Describing cyber activities by the US and China as a new Cold War in cyberspace is hyperbolic and inaccurate. The relationship between the US and China and the international environment for this relationship are very different from the Cold War, when relations and contacts with the Soviet Union were extremely limited and there was no economic interdependence or interconnection. There have been none of the threats, ideological challenges or proxy conflicts that characterised the Cold War.

The US has sought to avoid a military focus in its cybersecurity efforts. It has cast China’s cyber espionage as a commercial matter (Treasury Secretary Lew has told China’s President that cyberattacks are ‘a very serious threat to our economic interests’). For example, the US indictments of People’s Liberation Army officers for cyber espionage focused intentionally on trade and economic crimes to avoid any implication that this was a military contest.

China has never used ‘force’ (defined as acts of violence) against the US in cyberspace; it will use cyberattack against US military forces in any clash, but espionage isn’t war—if it were grounds for war, the US would find itself at war with many countries. Both China and the US have implicitly avoided truly damaging attacks or military confrontation in cyberspace, each restricting its activities to espionage. Espionage isn’t a crime under international law, and it’s not in the US interest to make it so. Dealing with China’s cyber espionage requires a sustained effort to construct norms and persuade China to observe them, to create consequences for Chinese actions, and to improve cyber defences in the interim. Read more

As tensions rise on the streets of Ferguson, Missouri over the shooting of Michael Brown, activists have taken their protests to the cyber sphere in a variety of ways. News reports have linked ‘hacktivist’ group Anonymous with a distributed denial of service (DDoS) attack on the websites and email servers of the town’s administrators which also took down the IP phone system and left most of the city’s government officials working via text message. The attack was executed following a video post by the group on YouTube that threatened to take down ‘every web-based asset of your departments and governments offline’. The group also released personal information of members of the Ferguson Police Department.

In his recent speech at the University of Canberra, Major General Stephen Day expressed concerns that state governments’ safeguards against computed-based attacks were ‘patchy and variable’, an issue he associated with a lack of depth in the understanding of the threat at the upper echelons of the state government system. MAJGEN Day, who heads up the Cyber Security Operations Centre in the Australian Signals Directorate, noted that at this level, a change of minister or senior bureaucrat ‘can have an extraordinary impact on the understanding in a state government in terms of the cyber threat.’ Read more

Cyber policy was on the table at the 5th Japan–Australia 2+2 Foreign and Defence Ministerial Consultations in Tokyo last week. Building on Tony Abbott’s April commitment to hold a bilateral cyber dialogue, the consultation established that Canberra would host the inaugural event before the year’s end. The dialogue will explore common cyber threats and look to strengthen cooperation at the regional and international levels. This news comes on the back of a $400,000 cash injection from Japan and the US to the Association of Southeast Asian Nations (ASEAN), which will go toward developing ASEAN’s cybercrime investigative capacities.

Stateside, the net neutrality saga rages on. Last month, the Federal Communications Commission (FCC) proposed a new set of rules to maintain net neutrality, which confusingly seem to allow the ‘pay-for-priority deals’ that are newly being investigated. This week it has launched an investigation into recent deals between entertainment companies and Internet Service Providers (ISPs) to determine if they undermine the principle of net neutrality (whereby web traffic is treated equally by ISPs). The practice of content providers like Netflix agreeing to pay ISPs like Verizon and Comcast to guarantee faster delivery of their products has critics concerned that the Net will be divided into fast and slow lanes according to who can pay what, and that risks stifling competition from start-ups. US Congress have become involved in the issue overnight, with the Democrats introducing a bill requiring the FCC to use whatever authority it deems necessary to stop ‘paid prioritization agreements’. Read more

First up, a haiku on the Internet from the New York Times haiku generator:

The Internet is // emotionally a very // flat experience.

Many Turkish citizens would agree with that sentiment this week as they found YouTube access blocked for reasons of ‘national security’—after Twitter had been blocked the week before. Prime Minister Recep Tayyip Erdoğan ordered a clamp down on the social media sites after a leaked audio file showed Turkish government and military leaders discussing a military strike on Syria. The PM has also been fighting off corruption charges that surfaced on those platforms. The ban on YouTube was made days before municipal elections, which Erdoğan’s party won comfortably. Read more

2013 was a significant year in cyberspace, both internationally and closer to home. Whilst the Edward Snowden leaks dominated the headlines, several important agreements and policy achievements were made further away from the glare of the media spotlight.

Beginning back in January, then Prime Minister Julia Gillard announced the creation of the Australian Cyber Security Centre (ACSC). The centre intends to co-locate government operational cyber security assets from DIO, ASD, ASIO, CERT, AGD, the AFP and the ACC whilst working closely with the private sector. The centre still ‘intends’ to achieve these goals as it’s yet to become operational. This is due to a number of factors, not least of all that its new home, the ASIO building, isn’t ready for occupancy.

Read more