U.S., China cyber security talks paying dividends

U.S., China cyber security talks paying dividends

Siddharth Srivastava

Nearly two years have passed since the leaders of the United States and China signed a cyber pact in September 2015, agreeing that economic espionage, intellectual property and trade secret theft are in a different category from cyber spying for national security purposes. The two sides also promised cooperation to combat commercial cyber crime. The past 20 months have seen a progression of activity from both countries.

The most direct outcomes were a trio of “U.S.-China Cybercrime and Related Issues High Level Joint Dialogues” held in 2015 and 2016 between senior officials of the U.S. departments of Justice and Homeland Security (DHS) and the Chinese Ministry of Public Security. The meetings addressed network protection, cyber-enabled crime and misuse of cyber technology by terrorists, DHS reported. They also launched such initiatives as a U.S.-China cyber crime hotline and information sharing related to cyber crime and other malicious cyber activities. (Pictured: Guo Shengkun, China’s minister of public security, center, speaks during a cyber security dialogue in Beijing.)

At the close of the third dialogue in December 2016 in Washington, D.C., both sides expressed eagerness for the talks to continue. Chinese State Councilor Guo Shengkun, a dialogue co-chairman, told reporters the talks “brought tangible results in jointly dealing with cyber crime and cyber security as well as information exchanges, making the cooperation a new highlight in bilateral relations.”

Parallel to the dialogues, China’s own cyber security policies began taking shape, starting in mid-2016. Articles were added to its National Security Law, calling for a “secure and controllable network,” and “national security review and oversight of information technology products and services.” These articles became the basis of the Cyber Security Law.

“I do think the Chinese have gotten the message, that cyber crime is a problem,” said Rand Corp.’s Dr. Andrew Scobell from his office in Washington, D.C.  added that one of the important distinctions to come out of U.S.-China cyber discussions is “that both sides are talking about commercial cyber hacks.”

While China cyber experts, including Dr. Christopher Yung at the U.S. Marine Corps University, question China’s ability to control Chinese hackers, but FireEye, a U.S.-based cyber security firm, reported a sharp drop in cyber attacks originating from China against Silicon Valley firms, U.S. military contractors and other commercial targets after the signing of the cyber pact until mid-2016.

A month after signing the pact with the U.S., China reached a cyber security agreement with the United Kingdom. A similar agreement was signed in April 2017 between China and Australia.

“China didn’t much care about intellectual property rights (IPR) until Chinese firms began to develop their own valuable intellectual property,” Scobell said. “Now China is attuned to the problem and more willing to work with other states to protect IPR.”

Siddharth Srivastava is a freelance journalist based in New Delhi, India. He wrote this article while on assignment in Beijing, China.