Defence and Security Forum
Defence and Security Issues Discussed in the 21st Century
Home About the DSF Committee Diary Dates DSF News Media Coverage Contact us
The DSF's Co-founder, Lady Olga Maitland
Welcome to The Defence and Security Forum

The Defence and Security Forum was founded by Lady Olga Maitland in 1983. It was originally a campaigning organisation known as Families for Defence launched to challenge the anti-nuclear protest movements such as CND. Families for Defence’s remit was to promote the NATO case for multilateral nuclear disarmament. In the course of doing so the purpose was to focus on the importance of a proper provision for the defence of the United Kingdom.
Major General Patrick Cordingley, our Chairman Our Keynote Topics

  • International Relations
  • Economics
  • Politics
  • Defence and Security

Protecting Nations Cyber-security and Geo-Politics
Booking forms

By Lady Olga Maitland

 2nd CISO 360 ASIA & OCEANIA Conference

This is a shifting world. No one, no organisation, no state is immune from geo-political tensions and indeed wars. And with it, the weaponization of cyber.

We are familiar with criminal hacking for profit and are prepared. But now political sensitivities have unleashed a bitter harvest in massive State sponsored cyber-attacks. They are weapons to intimidate, weaken, and destroy government institutions. They can be foretaste of worse to come.

The war in Ukraine overshadows. international security, even in the world beyond Europe. It is the most intense conflict on the continent since the end of Second World War; and regardless of how long it lasts or how it ends, it is sure to have important consequences for the Asia-Pacific.

Some of these are already emerging. Russia borders Asia as much as Europe. China has been emboldened threatening Asia’s middle powers and small states.

The outbreak of large-scale inter-state conflict or extreme tension is a stark reminder of the dangers if diplomacy and deterrence fail. It highlights the significant responsibility -   carried by governments -   in the Asia Pacific to press for peace and stability to be maintained.

Clearly the interaction of US and China is an important focus, particularly in terms of Indo-Pacific Alliances and partnerships.

With this has to be an early warning system, raising the alert to Red for corporations facing a headwind of heightened attacks.

Take Nancy Pelosi’s visit to Taiwan. The Taiwan Presidential office was hit ahead of her arrival. The computer screens went black. Complete DDOS, Distributed Denial of Service. The same happened at the Ministry of Foreign Affairs. Corporations were also affected often more drastically.

The visit triggered live fire military exercises close to Taiwan’s defensive zone.

Taiwan has accused China of mounting attacks since the 2016 election of President Tsai Ing-wen who declared Taiwan to be a sovereign nation.

My concern today is not traditional weaponry but cyber which is increasing fast. Most organisations recover but the attacks are a warning of worse to come.

Corporations need no telling that these are zero trust days.

 Chinese state-sponsored hackers have targeted government as well as private-sector organisations, including those closely involved with Beijing on infrastructure development projects. Specific targets have been the Thai Prime Minister’s office and the Thai army, the Indonesian and Philippine navies, Vietnam’s National Assembly and Malaysia’s Ministry of Defence. Myanmar, Laos, and Cambodia have also affected.

The purpose is intrusion and espionage and control.

Best friends are also vulnerable to attack. Cambodia’s Prime Minister was first foreign leader to visit China after the pandemic. It stood staunchly by China’s sovereignty claims in the South China Sea, benefited from the Belt and Road investment initiatives, gave China tacit permission to build military bases, but still warning signs went out after China learnt that the Cambodians are not too keen to proceed after all. It would violate their constitution. And their Foreign Ministry has been hit.

In Australia, just six months ago, a Chinese cyber attack almost shut down the Queensland power plant, CS Energy; for 3million Australians a terrifying demonstration of what a belligerent regime could do in wartime.

The crisis was within 30 minutes of complete shut down, but a brilliant last-minute move stopped Beijing gaining access by separating the company’s corporate and operational computer systems. Once the network was essentially cut in half, hackers had no way of seizing control of the generators.

This followed four years of   China sanctions cutting Australia’s exports of coal, iron ore and cereal among other items – a heavy hit for them as China was their major export destination. All of this arose from Australia’s hard-line stance in the South China Sea, support for Taiwan, and objections to at China’s interference with the Asia Pacific islands where Australia remains firmly aligned with the US and its allies.

Today there is a new government in Canberra. It is paying close attention to the lessons that the Chinese Communist Party is learning from the Ukraine. A Chinese invasion of Taiwan would have unprecedented impact on the Indo Pacific region and for the fate of the liberal-rooted international system.

Hence, although cyber-attacks continue to increase, the Australian government is trying to reset its trading and diplomatic relations with Beijing - a complex dilemma.

The Chinese are keeping up the pressure with another hit, this time on Australia’s largest Chinese – language media platforms with 2m daily users. The date, June 4 was significant for the Chinese diaspora marking the 1989 Tiananmen Square massacre of pro-democracy protests.

New Zealand which has tried to keep an equilibrium with China despite remaining a staunch supporter with its US, UK, and other allies, has experienced state sponsored hackers working under the guise of the New Zealand Ministry of State Security which carried out targeted espionage, hacking, stealing data but not seeking a ransom. The object was military, diplomatic and economic damage. Years of quiet diplomacy by New Zealand did not work.

Also on Asia, Japan has also experienced its own attacks from China. China’s military instructed a hacker group to conduct cyber attacks on nearly 200 companies and research institutes, including the Japan Aerospace Exploration Agency.

Again, Japan has a fine balancing act. Officially they have marked cordial relations while commemorating the 50th anniversary of normalisation of relations between the two countries. The two nations have long been in strife and conflict being at logger heads over the sovereignty of a group of islands in the East China Sea.

It is no surprise to that North Korea is also making mischief. Reports suggest that one third of their missile programme is funded by cyber-attacks, much of it by recent theft of more than $400m in crypto currency in the last year.
However, they don’t always get away with it.

The US Dept of Justice announced only in July that they successfully seized about $500,000 in bitcoin from North Korean threat actors who were using Maui ransomware to attack health organisations in Kansas and Colorado. Despite that the attacks did cause massive disruption.

So cyber attacks are a weapon with awesome potential for ransom, compromising military and public services capability and impairment. Russia needs funds for its Ukrainian war. Costa Rica is still reeling from a massive attack by Russian hackers Conti, demanding in April $20m after crippling 27 essential government services and international trade. The effect was medical staff have had to resort to pen and paper to get things done.

Another hit happened in May and then June. Costa Rica’s President Rodrigo Chavez declared an ‘institutional national emergency’ and refused to pay the ransom demanded while calling in tech savvy help from the US and Spain.

Beware the Russian bear when annoyed. Russian hacker Killnet hit Estonia after their government opted to remove Soviet monuments in a region with an ethnic Russian minority.

Relations were not improved with Estonia’s decision decided to bar Russian citizens as visitors.

Lithuania did not escape either. Killnet acted after a replica World War 11 Soviet TU-34 was removed from public display and taken to the Estonian War Museum.

Finland was hit in April when their government’s website was taken down by hackers while streaming a speech by Ukraine’s President Zelensky. This was in retaliation for applying for membership of NATO.

Sweden, likewise, a formerly neutral country, has experienced attacks on its government agencies and military following their announcement to join NATO.

The reality is that coinciding with unrelenting cyber attacks against Ukraine, state backed Russia hackers have been engaged in ‘strategic espionage against governments, think tanks, businesses, and aid groups in 42 countries which are supporting Kiev.

Ukraine itself, has been reeling from Russian cyber-attacks since the invasion hitting   public energy, media, financial, businesses and non-profit agencies appallingly affected their ability to distribute medicines, food, and relief supplies.

Ukraine, as you would expect, are fighting back with help from America and allies such as the UK National Cyber Centre, flowing to10,000 cyber activists working at home. Many are being sent to the US for high level training. They are already well versed in handling the attacks which began in 2014 when Russia took over the Donbas region.

However, the good news is that cyber warfare has not always worked. Microsoft President Brad Smith wrote in June, that ‘since the start of the war, the Russian targeting has been successful 29% of the time, with data stolen in only one quarter of the successful network intrusions.’

Nearly two thirds of the cyber espionage targets involved NATO countries, the US being prime target, and Poland, the main conduit for military assistance flowing to Ukraine was No.2.

In the UK, a major Russian cyber-attack on the National Health Service occurred when Prime Minister Boris Johnson flew to Kiev for a meeting with President Zelensky.

Microsoft which has played a key role in supporting Ukraine has noted that Ukraine has ‘proven stronger’ overall than Russia’s capability in ‘waves of destructive attacks against 48 distinct Ukrainian agencies and hacks have been cautious not to unleash destructive data-destroying worms which could spread outside Ukraine and back-lash on them.

I have not made a comprehensive global overview, but here you have a taste of how political tensions have repercussions.

Just one small example, even small neighbouring countries use cyber to deliver a threatening message to one another.

Take Morocco and Algeria. Long-time disputes, and currently with very tense relations, hacking between the countries has intensified. Morocco sent a hacked message to state TV that Algeria was anti the Ukraine War. No. Not true. Algeria is Nonaligned. This followed using Pegasus information on Algerian politicians. Algeria did a spoof on King Mohammed in a paper. Retaliation all round.

CONCLUSION:   While those attending conference have all the capabilities and expertise it needs to protect their clients; one element needs to be bolted on. Keeping a close eye on international developments wherever you are, especially in moments of heightened tension. Where you can, keep in touch with your National Cyber Security Centre. Most countries have one, and some are very effective and helpful with Government insights.

You will need to be super sharp in anticipating your responses. This may also affect your insurance cover as moves are being taken to exclude state sponsored cyber-attacks.

Download the Annual Subscription Form to join the DSF.

To open Acrobat PDF documents, you need to download Adobe Acrobat Reader from here.

A DSF speaker. Lady Olga Maitland talking to delegates. A DSF speaker
Delegates enjoying the debate. Lady Olga Maitland chatting to a delegate. Cordingley

Content: All Copyrights Reserved by the Defence and Security Forum 2022 Designed by Media-Insert Communications