top of page

Net gain? Cyber-Security in the Indo-Pacific



Cyber attacks are one of the biggest security threats facing the modern state. On 2 December the ABC revealed a reportedly ‘massive’ attack on Australia’s Bureau of Meteorology (BoM). While the agency has refused to comment on the matter, numerous sources have confirmed the attack with the national broadcaster. As BoM is linked to multiple government agencies, including the Defence Department and also works closely with commercial airlines, the importance of the integrity of this institution goes without saying.

Sources have told the ABC that they suspect the attack came from China, and it is not hard to see why. Chinese hackers have a history of launching high profile cyber attacks on critical infrastructure, including the 2013 hack of the blueprints of the new ASIO headquarters in Canberra.

China has officially denied the above accusations and, when asked about the cyber attack on BoM, a Foreign Ministry spokesperson stated that “the Chinese government firmly opposes and cracks down on all forms of cyber attacks.” However China’s history of denying cyber crime means this kind of response is simply to be expected.

While China may have one of the most developed cyber strategies in the region, it is by no means alone in conducting cyber attacks or espionage. To paraphrase the CEO of Cisco, John Chambers: “there are two types of countries: those who have been hacked and those who don’t know yet that they’ve been hacked.” As states develop their information technology industries a rise in cyber crime is inevitable.

On 2 December the Reserve Bank of Australia revealed that it now believes the cyber attack on their servers two years ago came from Indonesia; a state that only a few years ago was only a minor player in the cyber world. India and Pakistan have been embroiled in tit-for-tat attacks in cyberspace since the 1990s.

As the undisputed global hub of the technology industry, the Indo-Pacific is leading the surge for faster and better technology. However the political tensions and intense economic competition that characterises the region makes it a potential flashpoint for cyber espionage or even warfare.

To combat the risk of cyber attacks, several states in the region are trying to foster good relations with their neighbours over online issues. During Indian Prime Minister Nerendra Modi’s November tour of South East Asia he signed high-level defence deals with both Singapore and Malaysia, each with a focus on cyber issues. South Korea has taken part in its second two-day summit with the United States on cyber security issues, and has also signed a defence cooperation framework with Australia, agreeing to cooperate on cyber security among other issues.

Perhaps the greatest step forward on this issue occurred on 25 September, as the United States signed a noteworthy pact with China guaranteeing that neither country would knowingly conduct cyber espionage against the commercial interests of the other party. Although this deal said nothing about non-commercial interests, it was nonetheless seen as a step in the right direction. However, since the deal was signed, no fewer than seven attempts to steal secrets from technology and pharmaceutical companies were detected by US cyber security firm CrowdStrike Inc, the first of which was detected only one day after the deal was signed.

The speed at which technological advances are being made makes the Internet profoundly difficult to secure. In general, state institutions have been slow to recognise the importance of cyber security and conventional security services are still often ill-equipped to deal with the ever-shifting parameters of the online world.

Now a number of states have established CERTs (Computer Emergency Response Teams) to monitor and respond to breaches of cyber safety. Cooperation between CERTs is increasing (Australia has CERT-to-CERT relationships with India, South Korea and China) in what is a positive sign for the cyber security of the region.

While cooperation is seemingly increasing and high-level discussions on cyber issues are taking place across the Indo-Pacific, mistrust still abounds. It will take time to establish international norms in these essentially unchartered waters. Bilateral agreements are a good start, but ultimately broader regional agreements need to be established, and China needs to be at the table when they are.

Caitlin McCaffrie has an interest in Indo-Pacific regional politics and is currently based in Phnom Penh, Cambodia.

This article can be republished with attribution under a Creative Commons Licence. Please email publications@youngausint.org.au with any questions or for more information.

Image credit: Perspecsys Photos (Flickr: Creative Commons)

bottom of page