There has been a fair bit of conjecture in the press about Chinese backed cyber attacks in recent times, but there has been no evidence or naming of names. Last week Australia publicly named China’s Ministry of State Security as being behind a wave of hackings, joining the United States, United Kingdom, European Union, Canada, Japan and New Zealand in doing so.
Why is this big news? While taking Asian Economies during undergrad back in the 90’s, I learned that ‘Face’ is a huge part of Chinese culture (https://en.wikipedia.org/wiki/Face_(sociological_concept)#Chinese). To publically name China as the attacker is a huge slap in the face to them and will probably cause embarrassment on the home front. The fact that they were accused by a group of powerful and/or influential nations will make it harder for them to retaliate effectively either diplomatically or using trade levers – increasing the loss of face.
Why are Australia naming and shaming? I think there are a number of reasons:
- A cyber attack is an attack and we are using similar techniques to physical self defence – noise, voice – to ward off attacks. My guess is to put China in their place to stop or reduce the attacks for a period.
- Adding to the sense of urgency around cyber security, making the threat real so people take it more seriously. This could feed into recruitment/training campaigns for cyber security professionals as well as greater uptake of attack mitigation such as the ASD Essential Eight.
- Political, creating a narrative to bring the population on board. I can see parallels to the decade before WWII, my hypothesis is that the government is preparing the population for war.
Reflection
It looks like I am definitely entering a dynamic field full of opportunity. I think this will end up being an interesting case study, looking at cyberwar as the precursor for a physical war. Or maybe the cyberwar will be so debilitating that a physical war will not be required – the attackers ultimate victory.
References
https://www.abc.net.au/news/2021-07-20/china-microsoft-exchange-hack-sanctions-punishment/100307080