news

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

Source: Global Times

What kind of threat does cyber hegemony pose to the security of global cyberspace? What does the deep nesting of monopoly enterprises and hegemonic countries mean to the entire world at the forefront of the information technology revolution? These two widely controversial issues have just received the latest example: starting from July 19, users in many parts of the world reported that computers using Microsoft operating systems had blue screens. It has been confirmed that this was a network paralysis caused by a malfunction of FalconSensor, an endpoint security software released by the US cybersecurity company CrowdStrike, during a system file update.

The countries affected by the massive network outages include the United States, Australia, the United Kingdom, Germany, and Canada. The British Broadcasting Corporation (BBC) found that Russia and China were less affected, but it habitually confuses right and wrong, saying that CrowdStrike often makes critical comments, which makes its products unpopular with China and Russia. In fact, if you understand the relationship between Microsoft, CrowdStrike, and the US government, you will not think so.

According to documents disclosed by Snowden, Microsoft has long cooperated with the National Security Agency in conducting surveillance activities, providing it with technical support and data access rights. CrowdStrike goes even further: before founding CrowdStrike, one of its co-founders and chief technology officer, Alperovich, had worked closely with the US national security agency in the field of responding to the so-called cybersecurity threats from Russia; the current chief security officer, Sean Henry, was a senior official of the FBI before joining CrowdStrike. It is precisely because of this relationship that CrowdStrike, founded in 2011, has joined the US government-led cyber siege against China since 2013. It has undertaken and written a number of so-called Chinese APT (Advanced Persistent Threat) series reports named "Panda", providing ammunition for the US government to discredit China's international image.

In short, the relationship between Microsoft, CrowdStrike, and the US government, as well as this cybersecurity storm, show us that the combination of monopoly enterprises and cyber hegemony will bring significant risks, challenges, and threats in at least the following aspects:

First, the hegemony's support for monopoly enterprises has further exacerbated the negative effects of market monopoly. Market monopoly and improper use of monopoly status have the negative effect of weakening technological competition. Once they are securitized by the hegemonic country, the motivation of monopoly enterprises to innovate in technology and capabilities will be further weakened. Judging from this "blue screen incident", Microsoft and CrowdStrike, relying on their close relationship with the US government, have monopolized a market share far beyond the scope of their security service capabilities. Once a problem occurs, the impact is extremely wide and difficult to respond.

Second, the combination of cyber hegemony and monopoly provides a structural environment for amplifying minor risks. The BBC noted that China and Russia were relatively less affected, but failed to see or deliberately ignored the reason that the United States, a country that maintains its cyber hegemony and its leading edge, banned the sale of CrowdStrike-related software to China. This is part of the United States' "small courtyard and high wall" against China. The final result is that minor risks, such as an unintentional mistake made by an employee in a certain operation, enter a risk environment that is rapidly amplified, because after being protected by hegemony, the abnormal pursuit of profits by monopoly enterprises will be significantly amplified. The industry has been complaining about Microsoft and other companies that, in order to pursue high profits, systematically reduce, weaken, or even eliminate the evaluation process to achieve "increase benefits and reduce costs."

Third, the embryonic form of global cyber warfare after the combination of cyber hegemony and monopoly has initially emerged. This incident, at the level of sovereign state cyber security strategic game, verified the assumption that monopoly enterprises can provide hegemonic countries with asymmetric technological advantages, increasing the risk of their implementation of a "preemptive" strategy in cyberspace. The incident proved that many countries cannot rule out the possibility that the US government will use the technological advantages of Microsoft and CrowdStrike to conduct network monitoring and attacks on a global scale. This undoubtedly exposes global cyber security to huge risks and challenges.

This "blue screen incident" has verified an old saying: "When America's opponents are dangerous, when America's allies are deadly." This reminds all countries that they should learn from this, pay close attention to and be vigilant about the risks brought by cyber hegemony, deepen exchanges and pragmatic cooperation, and work together to avoid and respond to the negative consequences that may be caused by excessive monopoly. In particular, the "global South" should strengthen cooperation and jointly respond to the threats and challenges brought by cyber hegemony. This incident also reminds all parties that they should pay close attention to the concept of a community with a shared future for cyberspace advocated by China, recognize and accept the concepts and propositions of development, security, governance, and inclusiveness advocated by China, and work together to build a more inclusive, prosperous, peaceful, secure, equal and inclusive cyberspace. Specifically, we can start from the following aspects:

First, effectively check your own key infrastructure, starting from product deployment to capacity building, and systematically eliminate all existing risks, problems, and challenges.

Second, the supervision of technology, products and industries should proceed from the perspective of overall national security, truly achieve and realize the coordination of development and security, and ensure that relevant technologies, products and services are optimized and improved in a more transparent, open and traceable manner in accordance with industry rules and balancing diverse needs. Especially in the release of patches and updates for high-privilege software, building a system-level coverage of software supply chain security capabilities and capability systems should become a high-priority development focus that all parties agree on as soon as possible.

Third, carry out effective and pragmatic cooperation in the dimensions of governance and behavioral rules. This "blue screen incident" also proves that cyber hegemons and their core allies are also vulnerable when facing attacks and risks in cyberspace. It is time for all parties to promote security dialogues on cyberspace trust and strategic stability on a global scale to ensure the construction of effective codes of conduct and jointly maintain the security, stability and development of cyberspace. This is vital for all mankind. (The author is the director of the International Cyberspace Governance Research Base of Fudan University, the executive director of the National Security Research Center of Fudan University, and a professor)