Cybersecurity: Developments in the PRC and implications for Australia - with Greg Austin

Guest: Professor Greg Austin, Deputy Director, University of New South Wales Canberra Cyber (formerly the Australian Centre for Cyber Security)

Host: Professor James Laurenceson, Deputy Director, Australia-China Relations Institute, University of Technology Sydney

The development and uptake of cyber-systems has been rapid and widespread in the People’s Republic of China (PRC). The PRC government has consequently sought to develop a stronger cybersecurity policy, with President Xi Jinping personally taking control of the Cyberspace Administration of China. It also seeks to promote its concept of cyber-sovereignty. However, the PRC’s use of cyber-capabilities at a state-level have come under increasing international scrutiny and criticism, with other countries becoming increasingly concerned about state-sponsored cyber-espionage attacks. Another worrying development is that state efforts to exert control over PRC citizens have increased in parallel with increasing technological capabilities.

What is the current state of China’s cyber-capability, and what does it aspire to going forward? How has this played out in the global arena? And how might it affect Australia? Greg Austin joins James Laurenceson to discuss these questions and more.

Professor Austin notes that while the PRC government’s definition of cybersecurity is almost identical to that of countries in the West, it differs in its political dimensions and, correspondingly, in the operation of its cyber-systems. For instance, although the PRC government employs cyber-capabilities in broadly similar ways to the US on the global stage, its domestic use is markedly different.

And while cybersecurity has been elevated to a major strategic priority – evinced by President Xi Jinping stating that ‘without cybersecurity, there is no national security’ – the reality is that the PRC government continues to face significant challenges to implementing cybersecurity strategy at a national scale. These include a current deficit of 700,000 cybersecurity professionals being projected to reach 1.4 million by 2020 and low numbers of students graduating with high-level qualifications in cybersecurity. This in turn contributes to an underdeveloped cyber-industrial complex, especially compared with the US. Of note is that a large proportion of cyber and cyber-security services in the PRC are in fact delivered by foreign firms such as Microsoft.

Professor Austin observes that while the PRC does possess and utilise a highly developed cyber-espionage capability, not dissimilarly to other countries, it cannot be said to dominate cyberspace technology. Nonetheless, cyber-espionage is a point of concern due to its focus on its domestic population and on those the PRC government perceives to be its political opponents. It is therefore important that Australian citizens  be protected from undue interference in cyberspace and for reporting around such interference or espionage to remain grounded. It is difficult however, to fully protect against cyber-threats, exemplified by the Australian National Audit Office’s consistent urging for faster progress on the implementation of just four cybersecurity strategies by Australian government agencies. 

The possibility of a cyber ‘Iron Curtain’ meanwhile, is difficult to contemplate. Extensive economic and technological links between the PRC, the US, and the global economy – also referred to as entanglement – are such that ‘disentanglement’ would precipitate catastrophically destructive effects on the global economy.

Summary written by Michael Zhou, Project and Research Officer, Australia-China Relations Institute, University of Technology Sydney.

Technical production by Amy Ma, Communications Officer, Australia-China Relations Institute, University of Technology Sydney.

Theme music by Sam J Mitchell.

April 11 2019