US President Donald Trump has raised the stakes in his country’s cyberspace confrontation with China and Russia. On May 15 he signed a new executive order that identifies sabotage (not espionage) as the main threat from foreign states, and declared a national emergency.
The executive order includes provisions for the US administration to label foreign countries as adversaries, a move sure to anger the great power competitors.
I’m not surprised at this news – US cybersecurity policy has been building to this point since at least 2015. It’s also clear Australia is firmly committed to the emerging, robust posture of the US to protect national assets from risks of sabotage in cyberspace from countries such as China.
Concerns about sabotage
Sabotage in this context refers to the fear that in a political crisis or war, an adversary will have its finger on the switch of our critical infrastructure – including the internet and communications capability – and be able to turn it off.
The freshly signed US executive order calls out two threats:
“risk of sabotage to or subversion of the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance” of information and communications technology (ICT) equipment and services in the United States
“undue risk of catastrophic effects on the security or resiliency of United States critical infrastructure or the digital economy of the United States”.
The reference to the digital economy alludes to the theft of intellectual property.
The order is not out of the blue, having been foreshadowed by strategies and policies previously issued by the White House.
Focus on Russia and China
The executive order places a complete ban on US companies or individuals conducting future business of any kind with foreign ICT corporations from a country the US administration has formally declared to be an adversary.
The order also makes it clear that banned products and services will be any that are “supplied by persons owned by, controlled by, or subject to the jurisdiction or direction of foreign adversaries”.
The United States has already been explicit that China and Russia are undertaking cyber activities that threaten US national security (though sabotage has rarely been mentioned). The US position has also been that China and Russia both maintain political influence over corporations headquartered in their countries.
So it seems inevitable that the US will soon declare China and Russia as adversary countries under the terms of the order.
Evolution of policy since Obama
This is not a Trump administration innovation, but rather the natural – some would say slow – evolution of policy under the Obama administration. A national cyberspace emergency was declared in both April 2015 and December 2016.
Trump’s move follows the introduction in 2018 of new policies designed to punish countries undertaking malicious activities in cyber space. These are contained in the Defense Department Cyber Strategy and the National Cyber Strategy issued by the White House.
Just this month, comments from head of US Cyber Command General Nakasone imply America is already launching attacks in cyber space and taking other measures to punish China and Russia for their malicious actions in cyberspace.
The Cyber Deterrence Initiative was announced as part of the National Cyber Strategy of September 2018. It involves coalition-building with like-minded states, a group that is now 27 members strong, and includes the Five Eyes countries like Australia.
Referring to “consequences of […] malicious cyber behavior” and “malign actors”, it’s now clear this initiative set the stage for Trump’s new executive order.
Australia is involved
The actions of our government indicate Australia supports US policies on persistent engagement and cyber deterrence.
In October 2018, Prime Minister Scott Morrison and Foreign Minister Marise Payne joined other countries in linking Russia with malicious cyber activity over the previous four years.
In December 2018, Payne and Home Affairs Minister Peter Dutton joined like-minded countries in attributing a continuing campaign of intellectual property theft in cyberspace to China’s Ministry of State Security.
It is difficult to gauge how far Australia or other allies will go in supporting the US in imposing more severe costs other than simply naming and shaming.
Australia, like the US, has compiled a range of consequences it will consider imposing on foreign countries for cyber attacks. This will mean responses can be much swifter in the future. They will depend on early and close international coordination, and finding the right strategies to pinpoint responsibility.
We can be certain from US policy statements in 2018 that the American list of consequences includes retaliatory cyber attacks for Chinese and Russian incursions, as well as other severe non-cyber penalties. These include trade bans on Chinese firms, and the trade war now being waged with China.
The Australian list is probably somewhat more muted. But just how far this country is prepared to go to punish China is not likely ever to be put on the public record.
Australia’s position on the risk of sabotage was implicit in the statement by the government in August 2018 effectively banning Huawei from 5G. The statement mentions potential impacts on critical infrastructure, including their availability and integrity. It does not refer to espionage as a concern.
Huawei’s recent commitment to enter “no spy” agreements with host countries will not address the sabotage concerns.
According to strategic studies expert Hugh White, the Australian government already sees China in adversarial terms. In a recent debate on Australia’s China policy, he said war with China over Taiwan or the South China Sea is now “the de facto basis of Australian defence policy”, adding:
Australia is building a force whose primary function is to support the United States in a war with China.
While White saw such a war as still a possibility rather than a certainty – and therefore China as only a potential adversary – the Trump administration’s escalation of policies around cyber sabotage threats from China will present new policy challenges for Australia’s next government.