President Xi Jinping spoke of ‘a bridge of mutual trust’ and ‘a vast ocean of goodwill’ in his address to the Australian Parliament, but on the cyber front, recent headlines have painted China in a much more menacing light. Ahead of last weekend’s G20 summit in Brisbane, CrowdStrike uncovered malicious cyber activity targeting Australian media outlets that it has connected to Chinese government-linked hacking groups. Deep Panda and Vixen Panda, as the groups are being called, ‘typically go after very strategic interests for the Chinese government’, with CrowdStrike CEO Dmitri Alperovitch highlighting Vixen Panda as particularly focused on Australia.
Reports from the US are also pointing fingers at China after a spate of attacks on US federal systems. Following targeted attacks on the White House and the United States Postal Service, the National Oceanic and Atmospheric Administration has revealed that four of its websites have been compromised. While the resilient meteorologists are said to have ‘deflected’ the attacks, taken in concert with a breach of the State Department’s unclassified email system, the trend is ringing alarm bells on the Hill. State’s tight-lipped approach is concerning lawmakers, but, as Steve Ward reminds us, the best course of action isn’t always ‘to rush out and inform’. With the cyber blur causing trouble for America’s cyber defenders, many were surprised that cyber didn’t feature more prominently in meetings between President Obama and President Xi.
Of course, in this overhyped environment it’s often worth taking a step back to unpack the underlying complexity of the US–China cyber relationship. That’s precisely James A. Lewis and Simon Hansen’s intent in ICPC’s latest publication. Lewis breaks down the hysteria around Chinese economic cyber warfare, warning to ‘never attribute to malice what is adequately explained by avarice’. And while a new Cold War in cyberspace makes for compelling headlines, oversimplifying and misrepresenting China’s relationship with cyber has ‘serious policy implications’. Our man in Beijing, Simon Hansen, looks to rectify that very issue, deciphering China’s elite discourse and political aspirations concerning cyberpower. For even more on the US–China cyber relationship, check out this great interview with Jim from the Diplomat.
While the US–China cyber relationship is far more complex than may first appear, what’s perfectly clear is the growing need for confidence building in cyberspace. Efforts in the OSCE and in the ASEAN Regional Forum have shown promise, but more comprehensive and inclusive measures are needed. The latest report from the Cyber Statecraft Initiative over at the Atlantic Council and the Swedish National Defense College takes a crack at addressing that need, calling for a multistakeholder approach for stability and security.
One reason a multistakeholder approach to CBMs is needed is that ‘cyberspace is predominantly dominated not by the actions of states but of nonstate actors’. That fact is no more apparent than in the UK, where Scotland Yard is waging ‘war’ on 200 cybercrime gangs in London alone. Like traditional criminal activity, cybercrime’s primary driver is profit. As FBI Supervisory Special Agent Keith Mularski puts it, ‘cyber criminals view themselves as businessmen. They even buy ads on underground forums’. Mularski went on to describe cyberspace as the venue for ‘organized crime for the 21st Century’, drawing comparisons with La Cosa Nostra and Joe Valachi.
Despite the increasing number of threats posed by nefarious cyber actors, Mularski did praise the ‘great strides’ made in information-sharing and law-enforcement cooperation. NIST is looking to further enhance that space, having released SP 800-150, its latest DRAFT Guide to Cyber Threat Information Sharing. The document falls under NIST’s Federal Information Security Management Act responsibilities and comments on the draft are welcome until November 28.