Cyberspace as the New Domain for Great Power Competition: Strengthening the Philippines’ Cyber Capability in a Complex Security Environment
Christine Lisette M Castillo
The concept of national security has evolved partly due to tremendous technological innovation in the 21st century. On one hand, computer networks enabled businesses and government institutions to do efficient data-sharing and conduct of affairs. From 2000 to 2010, global internet usage grew by 400%. Ultimately, the interconnectedness of people in online communities brought them together to interact in a new domain that is known as cyberspace. On the other hand, the use of cyberspace has created substantial risks and challenges. The Center for Strategic and International Studies (CSIS) published a 45-page list of significant cyber attacks to government agencies and defense and high-technology companies since 2006. This underscores two things: first, there is an increasing dependence on cyberspace in the conduct of day-to-day affairs; and, second, as much as it created more opportunities, cyberspace also facilitated a highly vulnerable society, one that is insecure and unaware. This gap, together with the advantages of operating in this domain, made states recognize the need for greater capability for cyberspace operations, hence prompting great powers to compete for cyber control and dominance.
The United States (US) and China are currently two of the most powerful states in political, military, and economic terms. As the rise of China in recent decades continues to threaten the US as the global hegemon and regional power in the Asia-Pacific, this dynamic has created a risk for regional peace and stability and global order. The great power competition between the US and China has also placed the Philippines in a critical position, having developed close relations with both countries. Thus, this paper aims to discuss how great power competition in cyberspace affects the Philippines. Also, it aims to establish the connection between cyber rivalry and the current Corona Virus Disease 2019 (COVID-19) pandemic. In particular, it seeks to answer the following questions: 1) How is cyberspace utilized by great powers?; 2) How can the Philippines strengthen its cyber capability amidst great power competition?; and 3) What are the implications of the COVID-19 pandemic to the cyber strategies of great powers?
Great Power Competition in Cyberspace
Cyberspace will serve as a strategic platform for the US and China to advance their national and foreign policy interests. Their competition takes place in two key areas: military and economic.
Military. Great powers were compelled to develop capabilities in computer network operations because of two reasons: (1) the significant disadvantages that result from sophisticated cyber-attacks; and (2) the competition for military dominance. In the last two decades, cyberspace has been utilized by states for military operations such as espionage, sabotage, and subversion against adversaries. For the US, military domination in cyberspace was enshrined in two documents, namely, the International Strategy for Cyberspace 2011 and the Department of Defense Strategy for Operations in Cyberspace in 2011. For China, the goal of increasing its military capability was reflected in its National Defense in 2010 and the 2006-2020 State Informatization Development Strategy documents. Thus far, the US remains as the world’s most powerful state in terms of military assets. However, the future does not guarantee the same. If China’s economy continues to grow and a portion of this is allocated to military forces, it will become a worthy opponent to the US military. Historically, no dominant power readily gives up its position to a rising challenger; thus, conflicting relations between the US and China will likely continue in the coming decades.
As the US intends to prevent China from challenging its hegemony, the US closely monitors China’s military modernization programs and prepares accordingly “to ensure that US interests and allies, regionally and globally, are not negatively affected.” The unparalleled military capabilities of the US, as shown in the 1991 Gulf War and the 2003 invasion of Iraq, relied heavily on information technology (IT), “particularly superior command, control, and communications; intelligence collection, surveillance and reconnaissance and logistics, transportation, and administration.” This proves the value of cyberspace in conflict operations. Given both the utility and vulnerability that cyberspace provides, adversaries will inevitably seek for ways to challenge the US.
Although cyber capabilities of states are mostly classified, there are evidences of growing military competition between the US and China in cyberspace. Cyber-attacks targeted at each other demonstrate a growing competition.
The first cyber-attack is the 1999 North Atlantic Treaty Organization (NATO) bombing campaign against Yugoslavia. Instead of hitting the original target, the five laser-guided bombs hit the Chinese Embassy in Belgrade which damaged the building and killed three embassy employees. US officials issued a number of apologies, stating that it was a failure in US intelligence and targeting procedures. As a response, Chinese hackers attacked US government and civilian websites, including that of the White House. This confirmed the vulnerabilities of US cyber-based systems and exposed a weakness that other states can exploit. It also resulted to the emergence of the Honkers Union of China, a patriotic hacking group that was also responsible for attacks against Indonesia and the Philippines.
The second cyber-attack case was sparked by the collision between a US Navy EP3 aircraft and a Chinese J-8II fighter in Hainan Island, China in 2001 which led to the death of a Chinese pilot. Together with the embassy bombing two years prior, this triggered weeks of cyber-attacks between American and Chinese hackers, deleting a significant amount of data of private companies and defacing government and private websites. The most prominent among the attacks is the Code Red worm which originated from a university in China and cost an estimated US$ 2.6 billion worth of damage to the US. The cyber attacks intensified as competition in cyberspace escalated.
A distinct pattern can be noted in the great power competition for military superiority in cyberspace: if one conducts cyber-attacks, the other retaliates, and this dynamic is repeated. China has long intended to engage in a military competition with the US through developing capabilities for cyber network operations. The surge of attacks that the US has sustained from China, together with the necessity to maintain military dominance in cyberspace, forced the US to militarize cyberspace and create the US Cyber Command (USCYBERCOM) in 2009. Some argue that it was a necessity yet a disorientation of the US government on the threats and opportunities that military operation in cyberspace entails.
Economic. Competition in cyberspace will not only be military in nature, but also economic. The economy of a state is vital to its military force that a crippled economy means a crippled military as well. Since US military superiority relies both on its economic scale and technological superiority, China develops its cyber strategy in a way that will weaken US military capabilities. In the era of high-technology international commerce, China brings forward its status as the second largest economy in the world to challenge US supremacy. It conducts cyber-enabled economic warfare to steal intellectual property and target almost every sector of the US economy. Notably, China’s strategy is to rob, replicate, and replace: rob the intellectual property of a US company, replicate the technology, and replace what has been stolen from the US company in the Chinese market, and eventually, in the global market. The US Department of Defense reported that 90% of economic espionage cases from 2011 to 2018 involve China. Each case is directed towards leading China for supremacy at American expense, costing the US economy as much as US$ 600 billion per year. Led by China, cyber economic espionage has indeed escalated.
Originally, China’s economic espionage program relied on domestic activities such as communications monitoring and human collection until its cyber capabilities had a broader, global reach. This program began when then Chinese leader Deng Xiaoping decided to let foreign manufacturing companies to operate in China. There are also reasonable grounds for China’s illicit acquisition of advanced technology from the US. For instance, China’s J-20 fighter plane has striking similarities to the F-22 Raptor made by Lockheed Martin, the same company where a Chinese national was accused of stealing technical data. Likewise, a state-owned aerospace company in China was developing turbofan jet engines for commercial aircrafts at the same time that a team of Chinese intelligence officers hacked a French aerospace manufacturer and US companies that do the same. The covert economic activities have direct implications for the US military.
In addition, the cyber espionage activities that originated from China are parallel to China’s five-year economic plans. The strategy of stealing intellectual property has led China to become the leading practitioner of economic espionage in cyberspace. Remarkably, Chinese officials tolerate these activities to the point that hacking has been a business practice in China. However, China is not invincible in cyberspace. The lack of a comprehensive protection for intellectual property in China makes it a viable target. This is in comparison with the US where intellectual property laws are strongly enforced and where cyber actions are focused on the competitor’s official government activities and not on economic espionage. Nevertheless, cyber economic espionage provides China an advantage in understanding US intentions, strategies, and capabilities. The head of the Federal Bureau of Investigation (FBI) affirmed that China’s economic aggression and relentless theft of US assets position China to challenge the US as the world’s superpower.
In sum, the complex security environment facilitating great power competition prompts smaller states to develop their cyber capabilities. This is a matter of urgency especially for the Philippines, which has complicated relations with both the US and China.
Philippine Cyber Capability and Dynamics in Asia-Pacific Region
One of the key areas of the US and China’s competition is control over the Asia-Pacific. China is arguably a major power in the region that seeks to preserve its periphery from threats. This goal, however, conflicts with the interests of other regional powers such as Japan, South Korea, and India, making it difficult for China to fulfill its interests. The US is also a prominent power in the region bolstered by its alliances and security arrangements with Japan, South Korea, Australia, Singapore, Thailand, and the Philippines. Aside from the aim of maintaining its relations, the US aspires to remain uncontested in terms of military power in the Asia-Pacific. Moreover, the region holds much economic importance to the US as it ensures mutual economic prosperity with other regional states. Thus, it is in the US’ best interest to maintain and advocate for economic openness in the Asia-Pacific.
Relatively, the region is a flashpoint for cyberspace. In addition to the booming IT industry, the Internet creates economic opportunities for rapidly growing Asian economies. An escalation of the great power competition in cyberspace will bear consequences for the entire region. Due to the uncertainty of the cyber domain, norms are yet to be agreed upon and there is a risk of misidentifying an espionage exploit as a military action, and cyber conflict can be miscalculated. Notably, the cyber powers in the region such as Russia, Taiwan, North and South Korea, and Australia are struggling to adjust their policies and practices.
The Philippines, as a smaller state, bears a greater burden. First, the great powers are also cyber powers that are capable of carrying cyber- attacks. This is a close concern for the Philippines, having ranked 4th globally with the highest number of online threats in 2019. The country also seems to be a hacker’s favorite, with countless hacking incidents over the years involving banks and government websites. Although these hacking incidents are rooted domestically, they expose the vulnerability of Philippine cyberspace, most especially against a technologically-advanced region.
Second, the Philippines has a complex relationship with the US and China. The current Philippine administration shifted its foreign policy away from a longtime ally, the US, in favor of China. This is reflected in Philippine President Rodrigo Duterte’s five visits to China from 2016 to 2019, increased economic activities between the two countries, promotion of closer ties as exemplified in presidential speeches, and possible abrogation of the Visiting Forces Agreement (VFA) with the US, among others. However, China is considered as one of the biggest cyber offenders. From 2006 to 2018, China has been involved in 108 cyber incidents, including cyber espionage in 12 countries and information theft. More importantly, infamous advanced persistent threat (APT) groups linked to China are considered the world’s oldest, most skilled, and most active agents of cyber espionage.
Developments in the South China Sea (SCS) further complicate the volatile security environment. The SCS has been a place for China to extend its influence, power, and cyber capabilities. A Chinese APT group called Naikon has been in a five-year cyber espionage campaign in Southeast Asia, stealing geopolitical intelligence in countries near the SCS. The group emerged in 2015 and has been absent for the past years until now, quietly developing their skills to evade detection. Naikon orchestrates government-to-government attacks to gather intelligence on countries through the servers and infrastructure of its victims. At present, the Philippines seems to be at a crossroads, having fought in the previous years for its rights in the disputed waters but relegating its claims to lower level priorities in the current administration. As Duterte said in his State of the Nation Address in 2019, “The West Philippine Sea is ours, but we have to temper the times and the realities we face today.” Nevertheless, threats to the Philippine cyberspace must not be taken lightly.
Cybersecurity experts believe that cyber espionage in the Philippines will not recede any time soon. This is grounded on two factors: first, the Philippines’ capability to deter cyber espionage activities or be proactive in one is still lacking, thus making the country a prime target; and second, in consideration of the former, today’s geopolitical climate presents a very challenging situation for the Philippines, most especially if put alongside China in both issues of maritime dispute and cybersecurity. In this context, there are strategic actions that the Philippines must take to strengthen its cyber capability.
First, it must boost its IT infrastructure system for reconnaissance, intelligence, and prevention or early detection of cyber threats that can undermine national security. Major focus areas include the SCS and protection of critical information infrastructure.
Second, there is a need for more robust education and training programs on cybersecurity to civilian and military personnel. This will enable the cybersecurity workforce to grow and develop.
Third, the Philippines must leverage partnership building through domestic, bilateral, and regional collaborations. This includes collaboration among the government, private sector, academe, and non-profit organizations. Also, engaging in cyber intelligence capacity- building with partners such as Australia and Japan is an opportunity that the Philippines must pursue.
Finally, the Philippines and the US must pursue a review of the Mutual Defense Treaty (MDT) to include cyberspace as a domain of security concern. The MDT, which was signed in 1951, is the foundation of the two countries’ alliance. As cyber espionage activities that are aimed to gather intelligence on the SCS are prevalent, the treaty fails to provide assurance on the US’ commitment to defend and protect the Philippines, particularly the West Philippines Sea (a portion of the SCS that the Philippines claims), in the occurrence of a cyber-attack. The Philippines’ Secretary of National Defense Delfin Lorenzana stressed the urgency of the MDT review as tensions in the SCS continuously threaten Philippine national security.
Strengthening the Philippines’ cyber capability also proves to be necessary in the current health crisis, where evident great power competition in cyberspace continues.
Cyber Strategies of Great Powers Amid the COVID-19 Pandemic
The boundless nature of cyberspace makes its utility boundless as well. This domain is not only important in the military and economic aspects of the great power competition but also in the context of the COVID-19 pandemic. The virus, from a newly identified coronavirus SARS-CoV-2, is an infectious disease that originated from Wuhan City, China in December 2019. The spread of the virus in over 200 countries has disrupted government systems and people’s everyday affairs. The emerging ‘new normal’ during the COVID-19 pandemic prompted people to stay indoors and spend more time on the Internet.
The success stories of countries in COVID-19 response highlight the necessity of technological capability to combat the pandemic. Asia-Pacific countries such as China, South Korea, Singapore, and Japan actively deploy technology “to collect data on the virus’s progress and efforts to contain it, including tracking those who are infected and their contacts.” Most of these efforts involve mobile apps for contact tracing. In particular, South Korea’s quick and effective response was powered by its surveillance technology and transaction data. The South Korean government repurposed the massive amount of information it has collected to trace people’s transactions and integrate multiple forms of digital information. Singapore also provides a great example of using information and communications technology (ICT) for rapid and large-scale contact tracing through digital footprints.
Meanwhile, China has integrated its contact tracing and quarantine enforcement applications to the messaging application WeChat. Central to the US’ efforts is the development of a vaccine called AZD1222. The US Department of Health and Human Services (HHS) partnered with AstraZeneca, a British-Swedish multinational biopharmaceutical company to develop and conduct clinical testing of the AZD1222 which uses a vaccine platform technology for large-scale production. HHS Secretary Alex Azar stated that providing a vaccine to the American public as soon as possible will safely reopen the country and bring life back to normal.
Aside from these technological efforts, cyberspace has become a tool for great powers to manipulate the pandemic and advance their respective interests. State-linked cyber criminals have taken advantage of the pandemic. In May, the US accused China-linked cyber actors of stealing COVID-19 research on vaccines and treatments. According to the US Cybersecurity and Infrastructure Security Agency, the incident poses a significant threat to the US’ response to the virus. China’s Foreign Ministry spokesperson Zhao Lijian denied the accusation by stressing that “China is a staunch upholder of cybersecurity and a victim of cyber attacks.” In support, Hu Xijin, the editor of state media organization the Global Times, stated that the accusation is “in line with the long-term distortion of China’s image by the US.” The World Health Organization (WHO) noted that there has been a fivefold increase in cyber attacks since the start of the pandemic.
The COVID-19 pandemic has also become a channel for power projection. The US points to China as the place of origin of the virus, with US President Donald Trump referring to COVID-19 as the “Chinese Virus;” whereas China has also set out a narrative that the virus is a US creation, with Zhao Lijian stating that it was the US military who brought the virus to China. Driving this competition is the growing perception that the first country to produce successful vaccines and treatments will be viewed as the “savior” of the world. It will also create a favorable economic impact. Both the US and China have expressed willingness to share to the Philippines any vaccine that will be successfully developed, stating that the Philippines is an ally of the US and a “friendly neighbor” of China.
Notably, the COVID-19 pandemic is conveniently being used by the great powers to advance their cyber strategies on key security areas. The pandemic has also shown that great powers will assess and adjust to a situation, and always pursue their national interests.
In the current geopolitical setting, cyberspace serves as a new domain for great power competition. This will create both opportunities and challenges for the Philippines as a small state in the Asia-Pacific. Several policy recommendations are proposed for consideration.
First, the Philippines must strengthen its cyber capability. In addition to boosting its IT infrastructure system, developing its education and training programs, and pursuing the review of the MDT, collaboration with security partners such as Australia, Japan, and the Association of Southeast Asian Nations (ASEAN) must be highlighted. The ASEAN Smart Cities Network (ASCN), a new platform for ASEAN cities towards a smart and sustainable urbanization, is a tool which can be improved. If smart technologies are central to the ASCN, cities must not only be smart and sustainable, but also secure. Making lives easier through the use of modern IT must not compromise the security of ASEAN countries’ cyberspace. The collaboration, however, must not be projected as an encirclement or containment by the US and its allies to China to avoid the risk of conflict escalation.
Second, widespread, systemic cyber- attacks must be anticipated to ensure early and decisive actions. The COVID-19 pandemic has shown that responding to a health crisis is similar to addressing cyber threats. In fact, the occurrence of a “cyber pandemic” in the future is possible. For instance, the 2003 Slammer/Sapphire worm is one of the fastest worms in history which spread to over 75,000 infected devices in just 10 minutes. The spread of virus will be faster as communities grow more dependent on cyberspace. It might not directly affect people physically but their critical information and privacy are jeopardized. In addition, a cyber pandemic might create more economic disruption than what states are experiencing with COVID-19. If millions of devices will be taken offline and the world will experience a cyber lockdown, all businesses, communication, and data transfers will be blocked. It is estimated that a day without the Internet would cost more than US$ 50 billion which means US$ 1 trillion loss for a 21-day cyber lockdown.
Third, the Department of Information and Technology (DICT), as the primary institution for the pursuit of the government’s ICT development agenda, must work in close partnership with the Armed Forces of the Philippines (AFP) in innovating cybersecurity measures. The AFP has a vital role not only in securing and defending the country’s physical territory but also in ensuring that critical and highly-confidential information on national security will not be obtained by adversaries through cyber espionage.
Fourth, norms for the responsible use of cyberspace must be established among states. The prevalence of cyber-attacks has led various stakeholders to turn to the creation of cyber norms that can “regulate state behavior and limit damages from malicious cyber activity.” The development of cyber norms can be done in several processes. Multilateral norm diplomacy involves state to state exchange of cyber norms through organizations such as the United Nations General Assembly. Private norm processes involve private institution to state interaction, with high-profile experts offering recommendations on cyber norms for states. In addition, industry-focused norm processes are industry to industry efforts to identify cyber norms. Finally, multi-stakeholder norm processes incorporate all three processes together, providing an inclusive forum to discuss, identify, and advance cyber norms.
Through the ASEAN Ministerial Meeting on Cybersecurity, member states have expressed support to adopt basic, operational, and voluntary norms to guide the use of ICT in the region. However, regional norms in cyberspace are still subject to contestation. This requires a higher level of trust in cyberspace for the effective implementation of ASEAN’s 2020 ICT Master Plan.
In sum, the Philippines must continue to assess viable recommendations to avoid being unnecessarily trapped in the binary choice between the US and China.
With the desire to redeem its past glory, China is employing all necessary options to achieve global hegemony. The rise of China fueled the great power competition in the Asia-Pacific, and ultimately, the world. With states constantly adapting to change, the rivalry between the US and China has also gained a new ground in cyberspace. As much as it provides opportunities, cyberspace has also enabled great powers to conduct illicit operations to achieve their interests. In a liberal world view, states have a natural tendency to cooperate and engage on dialogues about common security issues. This is true for the small states in the international system that cannot rely on their own. But for the great powers who have all the means, the realist world view is more appropriate. Great powers cooperate but it is expectedly in the attainment of their national interests.
With this, the Philippines must capacitate itself and strengthen its cyber capabilities. Russian President Vladimir Putin said that whichever country leads in artificial intelligence by 2030 will rule the world. Although leadership in cyberspace may be too ideal for the Philippines, cyberspace is a domain that is not only for the great powers to utilize but also for the smaller states to explore.
# # #
Christine Lisette M. Castillo is a Training Specialist at the Research and Special Studies Division of the National Defense College of the Philippines (NDCP). The views expressed in this policy brief are those of the author alone and do not necessarily reflect the views of NDCP. The readers are free to reproduce copies or quote any part provided proper citations are made. For comments and suggestions, please email firstname.lastname@example.org.