国家级|美创、徐医附院共建项目入选工信部《2024年网络安全技术应用典型案例拟支持项目名单》
2024-12-20
全球数据跨境流动合作倡议
2024-11-22
世界互联网大会|美创数据库保险箱(DBSafe)发布!
2024-11-21
世界互联网大会|美创数据认知与分类分级系统(AICogniSort)重磅发布!
2024-11-21
美创案例|盐城公积金管理中心数据安全创新实践
2024-11-15
存储域
数据库加密 诺亚防勒索访问域
数据库防水坝 数据库防火墙 数据库安全审计 动态脱敏流动域
静态脱敏 数据水印 API安全 医疗防统方运维服务
数据库运维服务 中间件运维服务 国产信创改造服务 驻场运维服务 供数服务安全咨询服务
数据出境安全治理服务 数据安全能力评估认证服务 数据安全风险评估服务 数据安全治理咨询服务 数据分类分级咨询服务 个人信息风险评估服务 数据安全检查服务
《环球时报》记者:据报道,4月28日,中国网络安全产业联盟发布《美国对全球网络空间安全与发展的威胁和破坏》报告,揭露了美国长期利用信息技术和资源优势在网络空间的不负责任行为。中方对此有何评论?
Global Times: It’s reported that the China Cybersecurity Industry Alliance released on April 28 a report entitled US Threats and Sabotage to the Security and Development of Global Cyberspace. The report shows that the US has long used its IT technology and resource advantages to engage in irresponsible behavior in cyberspace. What’s China’s comment?
林剑:我们注意到这份报告。报告列举了美国政府利用网络散布虚假信息干涉别国内政,无差别对别国进行网络监控和窃密,网络攻击别国关键基础设施,扰乱全球产业链和供应链等霸权、霸道、霸凌的行为。中方敦促美方多反躬自省,切实遵守国际规则,停止危害网络空间的和平、稳定与安全。
Lin Jian: We noted the report. The report reveals the US government’s hegemonic, domineering and bullying practices of spreading disinformation and interfering in other countries’ internal affairs through cyberspace, engaging in indiscriminate cyber surveillance and espionage and cyberattacks against key infrastructure in other countries, and disrupting global supply and industrial chains. China urges the US to reflect on its behavior, abide by international rules and stop endangering peace, stability and security in cyberspace.
以上节选自“外交部发言人办公室”公众号。原文链接:
https://mp.weixin.qq.com/s/6syjsdjN7kWD2hw6vF2aiQ
引言
一、利用互联网渗透颠覆他国政权
美国将互联网作为颠覆他国政权的手段与工具,利用互联网对目标国搞意识形态渗透和控制,散布虚假信息,抹黑他国政府,煽动民众情绪,误导网络舆论,干涉他国内政,甚至颠覆他国政权。
◆2003年起,欧亚地区接连发生一系列非正常的政权更迭。从格鲁吉亚“玫瑰革命”到乌克兰“橙色革命”,再到吉尔吉斯斯坦“郁金香革命”等,都是选举过程中发生抗议骚乱,随后演变成全面政治危机。2022年3月29日,长期受美国国会和白宫资助、有“第二中情局”之称的美国国家民主基金会会长威尔逊终于承认,美国曾经在上述地区通过互联网等手段策划实施“颜色革命”。
◆2011年,发端于突尼斯的所谓“阿拉伯之春”浪潮席卷西亚北非多国,引发严重社会动荡,导致数十万人死亡,造成近一万亿美元的巨大经济损失。在这背后,美国当局利用推特、脸书等社交媒体塑造舆论、煽风点火,输出西方价值观,鼓动民众走上街头,引发社会动荡、政权更迭。2022年2月25日,美国前国务卿希拉里·克林顿在接受微软—全国广播公司(MSNBC)采访时就利用互联网干预他国政局一事公开承认,“我们在‘阿拉伯之春’时就是这么做的。”
◆2022年8月,美国斯坦福大学网络观察室和格拉菲卡研究公司联合发布的《听不到的声音——五年来亲西方的隐蔽影响力行动评估》报告披露,在推特、脸书、“照片墙”等西方主流社交媒体上存在大量美国政府背景的虚假账号,这些账号相互关联并且采用欺骗性策略,持续开展了近5年的秘密行动,实施支持美国及其盟友并反对俄罗斯、中国、伊朗等国家的歪曲宣传。
二、实施无差别网络监控和窃密
美国以“国家利益”为幌子,滥用信息技术和产业优势,肆无忌惮地通过互联网对全球实施大规模、系统性、无差别的网络监控与窃密活动。从普通民众到国家元首、政要、国际组织、外交使团与企业,被美国情报机构“一网打尽”,甚至连美国的盟友也难以幸免。美国肆意窃取海量数据,严重损害全球互联网用户隐私,践踏国际人权原则,是对他国主权的公然侵犯。
◆2007年美国国家安全局启动绝密级电子监听计划“棱镜”项目,通过谷歌、脸书、美国在线等9家互联网公司大规模监听全球用户,包括美国公民的国际通信。2013年6月,美国前防务承包商雇员爱德华·斯诺登向英国《卫报》和美国《华盛顿邮报》披露“棱镜”项目的秘密文档显示,美国当局实时跟踪电子邮件、聊天记录、视频、音频、文件、照片等上网信息,全面监控特定目标的一举一动。2013年6月7日,时任美国总统奥巴马承认了该计划。《华盛顿邮报》后续报道指出,美国国家安全局的监控行为都是暗中操作,涉嫌违法违规。
◆2015年,维基解密披露,美国曾对日本35个目标进行网络窃密,包括部分日本内阁成员及三菱公司等。2020年2月,美国《华盛顿邮报》、德国电视二台(ZDF)和瑞士德语广播电视(SRF)发布联合调查报告,曝光美国中央情报局与德国情报机构操纵瑞士密码设备公司克里普托(Crypto AG),暗中控制其销往120多个国家的通讯加密设备,大肆窃取各国政府及企业用户的加密通讯内容。
◆2021年5月,丹麦广播公司披露,美国国家安全局伙同丹麦国防情报局接入该国网络,监听时任德国总理默克尔以及法国、瑞典、挪威等欧盟国家领导人。马克龙和默克尔5月31日在法德两国部长视频会议上要求美国和丹麦就监听一事作出解释。马克龙称“这在盟国之间是不可接受的”。
◆2023年4月初,美国《华盛顿邮报》等多家媒体报道,一批涉及乌克兰危机的美军情报文件遭到泄露,显示联合国秘书长古特雷斯以及韩国、以色列等多国政府首脑遭到美方监听。4月18日,联合国秘书长发言人迪雅里克表示,联合国已就秘书长古特雷斯遭监听向美国表达意见。
三、对他国施行网络攻击与威慑
美国借助网络优势,大肆挥舞网络威慑大棒作为维护其霸权利益的主要工具,并越来越成为处理国际关系的优先选项,频频对他国发起网络攻击,将网络空间作为主战场发动“新冷战”,动用政治、经济、外交、军事等一切国家力量,实施“先发制人”策略,尤其将攻击民用领域关键基础设施作为维护霸权、达成政治经济军事目标的新手段,严重危害他国国家安全、经济发展和社会稳定。
◆2010年12月,伊朗纳坦兹核电站遭到“震网”病毒攻击,最终导致大量离心机被破坏,相关核计划被迫延迟。2012年6月1日,美国《纽约时报》报道,“震网”病毒起源于2006年前后美国当局启动的“奥林匹克计划”。此事件是网络武器用于实战的首例。看到网络攻击的成本远低于传统攻击手段,美国如获至宝,随即正式组建网络部队,成为全球网络战争力量的发起者和网络战争的策源地。
◆劣迹斑斑、为祸世界的网络攻击团伙“方程式组织”在美国支持下,对全球实施网络攻击。2016年8月13日,知名黑客组织“影子经纪人”(The Shadow Brokers) 通过社交平台披露,从“方程式组织”内部获取的大量资料显示,“方程式组织”实施网络攻击的对象超过45个国家,攻击行动持续十多年,攻击操作手册、程序与“棱镜”项目所使用的标识符完全一致,证据直指美国国家安全局。
◆2018年,美国发布《国家网络战略》,提出“前出狩猎”(Hunt Forward)网络作战方针,将自身网络安全防线推至他国境内。2022年10月中旬,美军网络司令部发布网络空间作战政策文件,明确美网络空间行动目标为“主宰网络空间”,明确将关键基础设施列入冲突情况下美网军打击目标,提出“先发制人”等进攻性作战策略,显示出美军在网络领域穷兵黩武、谋取霸权的野心。从2018年起,美国网络司令部指挥网络空间作战部队在爱沙尼亚、立陶宛和乌克兰等20多个国家开展了40余次“前出狩猎”行动,采取所谓的“态势感知”和“前置防御”手段,提前发现、识别和曝光对手网络行动,实施网络震慑和反制。2022年12月,法国网络防御司令部指挥官艾米里克·伯尼梅森(Aymeric Bonnemaison)接受议会质询时表示,美国频繁在欧洲实施“前出狩猎”行动,“过于凶狠急切”,实质不过是美国实施网络间谍行为和发动网络攻击的借口,已引发欧洲盟友严重不安。
◆2022年6月1日,英国《天空新闻》报道,美国网络司令部司令兼国家安全局局长保罗·中曾根(Paul Nakasone)在采访中承认:2021年12月,美国向乌克兰派遣了网军,在当地停留了近三个月;在乌克兰危机中,美国进行了体系化、全方位的行动,包括进攻性和防御性的网络行动以及信息战等。这是美国政府高官首次公开承认美国对外发动网络攻击。
◆2022年9月5日,中国国家计算机病毒应急处理中心、360公司发布《中国西北工业大学遭受美国国家安全局(NSA)网络攻击调查报告》。调查报告显示,西北工业大学多年多次遭受境外网络攻击,攻击源头系美国国家安全局(NSA)下属的特定入侵行动办公室(TAO),该机构持续对西北工业大学开展攻击窃密,先后使用了41种专用网络攻击武器装备,窃取该校关键网络设备配置、网管数据、运维数据等核心技术数据,实现了对该校网络关键基础设施的渗透控制。
◆2023年7月26日,武汉市应急管理局发布声明称,经中国国家计算机病毒应急处理中心和360公司检测发现,其所属武汉地震监测中心部分地震速报数据前端台站采集点网络设备遭受境外组织的网络攻击。后据媒体报道,根据最新调查进展,发现了符合美情报机构特征、技术非常复杂的后门恶意软件。这是美国对中国关键基础设施进行网络攻击的最新例证,并带有明显的军事侦察目的。
四、挑起网络空间军备竞赛
美国是网络空间军备竞赛的始作俑者,率先将网络空间作为作战新空间,引入作战新范式,图谋掌控新战场。美国早在2009年便建立了全球首个网络司令部,并持续扩充网络空间作战力量,构建了数十个大型情报作业工程体系,开发储备了庞大制式化网络攻击装备库。在美国的带动和怂恿下,其盟友纷纷效仿,全球网络空间军备竞赛愈演愈烈。
◆到2015年,美军已研制出2000多种网络病毒武器,包括“蠕虫”程序、“特洛伊木马”程序、“逻辑炸弹”、“陷阱门”等。美国国家安全局网络武器库中偶然泄露的一款名为“永恒之蓝”的工具被简单改造成了“想哭”(WannaCry)病毒。2017年5月12日,WannaCry病毒在互联网爆发,致使全球150多个国家和地区的约30万台计算机系统受到感染和勒索,造成高达80亿美元的经济损失。
◆2017年8月18日,美军网络司令部升级为第十个联合作战司令部,地位与美国中央司令部持平。至2018年9月,美军网络军事力量已拥有133支网络部队,包括13支国家任务部队、68支网络保护部队、27支作战部队、25支支持部队。
五、滥用政治手段扰乱全球产业链供应链
美国政府以政治安全和意识形态分歧为借口,泛化“国家安全”概念,肆意炒作中国威胁论,罔顾中国几十年来坚持独立自主和平外交政策的事实,以及中国在全球网络空间的重大贡献和正义声音,并强迫其盟友站队。美国不顾二战之后形成的国际秩序和网络空间基本原则,无视有关“应发展和执行全球可互操作、共同的供应链安全规则和标准”的联合国共识,滥用出口管制等措施,通过政治、经济、金融等手段对其他国家的企业和机构实施威胁和打压,打造封闭排他性“小圈子”,干扰正常国际经贸往来和合作,违背市场规律,破坏市场规则和经贸秩序,影响全球产业链供应链稳定。
◆美国商务部等机构将全球多家企业机构列入出口管制“实体清单”,造成了全球供应链的极大混乱。以中国为例,截至2023年9月,被美国商务部列入“实体清单”的中国实体已达1400多个,横跨通讯、金融、交通航运等多个领域。实体类型既有华为公司、中芯国际这样的前沿科技企业,也有哈尔滨工业大学、中国科学院计算技术研究所等教育、科研机构。
◆2019年5月,美国政府拉拢32个国家在捷克召开“布拉格5G安全大会”,联合发布“布拉格提案”,从政策、安全、技术、经济等方面谋划排除中国5G技术产品。美国政府还对欧洲、亚洲、非洲等地区多国进行施压,强制其跟随美国禁用华为公司的5G产品。全球多国媒体和业内专家称,在5G中排除中国企业是“难为人的要求”,背离了数字全球化的事实,破坏了全球数字化的未来。
◆2021年9月,美国以“提高产业链透明度”为借口,胁迫苹果、微软、英特尔、台积电、三星等上百家半导体产业链上下游科技厂商向美国政府提交客户信息、销售数据、芯片库存、扩产计划等企业机密信息,使得相关企业客户信息、商业机密面临被泄露的风险,削弱了对美企业的议价能力,损害了全球客户的信任和信心,严重伤害全球半导体产业链正常发展。
◆2022年8月,美国总统拜登签署《芯片和科学法案》,公然胁迫国际企业为美国产业政策站队。根据该法案,美国政府要求获得美国芯片产业补贴的台积电、三星等境外企业在美国建立先进芯片工厂,企图掌控高端芯片制造产业链,压制他国芯片产业与科技发展。
◆2024年4月,美国总统拜登签署一揽子“对外援助法案”,其中包括强制字节跳动公司在九个月时间内剥离旗下应用TikTok美国业务,否则就将在美国封禁该应用。该规定充分体现了美国打着双标维护其控制和操纵国际舆论平台的网络霸权行径,一方面在国际上高喊自由民主,向全世界几乎所有的国家兜售他们把持的社交平台;另一方面泛化国家安全概念,滥用法律措施干着强取豪夺的流氓勾当。
六、破坏网络空间规则与秩序
美国以网络空间秩序“领导者”自居,利用网络空间规则不健全、发展不平衡等现实治理缺陷,巩固其“一超独霸”格局。从而将自身利益凌驾于全球公共利益之上,致使全球网络空间陷入“安全困境”“失信困境”和“背信恐慌”。
◆2019年9月23日,美国等27国发表《关于在网络空间促进负责任的国家行为的联合声明》,曲解和篡改联合国成员国趋于达成共识的网络空间负责任国家行为框架,背离了美等国家曾经认同的共识,凸显了美国对联合国相关规则“合则用、不合则弃”的一贯做法。美国刻意回避国际社会要求建立“和平网络空间”的共同意愿,将网络空间人为分为“和平时期”和“非和平时期”,意在将网络空间进攻性军事行动合法化,把网络空间变为新的战场。这种恶意推升国家间网络冲突和摩擦风险的行为,显然无助于维护网络空间和平与安全。
◆2022年4月28日,美国拉拢50多个国家签署并发布《互联网未来宣言》,表面声称要“致力于打造全球可互操作的互联网”,实则欲弃联合国等多边平台不用,以意识形态分歧为借口划线拉“小圈子”,用集团性的“家法帮规”破坏网络空间国际秩序和规则。这份所谓的《宣言》是美国意图分裂互联网,挑动网络空间对抗的最新例证。
结语
网络空间是人类共同的活动空间,各国在网络空间利益休戚与共、命运紧密相连。建设和维护一个和平、安全、开放、合作、有序的网络空间,是人类社会的共同期盼和美好愿望。但是,美国不择手段、不计后果维护网络霸权,以牺牲他国安全片面追求自身“绝对安全”,甚至走上了破坏、割裂网络空间的道路。美国在网络空间的种种恶行阻碍了数字世界的发展进步,与时代潮流背道而驰,应当受到国际社会的公开谴责与强烈反对。为了全人类的共同利益,世界各国有良知的政府和追求公平正义自由的企业、社会组织、学者和广大网民应加强对话与合作,在网络空间共同推进发展、共同维护安全、共同参与治理、共同分享成果,构建网络空间命运共同体,携手创造人类更加美好的未来。
Preface
Cyberspace is the home of mankind. But to maintain hegemony, the US abuses its IT and resource advantages and extended hegemony to the cyberspace. It conducts cyber espionage and theft, shapes and manipulates public opinion, breaks rules and seeks decoupling and disrupts supply chains. It has been the biggest cyber attacker, cyber weapon maker, and cyber order breaker in the world. It is seriously threatening the development and security of the global cyberspace, the peace and stability of the world, and the civilization and progress of human society.
1. Infiltrating and subverting foreign governments via the Internet
The US uses the Internet as a subversion instrument. Against the target countries, it performs ideological infiltration and control, spreads fake news, smears their governments, incites the people, misleads public opinion, interferes with their internal affairs and subverts their state power via the Internet.
Since 2003, many abnormal regime changes have happened in the Eurasian region. As shown in Georgia’s “Rose Revolution”, Ukraine’s “Orange Revolution” and Kyrgyzstan’s “Tulip Revolution”, protests and riots happened in elections and evolved into overall political crises. Dubbed as the “second CIA”, the National Endowment for Democracy (NED) is long funded by Congress and the White House. On March 29th, 2022, Damon Wilson, president and CEO of NED, acknowledged the US had planned “color revolutions” in the region via the Internet.
In 2011, the so-called “Arab Spring” originated from Tunisia, overwhelmed West Asia and North Africa, and caused social turmoil, tens of thousands of casualties and a loss of one trillion dollars. Based on Twitter, Facebook and other social media, the US shaped public opinion, incited people, and advocated Western values. It incited people to take to the streets to trigger social turmoil and regime changes. On February 25th, 2022, the former US Secretary of State Hillary Clinton acknowledged that “We did some of that in the Arab Spring” in an interview with MSNBC when talking about interfering with other countries via the Internet.
In August, 2022, Stanford Internet Observatory and the research company Graphika jointly published a report Unheard Voice: Evaluating five years of pro-Western covert influence operations. The report showed popular social media outlets like Twitter, Meta and Instagram had a number of interconnected sham accounts funded by the US government. The accounts used deceptive tactics to cover covert campaigns for almost five years to support the US and its allies and oppose countries including Russia, China and Iran.
2. Performing indiscriminate cyber surveillance and espionage
The US takes “national interests” as an excuse, and abuses its IT and industrial advantages to spy on the world in cyberspace massively, systemically and indiscriminately. From civilians to national leaders, politicians to international organizations, diplomatic missions to firms, no one can be exempt from the US intelligence agencies even including the US allies. The US data theft has breached global Internet users’ privacy, trampled on human rights and infringed upon the sovereignty of other countries.
In 2007, the National Security Agency(NSA) started a top-secret surveillance program PRISM to monitor global communication, including that of the US citizens, from the servers of nine such Internet giants as Google, Facebook and AOL. In June, 2013, the former defense employee and subcontractor Edward Snowden disclosed to The Guardian and The Washington Post secret files of PRISM. The files showed the US government had been tracking real time data including emails, live chats, videos, audios, files and photos and monitoring everything about the targets. On June 7th, 2013, the then US President Obama acknowledged the program. The Washington Post later noted that the NSA’s surveillance was covert and might be illegal.
In 2015, WikiLeaks published that the US spied on 35 Japanese targets including Japanese cabinet members and Mitsubishi. In February, 2020, The Washington Post, ZDF and SRF published a joint investigation report and revealed the CIA and the German Federal Intelligence Service used a Swiss communications encryption firm Crypto AG to spy on governments and firms by covertly controlling Crypto’s encryption products sold to 120 countries.
In May, 2021, DR reported the NSA and the Danish Intelligence Service wiretapped leaders of EU countries including then German Chancellor Angela Merkel. On May 31st, 2021, President Macron and Chancellor Merkel attended a virtual Franco-German Council of Ministers meeting and requested the US and Denmark to explain. “This is unacceptable among allies”, said President Macron.
In early April, 2023, The Washington Post and many media outlets reported a leak of many US military intelligence documents on the Ukraine crisis. The leaked documents showed the US eavesdropped on the UN Secretary-General Guterres and leaders of other countries such as the Republic of Korea and Israel. On April 18th, UN spokesman Stephane Dujarric said the UN had officially expressed to the US its concern on the above mentioned media reports .
3. Attacking and deterring other countries in the cyberspace
Based on its cyber advantages, the US uses cyber deterrence as a major instrument of its hegemony. Cyber deterrence is increasingly becoming its preference in international relations. The US frequently attacks other countries in cyberspace, uses cyberspace as a main battlefield of a new Cold War, and adopts a “defend forward” tactic based on all its state power including politics, economy, diplomacy and the military. In particular, the US takes civilian critical infrastructure cyber attacks as a new method to maintain hegemony and achieve political, economic and military objectives. This greatly harms the security, development and social stability of other countries.
In December 2010, the Stuxnet virus was used to attacked the Iranian Natanz Nuclear Power Plant. It destroyed a number of centrifuges and delayed related nuclear projects. On June 1st, 2012, New York Times reported Stuxnet originated from a program “Olympic Games” of the US government around 2006. This was the first cyber weapon attack in the real world. The US was so excited to find the cyber warfare cost much lower than the traditional warfare that it soon established cyber forces. It has been the initiator and source of global cyber warfare.
“Equation Group” is a cyberattack group with notorious track records. But the US supports it in cyber attacks globally. On August 13th, 2016, a famous hacking group “The Shadow Brokers” revealed in social media that the leaked data showed the “Equation Group” had hit over 45 countries in over ten years. The attack manual and string of malware program were exactly the same with those of PRISM. The evidence indicated the link between the “Equation Group” and the US NSA.
In 2018, the US published the DoD Cyber Strategy, which initiated the “hunt forward” principle of cyber warfare, and extended its cyber defense line to other countries. In the mid of October, 2022, the US Cyber Command (CYBERCOM) published policy documents on cyber warfare. Based on the documents, the objective of the US cyber operations was to “own the domain”; the US cyber forces put critical infrastructure as legitimate targets during times of cyber conflicts; and pursued preemptive strike as an offensive strategy. This showed the US militaristic ambition to seek hegemony in cyberspace. Since 2018, CYBERCOM has conducted over 40 operations in over 20 countries including Estonia, Lithuania and Ukraine. It used the so-called “situational awareness” and the “defend forward” methods to uncover, locate and expose adversaries’ cyber operations to conduct cyber deterrence and strikes. In December, 2022, French COMCYBER commander Aymeric Bonnemaison told the parliament that the US CYBERCOM’s hunt forward operations in Europe were “quite aggressive”. Hunt forward operations were only excuses of the US cyber espionage and attacks and had made its European allies very uneasy.
On June 1st, 2022, Sky News reported that Paul Nakasone, Commander of US CYBERCOM and Director of National Security Agency, acknowledged in an interview that in December, 2021, the US sent a cyber force to Ukraine and stayed there for about three months. In the Ukraine crisis, the US also “conducted a series of operations across the full spectrum; offensive, defensive, [and] information operations.” This was the first time that a senior US official confirmed the US cyber attacks against another country.
On September 5th, 2022, China’s National Computer Virus Emergency Response Center and Qihoo 360 Technology Co., Ltd. published a Report on the Cyber Attacks of NSA on China’s Northwester Polytechnical University (NPU). The report showed NPU’s network had been repeatedly attacked by overseas hackers attributed to Office of Tailored Access Operation(TAO) under NSA for years. TAO infiltrated and controlled NPU’s critical information infrastructure with over 41 dedicated cyber weapons to steal key network equipment configuration, network management data, and operation and maintenance data.
On July, 26th, 2023, Wuhan Municipal Emergency Management Bureau published a statement that CVERC and Qihoo 360 detected a cyber attack from overseas organization on its earthquake monitoring center. Some front-end station collection points of earthquake reporting data had been implanted with backdoor programs. The media later reported that the recent investigation found very complex backdoor malware that fit the characteristics of US intelligence agencies. This was the latest example of the US cyber attack on China’s critical Chinese infrastructure with a clear military reconnaissance purpose.
4. Triggering a cyber arms race
The US is the culprit of cyber arms race. It viewed cyberspace as a new battlefield, introduced new combat concepts, and conspired to dominate this new battlefield. Early in 2009, the US founded the first cyber command in the world and continued to strengthen cyber forces. It had built dozens of large intelligence-gathering systems and developed a huge armory of cyber weapons. Instigated by the US, its allies soon followed suit and the cyber arms race is getting white-hot globally.
By 2015, the US had developed over 2,000 cyber weapons including worms, Trojans, logic bombs and trapdoors. EternalBlue was a tool accidentally leaked from the NSA’s cyber armory. It was later changed into the WannaCry virus. On May 12th, 2017, the WannaCry ransomware attack erupted, hit about 300,000 computers in over 150 countries, and caused a loss of up to 8 billion dollars.
On August 18th, 2017, CYBERCOM was elevated to the US 10th combatant command as equal to the US Central Command. Until September, 2018, the US Cyber Mission Force(CMF) had had 133 cyber teams, including 13 Cyber National Mission Teams, 68 Cyber Protection Teams, 27 Cyber Combat Mission Teams and 25 Combat Support Teams.
5. Abusing political measures to disrupt the global industry and supply chain
The US government uses political security and ideology as an excuse, overstretches the “national security” concept and hypes up the “China threat narrative”. It ignores China’s adherence to the independent foreign policy of peace over the decades, smears China’s great contribution to the global cyberspace and voice of justice, and forces its allies to take sides. It ignores the international order after WW2, the basic principles of cyberspace, and the UN consensus on “developing and implementing globally interoperable common rules and standards for supply-chain security”. It abuses its export control measures, oppresses foreign firms or entities with political, economic and financial measures, and creates “exclusive small cliques”. It has disrupted global trade, violated market laws, undermined market rules and trade order, and destabilized global industry and supply chain.
The US Department of Commerce has put a number of firms and entities on the “Entity List” of export control and caused chaos in the global supply chain. Taking China as an example, more than 1400 Chinese entities were on the list spanning industries including telecommunication, finance, and transportation before September, 2023. The list included technology firms like Huawei and SMIC, and research and education entities like Harbin Institute of Technology and the Institute of Computing Technology of Chinese Academy of Sciences.
In May, 2019, the US gathered 32 countries for the “Prague 5G Security Conference” in Czech Republic, jointly published the “Prague Proposals”, and conspired to ban China’s 5G products from the policy, security, technological and economic aspects. The US also pressed European, Asian and African countries to ban Huawei’s 5G products. Globally, many media and industrial experts argued that banning Chinese companies from 5G was an embarrassing request against global digitalization and its future development.
In September, 2021, the US used “increasing supply chain transparency” as an excuse and forced hundreds of major firms throughout the semiconductor supply chain including Apple, Microsoft, Intel, TSMC and Samsung to submit their confidential information including customer information, sales data, chip inventories and expansion plans. The request put their confidential corporate information at the risk of leakage, cut their advantages in price negotiations with the US firms, eroded the trust and confidence of global customers and undermined the semiconductor supply chain in the world.
In August, 2022, US President Biden signed the CHIPS and Science Act and forced international firms to side with the US. Based on the Act, the US government requested foreign firms like TSMC and Samsung who would benefit from the American chip industry subsidies to set up chip plants in the US. In this way, the US could dominate the industry chain of high-end chips and harass the chip industry of other countries.
In April, 2024, US President Biden signed a package of “Foreign aid bills”, which included forcing ByteDance to divest its TikTok US business within nine months, or it would banned in United States. This regulation fully reflects the United States’ double standard to maintain its cyber hegemony of controlling and manipulating international public opinion platforms. On one hand, it advocates freedom and democracy internationally while selling social media platforms it controls to nearly all countries worldwide. On the other hand, it broadens the notion of national security, exploiting legal measures for coercive and predatory actions.
6. Sabotaging cyberspace rules and order
The US deems itself the “leader” of cyberspace and makes most of the defects of cyberspace like unsound regulations and imbalanced development to strengthen its “superpower hegemony”. It puts its own interests over the interests of the world and puts the global cyberspace into a “security dilemma”, “promise-breaking deadlock” and “trust-breaching panic”.
On September 23rd, 2019, the US and another 27 countries published a Joint Statement on Advancing Responsible State Behavior in Cyberspace. This statement distorted and tampered with the framework of responsible state behavior and deviated from the consensus the US and its cohorts had agreed with. This fully illustrated the US all-time principle of applying international law in a selective and utilitarian way. The US deliberately ignored the aspiration of the international society to build a “peaceful cyberspace” and divided the cyberspace into “peacetime” and non-peacetime. Its intention was to legalize its offensive military operations in cyberspace and make the cyberspace a new battlefield. Such behavior maliciously aggravated cyber conflict risks among countries and was detrimental to cyberspace peace and security.
On April 28th, 2022, the US gathered over 50 countries and jointly published a Declaration for the Future of the Internet. It openly affirmed “to promote and sustain an Internet that is global and interoperable”. In reality, it discarded multilateral platforms like the UN, created “small cliques” based on ideology, and undermined the international order and rules with “gang rules” of blocs. The so-called declaration was a latest example of US intention to divide the cyberspace and trigger cyber confrontation.
Conclusion
Cyberspace is a shared space of mankind. Every country has shared interest and future in cyberspace, and aspires to a peaceful, secure, open, cooperative and orderly cyberspace. But the US recklessly maintains its cyber hegemony, pursues “absolute security” of itself at the cost of other countries, and even pursues a way of undermining and splitting the cyberspace. The US vicious deeds impede global digitalization, run against the history, and must be denounced by the world. For the interest of mankind, governments of conscience, firms, social organizations, scholars and netizens aspiring to fairness, justice and freedom should strengthen dialogues and cooperation, promote development, maintain security, pursue joint governance and shared benefits, build a community with a shared future in cyberspace, and work for a brighter future for mankind.