Are China and the US ready for a truce on cyber-espionage? | Misha Glenny

For China the right to control content for its citizens is a key concern but for the US, it is the struggle to maintain the system of intellectual property rights and technological supremacy

In the last year, the Obama administration and the US national security community have been ever more vocal in their anger at what they regard as state-sponsored cyber-attacks emanating from China on government institutions and private corporations.

Officially, China denies the accusations. Yet the evidence from cybersecurity companies, western governments, independent research institutes and even strategy documents published by the People’s Liberation Army, of Chinese complicity in attacks on economic targets is overwhelming. The number of significant breaches continues to proliferate with ever-more damaging consequences for those targeted. It has only been in advance of Xi’s current trip to the US that analysts have registered a marked downturn in the number of attacks.

The US and west European countries consider the targeting of industry a separate issue from political espionage. Before president Xi Jinping’s last visit to the United States in June 2013, the White House had trumpeted well in advance that president Obama had placed China’s cyber-espionage programme at the top of the agenda.

Three days before the meeting, however, Edward Snowden revealed his first secrets about the NSA and its extensive surveillance programmes. It was probably no coincidence that Snowden made his initial announcement in Hong Kong. Whether the Chinese facilitated the whistleblower’s dramatic appearance on the world stage or not, I like to imagine Xi walking into the meeting with Obama, throwing down a copy of the New York Times with its Snowden headlines and enquiring politely, “I gather you want to talk about cyber-espionage?”

Until that point, most major states had been engaging in wholesale and extensive digital spying for well over a decade. But they had all routinely denied it. After Snowden’s Hong Kong moment, nobody bothered anymore. The world’s most powerful governments, a host of minor ones and a growing body of non-state actors from the hacktivist group Anonymous, through Mexican cocaine cartels to the cyber-caliphate linked to Isis, have been caught with their fingers in the digital till of potential or actual rivals and enemies (and in some cases friends) to extract information.

Even if governments denounce such activity in public, in reality they all accept that it is no more than an extension of an organised, accepted, indeed regulated, practice between states throughout the 20th century. This is spying – no more and no less. The digital version simply multiplies the possibilities. Spies merely have a much more powerful tool at their disposal. Arguably, the very reach of cyber changes the essence of espionage as its practitioners are no longer simply investigating state secrets but gathering information about entire populations. However, no government seems very interested in making that case.

There are, however, three areas into which common-or-garden espionage spills over in a networked world: sabotage and warfare; intellectual property rights and economic espionage; and finally civil rights and surveillance.

Now, to the surprise of many, Washington and Beijing seem keen to agree on some basic ground rules of how to behave to prevent any such spillage from corroding their relations. What the outcome of this will be nobody yet knows. Their motives are different. For China the right to control content for its citizens is a key concern. For the US, the struggle to maintain the system of global intellectual property rights and the maintenance of technological supremacy are important drivers.

The Chinese are keen to reach an agreement of a “non first-use” policy of cyberweapons against other countries’ critical national infrastructure, for example transport, communications and utilities systems. The Americans want a commitment from the Chinese to stop targeting companies.

Washington officials are dampening expectations that any concrete agreement is imminent but president Xi’s comments on this trip so far (together with the drop-off in attacks) seem to suggest that China is keen to talk. Xi specifically denounced the practice of using cyber-attacks to steal intellectual property or gain any market advantage over competitors, an issue that he has avoided in such detail hitherto.

If the two sides build upon this apparent willingness to engage with cyber-malfeasance, it will be an important and welcome first step, indeed a significant moment in trying to bring some order to the digital cacophony that reigns.

At the moment, there is no consensus on what states can and can’t do to each other, hence the free-for-all. Cyber is also seen as an area that governments can use to pressure one another. Until 2006, Britain’s Serious Organised Crime Agency enjoyed good co-operation with the Russian Interior Ministry when investigating cybercrime. Once Alexander Litvinenko, the former KGB officer turned opponent of Vladimir Putin, was poisoned in November that year, that co-operation was closed down. Dialogue on cyber issues between the US and Russia has been largely frozen since the Ukraine conflict began.

The fact that Washington and Beijing now actually want to lay down some ground rules is a very encouraging sign. Although some cyber-activists fear that this is the beginning of a system of global governance of the internet and hence interference in the web, this misses the point. Governments have been assigning themselves rights to interfere in what people can or can’t do on the internet and what level of privacy they might expect for years.

As was the case with the Helsinki accords, civil rights campaigners can build on agreements between states to defend the rights of individuals. This should be part of any system of governance of the internet that now seems very likely to emerge.


Misha Glenny

The GuardianTramp

Related Content

Article image
China reacts furiously to US cyber-espionage charges
Beijing calls indictment of five Chinese officials preposterous, accuses US of double standards and summons ambassador

Jonathan Kaiman in Beijing

20, May, 2014 @12:31 PM

Article image
The Guardian view on cybersecurity: trust – but verify | Editorial
Editorial: The use of Chinese-made equipment in Britain’s broadband infrastructure demands, and gets, careful scrutiny


20, Jul, 2018 @4:29 PM

Article image
David Cameron challenges China to be more open about cyber-security

Prime minister seeks talks on 'issue of mutual concern' amid western fears that Beijing is behind most aggressive online attacks

Nicholas Watt in Shanghai

04, Dec, 2013 @12:01 AM

Article image
Study reveals North Korean cyber-espionage has reached new heights
Spying unit is widening its operations into aerospace and defence industries, according to US security firm

David Taylor in New York

20, Feb, 2018 @12:31 PM

Article image
The Guardian view on cyberwars: enter the trolls | Editorial
Editorial: The great breach in the US government’s database is a classic case of informational smash and grab. But operations to plant misinformation are also worrying for states which care about truth


05, Jun, 2015 @6:11 PM

Article image
John Kerry hits out at Chinese cyber-spying
John Kerry has condemned computer espionage at meetings in Beijing amid new reports of Chinese hacking of US offices

Jonathan Kaiman in Beijing

10, Jul, 2014 @12:18 PM

Article image
China likely behind hack of US data, says House homeland security chair
Mike McCaul calls attack ‘most significant breach of federal networks in US history’, amounting to espionage – but the White House has not assigned blame

Martin Pengelly in New York

07, Jun, 2015 @5:59 PM

Germany accuses China of industrial espionage

Cyber sabotage and phone hacking rife, agent says, as Chinese workers caught stealing secrets

Kate Connolly in Berlin

22, Jul, 2009 @6:57 PM

Article image
Cyber review warns UK and west in ‘clash of values’ with Russia and China
Ministers and spy chiefs warn Britain must improve capabilities and wider digital skills to meet ‘evolving’ challenges

Dan Sabbagh

14, Dec, 2021 @10:21 PM

Article image
Sony CEO insists 'we made no mistake' after US accuses North Korea of hack – as it happened
President Obama says Sony ‘made a mistake’ in pulling The Interview after threats from North Korean hackers

Alan Yuhas

19, Dec, 2014 @9:37 PM