By Sarosh Bana, Mumbai Correspondent.
Building cyber resilience is a core focus of the Quadrilateral Dialogue, or Quad, the coalition of the United States, Australia, India and Japan, which is committed to deliver on its vision for a “free and open Indo-Pacific that is inclusive and resilient”.
That cyber security concerns have acquired geopolitical significance was apparent from the joint statement of US President Joe Biden and Prime Ministers Anthony Albanese, Narendra Modi and Fumio Kishida of Australia, India and Japan at their summit meeting in Tokyo on 24 May.
“In an increasingly digital world with sophisticated cyber threats, we recognise an urgent need to take a collective approach to enhancing cybersecurity,” their statement noted. “We commit to improving the defence of our nations’ critical infrastructure by sharing threat information, identifying and evaluating potential risks in supply chains for digitally-enabled products and services, and aligning baseline software security standards for government procurement, leveraging our collective purchasing power to improve the broader software development ecosystem so that all users can benefit.”
Intent on mobilising a demonstrable response to address systemic cybersecurity challenges and reinforce cybersecurity as a key strategic priority, the Quad leaders pledged to coordinate capacity-building programmes in the Indo-Pacific region under the Quad Cybersecurity Partnership. The first-ever Quad Cybersecurity Day was also proposed to help individual internet users in the littoral and beyond to better protect themselves from cyber threats.
Cybersecurity is now one of the Quad’s six verticals that will be guided by “leader-level working groups”, the other five being COVID-19 Response and Global Health Security, Climate, Critical and Emerging Technologies, Space, and Infrastructure. All the four Quad nations have been victims of cyberattacks, and this measure aspires to build habits of cooperation amongst them for supporting a more peaceful and prosperous Indo-Pacific.
The Quad Cybersecurity Partnership seeks to build resilience across the four countries in response to cybersecurity vulnerabilities and cyber threats. Its areas of focus are critical-infrastructure protection, led by Australia, supply-chain resilience and security, led by India, workforce development and talent, led by Japan, and software security standards, led by the US. Its work will be guided by new joint cyber principles to improve cyber resilience in a rapidly changing threat environment. These principles aim to prevent cyber incidents, prepare national and international capabilities for potential cyber incidents, as also to respond quickly and effectively to a cyber incident, when or should one occur.
While the Quad’s commitment to “a free and open Indo-Pacific through practical cooperation on diverse 21st-century challenges” is a euphemism for containing China’s regional and global overreach, it has likewise been concerned by Beijing’s increasing closeness to Moscow and Russia’s launch of the first war in Europe since World War II with its invasion of Ukraine on 24 February.
“Russian invasion into Ukraine squarely challenges the principles which are enshrined in the United Nations Charter,” noted Kishida in his opening remarks to his Quad partners. “We should never ever allow a similar incident to happen in the Indo-Pacific.”
Cyberspace transcends borders, and Russia, as also China, are often the prime suspects for blockbuster cyberattacks, with both the countries believed to specialise in cyber-warfare, that is, the use of cyberattacks against a nation-state. Cyber security is thus the application of technologies, processes and controls to protect systems, networks, programmes, devices and data from cyberattacks. It aims to reduce the risk of cyberattacks and protect against the unauthorised exploitation of systems, networks and technologies.
Indeed, US Secretary of State Antony Blinken, in a press statement issued on 10 May, pointed out that soon after it invaded Ukraine, Russia launched cyberattacks against commercial satellite communications networks to disrupt Ukrainian command and control. These actions had spillover effects on other European countries, disabling very small aperture terminals in Ukraine and across Europe that, among other things, support wind turbines and provide Internet services to private citizens.
“In the months leading up to and after Russia’s illegal further invasion began, Ukraine experienced a series of disruptive cyber operations, including website defacements, distributed denial-of-service (DDoS) attacks, and cyberattacks to delete data from computers belonging to government and private entities – all part of the Russian playbook,” Blinken added. “For example, the United States has assessed that Russian military cyber operators have deployed multiple families of destructive wiper malware, including WhisperGate, on Ukrainian government and private sector networks.”
Washington has developed new mechanisms to help Ukraine identify cyber threats and recover from cyber incidents. It has also enhanced support for Ukraine’s digital connectivity, including by providing satellite phones and data terminals to Ukrainian government officials, essential service providers, and critical infrastructure operators.
To heighten its joint cybersecurity preparedness, the Quad will strengthen information-sharing among its respective Computer Emergency Response Teams (CERT), including exchanges on lessons learned and best practices. The four-nation grouping also aims at improving software and Managed Service Provider (MSP) security by coordinating cybersecurity standards for Quad governments’ procurement of software.
The Quad partners will also be launching a Cybersecurity Day campaign, which will be open to countries across the Indo-Pacific and beyond, as part of their continuing efforts to strengthen cybersecurity awareness and action. They estimate this programme to provide basic cybersecurity information and training to the most vulnerable sectors of the Indo-Pacific region, including schoolchildren, small businesses, and the elderly.
The Quad partners seek to lead this campaign in partnership with industry, non-profits, academia, and communities to maximise its effectiveness and reach.
