The "WannaCry" malware unleashed on May 12 that locked up over 300,000 computer systems in 150 countries for ransom was the mother of all cyberattacks in terms of geographic sway and sophistication. It unveiled a new era of hyperglobalized threats to information security and critical infrastructure, threats that respect few national or regional boundaries and claim victims from all walks of life.
Yet although this cyber worm has had a worldwide impact, it is in Asia that the most serious alarm bells should be sounded regarding internet security. Among the nations worst affected by WannaCry were China, India, Taiwan, Vietnam, Tajikistan and Kazakhstan.
According to China's National Computer Network Emergency Response Technical Team/Coordination Center, half of the infected systems globally in the initial two days of the attack were found to be in China. A staggering 30,000 or more educational, commercial and governmental institutions in China were paralyzed by the hostile freezing of their computer networks. Just as essential services in Europe ground to a halt, several Asian countries caught unawares suffered the same kind of severe disruption.
Research by American cybersecurity company Mandiant shows that the Asia-Pacific region is the most vulnerable to online attacks. Asia is 80% more likely to be targeted by hacking than other continents due to a variety of technical and political factors, it concluded.
Fast-growing Asian nations have forged integrated information platforms with cutting-edge web-based features like cloud computing, the internet of things and the merging of financial services with online management tools. The denser the networked nature of Asian economies, the greater the chances that they can be torn apart by determined hackers.
Another reason Asian countries have been taken hostage by ransomware is their tolerance for pirated software, which lacks the safeguards built into official versions. Rapid computerization and digitization without concomitant respect for intellectual property have left Asian IT systems vulnerable to WannaCry-style attacks.
The fact that authentic Microsoft operating systems equipped with up-to-date anti-virus programs were spared while pirated versions were crippled by WannaCry speaks volumes about the typical Asian habit of looking for shortcuts, savings and cheap deals while ignoring fundamental quality issues. The WannaCry blitzkrieg is a stern reminder to Asians to alter this mindset, invest more in copyright and be more vigilant about data protection.
But over and above these economic and technological flaws, WannaCry is also a reflection of weakened Asian defenses to cyberattacks due to geopolitical ambitions and rivalries within the region. According to Mandiant's owner, FireEye, most of the hacking that takes place in Asia is state-sponsored and aimed at scoring nationalistic points over perceived foes.
SPHERES OF INFLUENCE Chinese hackers, in particular, seem to be refocusing from targets in the U.S. and Europe to other parts of Asia in light of friction over competing claims in the South China Sea and rising competition for spheres of influence. Persistent Chinese penetration of computer systems in India, Indonesia, the Philippines, Vietnam, Hong Kong and Macau were reported by analysts after the 2015 U.S.-China deal on electronic spying. In that landmark agreement, the two governments committed to preventing internet-enabled theft of each other's intellectual property for commercial gain.
Having already secured access to high-tech Western scientific and industrial secrets through both human and cyber intelligence means, China is now at a stage of using cyberattacks to complement conventional warfare to bring its opponents to their knees. FireEye says that China's hackers these days are motivated by a clear political objective of "understanding the adversary and understanding their tactics." In other words, their mandate is to gain an advantage over perceived foes by infiltrating their communications and governance infrastructure.
Another Asian player that has emerged as a disproportionate threat in the cybersecurity domain is North Korea. In spite of its technological backwardness and isolation, Pyongyang has staged some audacious online attacks, including those on South Korea's news media, Sony Pictures Entertainment in Hollywood and the central bank of Bangladesh. A hacking group called "Lazarus," which Western intelligence identified as North Korean in origin, has raided financial information systems in a bewilderingly large number of countries worldwide in search of cash for illegal transfers.
Since WannaCry is a gigantic extortion racket with randomized global targets, the possibility that it is another daring sanctions-busting maneuver by a financially starved North Korea is plausible, though unproven. Given that China is a major victim of the havoc unleashed by WannaCry, one might even speculate that the worm is a nasty surprise from North Korean dictator Kim Jong Un to a Beijing that is likely to keep tightening the economic screws on Pyongyang as punishment for its nuclear and missile tests.
HYBRID WAR The manner in which ransomware was stolen from the U.S. National Security Agency's arsenal of cyber weapons by a yet-to-be-unmasked hacking group called "Shadow Brokers," and then sold online to the highest bidder, indicates that WannaCry is more than just a global heist with a profit motive.
This episode provides a rare window into how the intelligence agencies of big powers are stockpiling internet vulnerabilities for potential use against their rivals, and how these same nations are being embarrassed by leaks about their secret weapons by anarchistic whistleblowers or by other states masquerading behind the smokescreen of ransomware.
The advent of WannaCry is something of a second "Edward Snowden moment" for the U.S. government, which has much to explain about the provenance and purpose of the worm, which has attacked Russia with particular vehemence.
The key takeaway for Asia from the globalization of ransomware is that we are living in a mixed, hybrid stage of cyber insecurity. WannaCry is not mere cybercrime with pecuniary aims, but a symptom of a complex cyberwarfare matrix with political roots.
As the most geopolitically contentious continent with multiple fault lines of conflict, Asia is the theater where ordinary cyber criminals and sophisticated intelligence agencies with massive budgets merge into a fearsome combination. From the very beginning of cyberwarfare, governments have been known to use ordinary online criminals to pilfer information and engage in virtual wars. The unprecedented scope of WannaCry will whet the appetite for such hybrid warfare.
From the mightiest of Asian powers to the least, everyone now knows there are ways to access foreign-designed cyber weapons and deploy them to wreak maximum damage. Tech analysts are predicting that an attack even more destructive than WannaCry is in the cards. The game has just begun.
Sreeram Chaulia is a professor and dean at the Jindal School of International Affairs in Sonipat, India. His latest book is"Modi Doctrine: The Foreign Policy of India's Prime Minister."