Cyber-security and the New Cold War

On this page

What is it?
Why is it important?
References

What is it?

The increasing digitization of world financial markets, critical infrastructure systems (such as power, transportation and telecommunications) and military command and control systems has made countries around the world susceptible to significant cyber security threats. These threats also jeopardize the freedoms their citizens exercise online and the economic viability of their businesses. As global economic activity shifts to Asia, cyber competition and conflict is likely to increase, especially in terms of military planning, asymmetric warfare, and economic espionage to gain economic advantages.¹

A recent study on global stock exchanges indicates that half of the exchanges surveyed had experienced some form of cyber-attack (nearly 25% of which were in Asia), including malware, denial of service, data theft, and insider information theft.² Most of these threats seemed to be motivated by disruption rather than financial gain and focused on non-trading-related online services and websites.³

China, India, Japan, Malaysia, Myanmar, North Korea and South Korea are developing military cyber capabilities. Defensive cyber capabilities are being developed by Brunei and Singapore.⁴ Capabilities of other Asian countries range from minor to comparatively advanced. However, recent attacks by Anonymous, an international network of hacktivists, have exposed the cyber weaknesses of many governments throughout Asia.⁵⁶ While many Asian countries have created computer emergency response teams (CERTs) to help deal with cyber-attacks, Asian businesses are not proactively investing enough in cyber-security.⁷ For example, in more recent times the vulnerability of electricity systems or the “grid” have proven to be highly susceptible to cyber-attack with the potential for enormous economic disruption. According to Schneider Electric, most cyber-attacks on industrial targets seek to penetrate the control network via the corporate network, Internet and trusted third party suppliers.⁸

At the same time, China’s state-control of the Internet has helped, in large part, shield it from cyber-attacks as well as provide a safe haven for businesses.⁹ This model may be appealing to many countries in the region. For example, Decree 72 in Vietnam will impose further restrictions on Internet access.¹⁰

Why is it important?

Given the already tense cyber relationship between Asian countries, hacktivism and cyber-crime have the potential to both change how people use the Internet and support attempts by some nation states to exert greater control over the flow of Internet traffic. The threat, real or perceived, will require responses by governments to better manage a free and open Internet and ensure confidence is maintained. As Nobel laureate Kenneth Arrow once said, “Virtually every commercial transaction has within itself an element of trust.” Consequently, attempts to manage or curtail Internet freedom will impact consumer confidence. At the same time, cyber-security threats, real or perceived, may exacerbate existing tensions or cause miscalculations among countries that could pose significant security risks to the region. This will require regional investments to protect critical infrastructure and promote economic security to develop new levels of cyber-security.

Although cyber-security threats to financial markets are now relatively small in scale, future cyber-attacks may have a large impact on the integrity and efficiency of markets. The consequences could range from “halting trading, manipulating data, targeting telecommunications networks, and affecting the functions of a clearing house”.¹¹

The threat of cyber warfare is helping to drive increasing public and private sector investment in cyber security.¹² The cyber security ecosystem is a dispersed network of private and public organizations. The impact of austerity measures in many countries is leading to a focus on assuring “greater bang for the buck,” with a movement away from the purchase of tanks and planes towards cyber capabilities. Developed countries can achieve military efficiencies and developing countries can acquire new strike/deterrent capabilities. In a networked world, increasing cyber capabilities require a matching investment by the ‘cyber-industrial complex’ to secure trust and confidence in cyber services for citizens as well as for governments. For example, a recent World Bank report cited investments in South Korean research parks to create inter-industry hubs to promote the cross-fertilisation of technologies between industry sectors. “These capabilities are the technical basis of investment in dual-use technologies, not only for carrying out computer network attacks but also in creating precision weapons and command and control weapons for maneuvering in cyberspace.”¹³

References

1. Heinl, C. “Tackling cyber threats will require regional cooperation.” The Nation. June 2013. http://www.nationmultimedia.com/opinion/Tackling-cyber-threats-will-require-regional-coope-30209055.html(link is external)
2. Rashid, F. “Cyber Attacks Against Stock Exchanges Threaten Financial Markets: Report.” Security Week. July 2013. http://www.securityweek.com/cyber-attacks-against-stock-exchanges-threaten-financial-markets-report(link is external)
3. Clearfield, C. “Finance Industry Grapples With Cyber Threats.” Forbes. November 2013. http://www.forbes.com/sites/chrisclearfield/2013/11/15/finance-industry-grapples-with-cyber-threats/(link is external)
4. Lewis, J. “Cyber: Unclear and present danger.” The Interpreter. February 2013. http://www.lowyinterpreter.org/post/2013/02/19/Cyber-Unclear-and-present-danger.aspx(link is external)
5. Idem. “Tackling cyber threats will require regional cooperation.” The Nation. June 2013.
6. Sturmer, J. “Hackers target Australian websites in protest Indonesia spying claims.” Australia Broadcasting Corporation (ABC). November 2013. http://www.abc.net.au/news/2013-11-04/websites-hacked-in-protest-at-spying-allegations/5068778(link is external)
7. Abbugao, M. “Hackers expose weak cyber defenses across Asia.” InterAksyon. November 2013. http://www.interaksyon.com/article/74448/focus–hackers-expose-weak-cyber-defenses-across-asia(link is external)
8. “How can I… protect a system from cyber attacks?” Schneider Electric. February 2012. http://www.schneider-electric.nl/documents/news/corporate/netherlands/STN_Ethernet.pdf(link is external)
9. Idem. “Hackers expose weak cyber defenses across Asia.” InterAksyon. November 2013.
10. Ponnudurai, P. “Governments Want Vietnam to Review New Internet Control Decree. Radio Free Asia. August 2013. http://www.rfa.org/english/news/vietnam/internet-08262013211044.html(link is external)
11. Idem. “Cyber Attacks Against Stock Exchanges Threaten Financial Markets: Report.” Security Week. July 2013.
12. “Cyber Threat from China, Russia and Iran on US Military and Civilian Networks Drive Cyber Warfare Spending.” Space War. March 2012. http://www.spacewar.com/reports/Cyber_Threat_from_China_Russia_and_Iran_on_US_Military_and_Civilian_Networks_Drive_Cyber_Warfare_Spending_999.html(link is external)
13. Elkus, A. “Rise of the Asian Cyber Armies.” USNI News. August 2012. http://news.usni.org/2012/08/08/rise-asian-cyber-armies