Cyber wrap
30 Sep 2015|
Microsoft Way

President Xi Jinping’s much-anticipated state visit to Washington DC took place last weekend with cyber security featuring prominently on the agenda—as expected. During Xi’s first official state visit, he and President Obama reached agreement on several measures including a ‘common understanding’ on curbing economic cyber espionage. In the statement released by the White House both governments have agreed to not ‘conduct or knowingly support the cyber enabled theft of digital intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantage to companies or the commercial sector.’

This is a norm that the US Government has been strongly pursuing of late and it’s a relatively surprising inclusion given the Chinese Government’s past resistance to recognising the American distinction between government-sanctioned state espionage and commercial espionage. While there’s skepticism from some senior US sources that the agreement will result in lasting change, it has been generally welcomed by industry and think tank analysts as an encouraging first step.

The other big takeaway from the summit is the reincarnation of the stalled US–China cyber working group, albeit with more of a cybercrime flavor. The new group, to be led by ministers, will meet twice a year and include representatives from the Ministries of State and Public Security, the US Attorney General and Homeland Security.

Turning to South Asia, the Indian Government is expected to announce it will replace the Microsoft operating systems on its government networks with an indigenously created operating system. According to the government, the Bharat Operating System Solutions, or ‘BOSS’, is more secure than the Windows OS, ‘pass(ing) all attempts to breach its security, including attacks carried out by the Indian Army’s intelligence division and the Defence Research and Development Organisation (DRDO).’ India was recently caught up in the Snowden revelations when it was discovered that the South Asian country was amongst the most frequently targeted nations by NSA hackers, as such the decision to shun US-produced software doesn’t come as a significant shock.

The Indian move follows similar announcements made by the Chinese government under the auspices of ‘national security’. In the Chinese case, the front-runner for replacing Microsoft looks to be the NeoKylin Operating System, created by the Shanghai-based firm, China Standard Software.

Thailand announced this week that it will put in motion political, legislative and technical changes to allow for the closer monitoring of its Internet traffic. In the past, the Thai government was content to block ‘explicit’ websites and pages that disparaged the royal family, but the new military-run government is keen to take it up a notch. The new proposal would see Thailand’s Internet gateways restricted to just a single portal to the outside world, which would facilitate closer monitoring of internet traffic in the country.

The Philippines government formed a new cyber security body. Last week President S. Aquino III announced the creation of the National Cyber security Inter-Agency Committee which will sit under the Office of the President. The Agency will be chaired by the President’s Executive Secretary and co-chaired by the Director General of the National Security Council and the Secretary of Department of Science and Technology.

The Committee will coordinate the country’s approach to cyber security, both domestically and internationally, and work to raise cyber resilience throughout government while boosting information sharing and public–private partnerships.