Chinese Military Secrets of Deterrence in Cyberspace
威懾的網絡空間中的中國軍事機密
January 6th 2016
China’s National Defence University
Given the recent People’s Liberation Army (PLA) restructuring and renewed emphasis on strategic forces and cyberwarfare units it is no surprise that military experts in the People’s Republic of China (PRC) are discussing how to use military force in cyberspace effectively.
when the opposing sides have the ability to ensure invade destroy the other network when you can bring two-way network containment, the two sides have, under certain conditions, to comply with and do not attack the other network rules of the game, forming an invisible safety valve, even will form international networks and do not attack each other customary agreements or conventions, cyberspace became strategic areas can generate a huge deterrent effect. After following the nuclear deterrence deterrence in cyberspace, began to enter the strategic vision of the big country politicians and military strategist. Research cyberspace deterrence characteristics, type and use points, a must consideration and necessary action network power, network and strong army. China Military Online publication Yuan Yi of PLA Military Academy of Sciences, said the article, along with human society’s dependence on cyberspace continues to deepen, cyberspace has become the “fifth dimension of human production and life of the” second class living space “and military confrontation battle space. ” States initiative, control over the right to speak about the world of cyberspace in a fierce competition, competition in cyberspace has reached a level of survival, fate of the country and the success of the military struggle of human solidarity. Thinking of cyberspace deterrence capacity building of great practical and theoretical value. First, analyze the pros and cons of deterrence in cyberspace cyberspace deterrence refers to various actions taken in cyberspace, cyberspace display paralyze enemy control, and cross-domain control of the enemy’s determination and strength of the physical space through cyberspace to achieve deterrence enemy, the enemy stops, stopping the enemy, stop the enemy in the form of a strategic deterrence purposes. Cyberspace and physical space has compared to the “actual situation biphasic” network warfare, compared with the traditional style of warfare has unique nature determines the advantages and disadvantages of deterrence in cyberspace are very obvious.
(A) Advantages of cyberspace deterrence. Deterrence advantage of cyberspace, mainly reflected in: First, become more civilized and humane way of deterrence. Compared with nuclear and biological weapons, physical, biological, chemical destruction mechanism-based, direct killing and destruction effects of network warfare weapons is far smaller than the former, usually does not cause permanent damage and pollution of the natural environment, it will not cause a lot of people casualties, and trigger a humanitarian disaster. Second, the cost of deterrence to cost-inefficient. Network warfare weapons to viruses, Trojan horses and other software-based, relatively low cost, low technology threshold, and damage caused by the effect has been amazing. Cyber Defense broad area, are very hard to improve network security level of a grade each input costs increase exponentially. Low-cost network attack and defense of the high cost of network contrast, making the network attack and defense presented “spear shield thin” features, network warfare weapon which is called “poor atomic bomb.” Third, diverse practical means of deterrence. A variety of network warfare weapons, cyber-attacks target pluralism, the decision has diverse cyberspace deterrent to choose from. Network attack effect to a certain extent is recoverable, if used properly implemented, the initiation and escalation of the war to promote war risk is relatively small. In a sense, the deterrent value of nuclear weapons is much greater than the actual value, and network warfare weapons is both practical value and deterrent value. Fourth, deterrence using reusable flexibility. “Nuclear threshold” Once across the full nuclear war will break out, both sides in the nuclear balance of mutual destruction will fall into the state, easily a nuclear deterrent against non-nuclear countries in particular, nuclear deterrence, but also lead to international condemnation, these factors which greatly limits the use of the nuclear deterrent. The cyberspace deterrence Flex, controllable power characteristics, which can be determined according to the change and the need for military struggle situation, timely regulatory deterrence strength, the initial use, full use, repeated use, with strong flexibility.
Original Mandarin Chinese:
雙方都具有確保侵入破壞對方網絡的能力時,就可以帶來雙向網絡遏制,使得雙方不得不在一定條件下,遵守互不攻擊對方網絡的遊戲規則,形成一個無形的安全閥,甚至國際上也會形成互不攻擊對方網絡的慣例協議或公約,網絡空間由此成為可以產生巨大威懾效應的戰略領域。網絡空間威懾繼核威懾之後,開始進入大國政治家和軍事家的戰略視野。研究網絡空間威懾的特征、類型和運用要點,成為網絡強國、網絡強軍的必須考量和必要行動。
中國軍網發表中國人民解放軍軍事科學院袁藝的文章稱,隨著人類社會對網絡空間依賴程度的不斷加深,網絡空間成為人類生產生活的“第二類生存空間”和軍事對抗的“第五維作戰空間”。世界各國圍繞網絡空間的主導權、控制權、話語權展開了激烈的爭奪,網絡空間的競爭已達到與人類生存、國家命運和軍事鬥爭成敗休戚相關的程度。思考網絡空間威懾能力建設,具有重大現實和理論價值。
一、網絡空間威懾的優劣分析
網絡空間威懾,是指在網絡空間採取各種行動,展示癱瘓控制敵方網絡空間,並通過網絡空間跨域控制敵方實體空間的決心和實力,從而達到懾敵、止敵、阻敵、遏敵目的的一種戰略威懾形式。網絡空間與實體空間相比所具有的“虛實二相性”,網絡戰與傳統作戰樣式相比所具有的獨特性,決定了網絡空間威懾的優缺點都非常明顯。
(一)網絡空間威懾的優點
網絡空間威懾的優點,主要體現在:一是威懾方式更趨文明和人道。與基於物理、生物、化學殺傷機理的核生化武器相比,網絡戰武器的直接殺傷和破壞效應要遠小於前者,通常不會對自然環境造成永久性破壞和污染,也不會造成大量的人員傷亡,並引發人道主義災難。二是威懾成本低效費比高。網絡戰武器以病毒、木馬等軟件為主,成本相對低廉,技術門檻較低,而造成的破壞效果卻相當驚人。網絡防禦點多面廣,防不勝防,要網絡安全程度每提高一個等級,投入成本會呈指數級增加。網絡進攻的低成本與網絡防禦的高成本對比鮮明,使得網絡攻防呈現“矛尖盾薄”的特點,網絡戰武器因而被稱為“窮國的原子彈”。三是威懾手段多樣實用性強。網絡戰武器多種多樣,網絡攻擊目標多元,決定了有多樣化的網絡空間威懾手段可供選擇。網絡攻擊效果在一定程度上是可恢復的,只要運用實施得當,引發戰爭和促使戰爭升級的風險相對較小。從某種意義上講,核武器的威懾價值遠大於實戰價值,而網絡戰武器則是實戰價值與威懾價值兼具。四是威懾運用可重複靈活性強。“核門檻”一旦跨過就會爆發全面核戰爭,處於核均勢的雙方將陷入相互摧毀狀態,輕易實施核威懾特別是對無核國家進行核威懾,還會招致國際輿論的譴責,這些因素都極大地限制了核威懾手段的使用。而網絡空間威懾軟硬結合、威力可控的特點,決定了其可根據軍事鬥爭形勢的變化和需要,適時調控威懾強度,先期使用、全程使用、反覆使用,具有很強的靈活性。
(B) Lack of deterrence in cyberspace
Cyberspace is insufficient when it comes to a deterrent effect, mainly reflected in the following:
First, the credibility of the deterrent effect has not been fully verified. The credibility of nuclear deterrence has been verified in actual combat. However, as of now, the war in the true sense of the network have not really broken out. People cyberwarfare amazing destructive power, more of a speculation and worry, the real power of cyber warfare only after the actual test, we can really convincing.
Second, the reliability of the means of deterrence is not too high. Cyberwar is a dynamic process two sides of continuous interaction network attack and defense, the network against complex, highly technical characteristics, determine the effect of cyber warfare attacks with greater uncertainty, and there may not achieve the desired objective of the operation, so that the deterrent effect greatly reduced. For example, when you attack the enemy in cyberspace combat deter enemy if promptly take all effective means of defense, it will increase the difficulty of one’s own cyber-attacks and reduce the destructive effect, and even lead to the failure of the attack.
Third, deterrence scope for further improvement in controllability. Virus weapons as an important weapon cyber warfare, the spread of resistance, controllability is poor, affecting relatively wide range, it is difficult for the enemy to launch specialized computers and networks, highly targeted attacks. If you cannot control its effective scope, it will spread to a third-party neutral countries and even make itself a victim, thus using viral weapons are “legislator” of the suffering. Four is selectively limited deterrence object. Nuclear deterrence for any country is clear and effective, and the degree of information in cyberspace deterrent effect of a great relationship with the enemy. Cyberspace deter high degree of information is extremely effective countries, and for that information infrastructure is weak, not strong network dependent LDCs, the effect is difficult to play, or even completely ineffective. Five is relatively complex organization deterrence implementation. Various nuclear countries in the world are all focused on the implementation of the strategic nuclear forces unified management, command and control of the highly centralized organization and implementation of nuclear deterrence when action can be accurately controlled to each combat unit, very well organized and implemented. The organization and implementation of deterrence in cyberspace, to be involved in reconnaissance, attack, control, prevention and other support forces, personnel, large scale, and scattered in different departments and units of the military, the organization is very complex and not easy to form a joint force.
Second, the main types of cyberspace deterrence.
Deterrence in cyberspace includes the following; there are cyberspace technology test deterrence measures, deterrence in cyberspace display equipment, network space and cyberspace combat exercise deterrence. There are four types of deterrence operations. Among them, the first three are shown in form of deterrence, the latter is the real deterrent.
(A) Technical trial deterrence in cyberspace
Original Mandarin Chinese:
(二)網絡空間威懾的不足
網絡空間威懾的不足,主要體現在:一是威懾效果的可信性未得到充分驗證。核威懾的可信度已在實戰中得到了驗證。然而,截至目前,真正意義上的網絡大戰還沒有真正爆發過。人們對網絡戰驚人的破壞力,更多的只是一種猜測和擔憂,網絡戰的真實威力只有經過實戰檢驗後,才能真正令人信服。二是威懾手段的可靠性不太高。網絡戰是敵我雙方網絡攻防持續互動的動態過程,網絡對抗複雜、技術性強的特點,決定了網絡戰攻擊效果具有較大的不確定性,有可能達不到預期作戰目的,使威懾效果大打折扣。例如,對敵實施網絡空間實戰威懾時,敵方若及時採取各種有效防禦手段,就會增加己方網絡攻擊的難度和降低破壞效果,甚至導致攻擊行動的失敗。三是威懾範圍的可控性需進一步改善。病毒武器作為網絡戰的重要武器之一,其傳播性強、可控性較差、影響範圍比較廣,很難針對敵國計算機和網絡發動專門性、針對性極強的攻擊。如果不能控制其有效作用範圍,就會波及第三方中立國家,甚至使自身也成為受害者,因而病毒武器的使用有“投鼠忌器”之患。四是威懾對象的可選擇性受限。核威懾對任何國家都是明確而有效的,而網絡空間威懾的效果與敵國的信息化程度有很大關係。網絡空間威懾對信息化程度高的國家極為有效,而對那些信息基礎設施薄弱,網絡依賴性不強的不發達國家,則很難發揮效果,甚至完全不起作用。五是威懾實施的組織相對複雜。世界各個核國家無不對戰略核力量實施集中統管,指揮控制權高度集中,組織實施核威懾行動時可以準確控制到每一個作戰單元,組織實施十分周密。而網絡空間威懾的組織實施,要涉及偵、攻、控、防等多支力量,人員多、規模大,且分散在軍地不同部門和單位,組織起來非常複雜,形成合力不易。
二、網絡空間威懾的主要類型
網絡空間威懾主要有網絡空間技術試驗威懾、網絡空間裝備展示威懾、網絡空間作戰演習威懾和網絡空間作戰行動威懾四種類型。其中,前三種是示形威懾,後一種是實戰威懾。
(一)網絡空間技術試驗威懾
Cyberspace technology test of deterrence, is in the field of cyber warfare, regularly carry out new operational concepts early exploratory trials, new attacks and tactical mechanism confirms test results, new technologies weaponization practical tests, and through the media and disclose to demonstrate their strong information technology infrastructure research capabilities, and network warfare capability into the enormous potential to achieve deterrence opponent’s goal. Currently, the network attack and defense technology is still rapid development, a key breakthrough technology, cyberspace and often have a significant impact on operations, or even lead to revolutionary change. Who is the first to occupy the strategic high ground network attack and defense technology, who will be able to achieve significant advantages in the future network warfare.
(B) Deterrence in cyberspace equipment display.
Equipment display deterrence in cyberspace, is planning to develop cyber warfare equipment development, technology development, targeting all stages of development testing, stereotypes production, appropriate disclosure network warfare equipment models, performance, features needed, parameters and development progress, etc., in order to achieve deterrence opponent’s goal. Its methods are mainly two: one is by the defense white paper, diplomatic communiques and newspapers, periodicals, websites and other large-scale public disclosure of authoritative media from official sources, the implementation of explicit deterrence; the other is through a network of social media or other unofficial channels, deliberately leaked equipment relevant circumstances, the implementation of implicit deterrence. Cyberspace equipment display deterrence, one can fictitious new mechanism, the new concept of the new cyber-warfare equipment, and render their unique combat capability; on the other hand can be deliberately exaggerated the combat effectiveness of the existing network warfare equipment. There are virtual reality, real There are virtual, the implementation of a policy of ambiguity, so that the other lost in one’s own truth and strength, fear and psychological fear. For example, the US military’s “chute” airborne network attack system electrical integration has been repeatedly put into practical use, its hostile air defense system of the country pose a serious threat, but the basic principle, the working mechanism, tactical and technical indicators have neither publicly disclosed, nor by his country fully grasp cracks, has been shrouded in secrecy, it is difficult to distinguish the actual situation, played a very good deterrent.
(C) Cyberspace exercise deterrence.
In cyberspace combat exercise deterrence, is the way real soldiers or virtual exercises launched in cyberspace, and through various media channels to combat potential rival to show their cyber capabilities, strength and determination to achieve deterrence opponent’s goal. Cyberspace war exercises and military exercises can be divided into two kinds of virtual exercises. The former is usually the country or jointly with allies, generally joint military exercises in cyberspace defense action-oriented. In recent years, the United States and its allies held a number of “Cyber Storm” series of network warfare exercises, and “Schriever” series of space – cyberspace exercise, a good show cyberwarfare mobilization strength, overall defense level, and the implementation of network warfare determination. The latter is usually the national large-scale integrated network Range held generally exercise the power of the military professional network warfare offensive action-oriented.
Original Mandarin Chinese:
網絡空間技術試驗威懾,是在網絡戰領域,經常性地進行新作戰概念的先期探索性試驗、新攻擊機理和戰術的效果印證性試驗、新技術的實用化武器化試驗等,並通過媒體向外界披露,以展現本國雄厚的信息技術基礎研究實力,以及轉化為網絡戰能力的巨大潛力,以達到威懾對手的目的。當前,網絡攻防技術仍在快速發展,一項關鍵性技術的突破,往往會對網絡空間安全和作戰產生重大影響,甚至引發革命性變化。誰搶先占領了網絡攻防技術的戰略制高點,誰就能在未來網絡戰中取得明顯優勢。
(二)網絡空間裝備展示威懾
網絡空間裝備展示威懾,是在網絡戰裝備發展規劃制定、技術開發、打靶試驗、定型生產等各個發展階段,根據需要適當披露網絡戰裝備的型號、性能、特點、參數以及研製進度等情況,以達到威懾對手的目的。其方式主要有兩種:一種是通過在國防白皮書、外交公報以及報紙、期刊、大型網站等權威媒體從官方渠道公開披露,實施顯性威懾;另一種是通過網絡社交媒體或其他非官方渠道,刻意洩露裝備相關情況,實施隱性威懾。網絡空間裝備展示威懾,一方面可以虛構新機理、新概念的新型網絡戰裝備,並渲染其獨特的作戰能力;另一方面可以刻意誇大已有網絡戰裝備的作戰效能。虛中有實、實中有虛,實施模糊政策,使對方摸不清己方真實情況和實力,產生恐懼和忌憚心理。例如,美軍的“舒特”機載網電一體攻擊系統已多次投入實戰使用,對其敵對國家的防空體系構成了嚴重威脅,但其基本原理、工作機制、戰技指標既沒有公開披露,也沒有被他國完全掌握破解,一直處於保密狀態,令人虛實難辨,起到了很好的威懾作用。
(三)網絡空間作戰演習威懾
網絡空間作戰演習威懾,是以實兵或虛擬的方式在網絡空間展開演習活動,並借助各種媒體渠道,向潛在作戰對手展現本國網絡戰能力、實力與決心,以達到威懾對手的目的。網絡空間作戰演習可分為實兵演習和虛擬演習兩種。前者通常在全國範圍內或與盟國聯合進行,一般以演練軍地聯合網絡空間防禦行動為主。近幾年來,美國及盟國多次舉行“網絡風暴”系列網絡戰演習,以及“施裡弗”系列太空-網絡空間演習,很好展現了網絡戰的動員實力、整體防禦水平,以及實施網絡戰的決心。後者通常在國家大型網絡綜合靶場舉行,一般以演練軍隊專業網絡戰力量的進攻行動為主。
(D) Operations in cyberspace deterrence.
Deterrence in cyberspace operations, refers to a particular network targets Attack effect to make sure to deter fighting a real opponent deterrence. The timing of its use are two: First, when one’s own perceived enemy is about to wage war on one’s own, the focus of one’s own choice of enemy defenses against network-critical objectives targeted, preventive, dissuasive deterrence; the second is when the enemy When the party through one’s own network launched probing attacks, the implementation of deterrence in cyberspace, one’s own need for effective retaliatory, punitive deterrence immediately. Network warfare operations deterrent effect of a variety. For example, infiltration and sabotage the enemy telecommunications network, the phone sends a large number of people to its anti-war message enemy; the enemy to attack the power grid, causing the enemy’s major cities short of blackouts; broadcast television network to attack the enemy in one’s own prime-time spots a special video program, and so on.
Third, the use of elements of deterrence in cyberspace.
Cyberspace deterrence general use requirements are: deterrence of war combined with strength, combat capability and determination to demonstrate, and strive to reflect the small war deterrence to ensure deterrence fine fight, with little cost to achieve deterrence purpose. Specifically, you should do the following.
(A) Both peacetime and wartime, long-term preparations, “Rome was not built in a day.” The successful implementation of cyberspace deterrence, peacetime and wartime needs, will be carried out in the usual full detailed preparation. First, we must conduct a comprehensive and thorough network reconnaissance. Requires intelligence reconnaissance and surveillance technology, wireless surveillance and reconnaissance wired combined network enemy targets long-term sustainability of the network reconnaissance, and gradually find out the basic situation of the enemy network, draws its network topology map, especially soft and hard analysis to find out the enemy Vulnerability member system. The second is to carry out a large number of effective strategies presets. Using hacking tools, through the use of loopholes in the system or other measures to decipher passwords, secret penetration into enemy various types of networks, leaving the back door, set the stepping stones, planted logic bombs and Trojans, cyber-attacks aside for the future launch breakthrough. Third, pre-network defenses are prepared. When the enemy to implement cyberspace deterrence, adjust the network’s own defense deployment in advance, so that the enemy attack path predesigned expected use of system vulnerabilities to attack the program scheduled to be executed difficult to implement, or to implement greatly reduced, to minimize the enemy Network revenge losses.
Original Mandarin Chinese:
(四)網絡空間作戰行動威懾
網絡空間作戰行動威懾,是指對特定的網絡目標實施攻擊,以確信的攻擊效果來威懾作戰對手的一種實戰性威懾。其運用的時機有兩個:一是當己方覺察敵方即將對己方發動戰爭時,己方選擇敵方重點防禦的關鍵性網絡目標進行針對性打擊,進行預防性、遏制性威懾;二是當敵方通過對己方發起試探性網絡攻擊,實施網絡空間威懾時,己方應立即進行有效的報復性、懲戒性威懾。具有威懾效果的網絡戰行動有多種。例如,對敵電信網滲透破壞,向敵國民眾手機大量發送宣傳反戰短信;對敵電力網進行攻擊,造成敵重要城市短時間的大面積停電;對敵廣播電視網進行攻擊,在黃金時段插播己方特製的視頻節目等等。
三、網絡空間威懾的運用要點
網絡空間威懾總的運用要求是:懾戰結合,以實力、實戰展示能力和決心,力求以小戰體現威懾、以精打確保威懾,以較小的代價實現威懾目的。具體說來,應做到以下幾點。
(一)平戰結合,長期準備
“冰凍三尺,非一日之寒”。成功實施網絡空間威懾,需要平戰結合,在平時就要進行充分細致的準備。一是要進行全面周密的網絡偵察。要求諜報偵察與技術偵察、無線偵察與有線偵察相結合,對敵網絡目標進行長期持續的網絡偵察,逐步摸清敵網絡基本情況,繪制其網絡拓撲結構圖,尤其是分析查找出敵各種軟硬件系統的漏洞。二是要進行大量有效的戰略預置。採用黑客手段,通過利用系統漏洞或口令破譯等辦法,秘密滲透進入敵各類網絡,留下後門,設置跳板機,埋設邏輯炸彈和木馬,為未來發動網絡攻擊預留突破口。三是進行預有準備的網絡防禦。在對敵實施網絡空間威懾時,己方應提前調整網絡防禦部署,使敵預先設計的攻擊路徑,預期利用的系統漏洞,預定執行的攻擊方案難以實施,或實施效果大打折扣,最大限度地降低敵網絡報復造成的損失。
(B) Careful decision-making.
Control the intensity of decision-making Sun Tzu said: “Lord, not anger and Xingshi, will not be indignant caused the war.” Cyberspace deterrence strategy game behavior between countries, especially real deterrence and sensitivity, we must do rational, beneficial, section, must not because deterrence “threshold” low abuse indiscriminate use, or their effect may be counterproductive. Cyberspace real deterrent to combat the strength of the control of demanding. On the one hand, if the intensity is too small, an enemy government and people will not have fear, not achieve the desired deterrent effect, the person may also take the same means to implement anti-deterrence, eventually leading to confrontation upgrade, make one’s own deterrence fail. On the other hand, if the intensity is too large, to the enemy causing huge economic losses and casualties caused by the international community to condemn and enemy government, people’s hatred, it could lead to the use of conventional enemy forces massive retaliation, possibly even nuclear states will be spent on nuclear power, so not only can not deter war ended, it will play the role of the fuse of war.
(C) Unity of command, well-organized.
Military organizations implement deterrence in cyberspace, to centralized command, unified planning, improve collaboration. First, the well-organized force. Unified organization of military reconnaissance, attack, defense, control four forces, actively coordinate military forces the parties to form a joint force cyberwarfare. In particular, to organize and coordinate the civil non-professional cyber warfare forces especially patriotic hackers, cannot appear “rashness” phenomenon, so as not to lead to friction, misfires, causing cyber warfare upgrades, or premature disclosure attack intentions, a handle , resulting in uncontrollable situation or action fails. Second, the precise and appropriate choice target. Should affect a wide selection, easy to produce significant deterrent effect of the goal. For example, the ratings ranking of radio and television channels, access to a huge amount of portals, many users of wireless communication networks. You cannot select innocuous, the impact was small, and the public indifference to attack targets, easily mistaken for network security incidents ordinary hackers manufactured not achieve the desired deterrent effect. Also, consider the constraints of international law and the laws of war, you cannot select targets could easily lead to a humanitarian catastrophe, try not to choose the network destination railway, aviation, financial, medical and other sectors, so as not to provoke the international community and other public condemnation and resentment.
Third, the precise control of the process. Before implementing cyberspace deterrent against, to issue a warning to the enemy hit by extensive propaganda campaign, declared to the world the justice of one’s own actions, to gain the understanding and support of international public opinion. To highlight the deterrent effect, can one’s own network announced high-profile target enemy to attack, then break the enemy defense layers of the network, implement firm and effective network attacks, and finally, if necessary, but also on the effect of timing recovery network attacks to demonstrate one’s own superb network attack techniques and tools, so that policy makers and the public to produce enemy off guard, overwhelming psychological frustration, thereby forming a strong deterrent effect.
(D) Actual situation, focusing on strategy.
Sun Tzu said, “it can and cannot be shown, and illustrates it with no”, applied to cyberspace deterrence, summed up the gist of “show undeclared, declared and not shown.” “Show undeclared”, is the use of cyber-attacks is difficult to track the location of this, cyber-attacks on specific targets, but not announced is that of one’s own, both showing one’s own ability, but also makes the enemy, although suspicion is that as one’s own, but no evidence, not be pursued. “Vision does not show”, is publicity or inadvertently disclose one’s own research or advanced network warfare equipment fictional models, performance, features, deliberately exaggerate their operational effectiveness, falsehoods, actual situation, make the enemy unable to figure out the true strength of one’s own to produce a deterrent effect. Network warfare operations traceable having difficulty tracing, forensics complex features, the initiator can either admit to be denied, or put the blame on civil hackers.
Original Mandarin Chinese:
(二)慎重決策,控制強度
孫子曰:“主不可以怒而興師,將不可以慍而致戰”。網絡空間威懾是國家之間的戰略博弈行為,尤其是實戰威懾,敏感性強,必須做到有理、有利、有節,決不能因為威懾“門檻”較低而濫用亂用,否則其效果可能會適得其反。網絡空間實戰威懾對作戰強度控制的要求很高。一方面,若強度太小,敵國政府和民眾不會產生畏懼心理,起不到應有的威懾效果,對方還可能採取同樣的手段實施反威懾,最終導致對抗升級,使己方威懾失效。另一方面,若強度過大,給敵國造成巨大的經濟損失和人員傷亡,引起國際社會的譴責和敵國政府、民眾的仇恨心理,就可能引發敵國運用常規力量進行大規模報復,有核國家甚至可能會動用核力量,這樣不但不能懾止戰爭,反而會起到戰爭導火索的作用。
(三)統一指揮,周密組織
網絡空間威懾的組織實施,要集中指揮,統一籌劃,搞好協同。一是精心組織力量。統一組織軍隊偵、攻、防、控四支力量,積極協調軍地各方網絡戰力量形成合力。尤其是要組織和協調好民間非專業網絡戰力量特別是愛國黑客,不能出現“盲動”現象,以免引發摩擦,擦槍走火,引起網絡戰的升級,或過早暴露攻擊意圖,授人以柄,導致局勢不可控或行動失敗。二是精當選擇目標。應選擇影響面廣,易產生明顯威懾效果的目標。例如,收視率排名靠前的廣播電視頻道、訪問量巨大的門戶網站、用戶眾多的無線通信網絡等。不能選擇無關痛癢、影響面小、民眾漠不關心的目標進行攻擊,易被誤認為是普通黑客製造的網絡安全事件,起不到應有的威懾效果。此外,還要考慮國際法和戰爭法約束,不能選擇易造成人道主義災難的目標,盡量不選取鐵路、航空、金融、醫療等部門的網絡目標,以免激起國際社會和對方民眾的譴責和反感。三是精確控制進程。實施網絡空間威懾性打擊之前,要通過廣泛的輿論宣傳造勢,向敵國發出打擊警告,並向全世界宣告己方行動的正義性,以爭取國際輿論的理解和支持。為突出威懾效果,己方可以高調宣布要攻擊的敵國網絡目標,再突破敵方層層網絡防禦,實施堅決有效的網絡攻擊,必要時最後還可對網絡攻擊效果進行定時恢復,以展現己方高超的網絡攻擊技術和手段,讓敵方決策者和民眾產生防不勝防、難以招架的心理挫折感,從而形成強烈的震懾效果。
(四)虛實結合,注重謀略
孫子所說的“能而示之不能,用而示之不用”,運用到網絡空間威懾,其要點概括起來就是“示而不宣、宣而不示”。“示而不宣”,就是利用網絡攻擊難以追蹤定位這一點,對特定目標實施網絡攻擊,但不對外宣布是己方所為,既展示了己方能力,又使得敵方雖然懷疑是己方所為,但沒有證據,無法追究。“宣而不示”,就是公開宣傳或不經意透露己方研製或虛構的先進網絡戰裝備的型號、性能、特點,刻意誇大其作戰效能,虛虛實實,虛實結合,使敵摸不清己方真實實力,從而產生威懾效果。網絡戰行動具有追蹤溯源困難、取證複雜的特點,發起方既可以承認,也可以矢口否認,或把責任推給民間黑客組織。
Original Source: www.crntt.iw/888