Source: World Wide Web
On June 7, 2022, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (SECURITY) once again launched a blatant smear campaign against China in the form of the so-called Joint Cybersecurity Advisory jointly written by the U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI). If you are familiar with network security, especially the sino-US network security relationship, you are no stranger to this kind of smear and attack, and you can even say that you are very familiar with it. In essence, in addition to the hysteria and irrationality of some decision-makers in Washington, this very irresponsible and even rash attitude towards cybersecurity issues is deeply rooted in the us cyber hegemony demands. On June 28, China's National Computer Virus Emergency Response Center and 360 respectively released reports exposing a "sour fox platform" network attack weapon in the United States, implanting Trojan horses into important information systems in many countries. It can be said that the pursuit and maintenance of network hegemony has and continues to become the biggest threat and challenge facing global cyberspace.
Since the end of the Cold War, it has become increasingly apparent that the global cyberspace spawned by the information technology revolution has become a vital part of human life, and has also become a new frontier for the strategic game of great powers. From a practical point of view, the biggest threat and challenge facing global cyberspace is the us measures to replicate, expand and solidify cyber hegemony in cyberspace. This series of measures has exposed global cyberspace to a full range of systemic shocks and challenges. Specifically, it includes the following main aspects:
First, the United States has expanded and derived offensive intelligence gathering and espionage capabilities in cyberspace systems, and has in fact used them unrestrained and bottomlessly. According to declassified archival materials, although systematic national security capacity-building for the United States began only after the end of World War II, the United States began to carry out large-scale national intelligence gathering activities rarely seen in human history since the mid-to-late 1940s. Declassified archives show that in August 1945, the U.S. military had established "signal intelligence gathering" from the legal and institutional levels, that is, in peacetime, intercepting and intercepting various communication signals, such as the international telegraph, the most important transnational means of communication at that time, was a legal act, which did not violate the protection of freedom of speech and individual freedom by the amendment to the U.S. Constitution, nor did it violate the provisions of the 1934 U.S. Communications Act on communication security; Then, beginning in 1947, without presidential instructions or congressional approval, the NSA carried out an operation called "Clover", which systematically monitored every international cable entering and leaving the United States until it was exposed in the 1970s; At the same time, in the international arena, in the face of the Soviet Union and the Eastern Bloc, the United States relied on the "Five Eyes Alliance", that is, the intelligence exchange and sharing mechanism of the United States, Britain, Canada, Australia and New Zealand based on the Anglo-American intelligence exchange agreement, and established an "echelon" system with signal intelligence interception capabilities around the world; According to the data, after entering the 1970s, many intelligence agencies such as the FBI, the CIA, the National Security Agency, the Defense Intelligence Agency, etc., with the FBI Intelligence Interception Technical Unit (abbreviated as FBI DITU) as the core, built a holistic intelligence interception, storage, processing and use mechanism, and this institutionalized operating mechanism, after being blessed by the information technology revolution, gradually developed into a "prism" system disclosed by snowden, a former employee of the CIA, in 2013.
The view of defending the United States is that the construction of this national intelligence capability and the interception of signal intelligence is the responsibility of every sovereign country, and it cannot be blamed because of the strong intelligence gathering ability of the United States. But the real problem is the use of this capability, which, judging by what the U.S. government has done in its history, is unrestrained and bottomless: in the 1960s, U.S. intelligence agencies implemented the Minaret Project, which monitored many American activists, including Dr. Martin Luther King, Jr., to ensure that their "pursuit of civil rights was not directed by hostile forces." In the 1980s and 1990s, the FBI developed and perfected the "Dragon System", a monitoring system that could cover program-controlled exchanged telephones and emerging computer-exchanged networks, which later evolved into the "Carnivore" system, which conducted large-scale monitoring of domestic calls in the United States, emphasizing the authorization of the Foreign Intelligence Surveillance Tribunal set up in the Foreign Intelligence Surveillance Act to protect people's privacy, and was in a state of so-called "rubber stamp" for a long time; In the 1990s and early 2000s, surveys organized by the European Parliament found that U.S. companies such as Boeing could "borrow" "echelon" systems to monitor the commercial encrypted communications of European companies such as Airbus, thereby beating opponents in commercial competition; In the prism system disclosed by Snowden, the communications of the leaders of the main member of the European Union, Germany and other countries, and the communication content of the video conference at the EU headquarters, have become the objects of surveillance by the US intelligence agencies, which has obviously exceeded the bottom line that should be exceeded, and has become the United States pursuing absolute control for hegemony, placing the security and interests of all other countries under the threat of the United States.
Second, in carrying out surveillance and attacks in cyberspace, the United States has put critical infrastructure and supply chains at risk of being threatened and untrustworthy. For global cyberspace, the security and credibility of critical infrastructure, whether it is root name servers, root zone files and root zone systems, or submarine cables, is crucial to ensuring the security and credibility of global cyberspace. But it is clear that for the US hegemony, maintaining effective control over critical infrastructure and carrying out cyber espionage by polluting supply chains is an indispensable means of maximizing its hegemony. According to internal documents that have been disclosed, the US National Security Agency has the ability to monitor submarine cables, through the so-called "upstream" project, it is possible to directly intercept data from submarine cables, and the data intercepted by such interceptions, combined with intercepted data such as the Prism system, has become a key component of the NSA's big data monitoring and interception capabilities. During the Cold War, U.S. submarines have the ability to monitor submarine communication cables in the Soviet Union, after the end of the Cold War, the United States through the modification of the Jimmy Carter nuclear-powered submarine, in the system around 2005 to obtain the mature ability to eavesdrop on submarine cables, in May 2021, danish national radio revealed that the United States deployed equipment in Denmark, taking advantage of Denmark as a submarine cable landing station, in the name of friendly intelligence services, monitoring senior officials of Sweden, Norway, France and Germany, These include Germany's then-Chancellor Angela Merkel, former German Foreign Minister Steinmeier and former opposition leader Steinbrück. In terms of supply chain security, the United States can use direct control to sell encryption equipment with built-in backdoors, and on February 12, 2020, European and American media reported that the United States and Germany intelligence organizations have been secretly controlling the Swiss company Crypto AG from the Cold War to the early 21st century, selling encryption machines to foreign governments and enterprises, earning millions of dollars while collecting important intelligence. The United States and Germany have methods to quickly decode these machines and obtain intelligence. The countries involved include Iran, Saudi Arabia, India, Pakistan, Italy, the Vatican, Libya, South Korea, Latin America and so on. At the same time, according to the materials disclosed by prism doors, the US National Security Agency can also take a more radical approach, that is, the way of logistics hijacking, intercept the equipment ordered by specific objects, and then hard install specially developed "backdoors" in them.
According to the APT-C-39 and APT-C-40 reports released by Chinese cybersecurity company 360, the US National Security Agency relied on specially developed cyber attack software to carry out cyber attacks on 403 targets in 47 countries and regions around the world, including China, the United Kingdom, Germany, France, Poland, Japan, India, South Korea, the United Arab Emirates, South Africa, and Brazil. The intensity and scope of its attacks have significantly exceeded the needs of normal national security, and the unlimited pursuit of absolute security by hegemonic powers has made the global critical infrastructure and supply chain security face serious threats and challenges.
Third, we should use the close cooperation with the media in the United States and Europe to build a discourse power system that reverses black and white and misleads the international community. Based on a certain delicate mentality that is difficult for non-hegemonic countries to understand, the United States has long been committed to "shouting and catching thieves" on the issue of global cyberspace security, building an empire of lies based on false information, and leading the cooperation of major powers in global cyberspace security governance with American lies. In this discourse system, the United States transforms itself and a small number of countries represented by the "Five Eyes Alliance" from hegemony and its close partners into the "World Alliance of Cybersecurity Victims", which will be the main target countries targeted by the United States' cyber attacks and coercion, such as China and Russia, into "the main threats and challenges facing global cyberspace security", thus constructing a black-and-white false discourse on network security. The threat and challenge posed by this discourse to global cyberspace security is obvious, not only reversing the position of perpetrators and victims, but also the international cooperation mechanism for cyberspace security established under the leadership of the perpetrators with lies will only lead to the loss of credibility of the cybersecurity issue itself, which is undoubtedly a huge catastrophic consequence for global cyberspace security.
What is even more worrying is that at least one publicly disclosed material shows that the US side even considered using military means to counter what it believed to be a Chinese cyber attack without conclusive evidence, and the Pentagon generals began to consider what kind of weapons to use, only to find that the so-called source of the attack was actually in the United States, that is, some American hackers used "springboards" and "broilers" from the United States, some very basic hacking methods, from China to launch attacks against the United States. How to ensure that global cybersecurity is not destroyed by the neuroticism of Washington is a serious problem that really needs to be solved.
A large number of irrefutable facts tell people that the efforts and initiatives of superpowers to replicate and extend hegemony in cyberspace pose a continuing threat and challenge to global cyberspace. The United States, not China, is the primary source of threats to the security, stability, and prosperity of global cyberspace. Opposing cyber hegemony and promoting the construction and practice of a community of shared future in cyberspace based on respect for cyber sovereignty and equality should become the direction of the joint efforts of all people concerned about the common interests and future of global cyberspace. (The author Shen Yi is the director of the Research Base of International Governance in Cyberspace of Fudan University)