Navigating the US China Tech Cold War
What should rank as the top of the cyber security challenge for 2021? The increasingly bitter tech cold war between the US and China is a good place to start.
It’s been described as a conflict over the influence of technology, national security, and economic might and organisations in both countries are feeling a chill, starting with an expanding list of Chinese companies targeted by the US Government. These include telecoms maker Huawei, chip manufacturer SMIC, and the parent companies of social media apps TikTok and WeChat.
The US Government accuses the Chinese Government of using these companies to unfairly undercut US companies, conduct data collection surveillance of its citizens, and possibly enable future cyberattacks on the country using unspecified backdoors. In response, the Chinese dismiss these actions as part of an economic war designed to ensure the “blatant hegemony” of the US.
Supply Chain Challenges
With US tech companies also finding it harder to do business in China, the situation could become a wider conflict in which everyone loses. And while it might look like an economic battle between two superpowers, there are larger implications for technology users and makers, starting with the impact on how the global technology market works.
If this tech Cold War is anything like the first one, companies across the world could find themselves choosing very carefully what they buy and from whom. Given the intricate supply chains of products and IP, this won’t be easy, or particularly efficient, as the telecoms companies that bought Huawei products over the last 15 years are finding out. Where major investments have already been made, it could be crippling.
So much for the ‘cold’, what about the ‘war’? The dogfight risks a further erosion of norms of behaviour between nation states, already an area of longstanding concern. And it could get a lot worse, opening some companies to existential risks should cyber attacks multiply.
The Aurora shock
Publicly, the origins of the USA vs China antagonism can be traced to a day in 2010 when then US secretary of state Hillary Clinton stood up at a conference and castigated China for what had been dubbed the ‘Aurora’ hacks against Google. At the time, this was shocking in two ways. In late 2009, Google had detected a large-scale and sophisticated attempt to break into Gmail accounts, which the company said were Chinese without explicitly naming its government. Now for the first time a senior US official had broken with decades of protocol and called out a rival by name.
Aurora was like a dam breaking, as it emerged that Google was not alone, and evidence was published by security companies alleging Chinese state hackers had over years penetrated hundreds of US companies to steal IP and conduct economic espionage. That was the second shock – this had happened without many of its victims apparently noticing.
The sense of vulnerability was palpable. Large companies understood the threat from traditional cybercriminals, who were assumed to be limited by resources. Adding nation state objectives and advanced resources such as the use of zero-day software flaws to this mix made the risks suddenly more alarming. The US and China have clashed several times since then, significantly after China Telecom’s alleged temporary but large-scale rerouting of Internet BGP traffic, something which could in principle be exploited malevolently or simply used to undermine US-dominated Internet governance.
This new tech Cold War isn’t just about the US and China, however. Many other countries experiencing their own smaller versions of the same thing. This plays out in conflicts between Middle Eastern states, in Asian attempts to contain North Korea, and in Europe’s digital war with Russia. Some blame the Internet itself, which has made it possible for even small countries to launch sophisticated cyber attacks on the economies of their regional rivals. Suddenly, everyone has the capability to inflict pain under cover of plausible deniability.
This has been fuelled by the rapid commoditisation and digitalisation of technologies such as space and satellite technology, and advanced weaponry such as drones, which has put powerful systems into the hands of countries with modest budgets. It’s likely the same pattern will be repeated with newer technologies such as robotics, AI, and quantum computing. Despite their size, the US and China won’t be able to monopolise these technologies to create an absolute advantage as they would have done in the past.
The effect? In a growing number of cases, isolationism. Iran has developed its own national Intranet and operating system, an approach copied by North Korea. More recently, Russia has formulated its own Runet version of the Great Firewall of China to control the information access of its citizens, including being able to disconnect itself from the Internet in short order. Many governments, meanwhile, invest time looking for ways to undermine or bypass encryption by technical or legal means.
A bipolar tech world
In the UK, the Government has bought bankrupt start-up OneWeb after being unable to get access to the EU Galileo satellite navigation system because of Brexit. The UK could, in theory, use one of several rival systems. But that would potentially compromise military independence and independent action. In critical technologies, dependence has become unthinkable.
In the 2019 book Tools and Weapons, Microsoft president Brad Smith described the US versus China as a “bipolar tech world.” Arguably, what the world is experiencing is more schizophrenic than bipolar. It’s an era in which separation becomes complex, risky, and confusing and in which organisations are often struggling to understand where they stand, even as many dividing lines become harder to see.
Cyberspace today has become a conflict zone in which the chances of unusual, disruptive events affecting networks have become a serious possibility. It’s why service providers need to understand what is happening on their networks using a cyber platform with the capacity and sophistication to give them a detailed, ‘big picture’ view of their traffic flows.
After all, every war is won with good intelligence. This tech Cold War will be no different.
For more information on how Telesoft can address these issues, discover our Cyber Platform products.
You may also like
400GBPS FlowProbe: Network Traffic Monitoring
Monitor real time traffic information and network performance whilst using anomaly detection to maintain cyber security with our ultra high performance 4x 100GbE network traffic monitor.
100GBPS CERNE: INTRUSION DETECTION
100 Gbps IDS engine and alert driven packet recorder that enables 24/7 real-time network threats monitoring and access control.
400GBPS TRITON: CYBER WARFARE SIMULATION
Prove and enhance your cyber security posture with our Cyber Warfare Simulation tool and our world class SLA and advanced on-site/ off-site support.
TDAC: Digital Forensics
Unlocks network visibility and threat identification