Date
20 September 2017
China and the US have traded fresh charges against each other on cyber-espionage. Photo: Bloomberg
China and the US have traded fresh charges against each other on cyber-espionage. Photo: Bloomberg

China won’t accept US rules for cyber snooping

The decision by the United States to indict five officers of the Chinese military on May 19 for commercial cyber-espionage is unprecedented and appears to stem from political rather than economic reasons. Yet, there are strong economic factors at play.

For one thing, commercial cyber-espionage is estimated to cost the US anywhere from US$24 billion to US$120 billion a year.

This does not take into account the price Americans will pay for retaliatory steps that China has already taken and will continue to take.

China’s State Internet Information Office has announced a cyber security review of IT products, services and suppliers of information systems. Companies that fail the vetting, it said, would not be allowed to supply their products and services in China.

While the review ostensibly is not aimed at American companies, they are likely to be special targets. Already, IBM and Cisco Systems have suffered in the wake of revelations by former National Security Agency contractor Edward Snowden of massive spying by the US, including on Chinese institutions and companies. These revelations have heightened Chinese concern over the security of electronic systems and raised suspicion in particular of American companies.

The official English-language China Daily has defended the review as a “legitimate move”, pointing out that in 2012 a US congressional committee on intelligence had conducted security investigations into Chinese IT companies.

The Financial Times has reported that, in another retaliatory move, Beijing has ordered state enterprises to cut dealings with US consulting firms for fear that they are spying for Washington.

China has also announced that it would prohibit the use of Microsoft’s new Windows 8 operating system in new government computers, a move not directly linked to the American indictments. The announcement is likely to be a major blow to the company since China is the largest market in the world for personal computers.

The Chinese government has in recent years been replacing pirated software on official computers, spending about US$160 million for this in 2012.

Interestingly, while Washington ostensibly took the highly publicized action against China to protect the interests of corporate America, the US companies involved have not applauded the move.

For example, a spokesperson for Westinghouse Electric, Sheila Holt, was quoted as saying that the company had no comment on the indictment and “wasn’t expecting” it.

For one thing, it is embarrassing for companies involved to admit that their computers had been successfully hacked and confidential information stolen. For another thing, despite being victims of cyber attacks companies in general still want to do business with China.

It is not clear what the US expects to follow from the indictments. Certainly, the Chinese government is not going to cooperate in bringing about the extradition of the five military officers involved.

Although part of a criminal process, the indictments are in fact a political act. They may have symbolic value in telling China that the US knows what it is up to and will not tolerate such behavior. But the Chinese are unlikely to accept US rules for cyber espionage, which say that spying for national security is legitimate while commercial spying is a crime.

China has made it clear that it will not accept such a distinction. In fact, the Chinese have cited American news media, which reported that Americans, too, have engaged in economic espionage.

In a blog analyzing the situation, Jeffrey Carr, a cyber-security expert, acknowledged that the Chinese government “uses many tactics to acquire advanced technology” and visiting executives are likely to find “your hotel room wired, your laptop compromised … and your corporate network will be attacked by government-employed hackers and your files copied.”

However, Carr said that of the five American companies cited in the indictments – U.S. Steel Corp., Westinghouse, Alcoa, Allegheny Technologies, and SolarWorld – “not a single one had technology valuable to China except for Westinghouse which sold China the technology it wanted, and then taught Chinese engineers how to use it.” He concluded: “If this is the best that the Dept of Justice can do, things will get much, much worse for US companies.”

By and large, it seems, American companies are keeping their heads below the parapet and are waiting for things to quiet down.

Normally, if your home is broken into, you don’t plead with the burglars to stop doing it. You change the locks and take other measures. The US ought to be taking equivalent steps rather than trying to tell China to be a good boy and follow the rules. China won’t follow American rules.

– Contact us at [email protected]

RC

Frank Ching opened The Wall Street Journal’s Bureau in China in 1979. He is now a Hong Kong-based writer on Chinese affairs.

EJI Weekly Newsletter

Please click here to unsubscribe