.jpg)
With the evolution in warfare strategies in the age of digitisation and the coming together of network technologies in every domain, the threat of cyberwarfare has become greater than before. This change has been actively recognised and captured by China who since the 1990s had started working on developing its technologies. The Chinese military’s aim was developed as ‘winning local wars under conditions of informationization’ by 2004. Within a decade it addressed cybersecurity for the first time in an official military document entitled ‘China’s Military Strategy. In 2015, a service branch called the SSP (Strategic Support Force) was established to secure electromagnetic space and cyberspace.
The following year, CCP labelled cyberspace the ‘new frontier of the modern state’. Lyu Jinghua writes It defined cyberspace as a “new pillar of economic and social development, and a new domain of national security,” and declared clearly that “China is confronted with grave security threats to its cyber infrastructure” as “international strategic competition in cyberspace has been turning increasingly fiercer, quite a few countries are developing their cyber military forces.”
Based on experiences from the previous centuries wherein Britain and the US asserted themselves in various seas undermining China’s sovereignty, the PRC is more than ever determined to protect it now which explains the great firewall it boasts. It believes cyber sovereignty to be essential to achieve the‘Chinese Dream‘ . Then employing a similar strategy as theirs, it is exceeding into the sovereignty of others- namely through cyber espionage. The US-China conflict in the South China Sea is one such notion of China’s claim to sovereignty.
Cyber Warfare on the shores of the South China Sea
ForChina, the use of cyber espionage ‘ is a reflection of a strategic currency it employs to title diplomatic decisions in its favour. Given the intensity of conflicts in the South China Sea, the neighbouring countries have been extremely vulnerable to state-sponsored cyberattacks on the government departments. At the regional level, ASEAN is on track to becoming one of the world’s top five digital economies by 2025. In 2011, McAfee researchers reported that a campaign with links to China attacked Asian governments, including the ASEAN Secretariat as well. China has been running at least six different cyberespionage campaigns in the Southeast Asian region since 2013. These campaigns are capable of stealing data from highly secure air-gapped networks. Indonesia, Myanmar, Taiwan and Vietnam are reportedly the main targets of these operations. Following the standoff at the Scarborough Shoal between the Philippines and China in 2012, a major Chinese cyber campaign was launched against the government and military networks using an AI-Powered surveillance system. Furthermore, in 2014 Vietnam became the ‘most targeted country in cyberspace’ following Chinese threats.
Even then the response to China is fragmented across ASEAN countries, with Vietnam and Singapore promoting active hedging. Thailand, Indonesia, Malaysia, Myanmar and the Philippines are involved in hesitant hedging. Finally, Cambodia, Laos and Brunei are on the bandwagon. With Brunei chairing the association this year and Cambodia the following year, the coming together of ASEAN to strongly respond to China is bleak. The options for the ASEAN are limited as the status quo helps China to assert its claims and change the geographical features to support its claims. What is essential for ASEAN is to look out in the neighbourhood and identify a strategic ally to counter the massive amount of technological threats from China. One such potential ally is India.
India in the battleground
India as its immediate neighbour is also not immune to cyber-attacks which could be mostly traced back to the Chinese government. In 2008 many computers of the government offices, security institutions, Dalai Lama’s office all were attacked and which is infamously termed as Ghostnet. It is believed to be the largest and a high profile security breach in India. Currently, amidst the recent clash between India and China, there was an alleged Chinese government-linked company’s attempt to monitor the digital footprint of Indian citizens. In November 2020, the government was bewildered by a malware threat in segments of its power infrastructure. Red Echo used malware called ShadowPad, which involves the use of a backdoor to access servers.
Although private companies like Zhenhua Data Information Technology Co. are involved in cyber attacks, experts have the opinion that these companies are incentivised and backed by officials as information that is usually extracted is beyond the usage of private entities. It could also be an attempt to test and lay the grounds for further operations in the future. An assertion could be made that these offensive operations are carried out to distract people from other places that they might be targeting or other activities that might be occurring.
India’s step towards Data diplomacy is expanding, keeping in mind the Chinese technological intrusion. At the domestic level, the ‘digital India’ programme is spearheading the reach of technology in all socio-economic spheres. In this manner, all the future Indian policies stand on the edifice of ‘Data Sovereignty’. This stand was asserted by India at the Osaka Summit in 2019.
India has taken an ‘all of government’ approach to data localisation through several multi-sectoral policies that restrict cross-border transfer of data. The Ministry of External Affairs’ New and Emerging Strategic Technologies Division could play a nodal role and coordinate inputs from the various government entities regulating different aspects of data governance. For this India has now started to change its neutral stance on issues concerning the South-China sea by aligning with the interests of the ASEAN nations, and use its foreign relations strategy to remain involved in Myanmar politics (as it is strategically located as a gateway to the south-east nations) but also continuing to believe in its Indian foreign policy ethos.
India in June 2020 entered into a coalition by becoming a founding member of Global Partnership on Artificial Intelligence, a coalition set up to chart out rules of the road for the governance of artificial intelligence (AI), all G7 countries are also being a part of it. Similarly QUAD has provided the much-needed interoperability in the Indo-pacific region to restrict China’s hegemony.
Way Forward
Looking at China’s belligerence in the South China Sea as well as recently in Ladakh, it is practically impossible for ASEAN and India to not cooperate. The agreements have broadened from the economic sphere to the defence sector. During a virtual summit, Prime Minister Modi and his Vietnamese counterpart, Nguyen Xuan Phuc, signed seven agreements out of which one focused on cybersecurity. Engaging in the South China Sea and the Bay of Bengal has allowed both nations to sustain their relations. It is only a matter of time before India’s naval capabilities, maritime infrastructure and capacity-building programmes progress into stronger cooperative partnerships in the region. Therefore with data localisation India and Southeast nations will have to ease restrictions on cross border transfer to exchange information and to become immune to future cyber attacks.
In the context of the India-ASEAN track 1.5 dialogue, it is established that the development of common norms is important to ensure a safe, open, peaceful, and accessible cyberspace for all stakeholders. Therefore, the partnership could expand in areas like critical information infrastructures and resource building between national institutions via experts sharing their experiences. To ensure proper and effective investigation and grievance redressal ASEAN and India should hold a regional convention. The convention can outline the baseline on which agencies and government officials will have to build upon, also cross- border training with regards to enabling knowledge about advanced technologies could be initiated.
India political, economic, social and cultural interests intersect at multiple levels. Now we have taken a step forward to share common space in cybersecurity and norms. We should aim towards developing productive and secure digital platforms for the population to further their livelihood and well-being. Together with countries of Southeast Asia, India could thwart ‘the Chinese Dream’ of espionage tactics. Cyberspace knows no boundary, therefore, our efforts must be to harness this common space by lifting the contours of national boundaries. International cooperation should provide the guiding light to foster equitable access in cyberspace
