Cyber Threats Anchor in the South China Sea

The South China Sea (SCS) lies within the Pacific Ocean, extending to the Taiwan Straits in the northeast and to the Malacca Straits in the southwest.  The SCS is considered one of the busiest international sea-lanes, with over half the world’s oil tanker and merchant fleets transiting the waters annually.  The SCS is abundant in natural resources, from marine life to energy-rich hydrocarbons that are aggressively sought after by regional stakeholders. Conflict within the SCS has existed for centuries and the neighboring states all claim the region, or portions of it, as their own.

Disputes over the SCS have sharply increased since 2010. As tensions and rhetoric between claimants continue to increase, the longstanding territorial disputes between China, the Philippines, Brunei, Malaysia, Vietnam and Taiwan serve as an excellent backdrop for cyber activity.

As of April 2012, we have already seen a conventional two-week military standoff, involving Chinese surveillance ships blocking a Filipino coast guard vessel from arresting eight Chinese fishing boats anchored near Scarborough Shoal.

This confrontation laid the groundwork for both Chinese and Filipino “hacktivists” to unilaterally weigh in. Chinese hackers recently defaced a website for the University of the Philippines with the statement “We come from China! Huangyan Island is Ours”.  It was accompanied by an image of a map, which highlighted the disputed SCS islands. Filipino hackers then retaliated by defacing seven Chinese websites.  This exchange eventually forced an official public statement from the Philippines Department of Foreign Affairs spokesman, Raul Hernandez, denouncing the cyber attacks regardless of which side they originated from, adding “They are counter productive and will only add to the tensions.”

In addition to regional hacktivism, targeted attacks with an apparent SCS focus have also been reported. These attacks underscore the strategic nature of the SCS to regional claimants, suggesting the employment of computer network exploitation as a means to influence national objectives.

As the U.S. military begins to draw down forces in Iraq and Afghanistan, shifting focus to the Asia/Pacific theatre, conventional and virtual conflicts should be a priority to U.S. interests within the SCS. If a conventional conflict should erupt, it is likely to disrupt maritime commerce and trade.

However, a more plausible threat is one of cyber economic espionage.  Public sector organizations conducting energy exploration, oil or gas field development, and even law firms representing energy companies can expect targeted attacks.

Based on our experience in cyber threat analysis, Incident Response and Security Intelligence, Cyber Squared predicts that the following sectors in the respective countries may be targeted by sophisticated threats due to the current geopolitical conditions surrounding SCS tensions.

Cyber Squared understands that geopolitical issues are often the catalyst to “cyber events”.  By maintaining situational awareness and an overall understanding of various existing and emerging cyber threats, Cyber Squared provides comprehensive risk assessments based on organizational business operations and mission functions. By applying tactical and strategic Security Intelligence, organizations can be better enabled with timely and relavent decision support.