Friday October 18, 2019

CHINESE CYBER ESPIONAGE

June 2, 2014

Last week the US took the unprecedented step of indicting five members of China’s People Liberation Army (PLA) for cyber-espionage. Although countries frequently engage in cyber spying against each other’s governments, US officials feel China is unique in utilizing state resources to spy on private economic actors to learn their negotiating trade strategies and other company secrets.

The accused are Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui – all officers in the PLA’s Unit 61398, which is alleged to be a major source of Chinese cyber attacks in a Mandiant security company report. The victims are Westinghouse Electric Co; U.S. subsidiaries of SolarWorld AG; U.S. Steel; Allegheny Technologies Inc. (ATI); the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW); and Alcoa Inc.

The case against the PLA officers is largely symbolic. There is almost no chance these officers will be extradited to the US for prosecution. Washington instead intended the move to send a message to China to put a stop to its continued economic espionage and establish an international line between acceptable and non-acceptable forms of cyber-espionage.

China reacted swiftly to the indictments. First, it suspended the stagnant US-China Cyber Working Group. Later, China’s Foreign Ministry summoned US Ambassador to China Max Baucus to lodge a formal complaint against the US. China has also publically denied the US accusations. Chinese Defense Ministry spokesman Geng Yansheng stated the US fabricated the cyber-spying incidents, comparing the incident to US claims of weapons of mass destruction in Iraq prior to the 2003 invasion. China may still charge actors in the US with similar crimes, as it does with human rights and other issues.

The US case against 5 PLA officers has certainly jeopardized China-US cooperation and mutual trust. While it is unlikely that either side expected the U.S.-China Cyber Working Group would make significant progress on cyber-espionage issues, it could have allowed the two sides to start a mutual understanding about the rules of the road for cyber-conflict. For example, there are few international norms or rules regarding what kind of cyber-attack would be considered the equivalent of an armed attack. Some fear that a Chinese cyber-attack could be capable of shutting down major national infrastructure elements without ever putting a Chinese soldier on the ground, and vice versa. Thus, it is important for the US and China to discuss whether some targets are off limits and how each side would respond to a major cyber-attack.

But Everybody Does It…

China has deflected international criticism of its cyber-espionage program by pointing out US hypocrisy on the matter. When Edward Snowden made confidential revelations about the scope of the US National Security Agency’s global cyber-espionage operations, it included NSA hacking into Chinese universities and business, including China’s giant telecommunications firm Huawei. However, since Huawei is a state-owned enterprise (SOE), it is unclear whether spying on Huawei is equivalent to spying on the Chinese government, or a Chinese business.

With this first round of accusations, the US has sought to draw a distinction between espionage directed at military and diplomatic secrets and economic espionage – which aims to steal trade secrets from foreign companies in order to give national companies an edge over their international competition. According to the US, economic espionage is an illegitimate use of state resources.

To Be #1, you’ve got to beat #1

The disagreement about legitimate and illegitimate cyber-espionage activities is rooted in different conceptions about the proper role of the state. In China, the government has made economic growth its central responsibility for the past thirty years. It plays a greater role than the government in the US in directing the economy and industry, particularly through the SOEs. The Chinese Communist Party (CCP) sees its survival as closely linked to China’s levels of economic prosperity, and thus, cyber-espionage on behalf of strengthening China’s businesses is a legitimate extension of the state’s role in the economy. For the US, the West, and much of the world, economic affairs are largely the domain of private business. Governments have abided by laissez-faire economic principles. While there are certainly tangible relationships between the military and industry, nations have not directed military or government agency resources to advantage national companies.

The US is the world’s leader in technological, medical, and other innovations. Its constant development of new products and ideas give US companies an edge in international markets. It has little to gain from conducting economic espionage operations to steal secret technologies or business practices from Chinese companies. On the other hand, China is struggling to innovate and maintain its pace of economic growth. It stands to benefit a lot from economic espionage of US companies, and so the state sees its responsibility to direct its resources accordingly.

The American NSA and Chinese PLA are not the only cyber-spies that have been in the public eye lately. Both the US and China must also contend with Russian-based hackers. Russian hackers are not as numerous as Chinese hackers but are usually more skillful. Russia has become especially adept at using it cyber capabilities alongside ground operations, such as in Ukraine and Georgia. Russia’s cyber attacks could set a precedent for China’s use in its disputes in the East China Sea or South China Sea. The potential for China to use its cyber capabilities in a manner beyond espionage signals the crucial need for a forum like the US-China Cyber Working Group, so that the US and China can clarify how they would react to a future cyber-attack and minimize the risk of further tension and escalation if additional cyber disputes arise. If the US and China do not find a way to deal constructively with their different perceptions on the legitimate use of cyber space, confrontational attitudes on both sides could sadly become the new norm of US-China relations on cyber issues.

For more information on this topic, please see the following news sources:

The Diplomat“The Normative Origins of the US-China Spying Row”

The Diplomat“US Indicts 5 PLA Officers For Hacking, Economic Espionage”

New York Times“Q & A: Adam Segal on China, Cyberspies and the Moral High Ground”

Wall Street Journal“Chinese Hacker Charges a Rare Melding of Prosecution and Diplomacy”

Washington Post” U.S. announces first charges against foreign country in connection with cyberspying”

Compiled and edited by Amanda Conklin