中國軍方看外軍網絡戰發展新動向

Chinese Military Perspective on the New Development Trends in Foreign Military Network Warfare

After decades of development, cyberspace has become an important field of production and life in human society, and has become the fifth-dimensional battlefield after “land, sea, air, and sky.” In recent years, the United States and other developed countries have rushed to introduce cyberspace strategies, build (expand) cyber warfare forces, and implement cyber offensive and defensive operations. The moves in the construction, development, and application of cyber warfare deserve the attention of the world.

Pay attention to cyberspace security, and accelerate the establishment of supporting strategies and regulations

Since cyberspace security is a security issue in an emerging field, most countries lack supporting strategies and systems of laws and regulations. In recent years, major countries in the world have positioned it as a major security field, and the pace of promulgating network security strategies and regulations has been significantly accelerated. For example, since the first national network security strategy was proposed in 2000, the United States has continuously formulated, expanded, and updated various policies, strategies, regulations, and regulations in the field of network security. The network strategy alone includes the “National Network Strategy”, “International Cyberspace Strategy”, ” The Cyber ​​Strategy of the Ministry of National Defense and the cyber strategy of the military services, etc., are used to standardize and guide the development and application of cyber warfare. In October 2014, the U.S. military also issued the world’s first joint doctrine “Cyberspace Operations”, which elaborated and standardized the concepts, actions, and tasks of cyberspace operations. In response to cyber attacks by the United States and NATO, Russia announced the “Russian Federation Cyber ​​Security Strategic Concept” in 2014, and promulgated a new version of the “Information Security Doctrine” in 2016, proposing to ensure network information security. In order to strengthen the overall guidance of network security affairs, India issued the “National Cyber ​​Security Policy” in 2013 and plans to issue a “National Cyber ​​Security Strategy”; the Indian military has formulated policies such as the “Army Cyber ​​Security Policy” and “Navy Information Security Policy” regulations.

Strengthen the professional construction of cyber warfare forces, and pay attention to the use of non-governmental network forces

In recent years, the establishment, integration, and expansion of specialized cyber warfare forces have become a trend among foreign militaries. The United States was the first country to propose the concept of cyber warfare, and it was also the first country to form a professional cyber warfare force. The U.S. military established the Cyber ​​Command in 2010, and upgraded it to a first-level joint operations command in 2018. The number of cyber task forces under its jurisdiction has reached 133, with about 6,200 personnel. Russia established a professional information warfare unit in 2013, and cyber warfare is an important function of it. The Japanese Self-Defense Force established the Cyber ​​Defense Team in 2014, initially with more than 100 members, and has now increased to nearly 300, and plans to expand to a thousand in the future. The United Kingdom also announced in 2020 that it will soon create a national cyber force. On this basis, foreign militaries have generally carried out systematic design and layout of cyber warfare forces. In the field of cyber warfare, forces such as network attack, network defense, and network operation and maintenance are inseparable; externally, network warfare forces are integrated and integrated with information warfare forces such as signal reconnaissance and electronic warfare. For example, the commander of the U.S. Cyber ​​Command also serves as the director of the National Security Agency, and the network attack and defense are integrated with signal intelligence and reconnaissance. The Japanese Self-Defense Force has set up a special first-level command to oversee space, network, and electronic warfare affairs.

It is worth noting that foreign military forces constitute the “regular army” of cyber warfare forces, and private cybersecurity companies, technology companies, hacker organizations, etc. have also become important cyber offensive and defensive forces and have attracted much attention. The notorious “Eye of Sauron” and “Equation Group” and other hacker organizations are inextricably linked to the US military. In recent years, Iran, Russia, and Venezuela have encountered cyber attacks, all of which have the shadow of “Equation Group”. The Indian Army is also considering absorbing its rich IT talents to form a cyber warfare reserve force to further strengthen its cyber warfare capabilities.

Actively develop and build a network arsenal, and intelligent weapon systems are beginning to emerge

Cyber ​​weapons are special weapons used for network attack and defense. They can be viruses, loopholes, denial of service attacks, phishing attacks and other offensive and defensive technologies, or network attack and defense system platforms. Anatoly Smirnov, chairman of the International Information Security Association of the Russian Federation, disclosed in 2019 that many Western countries were developing cyber weapons; the United States, the United Kingdom, Germany, and Japan also made no secret of possessing cyber weapons. According to the disclosures of Snowden and WikiLeaks, U.S. intelligence agencies and the U.S. military have built a systematic offensive cyber arsenal, some of which can be called “weapons of mass destruction” in cyberspace. In 2020, Patrick Saunders, commander of the British Strategic Command, took the initiative to declare that the UK has developed a “destructive” cyber weapon, which can effectively kill the enemy’s power grid and other facilities and equipment.

In terms of network system platforms, the U.S. military has built the most complete network warfare system platform in the world, including accusation management systems such as joint network command and control and unified platform, basic systems for network warfare planning and execution such as the IKE project, and network warfare and network warfare systems such as “Shute”. A weapon system with integrated firepower. In terms of network monitoring and defense, India has developed and built system platforms such as a central monitoring system, network traffic analysis system, and network security monitoring and evaluation system.

Cyber ​​weapons have a natural “kinship” with smart technology. At present, weapon systems in the fields of network situation monitoring, network attack and defense, and password deciphering have already taken shape in intelligentized countries in cyberspace dominant countries. With the development of artificial intelligence technology, the trend of intelligent network weapons will become more and more obvious.

Focus on enhancing the actual combat capabilities of network attack and defense, and innovate network training methods

In view of the reality and destructiveness of cyber threats, foreign militaries attach great importance to testing the security of information network systems and improving the cyber offensive and defensive capabilities of military and government agencies through cyber exercises and training activities in the context of actual combat.

In terms of participating forces, it covers the military, government agencies, reserves and civilian cyber forces. In the method mode, opponents are generally set to ensure the confrontation of the exercise. Some also innovatively use the method of offering rewards to attract hackers to “legally” attack specific target networks and help find network system defense loopholes. In terms of the training environment, actively build a network shooting range to simulate the information network environment of one’s own side and the opponent’s. The United States, Britain, Japan, Canada and NATO have all established professional cyber ranges. As the world’s largest multinational cyber exercise, NATO’s “Lock Shield” exercise simulated a country’s information network environment in 2019. The content of the drill includes responsiveness testing, defense vulnerability inspection, and election interference analysis. India regularly holds “Cyber ​​Fortress” exercises. It is said that in the “Cyber ​​Fortress-8” exercise organized in 2015, the Indian Army’s cyber brigade used remote penetration and other means to successfully obtain the administrator authority of a certain network system of the Indian Army, and found that 13 major categories of security vulnerabilities were identified. In addition, the U.S. military has begun to practice the integration of cyber warfare and operations in other fields. In the U.S. military’s “Schriever” exercise, the integration of space operations and cyber warfare is one of the important contents.

At present, some countries have regarded some serious cyber attacks as acts of war. As the international rules of conduct in cyberspace restrict and deter cyber attacks more and more, cyber exercises may replace real network operations and become foreign military training and upgrading. The primary path to network offensive and defensive capabilities.

Emphasis on pre-emptive offensive operations, actual combat tends to integrate deterrence and multi-domain integration

The hugeness, complexity, and fragility of the network system make network defense difficult and costly. For this reason, the United States and other countries have gradually changed their network security policy and operational thinking from the initial comprehensive defense to preemptive offensive operations, emphasizing Conduct pre-emptive offensive operations in hostile networks to eliminate potential or actual threats.

Driven by offensive thinking, cyber warfare is common in international conflicts, and the targets of attacks are no longer limited to military targets. The United States is the first country to apply cyber warfare to actual combat. In 2009, the U.S. military used the “Stuxnet” virus to carry out cyber attacks on Iran’s nuclear facilities, causing more than 1,500 centrifuges to be scrapped and the Iranian nuclear process to be paused. In 2020, after the assassination of Soleimani, the U.S. military launched cyber attacks on the command and control of the Iranian Revolutionary Guard Corps, missiles, and air defense systems to deter and prevent Iran from carrying out military retaliation. Of course, the idea of ​​offensive cyber warfare does not require absolute cyber superiority. Some non-cyber powers have also proposed the idea of ​​using asymmetric cyber capabilities to carry out preemptive attacks on the enemy’s weaknesses, and then achieve the goal of using the small to gain the big and the weak in the network game. Mandatory.

It is worth noting that in recent international conflicts, the trend of multi-domain integration in the fields of cyber warfare and firepower warfare, electromagnetic spectrum warfare, and cognitive domain warfare has become very obvious. For example, when armed conflicts broke out between Azerbaijan and Armenia in the Naka region in 2020, the two sides launched cyber offenses and defenses in cyberspace on the one hand, and on the other hand launched fierce confrontations in the cognitive domain around international and domestic public opinion, military morale, legal principles and morals.

At present, the low-intensity and ambiguous nature of cyber warfare attracts some international actors to frequently carry out cyberspace operations regardless of the consequences, and the risk of conflict escalation out of control is constantly accumulating. To this end, all countries in the world should start consultations and negotiations on international rules of conduct in cyberspace and cyber arms control as soon as possible, jointly restrict military activities in cyberspace, create a new pattern of cybersecurity, and build a community of shared future in cyberspace.

Original Mandarin Chinese:

經過幾十年的發展,網絡空間已經成為人類社會生產生活的重要領域,成為繼“陸、海、空、天”之後的第五維戰場。 近年來,美國等發達國家紛紛出台網絡空間戰略,建設(壯大)網絡戰力量,實施網絡攻防作戰。 網絡戰建設、發展和應用的動向值得世人關注。

關注網絡空間安全,加快建立配套戰略法規

由於網絡空間安全是一個新興領域的安全問題,大多數國家缺乏配套的戰略和法律法規體系。 近年來,世界主要國家將其定位為重大安全領域,出台網絡安全戰略和法規的步伐明顯加快。 例如,自2000年第一個國家網絡安全戰略提出以來,美國不斷制定、擴充和更新網絡安全領域的各種政策、戰略、規章制度。 僅網絡戰略就有《國家網絡戰略》、《國際網絡空間戰略》、《國防部網絡戰略》和《軍種網絡戰略》等,用於規範和指導發展 2014年10月,美軍還發布了世界上第一個聯合條令“網絡空間作戰”,對網絡空間作戰的概念、行動和任務進行了闡述和規範。 北約、俄羅斯2014年公佈《俄羅斯聯邦網絡安全戰略構想》,2016年頒布新版《信息安全條令》,提出保障網絡信息安全。為加強網絡安全統籌指導 事務方面,印度2013年出台《國家網絡安全政策》,併計劃出台《國家網絡安全戰略》;印度軍方制定了《陸軍網絡安全政策》、《海軍信息安全政策》等政策 安全策略”的規定。

加強網絡戰力量專業化建設,重視利用民間網絡力量

近年來,網絡戰專業化力量的建立、整合和壯大成為外軍發展趨勢。 美國是最早提出網絡戰概念的國家,也是最早組建專業網絡戰部隊的國家。 美軍於2010年成立網絡司令部,2018年升格為一級聯合作戰司令部,下轄的網絡特遣部隊已達133個,人員約6200人。 俄羅斯於2013年成立專業信息戰部隊,網絡戰是其重要職能。 日本自衛隊在2014年成立了網絡防衛隊,最初有100多名成員,現在已經增加到近300人,未來還計劃擴大到千人。 英國也在2020年宣布將很快創建一支國家網絡部隊。 在此基礎上,外軍普遍進行了網絡戰力量的系統化設計和佈局。 在網絡戰領域,網絡攻擊、網絡防禦、網絡運維等力量密不可分; 對外,網絡戰力量與信號偵察、電子戰等信息戰力量融合融合。 比如美國網絡司令部司令兼任國家安全局局長,網絡攻防與信號情報偵察相結合。 日本自衛隊設立了專門的一級司令部,負責監管太空、網絡和電子戰事務。

值得注意的是,外國軍隊構成了網絡戰力量的“正規軍”,民間網絡安全公司、科技公司、黑客組織等也成為重要的網絡攻防力量,備受關注。 臭名昭著的“索倫之眼”和“方程組”等黑客組織都與美軍有著千絲萬縷的聯繫。 近年來,伊朗、俄羅斯、委內瑞拉等國都遭遇過網絡攻擊,都有“方程組”的影子。 印度陸軍也在考慮吸納其豐富的IT人才,組建網絡戰後備力量,進一步加強網絡戰能力。

積極發展建設網絡化武庫,智能武器系統初現端倪

網絡武器是用於網絡的特殊武器

攻防。 它們可以是病毒、漏洞、拒絕服務攻擊、釣魚攻擊等攻防技術,也可以是網絡攻防系統平台。 俄羅斯聯邦國際信息安全協會主席阿納托利·斯米爾諾夫在2019年透露,許多西方國家正在研發網絡武器; 美國、英國、德國和日本也毫不掩飾擁有網絡武器。 根據斯諾登和維基解密的披露,美國情報機構和美國軍方已經建立了一個系統的進攻性網絡武器庫,其中一些武器堪稱網絡空間的“大規模殺傷性武器”。 2020年,英國戰略司令部司令帕特里克桑德斯主動宣稱,英國已經研製出“破壞性”網絡武器,可以有效殺傷敵方電網等設施設備。

在網絡系統平台方面,美軍建成了世界上最完備的網絡戰系統平台,包括聯合網絡指揮控制、統一平台等指控管理系統,IKE等網絡戰規劃與執行基礎系統。 項目,以及“樹特”等網絡戰和網絡戰系統。 具有綜合火力的武器系統。 在網絡監控防禦方面,印度開發建設了中央監控系統、網絡流量分析系統、網絡安全監控評估系統等系統平台。

網絡武器與智能技術有著天然的“親緣關係”。 目前,網絡態勢監測、網絡攻防、密碼破譯等領域的武器系統在網絡空間主導國家的智能化國家已經形成。 隨著人工智能技術的發展,網絡化武器的智能化趨勢將越來越明顯。

著力提升網絡攻防實戰能力,創新網絡訓練方式

鑑於網絡威脅的真實性和破壞性,外軍十分重視通過實戰背景下的網絡演習和訓練活動,檢驗信息網絡系統的安全性,提高軍政機構的網絡攻防能力。

在參與力量方面,它涵蓋了軍隊、政府機構、預備役和民間網絡力量。 在方法模式中,一般都會設置對手,以保證練習的對抗性。 有的還創新性地採用懸賞的方式,吸引黑客“合法”攻擊特定目標網絡,幫助尋找網絡系統防禦漏洞。 在訓練環境方面,積極建設網絡靶場,模擬己方和對方的信息網絡環境。 美國、英國、日本、加拿大和北約都建立了專業的網絡靶場。 作為全球規模最大的多國網絡演習,北約“鎖盾”演習模擬了2019年一個國家的信息網絡環境,演練內容包括響應能力測試、防禦漏洞檢查、選舉干擾分析等。 印度定期舉行“網絡堡壘”演習。 據稱,在2015年組織的“網絡堡壘-8”演習中,印陸軍網絡旅利用遠程滲透等手段,成功獲取了印軍某網絡系統的管理員權限,並發現13 確定了主要類別的安全漏洞。 此外,美軍也開始實踐網絡戰與其他領域作戰的融合。 在美軍的“施里弗”演習中,太空作戰與網絡戰的融合是重要內容之一。

目前,一些國家已將一些嚴重的網絡攻擊行為視為戰爭行為。 隨著網絡空間國際行為準則對網絡攻擊的約束和威懾越來越強,網絡演習有可能取代真正的網絡作戰,成為外國軍事訓練和升級。 網絡攻防能力的主要途徑。

強調先發製人的進攻作戰,實戰趨向綜合威懾和多域融合

網絡系統的龐大性、複雜性和脆弱性使得網絡防禦難度大、成本高。 為此,美國等國逐漸將網絡安全政策和作戰思路從最初的全面防禦轉變為先發製人的進攻作戰,強調在敵對網絡中進行先發製人的進攻作戰,以消除潛在或實際的威脅。

在進攻性思維的驅使下,網絡戰在國際衝突中屢見不鮮,

攻擊目標不再局限於軍事目標。 美國是第一個將網絡戰應用到實戰中的國家。 2009年,美軍利用“震網”病毒對伊朗核設施進行網絡攻擊,導致1500多台離心機報廢,伊朗核進程暫停。 2020年,蘇萊曼尼遇刺後,美軍對伊朗革命衛隊的指揮控制、導彈、防空系統等發起網絡攻擊,以威懾和阻止伊朗進行軍事報復。 當然,進攻性網絡戰的思路並不需要絕對的網絡優勢。 一些非網絡大國也提出了利用非對稱網絡能力對敵方弱點進行先發製人攻擊的想法,進而在網絡博弈中達到以小博大、以弱勝強的目的。 強制的。

值得注意的是,在近期的國際衝突中,網絡戰與火力戰、電磁頻譜戰、認知域戰等領域的多域融合趨勢十分明顯。 例如,2020年阿塞拜疆與亞美尼亞在納卡地區爆發武裝衝突,雙方一方面在網絡空間展開網絡攻防,另一方面圍繞國際國內展開認知領域的激烈交鋒。 民意、軍隊士氣、法理和道德。

當前,網絡戰的低烈度和模糊性,吸引了一些國際行為體不顧後果地頻繁開展網絡空間作戰,衝突失控升級的風險不斷累積。 為此,世界各國應盡快啟動網絡空間國際行為規則和網絡軍控磋商談判,共同製約網絡空間軍事活動,打造網絡安全新格局,構建網絡空間共享共同體。 網絡空間的未來。

Chinese Military Source: http://www.81.cn/jfjbmap/content/2021-04/08/content_XXXXX.htm

Leave a Reply

Your email address will not be published. Required fields are marked *