The Great Cyber Game in South China Sea

“We worried for decades about WMDs – Weapons of Mass Destruction. Now it is time to worry about a new kind of WMDs – Weapons of Mass Disruption.”
― John Mariotti

The world is witnessing an altogether new kind of geopolitics; wherein the cyber warfare has emerged as the lynchpin of unofficial engagement between countries having disputes and disagreements. The South China Sea is no exception. In the recent times there has been a spate of cyber attacks against the South-East Asia countries having territorial dispute with People’s Republic of China. These cyber attacks are being attributed to China which has in last two decades invested heavily in its cyber armory and has emerged as a global cyber force to contend with. The Great Cyber Game in South China Sea is a reality with potentially serious consequences and must not be ignored.

The roots of the dispute lie in the claim of more than 90% of South China Sea by People’s Republic of China which has demarcated its area under nine-dash line. Thus China has laid claims on most of the petroleum rich islands located in the sea which fall under the Exclusive Economic Zones of countries like Philippines and Vietnam among others. Chinese government has altogether rejected the jurisdiction of United Nations Convention on the law of Sea 1982 on the South China Sea as well as the ruling of The Permanent Court of Arbitration, The Hague which ruled in favor of Philippines and rejected the claim of China over the sea. China has maintained an aggressive posture in issuing statements, however it is responding more aggressively through cyber attacks.

The cyber attacks and breaches against the Southeast Asian nations involved in the dispute first started in 2012 coinciding with times of heightened geopolitical tensions owing to South China sea dispute. The first major cyber attack by China against Philippines coincided with the standoff between Chinese and Filipino naval vessels around the Scarborough Shoal. The attacks breached government and military networks and stole sensitive data related to the conflict.

The spate of attacks increases whenever there is rise in tensions. As soon as the Permanent Court of Arbitration ruled against China’s territorial claims in the South China Sea, at least 68 national and local government websites in the Philippines were pinned down in a massive distributed denial of service (DDoS) attack. This is not the first time the landmark legal dispute over the South China Sea has flared up in cyberspace. Even last year, Chinese hackers allegedly breached the court’s servers during a hearing on the territorial dispute. The attacks are mostly targeted against the key government agencies, including the Department of Foreign Affairs, the Department of National Defense, the Central Bank, and the Presidential Management Staff.

Just a couple of days back, the cyber security company F-Secure has unearthed a Chinese Malware “NanHaiShu” which they have also named as South China Sea RAT (Remote Access Trojan). As per F-Secure, NanHaiShu was used for infecting individual’s computers from Philippines Department of Justice, a major global law firm that is involved in arbitration process of South China Sea, and the APEC (Asia-Pacific Economic Cooperation) Summit organizers. F-Secure further says that in the beginning, the group behind NanHaiShu had used US hosted servers for the C&C infrastructure of RAT, but when military ships were sent by the US to South China Sea, it rapidly moved its operations to the servers that are located in the Mainland China. The purpose of the malware has been established as to exfiltrate sensitive data to the attackers.

Although it has been a major target but Philippines has not been the only target. In recent days, Vietnam has also been a target of a lot number of Cyber attacks. The attacks characteristically follow the timing of heightened geopolitical tensions. Recently Vietnam moved its rockets to fortify some of the islands in the disputed South China Sea. On July 29, there were Cyber attacks on the Vietnam’s airports and national carrier. The flight screens at the airports displayed messages critical of Vietnam’s claims to the South China Sea. As per Ngo Tuan Anh, vice chairman of Hanoi-based network security company Bkav Corp, A malicious code disguised as anti-virus software was found lurking in everything from government offices to banks, major companies and universities and not so surprisingly it was the same as that used in “politically-colored” attacks on two of the country’s biggest airports and Vietnam Airlines.

It is important to understand that emergence of cyberspace as fifth domain of warfare has happened as the exact time when China has aspired to become a global power through its so called “peaceful rise”. The military budget of China is increasing year on a year basis but it is still much less than that of the United State of America. Therefore, China has acted proactively in the cyber domain where US does not enjoy undisputed authority and this domain will continue to enjoy importance because China wont let it go easily as it is step ahead of US. The question that remains to be seen is how cyber attacks will be used to get results on the ground and The Great Cyber Game in South China Sea will provide an insight into it. Will, these attacks act merely as force multiplier for the conventional forces or they will altogether negate the philosophy of Mao who said “Power flows through the barrel of gun” and emerge as the major weapon capable of changing geography.