Cyberwars Heat Up In AsiaPac To Battle Chinese Aggression

Uploaded on 2018-10-17 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, GOVERNMENT-Defence, FREE TO VIEW

From defense to attack: Governments in the Asia-Pacific region are strengthening their offensive cyberweapons in the fight against Chinese cyberwarfare targeting their countries.

Intrusions attributed by officials and experts to Beijing this year include targeting government-linked groups in South Korea, an Australian research institute, Taiwan’s ruling party and opposition politicians in Cambodia.

China’s Ministry of Foreign Affairs described the allegations as “absurd.” Beijing was “resolutely opposed to any form of cyberattack,” a spokesman said.

Yet the number of Asia-Pacific countries that have adopted offensive cyber abilities, defined as the ability to disrupt or damage systems and networks, has risen from four — China, North Korea, Pakistan and India — to at least 14, according to FireEye, a Silicon Valley cybersecurity company. Governments are also boosting cybersecurity spending, rewriting cyber-focused laws and strengthening monitoring agencies.

The moves mirror similar policy changes in the West. The Trump White House recently authorized “offensive cyber operations” against enemies of the U.S. The U.K. is preparing to launch a new cyberwarfare unit to counter online attacks from countries such as Russia, North Korea and Iran.

Officials rarely disclose their cyber operations or name countries linked to attacks, citing national security. However, the head of cybersecurity for one Asia-Pacific government says his department’s tactics include agents accessing Chinese networks to foil attacks “before they come to our front line.”

Experts say there has been a sharp increase in cyberattacks by China across the region over the past two years, partly as a result of Beijing’s 2015 deal with the U.S. to refrain from cyberespionage. After that agreement was signed, China redirected its focus toward Asia, according to Samm Sacks, a China cyber specialist at the Center for Strategic and International Studies, a Washington-based think tank.

“We saw a redirection of cyber activity originating from China, that initially had been going toward U.S. targets, reoriented toward other areas in the Asia region,” Sacks says.

Experts also point to China’s strengthened offensive capabilities, and the reorganization of its cyber bureaucracy under the control of President Xi Jinping, as evidence of the shift.

“They’re going after ministries of foreign affairs, any sort of policymaker that is going to give the Chinese government decision-making advantage,” says Benjamin Read, manager of cyberespionage analysis at FireEye.

Tsinghua University was the origin of cyberespionage campaigns earlier this year targeting the Tibetan community in India and the state government of Alaska, research has shown.

Experts say the shift toward offensive operations raises concerns about breaching international law.

“It is in a gray area [legally]. There are no clear definitions,” says the government cybersecurity chief, adding that, while attacks on the country did not always emanate from Chinese IP addresses, some had been traced to academic institutions linked to China’s military.

Australia is one of the few countries to publicly confirm its security agencies used offensive cyber actions to disrupt terrorist organizations, including ISIS.

Canberra has also banned Chinese telecommunication equipment-makers Huawei and ZTE from providing fifth-generation technology to Australian mobile phone operators amid national security concerns. The country was allegedly hit by Chinese cyberattacks on its Bureau of Meteorology in 2015 and the Australian National University this year. Beijing has denied involvement.

In New Zealand — a member of the Five Eyes intelligence network with Australia, the U.S., the U.K. and Canada — a policy paper released in July signaled the military wanted greater cyber powers. “To maintain relevant combat capabilities, including interoperability with close partners … the defense force needs to be able to conduct a broader range of cyber operations,” the document said.

Of nearly 400 serious cyber incidents hitting key New Zealand organizations in the year to the end of June 2017, 30 percent had indications of being linked to state-sponsored groups, according to an official in Wellington. China’s espionage activity also had a “heavy emphasis” in Southeast Asia, especially around regional meetings and events linked to the Association of Southeast Asian Nations, FireEye’s Read says.

In March, Indonesia launched a cyber agency under direct presidential control to curb a rising number of digital attacks. The agency chief, Djoko Setiadi, says “some attacks came from overseas,” and that the government’s online domain was the prime target.

OZY:

You Might Also Read:

China Compromises Tech Companies With Malicious Microchips

China Escalates Hacks On The US

« Algorithmic Warfare Is Coming. Humans Must Retain Control
Mobile Security Threats Put Businesses At Risk »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Encode

Encode

Encode delivers a cutting edge Security Analytics & Response Orchestration platform and best of breed Cyber Security Operations and Services.

European Cybercrime Training and Education Group (ECTEG)

European Cybercrime Training and Education Group (ECTEG)

The primary aim of ECTEG is to enhance the coordination of cybercrime training, by identifying opportunities to build the capacity of countries to combat cybercrime

Qufaro

Qufaro

Qufaro is a new initiative designed to make it simpler for those with career ambitions in cyber security to access the UK’s cyber-specific education and innovation opportunities.

Altipeak Security

Altipeak Security

Altipeak Security provide Safewalk - a flexible and robust authentication platform through which we offer improved security to SMBs, corporates, banks, insurance companies, healthcare and more.

Clone Systems

Clone Systems

Clone Systems is an award winning global cloud based managed security as a service provider.

North American International Cyber Summit

North American International Cyber Summit

The North American International Cyber Summit brings together experts from around the globe to provide timely content and address a variety of cybersecurity issues impacting the world.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

Softcat

Softcat

Softcat offer a broad portfolio of IT services and solutions covering Hybrid Infrastructure, Cyber Security, Digital Workspace and IT Intelligence.

Talon Cyber Security

Talon Cyber Security

Talon delivers the leading enterprise browser designed to bring security to managed and unmanaged devices, regardless of location, device type or operating system.

Core Sentinel

Core Sentinel

Australia's #1 Penetration Testing Service. Make Your Systems Fully Compliant With Our OSCE CREST/CISA Certified Penetration Testing.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Censinet

Censinet

Censinet provides the first and only third-party risk management platform for healthcare organizations to manage the threats to patient care that exist within an expanding ecosystem.

PROVINTELL Cyber Security

PROVINTELL Cyber Security

PROVINTELL is a Managed Security Service Provider (MSSP) specialising in Next-Gen Cyber Defense and Response to detect and respond to threats.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.

Fraud.net

Fraud.net

Fraud.net operates the first end-to-end fraud management and revenue enhancement ecosystem specifically built for digital enterprises and fintechs globally.

Camms

Camms

Camms are a team of experienced professionals dedicated to providing innovative GRC software solutions that help organizations manage risk, make informed decisions, and drive positive change.