In February, security firm Mandiant made headlines when they declared the hacking team APT1, “likely government-sponsored and one of the most persistent of China’s cyber threat actors”.
China denied the involvement. Reuters reported that Hong Lei of the Chinese Foreign Ministry responded: “Hacking attacks are transnational and anonymous. Determining their origins is extremely difficult. We don’t know how the evidence in this so-called report can be tenable”.
This was not the first time that attacks from China have been reported. Yet, at a time when internet nationalism is rife, it is likely to have the biggest impact.
By internet nationalism, I mean the increasing focus on where IT products and services are originating from. Trust between nations is potentially at an all-time low, and that is almost certainly a result of the cyberwar arms race that the world has found itself in.
Technology has the potential – and perhaps objective – to break down borders, bring the world closer together and enable the prosperous and beneficial flow of information between nation-states, businesses and citizens.
Instead, efforts are being focused on a cyber-arms race, born out of a fear that other nations are more capable. As a result, investments are being made in offensive cyber weapons and defensive cyber surveillance. Bruce Schneier recently commented that this scenario means “at its worst, we might be about to enter an information-age Cold War: one with more than two ‘superpowers’”.
Media coverage surrounding the alleged attacks from China has only set fire to any nationalist feeling that was already being harbored about the internet. Sure, the Chinese attacks are sophisticated and serious, but they could be more appropriately described as espionage.
Anyone who thinks China is unique in its practice of cyber espionage is very much mistaken, and obviously hasn’t heard about Stuxnet. The Pentagon recently approved a major expansion of its cybersecurity force over the next several years, increasing its command from 900 personnel to just shy of 5,000 in order to strengthen the nation’s ability to defend critical computer systems and conduct offensive computer operations against foreign adversaries. Make no mistake, the West is giving as good as it’s getting.
What needs to be considered, perhaps, are the consequences of this cyber-arms race. The power at stake here is colossal, and the collateral damage not to be under-estimated. Governments are fighting for more control over internet protocols, and increased surveillance, censorship, and even propaganda, will be the result.
Information technology is an incredibly powerful tool for oppression, and is increasingly being used by nations against their own citizens. For example, Saudi Arabia, India and the UAE all demanded monitoring capabilities for BlackBerry devices within their borders in 2010 and, more recently, the internet black-out in Syria.
Citizens are more likely to accept and justify giving up their privacy and freedom on the internet if they believe that their nation is actively engaged in cyberwar. Therefore, it is in the best interests of those in power to evoke the aforementioned internet nationalism.
Cyberwar is a very tangible proposition, and cyber espionage very much a reality. This industry casually throws around the term ‘cyber Pearl Harbor’ – a term completely freighted with assumption. The dramatic statement implies an attack on innocents by bad people, and as I previously observed, this cyber arms-race is not a black-and-white issue. There are no good guys and bad guys. Nations are investing in their capabilities, building their cyber-armies, and it’s often their own citizens who are getting burned in the process.
Let’s take a moment to reflect on all of the good that should, could and would come out of the internet if we started to focus less on what other nation-states are doing and more on using it to connect and enable businesses, governments and citizens around the world.
I’m not for one moment suggesting that we let down our defenses and take our eyes off adversaries. I’m not that naïve. Instead, I’m calling for a re-focus on why the internet is so very special: to bring the world together, not tear it apart. Let us remember how we can enable citizens with freedom of information, not censor them and watch their every move.