Yimian Wu – Medill National Security Zone http://nationalsecurityzone.medill.northwestern.edu A resource for covering national security issues Tue, 15 Mar 2016 22:20:28 +0000 en-US hourly 1 Too early to judge the China-U.S. cyber agreement http://nationalsecurityzone.medill.northwestern.edu/blog/2015/10/06/too-early-to-judge-the-china-u-s-cyber-agreement/ Tue, 06 Oct 2015 15:50:52 +0000 http://nationalsecurityzone.medill.northwestern.edu/?p=23230

U.S and China signed a agreement aiming to stop cyberespoinagee and promote international cyber norms, but many experts say the the four-point plan is symbolic without specifics. Continue reading ]]>

WASHINGTON — The agreement between the U.S. and China, signed during President Xi Jinping’s visit to the White House last month, aims to stop cyberespoinagee and promote international cyber norms, but many experts say the the four-point plan is symbolic without specifics.

Some called it a “paper agreement,” while some recognized the agreement as major progress but took a “wait-and-see” attitude about how China will honor the agreement.

What is the agreement about?

According to the White House, the agreement covered four aspects of cybersecurity: Providing timely response to assist each other’s cyberinvestigations; vowing not to conduct online intellectual property theft; working together on international norms in cyberspace; and establishing a high-level information-sharing mechanism on fighting cybercrime.

For Christopher K. Johnson, senior China studies adviser at the Center for Strategic and International Studies, the most significant component of the agreement was the second aspect on the list: that neither government would “conduct or knowingly support cyber-enabled theft of intellectual property.”

“We can and should expect that the next time the U.S. has releasable evidence of this type of activity emanating from China, the administration will present such evidence to the Chinese, with the expectation that the responsible parties will be prosecuted to the full extent of Chinese law,” he testified at a Senate Foreign Relations Committee hearing on Sept. 29.

However, David Inserra, a policy analyst at the Heritage Foundation, a conservative think tank, argued it was “another paper agreement.”

He said that China had never admitted to engaging in cyberthefts. “They have agreed to stop a behavior that they deny ever engaging in. That doesn’t bode well as an indicator of their future behavior,” he wrote in Daily Signal, a website sponsored by the Heritage Foundation.

Nir Kshetri, management professor at University of North Carolina-Greensboro, said the two countries’ agreement to provide timely responses to requests for information and assistance related to cyberattacks was a major achievement.

“The lack of timely response has been the main point of complaint against each other,” he wrote in an email.

Kshetri gave two examples. “It was reported that in 2010, the FBI office in Beijing forwarded 10 letters through the Ministry of Foreign Affairs and received responses to two. Likewise, in 2010, Gu Lian of the Chinese Ministry of Public Security had noted that China received no response in its request for cooperation from the U.S. on 13 cybercrime cases involving issues such as fake bank websites and child pornography,” he wrote.

Inserra was again skeptical. “Will the Chinese help the U.S. investigate the five Chinese military officers that the U.S. charged with cybercrimes last year? Doubtful.”

Why now?

For years, the U.S. and China have blamed each other for cyberespionages and competed in military cybercapabilities. In May 2014, the Department of Justice charged five Chinese military officers with computer hacking and economic espionage against U.S. nuclear power, metals and solar products industries.

In June, The Washington Post reported that Chinese hackers stole personal data from the Office of Personnel Management, affecting about 4 million federal employees.

China denied both accusations and blamed the U.S. for large-scale cybertheft, wiretapping and surveillance activities revealed by Edward Snowden.

Kshetri, said that the two nations view each other as major sources of cyberattacks and a cybersecurity agreement was “a logical way to proceed.”

 

How will it affect both sides?

Another witness at the Sept. 29 Senate Foreign Relations Committee hearing, Melanie Hart, director of China policy at the Center for American Progress, acknowledged that the agreement would not “completely eliminate” cyberespionages from China. But she projected that China might apply new restrictions and require higher-level approvals for cyberspace intrusions targeting U.S. commercial entities and therefore reduce harm to U.S commercial interests.

James Andrew Lewis, senior fellow at Center for Strategic and International Studies, called the agreement “a significant step forward” in another Foreign Relations Committee hearing on Sept 30. He said this was the first time the Chinese leaders addressed the issues of commercial espionage.

But he also said, “In talking to administration officials, they know they have wiggle room in the language. They told me they would be watching closely to see how well the Chinese would live up to their commitment.”

“What I was told by (an Obama) administration official is that sanction is still on the table,” he added.

Johnson said economic sanctions are the “most effective punishment” but carries risks. Imposing sanctions is a “naming and shaming” approach that gives China “very little room to react, which is not what we want,” he said. “We want them to change their behaviors.”

 

 

 

]]>