeates every corner of life. Through the dissemination of ethical and moral concepts, standards of beauty, ugliness, good and evil, and literary and artistic viewpoints, the competition for the right to guide value concepts, the right to guide life patterns, and the right to judge traditional inheritance is frequent and fierce. In real life, different values often penetrate and entangle with each other. The essence of shaping and guiding value cognition is to strive for the recognition of social emotions, which is a regular task of cognitive domain operations.
Focus on the social psychology of the task of creating momentum
Social psychology provides a perceptual and experiential basis for cognition, and it is formed on the basis of daily life, social activities, practical insights, etc. Social psychological guidance often promotes unpredictable changes in the real situation. It is one of the common modes of confrontation between the two sides, especially in non-military conflict periods, and it is also a task that must be taken seriously in cognitive domain operations.
Guide national psychology and regulate national emotions. National psychology is one of the social psychology that is most likely to cause conflict and confrontation. Attacking national self-esteem can breed national inferiority complex and easily split and disperse. Improving national self-esteem can enhance national cohesion, but the expansion of national self-esteem can easily lead to extreme racism, national chauvinism, etc.; the differences in status, interests, culture, customs, and life among different ethnic groups within the country provide opportunities for people with ulterior motives to stir up national confrontation, while the same living space and cooperation process lay the foundation for eliminating prejudice and even cohesion and tolerance among ethnic groups. The result depends on cognitive guidance. National psychological guidance is sensitive and easy to get out of control, which has a direct impact on social stability. It is a task that needs to be focused on in cognitive domain operations.
Guide group psychology and increase or decrease opposition awareness. Groups generally refer to people of the same kind, such as ethnic groups, regions, classes, professional groups, and even civil groups, non-governmental organizations, etc. If groups are subjectively defined based on the standard of “convergence”, then the “differences” between groups exist objectively. This difference may be political or economic status, or it may be cultural ideas, regional concepts, or other. Guiding the cognition of differences to promote the opposition psychology of different groups such as party opposition, regional opposition, professional opposition, and rich-poor opposition will not only damage the internal unity of the country, but also accumulate and increase the dissatisfaction of all sectors of society with the political authorities, laying the groundwork for instigating social unrest and division. In cognitive domain operations, attention needs to be paid to this kind of social psychology.
Guiding individual psychology and influencing social emotions. In cognitive domain operations, individual psychological guidance is divided into two situations. One is the psychological guidance of important figures, such as sensitive professionals, social intellectuals, academic elites, successful business people, etc. The struggle for their political stance, emotional attitude, etc. is an issue that both sides of the confrontation need to focus on. The other is the use of phenomena that easily trigger individual psychological resonance. For example, in public crises, major accidents, natural disasters, and even some criminal incidents and emergencies in life, intentionally guiding certain emotions may cause group polarization due to the individual’s herd effect, thereby causing changes in public opinion and even social unrest. Both aspects are content that cognitive domain operations need to pay attention to.
Targeting the critical task of wartime cognition
Cognitive domain operations precede military operations and end with them. In wartime, cognitive domain operations are carried out around the achievement of military objectives, coordinated with military operations, and mutually supportive, with the characteristics of violent coercion. In this stage of cognitive domain operations, “offensive” and “defensive” actions are carried out simultaneously, with the combined effects of weapons and propaganda, and the emergence of “enticement”, “attack”, “cheating”, and “control”. This is the key stage of cognitive domain operations.
Attack the enemy’s mind and induce cognition. Cognitive attacks in wartime are mainly carried out to weaken the enemy’s will to resist and induce the enemy to make wrong decisions. Targeted attacks are used to shake the enemy’s will to resist and front-line commanders and fighters, and information deception interference is used to induce decision-making; for armed forces, which are mainly military forces, the use of force to deter and deter is dominant, and the use of public opinion warfare and other style actions and emerging technical means are used to shake their belief in participating in the war, cause panic, undermine their military morale, and dominate their action patterns; for social support forces, strong information is delivered through large-scale military exercises, equipment tests, and propaganda on the lethality of weapons to undermine confidence, induce panic through selective target strikes and the dissemination of battle conditions, and seek understanding through publicity of one’s own humanitarian actions in the war and related international comments.
Build a strong defense line, gather hearts and minds to control the situation. The focus of cognitive defense in wartime is to build a strong defense line of “heart”, “will” and “intelligence” to prevent the loss of fighting spirit under the stimulation of drastic changes in the situation or environment. Education and publicity are the basic ways of cognitive defense in wartime. For the participating forces, stimulate enthusiasm for participation through mobilization and incentives, clarify the truth by refuting rumors, establish the belief in victory by publicizing the results of the war, mobilize morale by setting up models, etc.; for the supporting forces, establish a sense of mission, responsibility and obligation for the whole people through education and publicity on the justice, rationality and legality of the war, stimulate the psychology of common hatred of the enemy by exposing the enemy’s brutal behavior, and stimulate enthusiasm for supporting operations by publicizing the deeds of local participation in the war and supporting the front, etc.
Expand the camp and eliminate hidden dangers. Creating a favorable cognitive atmosphere and providing support for the expansion of one’s own camp is an important aspect of cognitive domain operations during wartime that must be done. In particular, although the pursuit of international support forces is mainly based on political and diplomatic activities, the widespread spread of one’s own positions, ideas, attitudes, etc. often leads to changes in international civil attitudes, which in turn affects decision-making at the political level and provides support for the expansion of one’s own camp. In addition, cognitive domain operations during wartime have an important task that runs through the entire war, that is, to eliminate the adverse hidden dangers caused by various accidents in the war. Especially in the later stages of the war, as the destructive effects of the war appear and spread, people’s cognitive systems will inevitably be repeatedly impacted by different information. During this period, ideological guidance, social psychological shaping, and individual psychological counseling are needed to ensure the consolidation of the results of the war. In cognitive domain operations, as the sound of gunfire dissipates, the horn of a new round of cognitive domain operations may sound again, and there must be no slackness.
美军网络作战武器装备研发始终按照军商民结合、兼收并蓄的方法进行。网络空间作战装备与常规作战装备不同,其主要是以代码为基础、以设计为核心的研制生产形式,供应链的层级关系并不明晰。如今,美国具有以美国国防部高级研究计划局(Defense Advanced Research Projects Agency,DARPA)为核心的军方研究力量,以诺斯罗普·格鲁曼、雷声、洛克希德·马丁等传统防务公司为主,互联网、电子、软件、信息安全等领域公司兼收并蓄的研制力量。
From the perspective of the construction of cyberspace combat forces in major countries in the world, the U.S. military, as the first army to publicly announce the construction of cyberspace combat forces, has relatively strong strength and has carried out cyberspace combat operations many times in war practice. Organizations and countries such as the European Union and Russia have also launched cyberspace combat force building and carried out some actual combat operations. The study and analysis of the successful experience and practices of the major countries and regions in the world in the construction of military cyberspace combat forces has important reference and enlightenment significance for the development of cyberspace in my country.
With the rapid development of network information technology and its wide application in the military, cyberspace has become an emerging combat domain following the four domains of land, sea, air, and space, and cyberspace operations have also become an inseparable and important component of all-domain joint operations part, and become the key to gaining and maintaining the operational initiative, control and victory. The United States, Russia, Japan and other major countries in the world have formulated cyberspace security and development strategies, established cyberspace combat forces, and developed advanced network technologies and weapons and equipment, stepping up to seize this new strategic commanding height.
The United States leads the construction of cyberspace
Whether it is cyberspace concept and theoretical research, or other related technology research and application practice, the United States is the source and leader of cyberspace development, driving the development of cyberspace in various countries and regions. The U.S. military’s cyber force is the earliest “established” cyber combat force in the world. It has gone through stages such as the establishment of defense during the Clinton era, cyber counter-terrorism during the Bush era, simultaneous deterrence and war during the Obama era, and “forward defense” during the Trump administration. It has developed into a network combat force with 133 network task teams and tens of thousands of people in various services.
1.1 Strengthening the strategic deterrent position
In order to compete for the control and development of cyberspace, the United States actively responds to the new requirements of changes in the shape of future wars, and establishes cyberspace as an emerging combat domain alongside land, sea, air, and space, and places it as a strategic deterrent. Strategic Position.
The important strategic documents related to cyberspace promulgated by the United States are shown in Table 1. In 2011, the United States successively issued three major strategic documents, the “International Strategy for Cyberspace”, the “National Strategy for Trusted Identity in Cyberspace” and the “Strategy for Cyberspace Operations of the Department of Defense”. The use and control of cyberspace has been elevated to a basic national policy.
In recent years, based on competition among major powers, the U.S. military has further enhanced its strategic position in cyberspace, and a combat system structure for cyberspace operations has basically taken shape. In 2018, the U.S. military successively released the new version of the “DoD Cyber Strategy” [1] and the “Cyberspace Operations” joint doctrine, clarifying that cyberspace operations themselves can be used as an independent combat style to achieve tactical, operational or strategic effects, and can also be integrated with other fields. The integration of combat styles improves the effectiveness of joint operations through coordinated operations; in 2020, the U.S. Cyberspace Sunbathing Committee released the “Warning from the Future” report, proposing the “defense forward” strategy, and recommending that the U.S. Department of Defense expand it to the national level , the strategy is a national cyberspace layered deterrence strategy based on continuous confrontation as the main mode of action, and behavior shaping, benefit denial, and cost imposition as the fundamental approaches.
1.2 The leadership system has a clear division of labor
The United States divides its national cyber security business into four parts: homeland security business, national defense business, intelligence business, and law enforcement business, as shown in Figure 1. Among them, the homeland security business is dominated by the Department of Homeland Security, which is mainly responsible for coordinating the cyberspace security of important infrastructure and protecting government and commercial networks and systems; the national defense business is dominated by the Department of Defense, led by the US Cyber Command, and various military services provide troops It has three major functions of attack, defense, and military information infrastructure operation and maintenance management. It is the core of the US cyber security force; the intelligence business is dominated by the National Security Agency, which is mainly responsible for detecting malicious activities in foreign cyberspace. The Ministry of Defense provides capability support; criminal law enforcement involves multiple departments including the Department of Justice and its subordinate agencies.
Table 1. Important strategic documents related to cyberspace promulgated by the United States
Figure 1. Management and coordination framework of cyberspace organizations in the United States
The U.S. Cyber Command was established in 2009 and was originally affiliated to the U.S. Strategic Command. In August 2017, the U.S. Cyber Command was upgraded to the 10th independent U.S. Joint Operations Command, and the responsibility for combat command was assigned to the Cyber Command. And the director of the National Security Agency also serves as the commander. For the U.S. military’s network operations, especially operations with high real-time requirements, this move straightens out the command and control relationship. The organizational relationship between the upgraded U.S. Cyber Command and other agencies is shown in Figure 2.
Figure 2. The organizational relationship between the upgraded US Cyber Command and other agencies
The U.S. Cyber Command is under the command of the President and Secretary of Defense of the United States, and has operational control over the headquarters of the National Cyber Mission Force, the Headquarters of the Joint Cyberspace Forces, the Headquarters of the Cyberspace Forces of the Services, and the Headquarters of the Joint Forces of the Department of Defense Information Network; Mission detachments, combat detachments, protection detachments and support detachments have operational control.
During the operation, the U.S. Cyber Command conducts cyber operations in accordance with the instructions of the U.S. President and Secretary of Defense, implements operational control over its subordinate forces, and provides customized force packages to the Joint Operations Command for support. The force package is composed of cyber combat forces, combat support personnel and other cyberspace forces under the Cyber Command. Cyber Command maintains operational control of force packages and delegates operational control to subordinate commands as appropriate. The commander receiving the force package has tactical control over the timing and tempo of cyberspace operations.
1.3 Large scale of organizational strength
The U.S. military’s cyber force is the first established “organized” cyber combat force in the world. It has long recruited cyber talents, formed a cyber force, and held secret exercises. At present, the U.S. military has basically formed a general pattern in which the Cyber Command is responsible for operations, and the military services and the Defense Information Systems Agency and other Ministry of Defense business bureaus are responsible for the construction. Different from the land, sea, and air combat domains, the particularity of the cyberspace combat domain requires that the two chains of management (military administration) and operations (military orders) must cooperate more closely.
The U.S. military’s cyberspace strategic combat force is mainly composed of 133 cyber mission teams under the Cyber Command, with about 6,200 active duty and civilian personnel. According to the instructions of the Ministry of National Defense in 2013, the force was formed by drawing forces from various services (41 from the Army, 40 from the Navy, 39 from the Air Force, and 13 from the Marine Corps). It mainly performs tasks such as the operation and maintenance protection operations of the Ministry of National Defense information network, offensive cyberspace operations, and defensive cyberspace operations. The 133 cyber mission teams are organized into three types of troops: national cyber mission troops, combat mission troops, and network protection troops, according to the different types of tasks they undertake. Currently, the U.S. Cyber Task Force is expanding its scale. By 2024, 21 cyber protection teams will be formed, increasing the number of cyber task teams to 154.
The cyberspace tactical combat force of the U.S. military is mainly composed of the cyberspace forces of the four major cybercommands of the Army, Navy, Air Force, and Marine Corps under the U.S. Cyber Command (the total number is about 80,000 people), and they are responsible for network protection and combat support of various services. The mission provides support for the offensive, defensive, and operation and maintenance operations of the cyber mission force in joint operations. The network commands of various services are also stepping up the expansion and integration of network combat forces to provide support for the operations of network mission forces and the network protection of various services.
1.4 Comprehensive combat capability system
In terms of equipment research and development, the U.S. military adheres to the principle of “building while using, and integrating construction and use”, continuously intensifies the research and development of cyber warfare weapon systems and equipment, and conducts research on key technologies for cyber warfare. A number of research programs have been carried out in early warning, command and control, and training and evaluation, and tens of billions of dollars have been invested in the research and development of various cyberspace combat equipment, thereby promoting and improving the level of network combat technology, enhancing service support capabilities and operational capabilities. efficiency.
The most representative equipment for network defense includes “network deception” system, “cyber wolf” software system, network attack alarm system and network vulnerability scanner. At the same time, the US military also attaches great importance to the application of the concept of “active network defense”. It has promoted the rapid development of network attack traceability technology. Cyber attacks include a variety of powerful computer viruses such as “Stuxnet” and “Flame”; battlefield cyber attacks are more representative of the Air Force’s “Shuter” system and the Navy’s EA-18G “Growler” aircraft. Reconnaissance perception has the ability to obtain information such as enemy communications, content, network protocols, hardware addresses, passwords, identity authentication processes, and network vulnerabilities. Programs such as “Einstein” and “Prometheus” have formed large-scale intelligence production capabilities and are trying to build a global cyberspace situational awareness system.
1.5 Equipment research and development forces are all-inclusive
The research and development of the U.S. military’s network combat weapons and equipment has always been carried out in accordance with the method of combining military, commercial and civilian, and inclusive. Cyberspace combat equipment is different from conventional combat equipment. It is mainly a code-based, design-centric development and production form, and the hierarchical relationship of the supply chain is not clear. Today, the United States has a military research force with the Defense Advanced Research Projects Agency (DARPA) as the core, and traditional defense forces such as Northrop Grumman, Raytheon, and Lockheed Martin. The company is the mainstay, and the company has an eclectic research and development force in the fields of Internet, electronics, software, and information security.
The cyberspace research directions of the U.S. military, government scientific research institutions, and traditional defense companies usually cover one or more aspects of cyberspace reconnaissance (situational awareness), surveillance, attack, defense, test verification, and comprehensive integration; while the Internet, electronics, Companies in the fields of software and information security carry out cyberspace technology research and equipment development and production in their respective fields. In addition, since the research and development products of cyberspace combat equipment are mainly software, which is a logical layer product, this has led to a blurred boundary between basic research in cyberspace and equipment development and production. Teams and individuals are also an important part of the US cyberspace industry. Figure 3 shows the main power structure of cyberspace R&D and production capabilities.
Figure 3 The main force structure of US cyberspace R&D and production capabilities
Among them, large and medium-sized military enterprises are the backbone of the research and development of the US cyberspace equipment subsystem/subsystem/technical field. In recent years, the traditional large and medium-sized military enterprises in the United States have rapidly entered the field of network security through “mergers and reorganizations” as the main means, and formed several companies such as Northrop Grumman, Raytheon, Boeing, and Lockheed Martin. Comprehensive companies are the leading network security defense industry. In the bidding of DARPA and various military cyberspace projects, these large and medium-sized military enterprises usually occupy the position of main contractors.
2 Europe follows closely behind
The European cyberspace industry started later than the United States, mainly focusing on research on cyberspace defense and cyberspace security issues. In recent years, European governments and national defense/electronic companies have also invested in the field of cyberspace security. Through the gradual improvement of strategic policies, public-private alliances, and guidance of cyberspace technology research and development, a network that spans the entire Europe and other countries and regions has been initially formed. Cyberspace defense system. Specifically, it is manifested in the following levels.
At the level of research and development, European countries not only follow the lead of the United States, but also rely on NATO, the European Union and other transnational platforms to achieve integration and complementarity within Europe and between Europe and the United States, and finally formed a cyberspace security capability with both commonality and characteristics, second only to the United States .
At the level of organization and management, since most European countries are small in scale and easy to manage, they have achieved a relatively efficient, integrated, and powerful cyberspace management mechanism. At the same time, due to the large number of European countries and the existence of competition, there are sometimes obstacles to the implementation of national-level cooperation on cyberspace security.
At the level of system research and development, due to the very high level of digitalization, softwareization, and networking in many European countries (even higher than the United States), they are facing great pressure in cyberspace defense just like the United States. Therefore, their cyberspace development is to ensure cyberspace Safety first. In recent years, under the guidance of cyberspace thinking that focuses on defense, the research and development of cyberspace technology, especially cyberspace security technology, has been gradually strengthened. Expand investment and deployment in the field. When countries are investing in the cyberspace security market one after another, the cyberspace security products of some major European countries have already occupied a relatively large market share and opened up a certain scale of global market.
Russia’s cyberspace development ideas are unique
Compared with Western countries, Russia has always paid attention to comprehensive and large-scale information space, and has not conducted in-depth and systematic research on cyberspace as a subdomain of information space like the United States. However, due to Russia’s long-term attention to the field of information security and industrial accumulation, it has a good foundation in the field of cyberspace. Specifically, it is manifested in the following levels.
At the level of strategic planning, Russia has issued a series of legal documents aimed at protecting information security in all aspects of the country, such as the “Russian Federation Information Security Doctrine”, “Russian Social Information Development Strategy”, etc., but in the existing legal documents, it does not cover The relational system between information space and cyberspace, the term “cyber security” is not separated from the concept of “information security”. With the continuous increase of network security risks, Russia has focused on the protection of cyberspace security on key information infrastructure since 2010, and successively promulgated “Conceptual Viewpoints of Russian Federation Armed Forces in Information Space Activities” and “2020 Legal documents such as the National Policy Framework in the Field of International Information Security of the Russian Federation, the Strategic Conception of the Russian Federation Network Security (Draft), the Doctrine of Information Security of the Russian Federation (Second Edition) and the Law on the Security of Key Information Infrastructures of the Russian Federation It expounds Russia’s strategic goals to promote the development of cyberspace at multiple levels, as well as the important measures implemented to protect key information infrastructure and guide the development of cyberspace. At the organizational level, in August 2013, the Russian government announced the formation of a specialized information warfare agency under the Russian Armed Forces, and decided to form a cyber security command and a new agency of the armed forces, with the aim of improving the country’s cyber combat capabilities.
At the level of application practice, the “Network Commander’s Handbook” published by the United States in 2010 shows that the only example of global network operations is the information network attacks that occurred in Estonia, Georgia, and Kyrgyzstan from 2007 to 2009. These three small-scale attacks They are all done by Russia. It can be considered that Russia has unique practical experience in the field of network security.
In terms of research and development capabilities, Russia has a network security defense company with outstanding strength. For example, Kaspersky Lab is an important company in the field of global information security, and the “Russian Technological Information” company under the Rostec Group is also a core network security company in Russia. because
Transparency is limited, and it is difficult to find Russian companies capable of researching and developing cyber attack equipment from public channels, but this does not mean that Russia does not have such capabilities. In addition, Russian hacker organizations enjoy a “famous reputation” around the world. Research, production and trade of equipment.
4 Japan set off a wave of cyberspace development
Japan is one of the countries with the most advanced information technology in the world. At the same time, it is also subject to more and more cyberspace threats ranging from targeting individuals to public sectors and infrastructure. Therefore, Japan has long paid attention to cyberspace security issues. Japan classifies these threats under the umbrella of “information security” and established the National Information Security Center in 2005 to address the threat. As the concept of “cyberspace” proposed by the United States has been widely accepted, Japan also began to emphasize “cyberspace” at the national level around 2010, and regarded cybersecurity as an important issue affecting national security. Specifically, it is manifested in the following levels.
At the level of strategic planning, in 2013, the Japanese government issued the first “Network Security Strategy”, which promotes the construction and development of network security at the national level, and clearly proposes to build Japan into a powerful country in network security. In August 2015 and July 2018, the Japanese government successively issued two upgraded versions of the “Cyber Security Strategy”, mainly to prepare for the network security protection of the 2020 Tokyo Olympic and Paralympic Games.
At the organizational level, in 2010, the Japanese Defense Agency established a “cyber warfare force” of about 5,000 people composed of computer experts from the land, sea, and air self-defense forces to specialize in the attack and defense of network systems. The main task of Japan’s “cyber warfare forces” is to develop transnational “cyber weapons” that can destroy the network systems of other countries, and undertake tasks such as self-defense force computer network system protection, virus removal, and program repair; develop tactical “cyber weapons” “, and study the relevant tactics of cyber warfare; support the anti-hacking organization and anti-virus intrusion tasks of the “Network Special Attack Team”. International researchers pointed out that from the Japanese “cyber warfare forces”, we can see the shadow of the US military’s “super hacker force”.
At the level of application practice, Japan pays more attention to the actual combat background in network offensive and defensive exercises, so as to improve the practicality and pertinence of the exercises. In the “March 18” exercise in 2014, the preset scenario was that Japan’s key infrastructure encountered cyber attacks during the 2020 Tokyo Olympics. In the “Yamazakura” joint exercise held by Japan and the United States in 2019, the preset scenario was that Tokyo and the southwest region of Japan were attacked by missiles and other events concurrently. The exercise aimed to test the operation of the command and control system under cyber and electromagnetic attacks situation and study countermeasures.
At the level of system research and development, Japan emphasizes “both offense and defense” in building a network combat system, allocates a large amount of funds to invest in network hardware and “network warfare troops”, and establishes a “defense information communication platform” and a “common computer system platform” respectively. It facilitates the mutual communication and resource sharing of various organs and military network systems of the Self-Defense Force.
5 Apocalyptic Suggestions
From the perspective of the construction of cyberspace combat forces in major countries in the world, major countries and organizations in the world, such as the United States, Russia, Japan, and the European Union, have continuously strengthened military cyberspace operations through strategic planning guidance, organizational structure construction, combat force formation, and system equipment research and development. This has certain reference significance for the development of my country’s cyberspace.
5.1 Deepen the top-level design and enhance the strategic position of cyberspace
Cyberspace has greatly extended and expanded the boundaries of national interests. The Internet has increasingly become the basic platform for national political, economic, cultural and social activities, the lifeblood of the real economy and the nervous system on which the entire society depends. It can be seen that network security is not only a security issue of the network itself, but its impact has radiated to all aspects of national security and national interests. Therefore, it is necessary to plan and deploy the country’s network security issues from the national strategic level. my country should learn from the experience of foreign cyberspace strategies, formulate cyberspace strategies at the national level, strengthen cybersecurity legislation, build an international cooperation system, and plan and deploy national cybersecurity development as a whole at the national level.
5.2 Consolidate the foundation of capabilities and develop cyberspace countermeasures
In recent years, with the advancement of my country’s informatization construction and the comprehensive popularization of national network infrastructure equipment, network security threats from home and abroad have shown a trend of diversification, complexity, and frequent occurrence, posing a major threat to China’s cyberspace security, leading to my country’s Important information systems of government agencies and critical infrastructure may face security risks such as large-scale leakage of sensitive information and paralysis of information systems. In order to ensure the integrity and availability of cyberspace information infrastructure, it is necessary to improve its survivability, respond quickly to cyber threats, and initiate attacks at the right time. Based on this, our country must proceed from the aspects of theory, technology, and talents to consolidate the foundation of cyberspace capabilities and provide guarantees for possible cyberspace confrontation and defense in the future.
5.3 Strengthen strength building and build a cyberspace support system
Today, cyberspace has become an emerging combat domain. It is necessary to build a powerful cyberspace combat force and seize control of this emerging combat domain in order to effectively maintain national security and development interests in cyberspace. Since the establishment of the U.S. Cyber Command in June 2009, the U.S. military has made great achievements in the construction of cyber military power, forming a strong military guarantee for U.S. cyber security, and at the same time posing a huge threat to the cyberspace of other countries. We must speed up the construction of cyberspace forces, continuously improve the cybersecurity awareness and information protection capabilities of the whole people, strengthen national defense mobilization, cultivate reserve forces, and build a network combat force system with sufficient combat capabilities, so as to effectively contain and counter the opponent’s attack on our country. cyber threat.
6 Conclusion
Cyberspace has become an important combat force for the military to seek development because of its characteristics such as not being restricted by time and space, not being constrained by combat objectives, having a wide range of sources of support for combat forces, and strong mutations in the combat process. In recent years, major countries and organizations in the world, such as the United States, Russia, Japan, and the European Union, have been committed to promoting the construction of cyberspace combat capabilities in order to seize the dominant position in this field. my country should accelerate the construction of military cyberspace forces and enhance our country’s cyberspace combat capabilities in order to seek the right to win future information warfare.
Citation format: Li Shuo, Li Zhenjing, Wang Shizhong, et al. Analysis and Enlightenment of the Development Situation of Foreign Military Cyberspace Combat Forces [J]. Information Security and Communication Secrecy, 2022(5):90-99.
US Army issued the “cyberspace and electronic warfare operations” doctrine// 中國軍事評論美國陸軍頒布《網絡空間與電子戰行動》條令
The field command FM3-12 provides instructions and guidance for the Army to implement cyberspace and electronic warfare operations using cyberspace electromagnetic activity in joint ground operations. The Fields Act FM3-12 defines the Army’s cyberspace operations, electronic warfare, roles, relationships, responsibilities, and capabilities, and provides an understanding of this to support Army and joint operations. It details how Army forces protect Army networks and data, and explains when commanders must integrate custom cyberspace and electronic warfare capabilities within military operations.
”
On the basis of the 2006 National Cyberspace Operations Military Strategy (NMS-CO), the US Joint Chiefs of Staff announced the joint publication JP 3-12 in February 2013 as an internal document. October 21, 2014 The published document for public release is Joint Publication JP 3-12(R). The order states that “the global reliance on cyberspace is increasing, and careful control of offensive cyberspace operations is required, requiring national-level approval.” This requires commanders to recognize changes in national network policies that are mandated by operations. Potential impact. On April 11, 2017, the US Army issued the field command FM3-12 “Network Space and Electronic Warfare Action” on this basis. The field war said that in the past decade of conflict, the US Army has deployed the most powerful communication system in its history. In Afghanistan and Iraq, enemies lacking technological capabilities challenge the US military’s advantages in cyberspace, and the US military has taken the lead in cyberspace and electromagnetic spectrum (EMS) operations. However, regional rivals have demonstrated impressive capabilities in a mixed-operational environment that threatens the US Army’s dominance in cyberspace and the electromagnetic spectrum. Therefore, the Order states that the integration of cyberspace electromagnetic activity at all stages of combat operations is the key to acquiring and maintaining freedom of maneuver in the cyberspace and electromagnetic spectrum, while preventing the enemy from doing so. Cyberspace electromagnetic activity can synchronize capabilities across a variety of domains and operational functions, and maximize synergies within and through the cyberspace and electromagnetic spectrum. Intelligence, signal, information operations (IO), cyberspace, space and firepower operations are critical to planning, synchronizing, and implementing cyberspace and electronic warfare operations.
The Fields Order FM3-12 supports the Joint Cyberspace and Electronic Warfare Act and the Army Doctrine Reference Publication ADRP3-0, Combat, and provides a background to define the Army’s doctrine reference publication ADRP5-0 “Operational Process” and Cyberspace and The relationship between electronic warfare operations. In order to understand the basic principles of integration and synchronization of cyberspace and electronic warfare operations, you must first read the Army’s doctrine publication ADP2-0, the Army’s doctrine reference publication ADRP2-0, the Army doctrine publication ADP3-0, and the Army doctrine reference publication ADRP3. -0, Army doctrine publication ADP5-0, Army doctrine reference publication ADRP5-0, Army doctrine publication ADP6-0, Army doctrine reference publication ADRP6-0, Army technical publication ATP2-01.3, field bar FM3-13 And FM6-0. By planning, integrating, and synchronizing cyberspace and electronic warfare operations, cyberspace electromagnetic activities can integrate functions and capabilities across operational functions, defend networks, and provide critical capabilities to commanders at all levels during joint ground operations. Cyberspace and electronic warfare operations affect all combat functions and are also affected by them.
Network space visualization operating environment of electromagnetic spectrum
The field battles present detailed tactics and procedures for Army cyberspace and electronic warfare operations. The field command replaced the field title FM3-38 dated February 2014. The Fields Order FM3-12 is an Army cyberspace and electronic warfare campaign advocacy publication. The field battles contain the basic principles and guiding principles of cyberspace operations, electronic warfare, and cyberspace electromagnetic activities in a single publication. It provides a comprehensive account of how they support and achieve action, and how to support the missions and functions of the various levels of force. The field battles laid the foundation for subordinate Army technical publications.
Cyberspace and e-war operations incorporate established joint and Army processes into operations such as intelligence processes, targeting processes, and military decision-making processes (MDMPs). The field battles explain the basic ideas of the Army’s cyberspace and electronic warfare operations. Content includes staff responsibilities, contributions to military decision-making processes, cyberspace and target work in the electromagnetic spectrum, and reliance on intelligence and operational environment readiness (OPE) in cyberspace.
The field battles describe the relationship between cyberspace operations, missions, operations, electronic warfare, electromagnetic spectrum, and each other’s actions. This elaboration also includes cyberspace electromagnetic activity, providing compliance for military forces and the following combat forces planning, integration, and simultaneous electromagnetic activities.
Schematic diagram of electromagnetic spectrum
The first chapter provides an understanding of cyberspace, cyberspace operations, missions, actions, and effects. It describes cyberspace and situational understanding, situational awareness, threats, risks, vulnerabilities, and their relationship to information and operational environments. The level and characteristics of cyberspace confirm the legal authorization applicable to cyberspace and cyberspace operations, and discuss the basic information and spectrum management functions of electronic warfare related to cyberspace and electronic warfare operations.
Chapter 2 provides information on the use of cyberspace operations and tasks, rather than day-to-day operations, pointing out that information operations, intelligence, space operations, and targeted work can affect cyberspace, electromagnetic spectrum, cyberspace operations, and electronic warfare operations. Commanders and staff officers have integrated and synchronized all of these aspects of cyberspace and electronic warfare operations.
The third chapter expounds the Army’s cyberspace electromagnetic activity and mission-style command, the role of the commander, the cyberspace with combat functions and the electronic warfare action, and discusses how to incorporate the planning elements of cyberspace and electronic warfare operations into the operational process. This includes planning, preparation, implementation, evaluation, and targeting. The discussion of the operational environment is combined with the military decision-making process, followed by an overview of the preparation requirements, implementation tactics, and how to assess cyberspace and electronic warfare operations.
Appendix A discusses cyberspace operations and various joint operations partners.
Appendix B highlights the location of cyberspace operational information in the Combat Command and Appendix 12 to Annex C. This appendix includes an example of Appendix 12 to Annex C, which describes the types of information contained in this appendix and sections.
Appendix C contains the procedures for handling cyberspace operations requests from military, military, and military units, as well as fields and information for the Cyber Operations Application Form (CERF). Blank copies of the cyber operations application form and field explanations are all part of the process.
Appendix D includes fields and information for the Electronic Attack Request Form (EARF). A blank copy of the electronic attack application form and a five-line brief with field interpretation are part of the program.
Cyberspace and Electronic Warfare Actions Directory
Preface
preface
Chapter 1 Network Space and the Basic Principles of Electronic Warfare Action
Section 1 Overview of Cyberspace and Electromagnetic Spectrum
First, the network space domain
Second, combat operations and cyberspace domain
Third, cyberspace tasks and actions
Section 2 Understanding Network Space and Environment
1. Network space and electromagnetic spectrum
Second, cyberspace and information environment
Third, the network space level
Fourth, the characteristics of cyberspace
5. Cyberspace as part of the operational environment
Sixth, risk in cyberspace
Seven, authorization
Section III Electronic Warfare Action
First, the electromagnetic spectrum action
Second, electronic warfare
Third, the application of matters needing attention
Fourth, spectrum management
Chapter 2 Relationship with Cyberspace and Electromagnetic Spectrum
I. Interdependence
Second, information operations
Third, intelligence
Fourth, space operations
V. Target determination
Chapter III Electromagnetic Activities in Cyberspace in Operation
First, the basic principle
Second, matters needing attention
Third, the role of the commander
Fourth, empower resources
V. Planning work and cyberspace electromagnetic activities
Sixth, network effect application form and target determination activities
Appendix A Integration with Unified Action Partners
Appendix B Cyberspace in Combat Commands
Appendix C Network Effect Application Form
Appendix D Electronic Attack Application Form
Thanks for compiling/reviewing: Shen Song
Article source: Zhiyuan Strategy and Defense Research Institute
Chinese Analysis of Cyber Space Deterrence – Important Strategic Points
淺析網絡空間威懾的特徵、類型和運用要點
Chinese People’s Liberation Army Academy of Military Sciences Yuan Yi
January 04, 2016
Editor’s note: When both opposing parties have the ability to ensure intrusion and damage to the other party’s network, they can bring about two-way network containment, making the two parties obliged to comply with the game rules that do not attack each other’s network under certain conditions, forming an invisible safety valve. Even international conventions or conventions that do not attack each other’s networks will be formed. The cyberspace has thus become a strategic area that can produce a huge deterrent effect. After the deterrence of cyberspace followed by nuclear deterrence, it began to enter the strategic vision of big country politicians and military strategists. Studying the characteristics, types, and points of use of cyberspace deterrence must be taken into consideration and necessary action by the Internet powers and the cyber force.
With the increasing dependence of human society on cyberspace, cyberspace has become the “second type of living space” for human production and life and the “fifth-dimensional combat space” for military confrontation. Countries around the world have fiercely competed for the dominant rights, control rights, and discourse power of cyberspace. The competition in the cyberspace has reached the level of human survival, national destiny, and success or failure of military struggles. Thinking about cyberspace deterrence capacity building has great practical and theoretical value.
First, analysis of the advantages and disadvantages of cyberspace deterrence
Cyberspace deterrence refers to the actions and actions taken in the cyberspace to demonstrate and control enemy cyberspace, and to control the enemy’s physical space through cross-domain cyberspace, so as to achieve the goal of destroying enemy forces, stopping the enemy, blocking the enemy, and preventing deterrence. A form of strategic deterrence for the enemy’s purpose. Compared with the physical space, the “virtual and real duality” of network space and the uniqueness of network warfare compared with traditional combat styles have determined that the advantages and disadvantages of cyberspace deterrence are very obvious.
(A) The advantages of cyberspace deterrence
The advantages of cyberspace deterrence are mainly reflected in the following: First, the deterrence approach has become more civilized and humane. Compared with nuclear, chemical, and chemical weapons based on physical, biological, and chemical killing mechanisms, the direct killing and destructive effects of cyber warfare weapons are much smaller than the former. Normally, they will not cause permanent damage and pollution to the natural environment, nor will they cause large numbers of people. Casualties and humanitarian disasters. Second, deterrence costs are inefficient. The network warfare weapons are dominated by viruses, Trojans and other software. The costs are relatively low, and the technical threshold is low. The destructive effects are rather alarming. The network defense points are multi-faceted, and they are hard to prevent. To increase the level of network security by one level, the input cost will increase exponentially. The contrast between the low cost of cyber offense and the high cost of cyber defense makes the offensive and defensive performance of the network a feature of “spirit shield”, and the cyber warfare weapon is thus called “the atomic bomb of the poor country”. The third is that deterrence methods are diverse and practical. The variety of cyber warfare weapons and the multiple goals of cyber attacks have determined that there are diversified cyberspace deterrent methods to choose from. The effects of cyberattacks are recoverable to a certain extent. As long as the application is properly implemented, the risk of causing war and escalating the war is relatively small. In a sense, the deterrence value of nuclear weapons is far greater than the value of actual combat, and cyber warfare weapons are both practical values and deterrence values. Fourth, the use of repeatability and deterrence is strong. Once the “nuclear threshold” crosses, a full-scale nuclear war will erupt, and the two sides at the nuclear balance will fall into a state of mutual destruction. The easy implementation of nuclear deterrence, especially nuclear deterrence against non-nuclear countries, will also be condemned by international public opinion. These factors are all The use of nuclear deterrence is greatly limited. The deterrence of software and hardware and the controllable characteristics of cyberspace deter- mine the flexibility and control of deterrence in light of the changes and needs of the military struggle. It can be used in advance, used throughout, and used repeatedly. It has strong flexibility.
(B) Defects in cyberspace deterrence
The deterrence of cyberspace is mainly reflected in: First, the credibility of the deterrence effect has not been fully verified. The credibility of nuclear deterrence has been verified in actual combat. However, as of now, the real network war has not really exploded. People’s astonishing destructive power over cyber warfare is more of a speculation and worry. The real power of cyber warfare can only be convincing after being tested by actual combat. Second, the reliability of deterrence measures is not very high. Network warfare is a dynamic process of continuous offensive and defensive interaction between the two sides of the enemy and me. The characteristics of network confrontation and technicality determine that the network warfare attack has greater uncertainty and may not achieve the desired operational objectives, which will greatly reduce the effectiveness of deterrence. . For example, when the enemy performs cyberspace deterrence, if the enemy takes various effective defense measures in a timely manner, it will increase the difficulty of its own cyber attack and reduce the damage, and even lead to the failure of the attack. Third, the controllability of deterrence scope needs further improvement. As one of the important weapons of cyber warfare, viral weapons have strong dissemination, poor controllability, and a wide range of influence. It is difficult to launch targeted and targeted attacks on enemy computers and networks. If it can’t control its effective scope, it will spread to third-party neutral countries and even make itself a victim. As a result, the use of virus weapons suffers from the use of “imposed rats.” The fourth is the selective limitation of deterrence objects. Nuclear deterrence is clear and effective for any country, and the effectiveness of cyberspace deterrence has a lot to do with the level of informatization of enemy countries. Cyberspace deterrence is extremely effective for countries with a high degree of informatization, and for those underdeveloped countries with weak information infrastructure and weak network dependence, it is difficult for them to exert results, or even completely ineffective. Fifth, the organization of deterrence is relatively complicated. All nuclear powers in the world implement centralized and unified management of strategic nuclear forces. Command and control powers are highly centralized. When organizations implement nuclear deterrence operations, they can accurately control each combat unit, and the organization is well-executed. The implementation of the deterrence of cyberspace involves many forces such as investigation, control, defense, and control. It has many personnel and large scales and is scattered among different departments and units in the military and the military. It is very complicated to organize and it is difficult to form a synergy.
Second, the main types of cyberspace deterrence
The cyberspace deterrence includes four types: cyberspace technology test deterrence, cyberspace equipment demonstration deterrence, cyberspace operational deterrence deterrence, and cyberspace operational deterrence. Among them, the first three are demonstrative deterrence, and the latter is actual deterrence.
(A) Cyberspace Technology Test Deterrence
The cyberspace technology test deterrence is a field in the field of cyber warfare. It constantly conducts preliminary exploratory experiments on new concepts of warfare, new experiments on the effectiveness of attack mechanisms and tactics, and practical experiments on the weaponization of new technologies. The outside world is disclosed to demonstrate its strong strength in the basic research of information technology and its enormous potential for transforming it into a cyber warfare capability to achieve deterrence. At present, network offensive and defensive technology is still developing rapidly. A breakthrough in a key technology will often have a significant impact on cyberspace security and operations, and even lead to revolutionary changes. Whoever preempts the strategic commanding heights of the network offensive and defensive technology, who will be able to achieve a clear advantage in the future of network warfare.
(B) Cyberspace Equipment Demonstration
The demonstration of cyberspace equipment deterrence is the development of network warfare equipment development planning, technology development, target testing, stereotyped production and other development stages. According to the needs of the appropriate disclosure of network warfare equipment models, performance, characteristics, parameters and development schedule, etc. Reach the purpose of deterring opponents. There are two main ways: one is through public disclosure in official media such as national defense white papers, diplomatic bulletins, and newspapers, periodicals, and large-scale websites; and the other is through online social media or other unofficial. The channel has deliberately leaked equipment-related information and implemented hidden deterrence. The cyber space equipment demonstrates deterrence. On the one hand, it can invent new cyber-warfare equipment with new mechanisms and new concepts and render its unique combat capabilities. On the other hand, it can deliberately exaggerate the operational effectiveness of existing cyber warfare equipment. There are facts in the virtual reality, there is something in the real, and the implementation of fuzzy policies, so that the other party can not understand their true situation and strength, resulting in fear and jealousy. For example, the U.S. military’s “Shuute” on-board network power system has been put into practical use several times and poses a serious threat to the air defense systems of its hostile countries. However, its basic principles, working mechanisms, and combat technical indicators have not been publicly disclosed. It has not been completely mastered by other countries and has remained in a state of secrecy. It is difficult to distinguish between reality and reality and has played a very good deterrent effect.
(3) Deterrence in cyberspace operations exercises
The deterrence of cyberspace operations exercises is to conduct drills in cyberspace through virtual or virtual methods, and use various media channels to show potential war opponents their own cyber warfighting capabilities, strengths and determinations in order to achieve deterrence. Cyberspace operations can be divided into two kinds: actual drills and virtual exercises. The former is usually carried out nationwide or in alliance with allies, and is generally based on the joint exercise of military space and space defense operations. In recent years, the United States and its allies have held “Network Storm” series of cyber warfare exercises and “Shriver” series of space-network space exercises, which have demonstrated the mobilization strength, overall defense level, and the implementation of cyber warfare. Determination. The latter is usually held at the national large-scale network integrated shooting range, and is generally based on the offensive actions of the military professional cyber warfare forces.
(D) Deterrence in cyberspace operations
The deterrence of cyberspace operations is the actual deterrence of attacking specific opponents by deterring opponents with certain attacks. There are two opportunities for its use: First, when one’s own side is aware that the enemy is about to wage a war on one’s own side, one’s own choice of the key cyber targets of the enemy’s key defenses will be targeted to combat them, and preventive and deterrent deterrence will be implemented; When the Party initiates a tentative cyber attack on its own side and implements cyberspace deterrence, it must immediately conduct effective retaliatory and disciplinary deterrence. There are many types of cyber warfare operations that have deterrent effects. For example, infiltrate the enemy’s telecommunications network, send a large number of anti-war messages to the enemy’s citizens, and attack the enemy’s power grid, resulting in a short-term blackout of major cities in the enemy’s power; attacking the enemy’s broadcast television networks and inserting their own broadcasts during prime time. Special video programs; etc.
Third, the use of cyberspace deterrence points
The general requirements for the use of cyberspace deterrence are: combination of wartime and warfare, with strength, actual display capability, and determination, strive to demonstrate deterrence with small battles, ensure deterrence with strikes, and achieve deterrence with a small price. Specifically, the following points should be achieved.
(A) Combination of peacetime and long-term preparation
“Frozen feet, not a cold day.” Successful implementation of cyberspace deterrence requires a combination of peacetime and warfare, and we must fully and carefully prepare for peacetime. The first is to conduct comprehensive and thorough network reconnaissance. Requires the combination of spying, reconnaissance and technical reconnaissance, wireless reconnaissance, and cable reconnaissance. Conduct long-term and continuous network reconnaissance of enemy network targets, gradually understand the basic conditions of the enemy’s network, draw a picture of its network topology, and in particular analyze and find all kinds of soft enemies. Hardware system vulnerabilities. The second is to conduct a large number of effective strategic presets. Using hacking methods, secretive infiltrate all types of networks through the use of system vulnerabilities or password cracking, leaving the back door, setting up a springboard machine, and laying down logic bombs and Trojans to set a breakthrough for launching cyber attacks in the future. The third is to conduct pre-prepared cyber defenses. When deterring cyberspace deterrence against the enemy, one must adjust the deployment of network defenses in advance, make the enemy’s pre-designed attack path, anticipate the use of system loopholes, and plan to implement an attack plan that is difficult to implement, or the effect of implementation is greatly reduced to minimize the enemy’s Losses caused by cyber retaliation.
(B) careful decision-making, control strength
Sun Tzu said: “The Lord must not anger and raise a teacher. Cyberspace deterrence is a strategic game behavior between countries, especially with deterrence and sensitivity. It must be rational, beneficial, and tangible. It must not be abused because of the low threshold of deterrence. Otherwise, its effect may be counter-productive. . Cyberspace deterrence has a high requirement for combat intensity control. On the one hand, if the intensity is too small, the enemy’s government and people will not have fear and will not achieve the deterrent effect they deserve. The other party may also use the same methods to implement anti-deterrence, eventually leading to confrontational escalation and deterring one’s own deterrence. On the other hand, if it is too strong, it will cause huge economic losses and casualties to the enemy countries. This will cause the condemnation of the international community and the hatred of the enemy governments and people. It may trigger the enemy’s use of conventional forces to carry out large-scale revenge. Nuclear countries may even Nuclear power may be used. This will not only stop the war but will also play a role in warfare.
(III) Unified command and careful organization
The implementation of the deterrence of cyberspace requires centralized command, unified planning, and good coordination. The first is meticulous organization of strength. Uniformly organize the four forces of military investigation, attack, defense, and control, and actively coordinate the strength of the cyber warfare forces of all parties to form a joint force. In particular, it is necessary to organize and coordinate the strength of civil non-professional cyber warfare, especially patriotic hacking, so that there can be no phenomenon of “blindness” so as to avoid triggering friction, escalating fire, causing an escalation of cyber warfare, or prematurely exposing attack intentions and giving people a handle. , leading to uncontrollable situations or failure of operations. The second is to select the target. Should choose a wide range of influence, easy to produce a clear deterrent effect of the goal. For example, broadcast television channels with the highest ratings, portals with a large number of visitors, and wireless communication networks with numerous users. It is not possible to choose attacks that are irrelevant, insignificant, and indifferent to the target. They can easily be mistaken for cybersecurity incidents created by ordinary hackers and do not achieve the desired deterrent effect. In addition, we must also consider the constraints of international law and war laws. We must not choose targets that are easy to cause humanitarian disasters. We should try our best not to select the network goals of railways, aviation, finance, and medical departments so as not to arouse condemnation and resentment from the international community and the people of the other side. The third is the precise control of the process. Prior to the deterrent strikes in cyberspace, it is necessary to publicize the momentum through extensive public opinion, issue warnings to the enemy countries, and declare the justice of their actions to the world in order to gain the understanding and support of international public opinion. In order to highlight the deterrent effect, one can highly announce the target of the enemy’s network to be attacked, break through the enemy’s layered network defenses, and implement a resolute and effective cyber attack. If necessary, the network attack effect can be resumed regularly to show its superiority. The cyber attack technology and means make the enemy’s decision makers and the public have a sense of frustration that is hard to defend and difficult to parry, thus forming a strong shock effect.
(4) Combining actual situation with actual situation, focusing on strategy
The grandson said that “it is not possible to show and not to use it,” and it is used to deter online space. Its main points are summarized as “showing without propaganda, advocating without showing.” “Indicating nothing” means that it is difficult to track and locate using cyber attacks and conduct cyber attacks on specific targets. However, it is not done for others to announce that they are doing their own thing. It not only demonstrates their own capabilities, but also makes the enemy’s suspicion of doing their own thing. However, there is no evidence and it cannot be pursued. “Proclaiming but not showing” is the publicity or inadvertent disclosure of the type, performance, and characteristics of the advanced cyber warfare equipment developed or fabricated by the company, deliberately exaggerating its combat effectiveness, falsifying facts, and integrating facts and facts, so that the enemy can’t understand its true strength. , resulting in a deterrent effect. The cyber warfare operations have the characteristics of difficulty in tracking and traceability and complexity in forensics. The initiating party can either admit or deny it, or push the responsibility to civil hacker organizations. (Source: China Information Security).
American military network warfare: hackers attack and defense creating a war without smoke
Hackers may also be soldiers. Recently, the US Internet security company and the government issued a series of reports that “the Chinese military to participate in hacking.” With the “China hacker threat theory”, the US government immediately announced the latest anti-hacking strategy, although the Chinese Ministry of Foreign Affairs and the Ministry of Defense in a timely manner to make a refutation, but for a time, hacker news from the army or aroused everyone’s interest. In fact, the United States is the world’s largest Internet hacker location, has a huge network of troops.
As the daily consumption from the physical store to the transfer of electricity, and now the war has also moved from the line to the line. Not only the United States, Europe and the United States and Asia, many countries have begun to set up their own “network forces” – hackers is to become a frequent visitor to this service. And how these countries are leading the “formal” network of the army.
In 007 “skyfall” in the lovely Mr. Q is a network war master.
In May 2010, the US Department of Defense set up a network warfare headquarters officially launched, the US military strategic headquarters in September 1, 2010 before the development of a network warfare philosophy and plans, and plans in the next few years to expand the network security forces to 4900 people. This marks the United States intends to military hegemony from the land, sea, sky and space to the so-called “fifth field” of the network space extension.
It is reported that the United States is currently recruiting 2,000 to 4,000 soldiers, set up a “network special forces.” This unit not only to assume the task of network defense, but also to other countries of the computer network and electronic systems for secret attacks. According to Xinhua reported that a former US Air Force Major John Bradley at a meeting in 2002, said the United States spent on network attacks on the study than the network defense much more, because the senior staff of the former more Interested. And, the US military network attack time may be much earlier than we imagined.
In the Iraq war that began in 2003, the US military used the cyber warfare more widely. Before the war, thousands of Iraqi military and political officials in their e-mail mailbox received the US military sent the “persuade the letter”, resulting in a great psychological impact. Less than four hours after the war, Al Jazeera English website will be the US military “ban”, can not function properly.
In addition, the United States also in 2006 and 2008 has held two code-named “network storm” large-scale network war exercises.
Japan and South Korea: already set up a “network army”
At the end of 2009, the Ministry of Defense of Japan decided to establish a special “cyber space defense team” in 2011 to guard against hacker attacks and strengthen the ability to protect confidential information. According to the Japanese “Yomiuri Shimbun” reported on May 1, 2011, “cyberspace defense team” plan is set in the SDF command communications system under the initial number of about 60 people. This “network force” is responsible for collecting and analyzing the latest virus information, and anti-hacker attack training.
Japan’s network warfare is through the master “system of network” to paralyze the enemy combat system. Japan in the construction of network combat system, emphasizing the “offensive and defensive”, allocated large sums of money into the network hardware and “network warfare” construction, respectively, the establishment of the “defense information communication platform” and “computer system common platform”, to achieve the SDF Organs, forces network system of mutual exchange and resource sharing. And set up by the 5000 people of the “cyberspace defense team”, developed the network operations “offensive weapons” and network defense system, now has a strong network attack combat strength.
The DPRK this “enemy”, South Korea in 1999 put forward the overall vision of the future information construction, announced in 2009 will be the formation of “network command”, and officially launched in 2010. At present, South Korea already has about 20 million received professional training of the huge personnel, and 5% of annual defense funds are used to develop and improve the implementation of the core technology of network warfare.
Britain and Russia: enlisted hackers
Network forces hackers preferred, as early as 1998, because of the successful invasion of the US Pentagon computer system, Israel’s 18-year-old boy hacker Tenenbaum put on uniforms to become an Israeli soldier. Subsequently, the British government also in 2009, including former hackers, including network elite to defend the network security. They are young, diverse in background, some have been hackers, and even minor cybercrime.
On June 25, 2009, the UK government introduced its first national cybersecurity strategy and announced the establishment of two new departments of cybersecurity, the Network Security Office and the Network Security Operations Center, which are responsible for coordinating government security and coordination of government and government The security of the main computer system of civil society.
India in 2007 formed a land, sea and air armed forces joint emergency team, and enlisted hackers. At the same time, by absorbing the civil master enlisted and the cadet students “hacker” technical training, etc., and gradually complete the future network war talent pool.
Military power Russia in the 1990s on the establishment of the Information Security Committee, specifically responsible for network information security, launched in 2002, “Russian Federal Information Security Theory”, the network information warfare compared to the future “sixth generation of war.” Russia already has a large number of network elite, anti-virus technology is walking in the forefront of the world, in the event of a threat or need, these talents and technology will soon be transferred to military use.
“Black door”: ridiculous blame
Although there is no factual basis, but the US Internet security companies and the government is still often create “hacker door”, directed at China, not only involving colleges and universities, enterprises, as well as technical schools such as Shandong Lan Xiang, there are network individuals, now point to the Chinese military, Even to provide “hacker headquarters building” photos. However, the relationship between the IP address alone, “the source of the attack from China,” highlighting the ignorance of the relevant US people.
How do hackers use their own computer to attack? How can I leave a registered IP address? They usually through the springboard control of third-party computer to form a botnet and then attack. Take the initiative to expose the IP address left traces, is it a professional hacker!
China’s Ministry of Defense International Bureau of Communications Deputy Director Meng Yan wrote that the United States in the transformation of the way to render the Chinese hacker attack trick, even ignore itself is the network virtual space “rule makers.” 2012, 73,000 foreign IP addresses as Trojans and botnet control server to participate in the control of more than 1,400 million hosts in China, 32,000 IP through the implantation of the back door of China’s nearly 38,000 sites in the implementation of remote control, which originated in the United States The number of network attacks ranked first.
Hacker attack and defense: no smoke of the war
Only a few minutes, the domestic password experts, Tsinghua University Distinguished Professor Wang Xiaoyun and her research team with ordinary personal computers, will be able to crack MD5 password algorithm. Before her, even with the fastest giant computer, but also to calculate more than 1 million years to crack.
If this is a war, you can not hear the sound and can not see the smoke. Hackers often through the acquisition of passwords, place Trojan horse program, e-mail attacks, node attacks, network monitoring, find system vulnerabilities, steal privileges and so on, and the use of WWW spoofing technology, the use of account attacks, etc. to launch network attacks.
Reporters learned that the current “hanging horse” (that is, in the page to load Trojan virus), “phishing” (forged WEB site or e-mail, etc.) and other ways to become the mainstream of hacker attacks.