Why South Korea is now a bigger player in US-China cyberwarfare
South China Morning Post
5 min read
For three days earlier this year, defence personnel from more than 20 Nato and Indo-Pacific countries descended on the South Korean capital to work out what a regional cyberwar might look like.
In the APEX war gaming, critical infrastructure of multiple allies was attacked and participants had to share and verify information to come up with defensive strategies and countermeasures.
The APEX exercise is one of a series of multinational cybersecurity drills and summits that South Korea has taken part in over the past year.
Do you have questions about the biggest topics and trends from around the world? Get the answers with SCMP Knowledge, our new platform of curated content with explainers, FAQs, analyses and infographics brought to you by our award-winning team.
South Korea also attended the annual Nato-supported Cyber Champions Summit in Sydney, Australia in September, and will host the event next year. In addition, it took part in the Locked Shields live-fire cyber defence exercise with Nato members in April.
While China did not take part in any of these events, it was an obvious presence.
Observers say South Korea has been working more closely with the United States and its allies in a cybersecurity strategy aimed at China - one that looks set to deepen.
Chinese military observer Liang Yongchun said the impact of this growing cooperation on security in East Asia "should not be underestimated".
Liang told state broadcaster CCTV last month that South Korea was actively seeking to be a strategic "beachhead" for Nato's cyberwarfare in Asia, with the potential to be a base for US cyberattacks against third parties.
The move, he said, was on a par with the deployment of a controversial US anti-missile system in South Korea in 2017, which set off an upheaval in Seoul's relationship with Beijing.
"This could pose a security threat to East Asia that is comparable to the deployment of the Terminal High Altitude Area Defence (THAAD) system by US forces in South Korea, which must be taken very seriously by China," Liang said.
Zhao Minghao, deputy director at the Centre for American Studies of Fudan University in Shanghai, agreed on the THAAD comparison.
He also said China would see the US-South Korean engagement against the broader backdrop of the US-China tech rivalry.
Zhao said that as a hi-tech ally, South Korea played a critical role in supporting the US efforts to bolster its cyberwarfare abilities and "integrated deterrence" - a strategy targeting China and other adversaries.
The goal of the efforts was to consolidate abilities across different operational domains, including land, sea, air, space, and cyberspace, Zhao said.
Part of South Korea's importance in this area is its role as a gateway for regional communications infrastructure.
Liang said South Korea was a "key hub country" for cybersecurity because it connected the trans-Pacific submarine cables to the Asian continent, including many to China.
South Korea's hosting of the US-led APEX event was a clear signal of US intentions towards China, Liang said, adding other node countries such Japan, the Philippines, and Singapore also took part in the exercise.
"By controlling nodes like South Korea, the US can penetrate transmission systems and steal network secrets more easily," Liang said.
"By roping in these countries, Nato will gain access to entries where it can launch cyberattacks against China."
The US and Nato have conducted numerous cybersecurity exercises in the Indo-Pacific - not only with South Korea but other allies such as Japan and Australia through Aukus and the Quad.
Zhao at Fudan University said the efforts highlighted a growing trend of bloc confrontation in the Asia-Pacific, posing increasingly military and strategic threats to China.
He said the US was aiming to expand these coalitions to areas such as 6G and artificial intelligence.
"Cyber cooperation might serve as a precursor for the US to explore a framework or mechanism for building alliances and expanding influence, and then move forward in other areas. I believe this is something China is very concerned about," he said.
China has been boosting its military applications in cyberspace.
In April, China created new People's Liberation Army units for information, space and cyber operations in its most sweeping military reorganisation in nearly a decade.
But, Zhao said, there could still be a gap between the PLA's strength and that of the US and Nato overall.
"[China] must consider strengthening its military abilities for future warfare while addressing the intensifying security challenges in cyber operations," he said.
He also said China must try to head off the formation of blocs, saying a big driver behind the US-South Korea cyber cooperation was likely to be North Korea.
North Korea was at the centre of South Korea's decision to allow THAAD's deployment seven years ago.
Sean O'Malley, professor at the department of international studies of Dongseo University in Busan, South Korea, said the continuing cyberattacks from North Korea, along with its growing cooperation with Russia, bolstered South Korea's need for greater cooperation with the US and other like-minded states in cybersecurity.
"From the South Korean perspective, this cooperation is strictly for defensive purposes and should be understood as necessary protective measures against an increasingly dangerous cyber landscape," he said.
One way to stabilise relations with Seoul was for Beijing to acknowledge South Korea's rationale for deploying the THAAD missile defence system, without endorsing it.
"China could then offer to play the good neighbour and call for nuclear security talks among the concerned powers in Northeast Asia," he said.
