The State of Cyber-War

The two-day private talks between the US and Chinese Presidents Barack Obama and Xi Jinping this weekend in Rancho Mirage, CA are expected to include, among other thorny issues, the dwindling trust between the two countries following the recent spate of cyber intrusions the US have repeatedly alleges to have originated from China.

In the first diplomatic efforts to defuse chronic tensions, the two have also agreed to launch regular, high-level talks next month on how to set standards of behavior for cyber security and commercial espionage. But don’t expect anything concrete from these meetings. The state of cyberspace diplomacy is heading only south.

Consider this: Chinese hackers stole the headlines once again but with a twist last week, followed by revived calls for new laws to allow private companies to retaliate and hack back at cyber attackers in return instead of waiting for federal authorities to react.

Australian Broadcasting Corporation's Four Corners documentary, aired a week ago, reported that even became it became operational, Chinese hackers have stolen the blueprint of the new US$609 million headquarters of Australia’s spy agency – Australian Security Intelligence Organization (ASIO). The stolen blueprint would give insights into sensitive data like the cabling layouts for the security of the building plus the communication systems, floor plan and server locations.

But "It's got absolutely no implications for a strategic partnership," Australia Foreign Minister Bob Carr was widely quoted, without confirming or denying China was behind the attack. "We have enormous areas of cooperation with China."

This official response marks not only a momentous change in the global political arena but also leaves a significant impact on the age-old espionage game between nations. Australia has undoubtedly crunched its economics calculator to rule out a US-style confrontational response and China clearly enjoys the upper hand. Australia supplies its largest trading partner half of its seaborne iron ore and quarter of its imported coal and China has granted its seventh biggest trading partner in return direct currency trading rights in a historic pact signed April.

This highly calculated, cautious riposte is a 180-degree turn from last year when the Australian spy agency advised the government to ban Chinese telecoms equipment maker Huawei from bidding contracts for Australia’s ambitious US$35 billion broadband infrastructure due to fears of cyber-attacks.

The all-out-for-friendship response was even more remarkable considering Australia Prime Minister Julia Gillard was derided by her own side in the Senate for the "disgraceful" austerity measures imposed on the intelligence agency the same day the Four Corners program was broadcast.

Consequently, the Australian Financial Review reported last week that IT security professionals and lobby groups are now advocating laws akin to a citizen's arrest for private companies to resist attack from hacktivists, criminal organizations, competitors and foreign states.

This followed earlier calls by the US lobby group Commission on the Theft of American Intellectual Property for legalized counter-attacks on hackers.

The fingers were undoubtedly all pointing at China.

The Washington Post also grabbed global headlines last week with a story about a report prepared for the Pentagon that alleged Chinese hackers have stolen information about many of the nation's most sensitive advanced weapons systems.

But the most prominent accusation was the Mandiant Report released in February along with a video on hacking attempts by what looks like organized Chinese hackers. It led Washington and cyber security experts to condemn China for massive espionage schemes attacking corporate America, going through the back door to steal technology blueprints, weapons designs and even maps of critical infrastructure like power grids.

China in its defense has repeatedly claimed innocence, cited the lack of concrete proof, questioned the ulterior motives of those claims and even suggested potential sabotage by other nations.

Coincidentally, the week prior to the Four Corners documentary, the New York Times reported that Iran was actually the culprit for the wave of cyber-attacks on US companies involved in the oil, gas and electricity industries. But their goal was sabotage rather than espionage.

Over the past two months, pro-Assad Syrian hackers reportedly broke into the Twitter accounts of several Western media outlets including the Financial Times, Associated Press, BBC and American CBS network program 60 Minutes.

And let's not forget North Korea. The cyber-attack on Seoul in April disabled some 30,000 computers, paralyzed ATMs across South Korea and froze online banking systems for days. Government officials, who initially suspected China, later tracked the malicious software to Pyongyang.

The US defense secretary Chuck Hagel delivered last Saturday at a security conference in Singapore a blunt two-pronged message to Beijing - aiming to improve the military relationship with China while issuing a stern warning on Chinese cyber-attacks – and was immediately questioned by China about the US role in the Pacific region.

The US on its part also actively engages in cyber espionage though on the ground of national security and counter-terrorism. Against cyber threats presumably from China, the US has tried shaming without success. But do not expect economic sanctions to be even an option.

Hence, the economic weighing scale currently tilts in China's favor despite the continuous outcries from Washington. If Chinese hackers are the real culprits behind recent cyber-attacks, China's trading partners apart from the US might take their cue from the Australians. But what if China is innocent and those were the acts of other nations like Syria, Iran or North Korea?

Then the recent calls for the private sector to initiate retaliatory attacks on cyber hackers would become the launch pad for a new chapter in the history of mankind: Cyber Wars.

(Vanson Soo runs an independent business intelligence and commercial investigations practice specialized in the Greater China region. Blog: