Threat Intelligence

Chinese hacking may slow, but…


By now, the process is almost routine. A major technology or defense company announces a serious security breach and suspicion quickly falls on China-based attackers. While U.S. officials have been coy about naming the culprit, preferring to say only that a nation-state was most likely behind the attacks, they have recently been more willing to raise the heat on Beijing by calling China out. So far, this naming and shaming does not seem to have had any effect on the calculus of Chinese hacking, and this is unlikely to change in the near-term. As a result, companies will have to continue to remain vigilant and take defense into their own hands.

The motivations for Chinese hacking are not mysterious. Government officials there are unhappy with China being the “factory to the world” – it is labor- and energy-intensive and damages the environment – and desperately want to move the country into higher-value sectors. To do this, China has significantly ramped up research-and-development spending, but it has also relied on foreign industrial espionage directed at high-tech companies. Hackers have also targeted the negotiation strategies and financial information of energy and banking companies.

Some types of hacking also act as a societal release valve, venting nationalistic feelings. Chinese officials, for example, turned a blind eye when hackers defaced the Nobel Foundation website after rights activist Liu Xiaobo won the Nobel Peace Prize in October 2010. Finally, open-source Chinese defense writings stress the importance of cyber attacks – both in the opening stage of a military conflict and as a deterrent to “outside powers.”

It should also be noted that the Chinese see a great deal of hypocrisy in Washington's actions in cyber space. As Chinese officials are quick to note, it was the United States that first set up a cyber command – thus, in their view, militarizing cyber space.

What could shift Chinese behavior? Chinese analysts currently see the United States as more vulnerable to attacks, more economically and militarily dependent on networks than China, but that balance may be shifting. Cyber crime is already threatening the Chinese economy – the country suffered close to 500,000 attacks in 2011, according to Chinese sources – and as the People's Liberation Army modernizes, it becomes more dependent on communication and computer networks. A more vulnerable China may be a more restrained China.

There are also competing interests within the Chinese government. While some factions may see economic espionage as providing a technology boost, other groups may worry that the risk to the bilateral relations with the United States is too high. In addition, for image and status concerns, Beijing traditionally does not like being on the outside of international agreements. Once there is an established set of international norms of state behavior in cyber space, China may slowly gravitate toward them.

Assembling an international consensus on cyber standards, influencing internal debates and waiting for China to become more vulnerable to cyber attacks are all long-term strategies with an uncertain chance of success. With no international agreement on the horizon, companies need to do a better job of protecting intellectual property and trade secrets. They should take inventory of all data stored digitally, remove critical information from vulnerable servers, and limit the time hackers are able to spend on networks by deploying intrusion systems. Chinese hacking is not going away soon.

Adam Segal is the Ira A. Lipman senior fellow at the Council on Foreign Relations. He blogs at Asia Unbound, and you can follow him on twitter: @adschina.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.