Software experts around the world will have been putting in overtime on their security recently after a major cyberattack was launched on Sony Pictures. North Korea, accused of organizing the hacking, denied involvement, but the attack came only days after it was revealed that an advanced malicious virus — Regin malware — had been spying on governments, businesses, research institutes and individuals for the past six years.
Despite the fact that the Sony breach resulted in the leak of several unreleased films and caused massive disruption to the company’s e-mail, the Regin attack was more serious. It seems a good deal cleverer than all previously known viruses and has launched at least 100 attacks.
More worryingly, it has not been created to make money or play practical jokes: It has probably been created by a national intelligence agency for the purpose of state-based espionage.
There will undoubtedly be many viruses to come that are more fiendish than this, but Regin tells us that the competition for cyberdominance is approaching a strategic moment that might shift it from a half-understood complication in world politics to a real game-changer. The dominant powers could lose their privileged position in this domain faster than any disturbance in the military or economic balance could occur.
The cyberworld is acknowledged as the sixth domain of warfare: land, sea, underwater, air, space — and now online. Some analysts argue that full-scale cyberwar — in which powers bring down each other’s infrastructures, banking systems and so on — is still far-fetched and would not achieve the political objectives of war.
However, no one disagrees that the Internet is a vital element in the functioning of all modern societies and a tempting target for adversaries. As with espionage on a grand scale, cyberattacks offer the perpetrator some plausible deniability and shoals of electronic red herrings.
Of course, states have always engaged in espionage, subversion and sabotage against each other — from steaming open official letters to blowing up telegraph poles.
What is new is the extent to which this can be done from thousands of kilometers away with a series of clicks, by people who do not have to take any risks. It is comparatively cheap — by military comparisons almost costless — to attempt disruptive attacks, industrial espionage and constant spying on adversaries or friends.
Almost all societies are vulnerable to the complex international circuitry that underpins mobile phone, transport and banking systems.
Two elements suggest a step change is now occurring. One is that private groups and individuals can do cyberbattle with big states on almost equal terms. Indeed, only the half-dozen major cyberplayers in the world are really ahead of the criminals, terrorists and gentlemen amateurs these days, and their technological lead is dwindling as the costs of computing fall.
Most states can be, and frequently are, taken to the cleaners by the privateers, as are some of the world’s biggest commercial companies.
The second game-changer is that the assumption of a digital world dominated by North America and its Internet companies is unlikely to hold for much longer. The growing Asian economies, not to mention China, were never going to leave the cyberdomain to the US.
The revelations of former US National Security Agency contractor Edward Snowden last year have accelerated the inevitable dispersion of cyberpower, but added a powerful commercial dimension.
Companies that cooperated willingly enough with Western governments now argue that they will lose business unless they assert their independence and encrypt everything.
For good or bad, the Internet might soon “go dark”: an environment that will benefit the bad guys and some of the West’s adversaries. If the Sony Pictures hacking turns out to have been a North Korean attack, it will constitute commercial damage inflicted by a government because it apparently interprets a comedy film as “an act of war.” If the logic is bizarre, the cybertrend it indicates is not.
Like Britain’s revolutionary Dreadnought battleship of 1906, which undercut 150 years of naval dominance — or the nuclear bombs of 1945, which negated decades of US military security — Internet technology might soon be a great leveler in how the West tries to keep itself secure and prosperous.
Key Western governments have moved from defending cybervulnerabilities to developing offensive cyberprograms. They are playing a game of deterrence, and want their adversaries to know — as Regin demonstrated — that states such as Russia, which is openly subverting eastern Ukraine, could be vulnerable themselves to cybersubversion. A new arms race in this sixth domain of warfare would pull in the privateers as never before and make previous arms races look childishly simple.
To avoid it, the world needs a cyber “arms control” treaty. Since 2001 there has been a Budapest convention on cybercrime, but what is required is something much more ambitious: something that keeps the sixth domain from complete anarchy, and within the grasp of a few states where there is at least some accountability and the prospect of diplomatic accommodation.
If the major cyberplayers can reconcile their technical powers with their own publics, they could agree that certain thresholds of cyberactivity should not be breached, and create a better long-term framework for commercial service providers.
As with traditional arms control, the process does not begin in the UN or Geneva, but in quiet discussions among the major powers in the game, working outward from there.
Of course, these include Russia and China, which both behave as if they have a lot to gain from the growing cyberanarchy, and the US and Britain have only recently worried that their cyberdominance might quickly disappear. However, they should all interpret the Regin malware — whoever is behind it — as a prod to think again about their best long-term interests.
Michael Clarke is the director of the Royal United Services Institute for Defence and Security Studies.
Recently, China launched another diplomatic offensive against Taiwan, improperly linking its “one China principle” with UN General Assembly Resolution 2758 to constrain Taiwan’s diplomatic space. After Taiwan’s presidential election on Jan. 13, China persuaded Nauru to sever diplomatic ties with Taiwan. Nauru cited Resolution 2758 in its declaration of the diplomatic break. Subsequently, during the WHO Executive Board meeting that month, Beijing rallied countries including Venezuela, Zimbabwe, Belarus, Egypt, Nicaragua, Sri Lanka, Laos, Russia, Syria and Pakistan to reiterate the “one China principle” in their statements, and assert that “Resolution 2758 has settled the status of Taiwan” to hinder Taiwan’s
Singaporean Prime Minister Lee Hsien Loong’s (李顯龍) decision to step down after 19 years and hand power to his deputy, Lawrence Wong (黃循財), on May 15 was expected — though, perhaps, not so soon. Most political analysts had been eyeing an end-of-year handover, to ensure more time for Wong to study and shadow the role, ahead of general elections that must be called by November next year. Wong — who is currently both deputy prime minister and minister of finance — would need a combination of fresh ideas, wisdom and experience as he writes the nation’s next chapter. The world that
The past few months have seen tremendous strides in India’s journey to develop a vibrant semiconductor and electronics ecosystem. The nation’s established prowess in information technology (IT) has earned it much-needed revenue and prestige across the globe. Now, through the convergence of engineering talent, supportive government policies, an expanding market and technologically adaptive entrepreneurship, India is striving to become part of global electronics and semiconductor supply chains. Indian Prime Minister Narendra Modi’s Vision of “Make in India” and “Design in India” has been the guiding force behind the government’s incentive schemes that span skilling, design, fabrication, assembly, testing and packaging, and
Can US dialogue and cooperation with the communist dictatorship in Beijing help avert a Taiwan Strait crisis? Or is US President Joe Biden playing into Chinese President Xi Jinping’s (習近平) hands? With America preoccupied with the wars in Europe and the Middle East, Biden is seeking better relations with Xi’s regime. The goal is to responsibly manage US-China competition and prevent unintended conflict, thereby hoping to create greater space for the two countries to work together in areas where their interests align. The existing wars have already stretched US military resources thin, and the last thing Biden wants is yet another war.