TOKYO -- The countries were fictional, but the scenario was disturbingly realistic: In annual NATO drills in late April, the nation of "Crimsonia" launched thousands of cyberattacks on the vital infrastructure of "Berylia." And for the first time, Australia took a front-row seat as an official observer -- part of a new push by Asia-Pacific countries to fortify their defenses against state-backed hackers.
Japan and Australia became members of NATO's cyberdefense hub earlier this year. Singapore, meanwhile, is leading the Association of Southeast Asian Nations' drive to deepen cybersecurity ties with the U.K. and Commonwealth countries. It is no secret the potential adversaries are states like Russia, China and North Korea.
The trio leads the world in state-sponsored cybercrime, according to a recent study by the Center for Strategic and International Studies in Washington and U.S. computer security company McAfee.
The latest drills, code-named Locked Shields 2018, were conducted on April 23-27 at NATO's Cooperative Cyber Defense Center of Excellence in Tallinn, Estonia. Crimsonia carried out over 2,500 attacks on 4,000 pieces of Berylian infrastructure, including telecommunications systems, power plants and military bases.
Berylia's buildings and IT networks were shown on computer displays, with miniature infrastructure flashing red as the attackers struck. More than 1,000 experts from 30 countries competed to display their defensive capabilities, testing their political, military and civil decision-making skills.
The drills, billed as the world's largest and most advanced international live-fire cyberdefense exercises, have been held each year since 2010. Australian Foreign Minister Julie Bishop, in an April 23 news release, explained her country's decision to get involved. "Now, more than ever, we must engage with the international community to set clear expectations for responsible state behavior in cyberspace."
Brendan Thomas-Noone, a research fellow with the United States Studies Center at the University of Sydney, said that "the coordinated announcement from the U.S., the U.K. and Australia in April that Russia had conducted a cyberattack last year that infected global infrastructure" also played into Canberra's decision.
The Australian government said up to 400 of the country's companies were affected by the attack. A more coordinated international response, and joint exercises between NATO and partners like Australia, may blunt the impact of future attacks or deter Russia from launching them, Thomas-Noone said.
Japan, which is enhancing its own cybersecurity standards, joined the NATO cyberdefense center in January when Prime Minister Shinzo Abe visited there, becoming the first Asia-Pacific country to do so. The government wants help from NATO and Western allies as Tokyo prepares to host the 2020 Olympics.
Japan, South Korea and Australia have all worked with NATO, but cyberspace is a relatively new area of cooperation. Experts from South Korea's National Security Research Institute helped organize the event in Tallinn.
As for the U.K. and Singapore, they are spearheading cyberdefense buildups across the ASEAN bloc and the Commonwealth. They intend to focus on capacity-building, including the training of experts.
At the Commonwealth heads of government meeting in London in April, the pair and 51 other countries agreed to forge what they called the world's largest cybersecurity pact. The goal is to bolster defenses by 2020, and the U.K. will set aside 15 million pounds ($20 million) for this purpose.
Singapore in late April chaired an ASEAN summit where members released a joint statement on cybersecurity cooperation "in recognition of the growing urgency and sophistication of transboundary cyberthreats." The inaugural ASEAN-Australia special summit in March produced a similar pledge, and in yet another example of increased cooperation, ASEAN and Japan will open a joint cybersecurity center in Thailand in June.
Singapore also hosted a conference called Cybertech Asia in March to encourage cooperation between the public and private sectors.
As allies team up in cyberspace, questions linger over North Korea. Jun Osawa, a senior research fellow at the Nakasone Yasuhiro Peace Institute in Tokyo, said the North "could still be a threat" online even if relations with the U.S. improve after the expected summit between leader Kim Jong Un and President Donald Trump.
Osawa suggested the sanctions-hit country needs $1 billion a year to maintain the regime, and that the government uses ransomware and other attacks to obtain foreign currency from targeted companies. If negotiations with Washington falter, Osawa said, Pyongyang may step up attacks on the U.S., Japan and South Korea again.