In recent years, China’s assertiveness in the South China Sea (SCS) has intensified tensions with neighboring claimant countries like Malaysia, the Philippines, and Vietnam. While military coercion has typically characterized China’s approach, the country has increasingly relied on cyber warfare as a covert means to intimidate and manipulate these nations. This strategic shift stems from China’s long-standing emphasis on information warfare and technological development.
China employs a range of cyber-attack tactics, including Distributed Denial-of-Service (DDoS) attacks, website defacements, industrial control system attacks, and ransomware assaults. Cyber threat groups linked to Chinese interests, such as APT40, APT41, Mustang Panda, and Naikon, have been particularly active in targeting Southeast Asian countries involved in SCS disputes. Recent developments show the emergence of new cyber actors like Cluster Alpha, Cluster Bravo, and Earth Longzhi, which have been involved in cyber operations against claimant states, posing serious threats to cybersecurity in the region.
A report by Sophos detailed how these groups have conducted cyber intrusions aimed at high-level Southeast Asian government departments, retrieving sensitive documents related to the SCS strategy. Notably, the group Unfading Sea Haze has executed numerous cyberattacks on military and government bodies in nearby nations, while the advanced persistent threat actor Salt Typhoon has focused on telecommunication sectors in countries like the Philippines and Vietnam.
The connection between maritime and cyber conflicts is evident in how China’s cyber operations aim to psychologically impact target nations, shaping public opinion to support Beijing’s political goals. For instance, Chinese hackers were reported to have created a deepfake audio of Philippine President Ferdinand Marcos Jr. purportedly calling for military action against China, which was intended to escalate tensions despite lacking any basis in reality.
Countries such as the Philippines and Vietnam have faced significant cyber onslaughts due to their assertive stances on territorial integrity. A report noted a staggering 325% increase in cyberattacks on the Philippines early in 2024 compared to the previous year, with methods including data breaches and misinformation campaigns. Historical instances of cyber conflicts between the Philippines and China can be traced back to a 2012 standoff, and continued allegations of cyber espionage have targeted both nations.
In contrast, Malaysia has largely avoided similar cyber aggression. By adopting a more cautious diplomatic posture and prioritizing effective cybersecurity measures, Malaysia has established itself as the most cyber-competent nation in Southeast Asia with a robust National Cyber Security Agency coordinating efforts across sectors. Public-private partnerships and national awareness programs have further fortified its defenses, enabling the country to maintain economic ties with China while minimizing cyber threats.
While Southeast Asian nations strive to strengthen their cybersecurity frameworks and foster regional cooperation, countries like the Philippines and Vietnam remain vulnerable due to their firm stances and existing cybersecurity weaknesses. To combat these escalating cyber threats, the two nations must bolster their capabilities—taking cues from Malaysia’s proactive measures to create a resilient and adaptive cybersecurity approach amidst intensifying Chinese cyber aggression.
Source link
