In late-September, Quad foreign ministers released a joint statement on cyberattacks . Can Quad prevent increasing cyberattacks in the Indo-Pacific?
In June, Quad unveiled an expanded agenda where Australia, India, Japan and the United States (US) could cooperate on issues such as the climate crisis, health, and critical technologies. In late-September, Quad foreign ministers released a joint statement on cyberattacks that represents a significant development to tackle the rising spate of online threats.
A question rose among everyone that if Quad could prevent increasing cyberattacks in the Indo-Pacific.
It’s important to first understand Quad’s focus. The joint statement on ransomware targets malicious cyber activities from China, Russia, and Iran that target critical infrastructures across Quad and other countries. The statement identifies and singles out ransomware attacks, where the attacker locks and encrypts the victim’s data, critical files, and demands payment to unlock and decrypt data.
Quad moving ahead with constructive agenda
For Quad countries, ransomware attacks have increased. Several small, medium and large companies are experiencing such strikes, raising the cost of doing business. In addition, ransomware attacks have proliferated as reliance on the cloud increases, allowing hackers to target cloud-based networks.
One of Covid-19’s most significant effects is the accelerated adoption of digital technologies to deliver health care, personal finance, and education services. For instance, nearly 40% of adults in low and middle-income economies (excluding China) made their first online payments after the start of the pandemic. Unfortunately, as digital transactions exploded, so did ransomware threats. Three sectors — energy, health care services and finance — have borne nearly 45% of all ransomware attacks.
Quad countries have seen several cyberattacks since 2020. In the US, the Colonial Pipeline hack and the attack on JBS Foods are recent high-profile cases. The Australian Cybersecurity Centre notes a 15% increase in ransomware attacks in Australia in 2020-21. Indian entities, such as Oil India and SpiceJet, have been attacked since 2020. Japan witnessed 114 ransomware attacks in 2022, with almost 60% targeting small and medium enterprises. To be sure, ransomware attacks are not solely a Quad phenomenon; other countries have also been hit.
Quad’s interest and focus on ransomware are connected to the alleged sources of such malicious attacks. A BBC report earlier this year suggested that nearly 75% of revenues derived through ransomware attacks went to criminals and groups linked to Russia and China. Chinese hackers are using ransomware attacks for economic purposes, most recently to obtain vaccine research secrets.
Ransomware perpetrators can also be a part of State-backed cyber groups that conduct cyber espionage. One recent attack found that the Chinese state actor, APT 41, “has siphoned off an estimated trillions in intellectual property theft from approximately 30 multinational companies within the manufacturing, energy and pharmaceutical sectors”.
Undoubtedly, Chinese cyber operations pose serious national security challenges for Indo-Pacific countries and this, alongside other factors, appears to have given Quad enough reasons to kickstart cyber discussions. Quad discussions on ransomware can facilitate domestic policy changes that could better prepare each country to confront and constrain attacks.
First, Quad countries benefit from sharing information and experiences on the nature, type, and frequency of such disruptions that could lead to tighter domestic cybersecurity rules, especially punitive, and by strengthening policies such as cyber insurance that protect firms. Second, Quad discussions could strengthen domestic cyber capabilities through joint training exercises that could be further institutionalised; so far, Quad has regularized interactions between its members’ national Computer Emergency Response Teams. Third, Quad discussions can flag and highlight best practices to track and deter ransomware attacks through the “implementation of baseline software security standards.”