Cyberwars Heat Up In AsiaPac To Battle Chinese Aggression

From defense to attack: Governments in the Asia-Pacific region are strengthening their offensive cyberweapons in the fight against Chinese cyberwarfare targeting their countries.

Intrusions attributed by officials and experts to Beijing this year include targeting government-linked groups in South Korea, an Australian research institute, Taiwan’s ruling party and opposition politicians in Cambodia.

China’s Ministry of Foreign Affairs described the allegations as “absurd.” Beijing was “resolutely opposed to any form of cyberattack,” a spokesman said.

Yet the number of Asia-Pacific countries that have adopted offensive cyber abilities, defined as the ability to disrupt or damage systems and networks, has risen from four — China, North Korea, Pakistan and India — to at least 14, according to FireEye, a Silicon Valley cybersecurity company. Governments are also boosting cybersecurity spending, rewriting cyber-focused laws and strengthening monitoring agencies.

The moves mirror similar policy changes in the West. The Trump White House recently authorized “offensive cyber operations” against enemies of the U.S. The U.K. is preparing to launch a new cyberwarfare unit to counter online attacks from countries such as Russia, North Korea and Iran.

Officials rarely disclose their cyber operations or name countries linked to attacks, citing national security. However, the head of cybersecurity for one Asia-Pacific government says his department’s tactics include agents accessing Chinese networks to foil attacks “before they come to our front line.”

Experts say there has been a sharp increase in cyberattacks by China across the region over the past two years, partly as a result of Beijing’s 2015 deal with the U.S. to refrain from cyberespionage. After that agreement was signed, China redirected its focus toward Asia, according to Samm Sacks, a China cyber specialist at the Center for Strategic and International Studies, a Washington-based think tank.

“We saw a redirection of cyber activity originating from China, that initially had been going toward U.S. targets, reoriented toward other areas in the Asia region,” Sacks says.

Experts also point to China’s strengthened offensive capabilities, and the reorganization of its cyber bureaucracy under the control of President Xi Jinping, as evidence of the shift.

“They’re going after ministries of foreign affairs, any sort of policymaker that is going to give the Chinese government decision-making advantage,” says Benjamin Read, manager of cyberespionage analysis at FireEye.

Tsinghua University was the origin of cyberespionage campaigns earlier this year targeting the Tibetan community in India and the state government of Alaska, research has shown.

Experts say the shift toward offensive operations raises concerns about breaching international law.

“It is in a gray area [legally]. There are no clear definitions,” says the government cybersecurity chief, adding that, while attacks on the country did not always emanate from Chinese IP addresses, some had been traced to academic institutions linked to China’s military.

Australia is one of the few countries to publicly confirm its security agencies used offensive cyber actions to disrupt terrorist organizations, including ISIS.

Canberra has also banned Chinese telecommunication equipment-makers Huawei and ZTE from providing fifth-generation technology to Australian mobile phone operators amid national security concerns. The country was allegedly hit by Chinese cyberattacks on its Bureau of Meteorology in 2015 and the Australian National University this year. Beijing has denied involvement.

In New Zealand — a member of the Five Eyes intelligence network with Australia, the U.S., the U.K. and Canada — a policy paper released in July signaled the military wanted greater cyber powers. “To maintain relevant combat capabilities, including interoperability with close partners … the defense force needs to be able to conduct a broader range of cyber operations,” the document said.

Of nearly 400 serious cyber incidents hitting key New Zealand organizations in the year to the end of June 2017, 30 percent had indications of being linked to state-sponsored groups, according to an official in Wellington. China’s espionage activity also had a “heavy emphasis” in Southeast Asia, especially around regional meetings and events linked to the Association of Southeast Asian Nations, FireEye’s Read says.

In March, Indonesia launched a cyber agency under direct presidential control to curb a rising number of digital attacks. The agency chief, Djoko Setiadi, says “some attacks came from overseas,” and that the government’s online domain was the prime target.

OZY:

You Might Also Read:

China Compromises Tech Companies With Malicious Microchips

China Escalates Hacks On The US

« Algorithmic Warfare Is Coming. Humans Must Retain Control
Mobile Security Threats Put Businesses At Risk »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyberis

Cyberis

Cyberis are pioneers in customer-focussed information security. Since 2011, we’ve been helping businesses protect their brands, customers and reputation.

HPE Aruba Networking

HPE Aruba Networking

HPE Aruba Networking, a Hewlett Packard Enterprise company, is a leading provider of next-generation network access solutions for the mobile enterprise.

Conference-Service.com

Conference-Service.com

Conference-Service.com provides a categorised calendar of conferences and events which includes Information Security.

Glasswall Solutions

Glasswall Solutions

Glasswall Solutions has developed a disruptive, innovative security technology which provides unique protection against document based cyber threats.

Cyberkov

Cyberkov

Cyberkov services include Pentesting, Vulnerability Assessments, Digital Forensics, Incident Response, Source Code Analysis and Security Training.

Cybercrypt

Cybercrypt

Cybercrypt is a world leading system provider in robust cryptography. Protecting critical assets, applications and sensitive data.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

StormWall

StormWall

StormWall is an Anti-DDoS protection service for websites and networks. We offer 100% protection from all types of DDoS attacks and 24/7 technical support.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

TeraByte

TeraByte

TeraByte is an information security company which helps to educate and protect businesses from cyber security related risks.

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center is dedicated to combating adversaries who desire to harm our citizens, our government, and our industry through cyber-attacks.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

GeoEdge

GeoEdge

GeoEdge is the premier provider of ad security and quality solutions for the online and mobile advertising ecosystem.

Cyber Suraksa

Cyber Suraksa

We make security simple and hassle-free by offering a sustained and secure IT environment with next-gen cybersecurity solutions through a scalable security-as-a-service model.

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs

Wattlecorp Cybersecurity Labs are a group of IT security specialists, ethical hackers, and researchers driven to identify security flaws before cyber threat actors does.

Cribl

Cribl

Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy.