In his recent post, Graeme Dobell described Secretary of Defense Chuck Hagel’s comments on Chinese cyber intrusions at the Shangri La dialogue as ‘pulling back the Chinese veil and jabbing’. This is certainly a great analogy, and it could be said that Hagel took the boxing gloves from other colleagues in the US Administration, including John Kerry, Thomas Donilon (National Security Advisor, to be replaced in July by Susan Rice) and Obama himself. With the amount of jabbing that the US is doing, there must be a few bruises appearing on their target.
The aim of this high tempo ‘calling out’ of China is really to draw them into a dialogue about the issue and try to draw up some rules of the road and set some limitations on the use of cyber, which feels somewhat out of control at the moment. The levels and severity of cyber intrusions are hard to gauge precisely, but what’s evident from increasing amounts of evidence in the public domain is that it’s only now that we’re beginning to understand quite how much malicious activity there is in cyberspace.
The latest report from the US identifies more than two dozen major weapons systems designs that have been breached, including programs critical to US missile defences, combat aircraft and ships. The list itself contains many elements of US core capability, which is deeply concerning and gives an indication as to why US rhetoric is becoming ever more intense.
But what does all this mean for Australia? Well firstly, Australia got a mention in Hagel’s speech, when he said that: ‘With Australia, we are expanding cooperation related to cyber security and space situational awareness’. It’s comforting to hear that we’ll be receiving assistance and cooperation from what’s by far and away the most powerful cyber power on the planet—an infrequently reported fact. However, with increasing reports of apparent Chinese hacking of Australian government and private sector systems, isn’t it time for Australia to create a dialogue with China in this area and begin to shape some boundaries for cyberspace?
In an ASPI report published yesterday examining the nature of Chinese intelligence agencies cyber capabilities, I said that the nature and tempo of Chinese cyber‑activities have policy implications for the Australian Government. This is an issue that can’t be ignored: it must be addressed in order to build an increasingly mature relationship with China. Australia would be well served to look for similar dialogues on cybersecurity to those which the US has encouraged with China and other regional partners. The issue will only grow in strategic importance over the coming years, and efforts made now will begin what’s likely to be a lengthy process. This is especially important in the light of the growing economic relationship between Australia and China.
The report also drew out some of the limitations to Chinese cyber activities. Despite the large scale gathering of data, it doesn’t necessarily mean that China can exploit it. One only needs to look at the Soviets during the Cold War, who ended up many generations behind the US in computing technology because they couldn’t develop equipment from stolen US blueprints quickly enough. In the Chinese case, while they can achieve a certain ‘leapfrogging’ of technical development, the real payoff of their operations will depend on their ability to convert their skills at cloning other’s technology into comprehensive research and development and a true innovation culture.
What’s certain is that the public debate often overlooks China’s strong dependendence on cyberspace for its military and civilian government programs. It has just as many vulnerabilities to attack as much of the Western world, if not more—as Chinese diplomats are all too eager to remind us when accusations are made against them. In fact, the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT), which issues a weekly report on cyber attacks against China, says that 4,062 US-based computer servers hijacked 2.91 million mainframe computers in China, although it didn’t say over what period of time these attacks took place—an important detail to leave out. One wonders if Xi Jinping will be donning his boxing gloves for the first round of face to face discussions with Obama this week, when cyber intrusions will be on the agenda. It’s certain that this won’t be a first round knockout for either side—I expect it to go the distance.
Tobias Feakin is a senior analyst at ASPI. Image courtesy of Secretary of Defense.