Authoritarian state cyber ecosystems endanger international stability

National authorities need the expertise of academic institutions, private enterprise and specialists to succeed in a continually evolving cyber world. The combined capacities and capabilities of various actors in complex networks is called a cyber ecosystem. Cyber enterprises and researchers may also become integrated into the national espionage and influencing apparatus in authoritarian countries, such as Russia and China.

The cyber world has become an arena for displays of geopolitical power. States in a rapidly digitalising world have had to focus resources on defensive cyber capabilities. Strong cyber ecosystems deliver more comprehensive promotion of national security and resilience to cyber threats. Growing geopolitical tensions have nevertheless blurred the boundaries between defensive and offensive capabilities and objectives. Particularly under authoritarian regimes, cyber development has focused on harnessing national cybersecurity resources as a component of intelligence and influencing operations that serve the interests of the state. The same operational capabilities are also used for maintaining internal control in such states.

Government administrations in both Russia and China have sought to integrate the expertise of cyber enterprises and specialists into their espionage and influencing activity. This aim has been promoted through tightening legislation, investing in cyber security research, and boosting private sector involvement in producing services and tools for intelligence and influence activities. Especially China has expanded its cyber ecosystem to a particularly unprecedented scale.

 

ANALYSIS: ​Russia views cyber dimension as an arena for modern conflicts

ANALYSIS: China seeks cyber superpower status

What is a cyber ecosystem?

No single actor can alone defend a state in a cyber environment. Such defence requires cooperation between various sectors. Cyber ecosystems comprise enterprises involved in safeguarding the cyber environment or in service provision, intelligence and security authorities, armed forces, research institutions, the media, and other organisations that are required to protect national security in a cyber environment. Cyber ecosystems combine the resources and capabilities of these varying actors to serve the national cybersecurity of states more comprehensively.

Cyber ecosystem Russia and China.
Education and research, Duties

RUSSIA, CHINA - Detailed legislation

Laws, statutes and technological standards guide cybersecurity research, information management and training, service, software and hardware development, and cross-border data communications.

CHINA - Restriction of information sharing, also Public sector, Duties

Public and especially international sharing of cybersecurity information is restricted by such means as restricting free expression and preventing cyber specialists from participating in international information security events.

CHINA - Compulsory reporting of vulnerabilities

Enterprises, security researchers, specialists and even private individuals are required to report all software and hardware vulnerabilities to state authorities immediately. This duty of notifi cation is also subject to the ban on free expression and restrictions on corrective measures.

Education and research, Guidance

RUSSIA, CHINA - Cyber events

National cybersecurity events serve as information gathering and recruitment platforms for the security and intelligence services.

RUSSIA, CHINA - Training programmes

China in particular has enlarged national cybersecurityfocused training programmes and courses, together with national programmes of accreditation and certification.

Education and research, Incentives

RUSSIA, CHINA - Financing

The government finances national security vulnerability and cyber warfare research.

Public sector, Duties

CHINA - Restriction of information sharing, also Education and research duties

Public sector, Guidance

CHINA - National Vulnerability Database

A National Vulnerability Database gives the intelligence agencies continuous access to the latest attack vectors.

CHINA, PARTLY RUSSIA - Businesses as cover for public authorities, also Public sector guidance

Chinese intelligence agencies use enterprises masquerading as information security vendors as cover in cyber espionage work.

RUSSIA, CHINA - Authoritarian governance

The work of government departments that focus on industry, information technology and national security, and of their subordinate organs and associations, is strongly subject to the supreme state leadership.

Private sector, Duties

RUSSIA, CHINA - Duty to disclose information and grant access to public authorities

Hardware manufacturers and service providers operating in China are required to assist the intelligence authorities upon request, including by disclosing information, granting access and lending infrastructure.

Private sector, Guidance

RUSSIA, CHINA - Authoritarian governance

The work of government departments that focus on industry, information technology and national security, and of their subordinate organs and associations, is strongly subject to the supreme state leadership.

CHINA, PARTLY RUSSIA - Businesses as cover for public authorities, also Public sector guidance

Private sector, Incentives

CHINA, PARTLY RUSSIA - Subcontracting

Freelance actors provide independent cyber espionage and intrusion as a service.

CHINA, PARTLY RUSSIA - Private sector involvement in intelligence

Private enterprises subcontract tools and infrastructure to Chinese intelligence services