Software experts around the world will have been putting in overtime on their security recently after a major cyberattack was launched on Sony Pictures. North Korea, accused of organizing the hacking, denied involvement, but the attack came only days after it was revealed that an advanced malicious virus — Regin malware — had been spying on governments, businesses, research institutes and individuals for the past six years.
Despite the fact that the Sony breach resulted in the leak of several unreleased films and caused massive disruption to the company’s e-mail, the Regin attack was more serious. It seems a good deal cleverer than all previously known viruses and has launched at least 100 attacks.
More worryingly, it has not been created to make money or play practical jokes: It has probably been created by a national intelligence agency for the purpose of state-based espionage.
There will undoubtedly be many viruses to come that are more fiendish than this, but Regin tells us that the competition for cyberdominance is approaching a strategic moment that might shift it from a half-understood complication in world politics to a real game-changer. The dominant powers could lose their privileged position in this domain faster than any disturbance in the military or economic balance could occur.
The cyberworld is acknowledged as the sixth domain of warfare: land, sea, underwater, air, space — and now online. Some analysts argue that full-scale cyberwar — in which powers bring down each other’s infrastructures, banking systems and so on — is still far-fetched and would not achieve the political objectives of war.
However, no one disagrees that the Internet is a vital element in the functioning of all modern societies and a tempting target for adversaries. As with espionage on a grand scale, cyberattacks offer the perpetrator some plausible deniability and shoals of electronic red herrings.
Of course, states have always engaged in espionage, subversion and sabotage against each other — from steaming open official letters to blowing up telegraph poles.
What is new is the extent to which this can be done from thousands of kilometers away with a series of clicks, by people who do not have to take any risks. It is comparatively cheap — by military comparisons almost costless — to attempt disruptive attacks, industrial espionage and constant spying on adversaries or friends.
Almost all societies are vulnerable to the complex international circuitry that underpins mobile phone, transport and banking systems.
Two elements suggest a step change is now occurring. One is that private groups and individuals can do cyberbattle with big states on almost equal terms. Indeed, only the half-dozen major cyberplayers in the world are really ahead of the criminals, terrorists and gentlemen amateurs these days, and their technological lead is dwindling as the costs of computing fall.
Most states can be, and frequently are, taken to the cleaners by the privateers, as are some of the world’s biggest commercial companies.
The second game-changer is that the assumption of a digital world dominated by North America and its Internet companies is unlikely to hold for much longer. The growing Asian economies, not to mention China, were never going to leave the cyberdomain to the US.
The revelations of former US National Security Agency contractor Edward Snowden last year have accelerated the inevitable dispersion of cyberpower, but added a powerful commercial dimension.
Companies that cooperated willingly enough with Western governments now argue that they will lose business unless they assert their independence and encrypt everything.
For good or bad, the Internet might soon “go dark”: an environment that will benefit the bad guys and some of the West’s adversaries. If the Sony Pictures hacking turns out to have been a North Korean attack, it will constitute commercial damage inflicted by a government because it apparently interprets a comedy film as “an act of war.” If the logic is bizarre, the cybertrend it indicates is not.
Like Britain’s revolutionary Dreadnought battleship of 1906, which undercut 150 years of naval dominance — or the nuclear bombs of 1945, which negated decades of US military security — Internet technology might soon be a great leveler in how the West tries to keep itself secure and prosperous.
Key Western governments have moved from defending cybervulnerabilities to developing offensive cyberprograms. They are playing a game of deterrence, and want their adversaries to know — as Regin demonstrated — that states such as Russia, which is openly subverting eastern Ukraine, could be vulnerable themselves to cybersubversion. A new arms race in this sixth domain of warfare would pull in the privateers as never before and make previous arms races look childishly simple.
To avoid it, the world needs a cyber “arms control” treaty. Since 2001 there has been a Budapest convention on cybercrime, but what is required is something much more ambitious: something that keeps the sixth domain from complete anarchy, and within the grasp of a few states where there is at least some accountability and the prospect of diplomatic accommodation.
If the major cyberplayers can reconcile their technical powers with their own publics, they could agree that certain thresholds of cyberactivity should not be breached, and create a better long-term framework for commercial service providers.
As with traditional arms control, the process does not begin in the UN or Geneva, but in quiet discussions among the major powers in the game, working outward from there.
Of course, these include Russia and China, which both behave as if they have a lot to gain from the growing cyberanarchy, and the US and Britain have only recently worried that their cyberdominance might quickly disappear. However, they should all interpret the Regin malware — whoever is behind it — as a prod to think again about their best long-term interests.
Michael Clarke is the director of the Royal United Services Institute for Defence and Security Studies.
As Taiwan’s domestic political crisis deepens, the opposition Chinese Nationalist Party (KMT) and Taiwan People’s Party (TPP) have proposed gutting the country’s national spending, with steep cuts to the critical foreign and defense ministries. While the blue-white coalition alleges that it is merely responding to voters’ concerns about corruption and mismanagement, of which there certainly has been plenty under Democratic Progressive Party (DPP) and KMT-led governments, the rationales for their proposed spending cuts lay bare the incoherent foreign policy of the KMT-led coalition. Introduced on the eve of US President Donald Trump’s inauguration, the KMT’s proposed budget is a terrible opening
The Chinese Nationalist Party (KMT) caucus in the Legislative Yuan has made an internal decision to freeze NT$1.8 billion (US$54.7 million) of the indigenous submarine project’s NT$2 billion budget. This means that up to 90 percent of the budget cannot be utilized. It would only be accessible if the legislature agrees to lift the freeze sometime in the future. However, for Taiwan to construct its own submarines, it must rely on foreign support for several key pieces of equipment and technology. These foreign supporters would also be forced to endure significant pressure, infiltration and influence from Beijing. In other words,
“I compare the Communist Party to my mother,” sings a student at a boarding school in a Tibetan region of China’s Qinghai province. “If faith has a color,” others at a different school sing, “it would surely be Chinese red.” In a major story for the New York Times this month, Chris Buckley wrote about the forced placement of hundreds of thousands of Tibetan children in boarding schools, where many suffer physical and psychological abuse. Separating these children from their families, the Chinese Communist Party (CCP) aims to substitute itself for their parents and for their religion. Buckley’s reporting is
Last week, the Chinese Nationalist Party (KMT) and the Taiwan People’s Party (TPP), together holding more than half of the legislative seats, cut about NT$94 billion (US$2.85 billion) from the yearly budget. The cuts include 60 percent of the government’s advertising budget, 10 percent of administrative expenses, 3 percent of the military budget, and 60 percent of the international travel, overseas education and training allowances. In addition, the two parties have proposed freezing the budgets of many ministries and departments, including NT$1.8 billion from the Ministry of National Defense’s Indigenous Defense Submarine program — 90 percent of the program’s proposed