The 36 Stratagems for Cyber Attacks

No one can say for certain who wrote these 36 martial proverbs; however, some Chinese historians date them as far back as the Southern Qi dynasty (479–502), which was about 1,000 years after Sun Tzu wrote The Art of War. The 36 stratagems have a darker connotation than The Art of War, focusing solely on acts of trickery, mischief, and mayhem—more the province of spies than soldiers. This makes the ancient document an inspiring resource for today’s Chinese nonstate hackers, who rely on creating ruses to trick unsuspecting Internet users into leaving the safety of their firewalls for dangerous terrain. It’s also interesting to note that, unlike Russia, since 2011 China has never engaged in military action where cyber warfare was a component, allegedly opting instead for acts of cyber espionage:

Stratagem #3: “Kill with a borrowed knife”
This stratagem advises “Attack using the strength of another (in a situation where
using one’s own strength is not favourable).”

This could just as easily apply to the use of botnets as a means to launch DDOS attacks.

Stratagem #8: “Openly repair the gallery roads, but sneak through the passage of Chencang”
This stratagem advises “Deceive the enemy with an obvious approach that will take a very long time, while surprising him by taking a shortcut and sneak up to him. As the enemy concentrates on the decoy, he will miss you sneaking up to him.”

Use backdoors or Trojan worms when attacking a network.

Stratagem #10: “Hide a knife behind a smile”
This stratagem advises “Charm and ingratiate yourself with your enemy until you
have gained his trust. Then move against him.”

This could describe phishing schemes or other social engineering attacks.

Stratagem #15: “Lure the tiger out of the mountain”
This stratagem advises “Hold out baits to entice the enemy.” This refers to luring an opponent from a position of strength, such as being protected by a firewall and updated anti-virus program, to a position of weakness or vulnerability.

One way to accomplish this is with the adoption of social engineering techniques to get the target to accept a fake email as genuine and open a compromised attachment or click on an infected link.

Stratagem #17: “Tossing out a brick to get a Jade gem”
This stratagem advises “Bait someone by making him believe that he gains something and obtain something valuable from him in return.”

This could equate to a social engineering technique used to get the target to click on a link or visit a website where information will be covertly collected without his knowledge.

Stratagem #30: “The honey trap”
This stratagem advises “Send your enemy beautiful women to cause discord within his camp.”

In contemporary computer parlance, this could refer to a honey pot, which lures visitors to a rigged site that collects information about them.

The 36 stratagems, like The Art of War, still plays a large role in shaping Beijing’s military strategy. Western policymakers should be familiar with both historical documents if they wish to understand the strategy underpinning the Chinese threat landscape.

Disclosure | Disclaimer |Comments Policy |Terms of Use | Privacy Policy| Blog Sitemap



The information contained herein is provided as a public service with the understanding that this site makes no warranties, either expressed or implied, concerning the accuracy, completeness, reliability, or suitability of the information. Nor does warrant that the use of this information is free of any claims of copyright infringement. This site do not endorse any commercial providers or their products.


Rico BURAGA blog: To make random reflections on random subjects including the subject of randomness itself.


2005- 2014 All Rights Reserved. Rico BURAGA Blog




rico, buraga, rico buraga, philippines, metro manila, quezon city, emarketing specialist, e-marketing, specialist, consultant, digital marketing, marketing, online, internet, seo, online advertising, ethical hacking, web, analytics, blogger, blogging, business blogging, multi-channel, ushahidi, magento, moodle, apps, google apps, civicrm, website optimizer, negative campaigning, economics, price analysis, agricultural economics, feasibility study, project, project development, development management, international development, management, ict4d, crisis mapping, digital, social, media, social media, personal blog, networking, emarketing, cro, website usability, user experience, ux, conversion rate optimization, copywriting, optimization, conversion rate, outsource, outsourcing, freelance, digital marketing engineer, inbound marketing, demand generation, web analytics, google analytics, search engine, ubuntu, web copywriting, adwords, google adwords, certified, email marketing, uplb graduate, nagoya university graduate, gsid, idmg, uplb, wordpress, joomla, drupal, strategy, content, filipino, professional, google, microsoft, pay per click, search analytics, retargeting, e-commerce, autodidactic, bibliophile. ceh ver6., idpa shooter, shotokan karate, zen practitioner, project lead, united states of america, united states, new york, los angeles, england, united kingdom, canada, australia, ireland, south africa, new zealand, cebu, singapore, india, hong kong, puerto rico, nigeria, india, pakistan, russia, china, brazil, saudi arabia, japan, malaysia, germany, munich, dubai, italy, canberra, ghana, berlin, texas, dallas, arizona, boston, uae,, mobile marketing association, web marketing association, american marketing association, direct marketing association, chartered institute of marketing