Two days ago, the U.S.-Japan Cyber Defense Policy Working Group issued a joint statement pledging closer cooperation between the United States and Japan on cyber defense issues.
The working group, set up in October 2013, notes the “growing level of sophistication among malicious cyber actors, including non-state and state-sponsored actors, who are increasingly willing to demonstrate their intent and ability to do harm against information systems, critical infrastructure and services upon which our people, economies, governments, and defense forces rely.”
Consequently, in the face of these ever-increasing threats emerging from cyberspace, Tokyo and Washington agreed to step up their joint cyber deterrence posture and “take appropriate cooperative actions,” according to the released statement.
In its simplest form, any good deterrence strategy is built upon two principle factors: good defense and the threat of retaliation. In addition, attribution — tracing back an attack to a specific source — is paramount in cyberspace.
Once the perpetrator is identified, “the U.S. military may conduct cyber operations to counter an imminent or on-going attack against the U.S. homeland or U.S. interests in cyberspace,” according to the Pentagon’s new cyber strategy.
However, one of the most crucial aspects in implementing any cyber-deterrence strategy is to determine the precise nature of an attack against critical information infrastructure, in order to assess the appropriate response. This is only possible through well-established information sharing mechanisms.
It comes then as no surprise that the joint statement places a premium on U.S.-Japanese cyber threat data sharing: “The MOD and DOD, in cooperation with other relevant government agencies, are to explore how to improve cyber information sharing through various channels in a crisis environment, and work toward timely, routine, two-way information sharing and the development of common cyber threat indicators and warning.”
The working group’s joint statement supplements the new U.S.-Japan Defense Guidelines released in April, which also call for closer cooperation in cyberspace, particularly in the field of information sharing.
Additionally, the chief of U.S. Cyber Command recently reiterated that the United States will step up its active cyber defense postures in order to deter attacks on U.S. critical information infrastructure. Tokyo is also expected to follow suit. Japan’s Self-Defense Forces’ cyber defense unit currently has around 90 members, whereas the Pentagon fields up to 6,000 cyber warriors.
As I pointed out before, Japan continues to expand its network of partners across the world to find means to jointly combat cyber attacks. The year 2014 in particular saw an increased push by Japan to forge closer ties with like-minded countries in cyberspace. For example, on the multilateral level, in November 2014, Prime Minister Shinzo Abe, Australian Prime Minister Tony Abbott, and President Barack Obama met in Brisbane, Australia, during the G20 Leaders’ Summit pledging their “their firm commitment to deepen the already strong security and defense cooperation,” especially in cyber capacity building.