Chinese Military Analysis and Understanding of Foreign Military Cyberspace Combat Forces – People’s Liberation Army Situational Awareness Series
随着网络信息技术的迅猛发展及在军事上的广泛运用，网络空间已成为继陆、海、空、天 4 个疆域之后的新兴作战疆域，网络空间作战也成为全域联合作战不可分割的重要组成部分，并成为夺取和保持作战主动权、控制权和制胜权的关键。美国、俄罗斯、日本等世界主要国家纷纷制定网络空间安全和发展战略，组建网络空间作战部队，研发先进网络技术和武器装备，加紧抢夺这一新的战略制高点。
无论是网络空间概念和理论研究，还是其他相关技术研究和应用实践，美国都是网络空间发展的策源地和引领者，带动了各个国家与地区的网络空间发展。美军网络部队是世界上最早建立的“成建制”网络作战部队，历经克林顿时期初建防御、小布什时期网络反恐、奥巴马时期慑战并举和特朗普政府时期“前出防御”等阶段，已发展成为拥有 133 支网络任务分队、各军种数万人规模的网络作战部队。
美国颁布的网络空间相关重要战略文件如表 1所示。2011 年，美国先后发布《网络空间国际战略》《网络空间可信身份识别国家战略》和《国防部网络空间行动战略》3 大战略文件，首次提出将网络空间视为第五作战域，将对网络空间的利用和控制提升为基本国策。
近年来，美军立足大国竞争，进一步提升网络空间的战略地位，网络空间作战的作战体系结构基本形成。2018 年，美军先后发布新版《国防部网络战略》 以及《网络空间作战》联合条令，明确网络空间作战本身可作为独立作战样式达到创造战术、战役或战略效果，也可实现与其他领域作战样式的集成，通过协同作战以提升联合作战效能；2020 年，美网络空间日光浴委员会发布《来自未来的警告》报告，提出“前出防御”战略，建议由美国国防部将其拓展至国家层面，该战略是以持续交锋为主要行动模式，以行为塑造、获益拒止和成本强加为根本途径的国家网络空间分层威慑战略。
美国将国家网络安全业务总体分成国土安全业务、国防业务、情报业务、执法业务 4 个部分，如图 1 所示。其中，国土安全业务由国土安全部主导，主要负责协调重要基础设施的网络空间安全，保护政府与商用网络和系统；国防业务由国防部主导，由美军网络司令部牵头，各军兵种提供组成部队力量，兼具攻击、防御、军事信息基础设施运维管理 3 大职能，是美网络安全力量的核心；情报业务由国家安全局主导，主要负责探测国外网络空间恶意活动，同时向国土安全局和国防部提供能力支援；犯罪执法则涉及司法部等多个部门及其下属机构。
表 1 美国颁布的网络空间相关重要战略文件
图 1 美国网络空间组织管理协调框架
美军网络司令部成立于 2009 年，原隶属于美军战略司令部，2017 年 8 月，美军网络司令部升级为第 10 个独立的美军联合作战司令部，将作战指控职责划归至网络司令部，并由国家安全局局长兼任司令官。对于美军网络作战，尤其是实时性要求很高的作战来说，此举措理顺了指挥控制关系，升级后的美国网络司令部与其他机构间的组织关系如图 2 所示。
图 2 升级后的美国网络司令部与其他机构间的组织关系
美军网络空间战略作战力量主要是网络司令部下辖的 133 支网络任务分队，约 6200 名现役和文职人员。根据国防部 2013 年指示，该部队由各军种抽组力量组建（陆军 41 支，海军 40支，空军 39 支，海军陆战队 13 支）而成，2016年具备初始作战能力，2018 年具备全面作战能力，其主要遂行国防部信息网络运维防护行动、进攻性网络空间作战和防御性网络空间作战等任务。133 支网络任务分队根据肩负任务类型不同，编为国家网络任务部队、作战任务部队和网络防护部队 3 种类型部队。当前，美网络任务部队正扩充规模，2024 年将完成 21 支网络防护分队组建，使网络任务分队数量增至 154 支。
美军网络空间战术作战力量主要由美网络司令部下辖的陆军、海军、空军和海军陆战队4 大网络司令部的网络空间部队构成（总人数约为 8 万人），承担各军种网络防护和作战支援任务，在联合作战中为网络任务部队的进攻、防御和运维行动提供支撑。各军种网络司令部也正加紧网络作战力量的扩充与整合工作，为网络任务部队行动和各军种网络防护提供支撑。
美军网络作战武器装备研发始终按照军商民结合、兼收并蓄的方法进行。网络空间作战装备与常规作战装备不同，其主要是以代码为基础、以设计为核心的研制生产形式，供应链的层级关系并不明晰。如今，美国具有以美国国防部高级研究计划局（Defense Advanced Research Projects Agency，DARPA）为核心的军方研究力量，以诺斯罗普·格鲁曼、雷声、洛克希德·马丁等传统防务公司为主，互联网、电子、软件、信息安全等领域公司兼收并蓄的研制力量。
图 3 美国网络空间研制生产能力主要力量结构
其中，大中型军工企业是美国网络空间装备分系统 / 子系统 / 技术领域研发的中坚力量。近几年，美国传统大中型军工企业以“兼并重组”为主要手段，迅速进入网络安全领域，形成了以诺斯罗普·格鲁曼、雷声、波音、洛克希德·马丁等几家综合性公司为龙头的网络安全国防产业，在 DARPA 和各军种网络空间项目的竞标中，这些大中型军工企业通常占据主承包商位置。
欧洲网络空间工业的起步晚于美国，主要侧重于对网络空间防御和网络空间安全问题的研究。近几年，欧洲各国政府和国防 / 电子企业也纷纷投入到网络空间安全领域，通过逐步完善战略政策，公私联合，引导网络空间技术研发，现已初步形成了跨越整个欧洲及其他国家和地区的网络空间防御体系。具体表现为以下几个层面。
战略规划层面，俄罗斯曾发布了一系列旨在保护国家各个方面信息安全的法律文件，例如《俄罗斯联邦信息安全学说》《俄罗斯社会信息发展战略》等，但在现有的法律文件中，没有涵盖信息空间与网络空间的关系体系，“网络安全”这一术语并未从“信息安全”的概念中分离。随着网络安全风险的不断增大，俄罗斯自 2010 年开始，将保护网络空间安全的重点放在关键信息基础设施方面，先后颁布了《俄罗斯联邦武装力量在信息空间活动的构想观点》《2020 年前俄罗斯联邦国际信息安全领域国家政策框架》《俄罗斯联邦网络安全战略构想（草案）》《俄罗斯联邦信息安全学说（第二版）》及《俄罗斯联邦关键信息基础设施安全法》等法律文件，从多个层面阐述了俄罗斯为推动网络空间发展的战略目标，以及为保护关键信息基础设施、指导网络空间发展所实施的重要举措。组织机构层面，2013 年 8 月，俄罗斯政府宣布在俄罗斯武装部队下面组建一个专门的信息战机构，且决定组建网络安全司令部和一个武装部队新机构，目的是提高该国的网络作战能力。
应用实践层面，美国 2010 年出版的《网络指挥官手册》中显示，全球网络作战的唯一实例是 2007—2009 年发生在爱沙尼亚、格鲁吉亚和吉尔吉斯斯坦的信息网络攻击事件，这 3 次小规模的攻击都是俄罗斯所为，可以认为俄罗斯在网络安全领域拥有独一无二的实战经验。
日本是全球信息技术最先进的国家之一，同时也受到越来越多从针对个人到针对公共部门及基础设施的网络空间威胁，因此日本很早就开始关注网络空间安全议题。日本将这些威胁归为“信息安全”范畴，并在 2005 年成立了国家信息安全中心以应对威胁。随着美国提出的“网络空间”概念被广泛接受，日本也于 2010年前后开始从国家层面专门强调“网络空间”，并将网络安全作为影响国家安全的重要议题。具体表现为以下几个层面。
战略规划层面，2013 年，日本政府发布首份《网络安全战略》，该战略从国家层面推动网络安全建设与发展，明确提出了要将日本建设成为网络安全强国。2015 年 8 月、2018 年 7 月，日本政府先后出台了 2 份升级版《网络安全战略》，主要是为 2020 年东京奥运会和残奥会的网络安全防护提供准备。
组织机构层面，2010 年，日本防卫厅组建了一支由陆、海、空自卫队计算机专家构成的5 000 人左右的“网络战部队”，让其专门从事网络系统的攻防。日本“网络战部队”的主要任务是负责研制开发可破坏其他国家网络系统的跨国性“网络武器”，并承担自卫队计算机网络系统防护、病毒清除、程序修复等任务；开发战术性“网络武器”，并研究网络战的有关战术等；支援“网络特攻队”的反黑客组织、反病毒入侵等任务。国际研究人士指出，从日本“网络战部队”身上，可以看到美军“超级黑客部队”的影子。
应用实践层面，日本在网络攻防演习中，更注重贴合实战背景，从而提升演习的实用性和针对性。在 2014 年“3·18”演习中，预设场景为 2020 年东京奥运会期间日本关键基础设施遭遇网络攻击。在 2019 年日美举行的“山樱”联合演习中，预设场景为日本东京都和西南地区遭受导弹袭击等多项事态并发，该演习旨在检验指挥控制系统在网络和电磁攻击下的运转情况并研习对策。
如今，网络空间已成为新兴作战域，必须建设强大的网络空间作战部队，夺取这一新兴作战域的控制权，才能有效维护网络空间的国家安全和发展利益。自 2009 年 6 月美军网络司令部组建以来，美军的网络军事力量建设取得较大成效，形成了美国网络安全的有力军事保障，同时也对其他国家网络空间构成巨大威胁。我们必须加快网络空间部队建设步伐，不断提升全民的网络安全意识和信息防护能力，并加强国防动员建设，培养预备力量，打造有足够作战能力的网络作战力量体系，才能有效遏制抗衡对手对我国的网络威胁。
6 结 语
引用格式：李硕 , 李祯静 , 王世忠 , 等 . 外军网络空间作战力量发展态势分析与启示 [J]. 信息安全与通信保密 ,2022(5):90-99.
From the perspective of the construction of cyberspace combat forces in major countries in the world, the U.S. military, as the first army to publicly announce the construction of cyberspace combat forces, has relatively strong strength and has carried out cyberspace combat operations many times in war practice. Organizations and countries such as the European Union and Russia have also launched cyberspace combat force building and carried out some actual combat operations. The study and analysis of the successful experience and practices of the major countries and regions in the world in the construction of military cyberspace combat forces has important reference and enlightenment significance for the development of cyberspace in my country.
With the rapid development of network information technology and its wide application in the military, cyberspace has become an emerging combat domain following the four domains of land, sea, air, and space, and cyberspace operations have also become an inseparable and important component of all-domain joint operations part, and become the key to gaining and maintaining the operational initiative, control and victory. The United States, Russia, Japan and other major countries in the world have formulated cyberspace security and development strategies, established cyberspace combat forces, and developed advanced network technologies and weapons and equipment, stepping up to seize this new strategic commanding height.
- The United States leads the construction of cyberspace
Whether it is cyberspace concept and theoretical research, or other related technology research and application practice, the United States is the source and leader of cyberspace development, driving the development of cyberspace in various countries and regions. The U.S. military’s cyber force is the earliest “established” cyber combat force in the world. It has gone through stages such as the establishment of defense during the Clinton era, cyber counter-terrorism during the Bush era, simultaneous deterrence and war during the Obama era, and “forward defense” during the Trump administration. It has developed into a network combat force with 133 network task teams and tens of thousands of people in various services.
1.1 Strengthening the strategic deterrent position
In order to compete for the control and development of cyberspace, the United States actively responds to the new requirements of changes in the shape of future wars, and establishes cyberspace as an emerging combat domain alongside land, sea, air, and space, and places it as a strategic deterrent. Strategic Position.
The important strategic documents related to cyberspace promulgated by the United States are shown in Table 1. In 2011, the United States successively issued three major strategic documents, the “International Strategy for Cyberspace”, the “National Strategy for Trusted Identity in Cyberspace” and the “Strategy for Cyberspace Operations of the Department of Defense”. The use and control of cyberspace has been elevated to a basic national policy.
In recent years, based on competition among major powers, the U.S. military has further enhanced its strategic position in cyberspace, and a combat system structure for cyberspace operations has basically taken shape. In 2018, the U.S. military successively released the new version of the “DoD Cyber Strategy”  and the “Cyberspace Operations” joint doctrine, clarifying that cyberspace operations themselves can be used as an independent combat style to achieve tactical, operational or strategic effects, and can also be integrated with other fields. The integration of combat styles improves the effectiveness of joint operations through coordinated operations; in 2020, the U.S. Cyberspace Sunbathing Committee released the “Warning from the Future” report, proposing the “defense forward” strategy, and recommending that the U.S. Department of Defense expand it to the national level , the strategy is a national cyberspace layered deterrence strategy based on continuous confrontation as the main mode of action, and behavior shaping, benefit denial, and cost imposition as the fundamental approaches.
1.2 The leadership system has a clear division of labor
The United States divides its national cyber security business into four parts: homeland security business, national defense business, intelligence business, and law enforcement business, as shown in Figure 1. Among them, the homeland security business is dominated by the Department of Homeland Security, which is mainly responsible for coordinating the cyberspace security of important infrastructure and protecting government and commercial networks and systems; the national defense business is dominated by the Department of Defense, led by the US Cyber Command, and various military services provide troops It has three major functions of attack, defense, and military information infrastructure operation and maintenance management. It is the core of the US cyber security force; the intelligence business is dominated by the National Security Agency, which is mainly responsible for detecting malicious activities in foreign cyberspace. The Ministry of Defense provides capability support; criminal law enforcement involves multiple departments including the Department of Justice and its subordinate agencies.
Table 1. Important strategic documents related to cyberspace promulgated by the United States
Figure 1. Management and coordination framework of cyberspace organizations in the United States
The U.S. Cyber Command was established in 2009 and was originally affiliated to the U.S. Strategic Command. In August 2017, the U.S. Cyber Command was upgraded to the 10th independent U.S. Joint Operations Command, and the responsibility for combat command was assigned to the Cyber Command. And the director of the National Security Agency also serves as the commander. For the U.S. military’s network operations, especially operations with high real-time requirements, this move straightens out the command and control relationship. The organizational relationship between the upgraded U.S. Cyber Command and other agencies is shown in Figure 2.
Figure 2. The organizational relationship between the upgraded US Cyber Command and other agencies
The U.S. Cyber Command is under the command of the President and Secretary of Defense of the United States, and has operational control over the headquarters of the National Cyber Mission Force, the Headquarters of the Joint Cyberspace Forces, the Headquarters of the Cyberspace Forces of the Services, and the Headquarters of the Joint Forces of the Department of Defense Information Network; Mission detachments, combat detachments, protection detachments and support detachments have operational control.
During the operation, the U.S. Cyber Command conducts cyber operations in accordance with the instructions of the U.S. President and Secretary of Defense, implements operational control over its subordinate forces, and provides customized force packages to the Joint Operations Command for support. The force package is composed of cyber combat forces, combat support personnel and other cyberspace forces under the Cyber Command. Cyber Command maintains operational control of force packages and delegates operational control to subordinate commands as appropriate. The commander receiving the force package has tactical control over the timing and tempo of cyberspace operations.
1.3 Large scale of organizational strength
The U.S. military’s cyber force is the first established “organized” cyber combat force in the world. It has long recruited cyber talents, formed a cyber force, and held secret exercises. At present, the U.S. military has basically formed a general pattern in which the Cyber Command is responsible for operations, and the military services and the Defense Information Systems Agency and other Ministry of Defense business bureaus are responsible for the construction. Different from the land, sea, and air combat domains, the particularity of the cyberspace combat domain requires that the two chains of management (military administration) and operations (military orders) must cooperate more closely.
The U.S. military’s cyberspace strategic combat force is mainly composed of 133 cyber mission teams under the Cyber Command, with about 6,200 active duty and civilian personnel. According to the instructions of the Ministry of National Defense in 2013, the force was formed by drawing forces from various services (41 from the Army, 40 from the Navy, 39 from the Air Force, and 13 from the Marine Corps). It mainly performs tasks such as the operation and maintenance protection operations of the Ministry of National Defense information network, offensive cyberspace operations, and defensive cyberspace operations. The 133 cyber mission teams are organized into three types of troops: national cyber mission troops, combat mission troops, and network protection troops, according to the different types of tasks they undertake. Currently, the U.S. Cyber Task Force is expanding its scale. By 2024, 21 cyber protection teams will be formed, increasing the number of cyber task teams to 154.
The cyberspace tactical combat force of the U.S. military is mainly composed of the cyberspace forces of the four major cybercommands of the Army, Navy, Air Force, and Marine Corps under the U.S. Cyber Command (the total number is about 80,000 people), and they are responsible for network protection and combat support of various services. The mission provides support for the offensive, defensive, and operation and maintenance operations of the cyber mission force in joint operations. The network commands of various services are also stepping up the expansion and integration of network combat forces to provide support for the operations of network mission forces and the network protection of various services.
1.4 Comprehensive combat capability system
In terms of equipment research and development, the U.S. military adheres to the principle of “building while using, and integrating construction and use”, continuously intensifies the research and development of cyber warfare weapon systems and equipment, and conducts research on key technologies for cyber warfare. A number of research programs have been carried out in early warning, command and control, and training and evaluation, and tens of billions of dollars have been invested in the research and development of various cyberspace combat equipment, thereby promoting and improving the level of network combat technology, enhancing service support capabilities and operational capabilities. efficiency.
The most representative equipment for network defense includes “network deception” system, “cyber wolf” software system, network attack alarm system and network vulnerability scanner. At the same time, the US military also attaches great importance to the application of the concept of “active network defense”. It has promoted the rapid development of network attack traceability technology. Cyber attacks include a variety of powerful computer viruses such as “Stuxnet” and “Flame”; battlefield cyber attacks are more representative of the Air Force’s “Shuter” system and the Navy’s EA-18G “Growler” aircraft. Reconnaissance perception has the ability to obtain information such as enemy communications, content, network protocols, hardware addresses, passwords, identity authentication processes, and network vulnerabilities. Programs such as “Einstein” and “Prometheus” have formed large-scale intelligence production capabilities and are trying to build a global cyberspace situational awareness system.
1.5 Equipment research and development forces are all-inclusive
The research and development of the U.S. military’s network combat weapons and equipment has always been carried out in accordance with the method of combining military, commercial and civilian, and inclusive. Cyberspace combat equipment is different from conventional combat equipment. It is mainly a code-based, design-centric development and production form, and the hierarchical relationship of the supply chain is not clear. Today, the United States has a military research force with the Defense Advanced Research Projects Agency (DARPA) as the core, and traditional defense forces such as Northrop Grumman, Raytheon, and Lockheed Martin. The company is the mainstay, and the company has an eclectic research and development force in the fields of Internet, electronics, software, and information security.
The cyberspace research directions of the U.S. military, government scientific research institutions, and traditional defense companies usually cover one or more aspects of cyberspace reconnaissance (situational awareness), surveillance, attack, defense, test verification, and comprehensive integration; while the Internet, electronics, Companies in the fields of software and information security carry out cyberspace technology research and equipment development and production in their respective fields. In addition, since the research and development products of cyberspace combat equipment are mainly software, which is a logical layer product, this has led to a blurred boundary between basic research in cyberspace and equipment development and production. Teams and individuals are also an important part of the US cyberspace industry. Figure 3 shows the main power structure of cyberspace R&D and production capabilities.
Figure 3 The main force structure of US cyberspace R&D and production capabilities
Among them, large and medium-sized military enterprises are the backbone of the research and development of the US cyberspace equipment subsystem/subsystem/technical field. In recent years, the traditional large and medium-sized military enterprises in the United States have rapidly entered the field of network security through “mergers and reorganizations” as the main means, and formed several companies such as Northrop Grumman, Raytheon, Boeing, and Lockheed Martin. Comprehensive companies are the leading network security defense industry. In the bidding of DARPA and various military cyberspace projects, these large and medium-sized military enterprises usually occupy the position of main contractors.
2 Europe follows closely behind
The European cyberspace industry started later than the United States, mainly focusing on research on cyberspace defense and cyberspace security issues. In recent years, European governments and national defense/electronic companies have also invested in the field of cyberspace security. Through the gradual improvement of strategic policies, public-private alliances, and guidance of cyberspace technology research and development, a network that spans the entire Europe and other countries and regions has been initially formed. Cyberspace defense system. Specifically, it is manifested in the following levels.
At the level of research and development, European countries not only follow the lead of the United States, but also rely on NATO, the European Union and other transnational platforms to achieve integration and complementarity within Europe and between Europe and the United States, and finally formed a cyberspace security capability with both commonality and characteristics, second only to the United States .
At the level of organization and management, since most European countries are small in scale and easy to manage, they have achieved a relatively efficient, integrated, and powerful cyberspace management mechanism. At the same time, due to the large number of European countries and the existence of competition, there are sometimes obstacles to the implementation of national-level cooperation on cyberspace security.
At the level of system research and development, due to the very high level of digitalization, softwareization, and networking in many European countries (even higher than the United States), they are facing great pressure in cyberspace defense just like the United States. Therefore, their cyberspace development is to ensure cyberspace Safety first. In recent years, under the guidance of cyberspace thinking that focuses on defense, the research and development of cyberspace technology, especially cyberspace security technology, has been gradually strengthened. Expand investment and deployment in the field. When countries are investing in the cyberspace security market one after another, the cyberspace security products of some major European countries have already occupied a relatively large market share and opened up a certain scale of global market.
- Russia’s cyberspace development ideas are unique
Compared with Western countries, Russia has always paid attention to comprehensive and large-scale information space, and has not conducted in-depth and systematic research on cyberspace as a subdomain of information space like the United States. However, due to Russia’s long-term attention to the field of information security and industrial accumulation, it has a good foundation in the field of cyberspace. Specifically, it is manifested in the following levels.
At the level of strategic planning, Russia has issued a series of legal documents aimed at protecting information security in all aspects of the country, such as the “Russian Federation Information Security Doctrine”, “Russian Social Information Development Strategy”, etc., but in the existing legal documents, it does not cover The relational system between information space and cyberspace, the term “cyber security” is not separated from the concept of “information security”. With the continuous increase of network security risks, Russia has focused on the protection of cyberspace security on key information infrastructure since 2010, and successively promulgated “Conceptual Viewpoints of Russian Federation Armed Forces in Information Space Activities” and “2020 Legal documents such as the National Policy Framework in the Field of International Information Security of the Russian Federation, the Strategic Conception of the Russian Federation Network Security (Draft), the Doctrine of Information Security of the Russian Federation (Second Edition) and the Law on the Security of Key Information Infrastructures of the Russian Federation It expounds Russia’s strategic goals to promote the development of cyberspace at multiple levels, as well as the important measures implemented to protect key information infrastructure and guide the development of cyberspace. At the organizational level, in August 2013, the Russian government announced the formation of a specialized information warfare agency under the Russian Armed Forces, and decided to form a cyber security command and a new agency of the armed forces, with the aim of improving the country’s cyber combat capabilities.
At the level of application practice, the “Network Commander’s Handbook” published by the United States in 2010 shows that the only example of global network operations is the information network attacks that occurred in Estonia, Georgia, and Kyrgyzstan from 2007 to 2009. These three small-scale attacks They are all done by Russia. It can be considered that Russia has unique practical experience in the field of network security.
In terms of research and development capabilities, Russia has a network security defense company with outstanding strength. For example, Kaspersky Lab is an important company in the field of global information security, and the “Russian Technological Information” company under the Rostec Group is also a core network security company in Russia. because
Transparency is limited, and it is difficult to find Russian companies capable of researching and developing cyber attack equipment from public channels, but this does not mean that Russia does not have such capabilities. In addition, Russian hacker organizations enjoy a “famous reputation” around the world. Research, production and trade of equipment.
4 Japan set off a wave of cyberspace development
Japan is one of the countries with the most advanced information technology in the world. At the same time, it is also subject to more and more cyberspace threats ranging from targeting individuals to public sectors and infrastructure. Therefore, Japan has long paid attention to cyberspace security issues. Japan classifies these threats under the umbrella of “information security” and established the National Information Security Center in 2005 to address the threat. As the concept of “cyberspace” proposed by the United States has been widely accepted, Japan also began to emphasize “cyberspace” at the national level around 2010, and regarded cybersecurity as an important issue affecting national security. Specifically, it is manifested in the following levels.
At the level of strategic planning, in 2013, the Japanese government issued the first “Network Security Strategy”, which promotes the construction and development of network security at the national level, and clearly proposes to build Japan into a powerful country in network security. In August 2015 and July 2018, the Japanese government successively issued two upgraded versions of the “Cyber Security Strategy”, mainly to prepare for the network security protection of the 2020 Tokyo Olympic and Paralympic Games.
At the organizational level, in 2010, the Japanese Defense Agency established a “cyber warfare force” of about 5,000 people composed of computer experts from the land, sea, and air self-defense forces to specialize in the attack and defense of network systems. The main task of Japan’s “cyber warfare forces” is to develop transnational “cyber weapons” that can destroy the network systems of other countries, and undertake tasks such as self-defense force computer network system protection, virus removal, and program repair; develop tactical “cyber weapons” “, and study the relevant tactics of cyber warfare; support the anti-hacking organization and anti-virus intrusion tasks of the “Network Special Attack Team”. International researchers pointed out that from the Japanese “cyber warfare forces”, we can see the shadow of the US military’s “super hacker force”.
At the level of application practice, Japan pays more attention to the actual combat background in network offensive and defensive exercises, so as to improve the practicality and pertinence of the exercises. In the “March 18” exercise in 2014, the preset scenario was that Japan’s key infrastructure encountered cyber attacks during the 2020 Tokyo Olympics. In the “Yamazakura” joint exercise held by Japan and the United States in 2019, the preset scenario was that Tokyo and the southwest region of Japan were attacked by missiles and other events concurrently. The exercise aimed to test the operation of the command and control system under cyber and electromagnetic attacks situation and study countermeasures.
At the level of system research and development, Japan emphasizes “both offense and defense” in building a network combat system, allocates a large amount of funds to invest in network hardware and “network warfare troops”, and establishes a “defense information communication platform” and a “common computer system platform” respectively. It facilitates the mutual communication and resource sharing of various organs and military network systems of the Self-Defense Force.
5 Apocalyptic Suggestions
From the perspective of the construction of cyberspace combat forces in major countries in the world, major countries and organizations in the world, such as the United States, Russia, Japan, and the European Union, have continuously strengthened military cyberspace operations through strategic planning guidance, organizational structure construction, combat force formation, and system equipment research and development. This has certain reference significance for the development of my country’s cyberspace.
5.1 Deepen the top-level design and enhance the strategic position of cyberspace
Cyberspace has greatly extended and expanded the boundaries of national interests. The Internet has increasingly become the basic platform for national political, economic, cultural and social activities, the lifeblood of the real economy and the nervous system on which the entire society depends. It can be seen that network security is not only a security issue of the network itself, but its impact has radiated to all aspects of national security and national interests. Therefore, it is necessary to plan and deploy the country’s network security issues from the national strategic level. my country should learn from the experience of foreign cyberspace strategies, formulate cyberspace strategies at the national level, strengthen cybersecurity legislation, build an international cooperation system, and plan and deploy national cybersecurity development as a whole at the national level.
5.2 Consolidate the foundation of capabilities and develop cyberspace countermeasures
In recent years, with the advancement of my country’s informatization construction and the comprehensive popularization of national network infrastructure equipment, network security threats from home and abroad have shown a trend of diversification, complexity, and frequent occurrence, posing a major threat to China’s cyberspace security, leading to my country’s Important information systems of government agencies and critical infrastructure may face security risks such as large-scale leakage of sensitive information and paralysis of information systems. In order to ensure the integrity and availability of cyberspace information infrastructure, it is necessary to improve its survivability, respond quickly to cyber threats, and initiate attacks at the right time. Based on this, our country must proceed from the aspects of theory, technology, and talents to consolidate the foundation of cyberspace capabilities and provide guarantees for possible cyberspace confrontation and defense in the future.
5.3 Strengthen strength building and build a cyberspace support system
Today, cyberspace has become an emerging combat domain. It is necessary to build a powerful cyberspace combat force and seize control of this emerging combat domain in order to effectively maintain national security and development interests in cyberspace. Since the establishment of the U.S. Cyber Command in June 2009, the U.S. military has made great achievements in the construction of cyber military power, forming a strong military guarantee for U.S. cyber security, and at the same time posing a huge threat to the cyberspace of other countries. We must speed up the construction of cyberspace forces, continuously improve the cybersecurity awareness and information protection capabilities of the whole people, strengthen national defense mobilization, cultivate reserve forces, and build a network combat force system with sufficient combat capabilities, so as to effectively contain and counter the opponent’s attack on our country. cyber threat.
Cyberspace has become an important combat force for the military to seek development because of its characteristics such as not being restricted by time and space, not being constrained by combat objectives, having a wide range of sources of support for combat forces, and strong mutations in the combat process. In recent years, major countries and organizations in the world, such as the United States, Russia, Japan, and the European Union, have been committed to promoting the construction of cyberspace combat capabilities in order to seize the dominant position in this field. my country should accelerate the construction of military cyberspace forces and enhance our country’s cyberspace combat capabilities in order to seek the right to win future information warfare.
Citation format: Li Shuo, Li Zhenjing, Wang Shizhong, et al. Analysis and Enlightenment of the Development Situation of Foreign Military Cyberspace Combat Forces [J]. Information Security and Communication Secrecy, 2022(5):90-99.