US intelligence officials are now saying that cyber attacks and espionage are supplanting terrorism as the top threat to US security. If you’ve been paying attention to the mountains of blood and treasure that the US has expended fighting the terrorism threat, then you’ll understand the significance of this statement.

Robert O’Brien, a PhD candidate in International Relations at the University of Oxford and former researcher at Brookings, wrote an excellent guide on contextChina to the US-China cybersecurity issue that I wanted to repost here. I expect this topic to dramatically increase in importance for not only policymakers, but employees in the tech industry too.

In the US, cybersecurity will start to replace internet censorship as the leading topic of discussion on China tech. With cyber hackers joining censors, most foreigners will now have an even darker and uglier picture of the Chinese Internet than before. Don’t get me wrong, those stories absolutely need to be told, but I also hope it won’t drown out the stories of entrepreneurship and innovation on the Chinese web.  We’ll do our best here on TechRice.

And how will this matter for US tech companies? I’ve already seen a major impact upon Silicon Valley startups and VCs who’ve come to visit our company in Beijing: they’ve majorly upgraded security measures at home in recent months. And, when in China, two of the startups that visited us were not allowed to access their company email at all, even using a VPN (!).  

Without further ado, here’s your guide:

A Guide to Understanding the Recent News on Chinese Hackers

The topic of Chinese hackers has dominated the news in recent weeks. This guide cuts through the sensationalism to provide a clear answer to simple questions about the content, context, and significance of the issue.

What is this I hear about the Chinese government hacking the U.S.?

A new report released on Tuesday has attributed 115 attacks on U.S. organizations conducted over the span of seven years to a Chinese military unit, code named “Unit 61398.” The attacks targeted companies as well as local, state, and federal government agencies.

Is this a new phenomenon?

No. As contextChina noted in a previous article, Chinese cyber attacks and cyber espionage have been a recurrent problem in recent years. Numerous American organizations have been victimized, including those with precious intelligence, such as the plans for the new F-35, the costliest weapons program in history of the Department of Defense. These attacks have long been thought to be tied to Chinese government organs.

Then why has it been receiving so much press lately?

For a few reasons:

1)   The Mandiant Report solves the problem of attribution.

Traditionally, one of the most vexing problems for cybersecurity analysts has been that of attribution. Simply put, it is typically very, very difficult to trace the origin of an attack to a specific source. Mandant’s report, however, presents convincing evidence that the Chinese government is behind many of these instances of cyber attack and cyber espionage. In other words, Mandiant has been able to prove what many knew to be true, but could not claim with the utmost certainty.


2)   The Media has taken notice.

Late last month three of America’s most prominent publications – the New York Times, the Washington Post, and the Wall Street Journal – all decided to go public with the news that they had been targeted by Chinese hackers. This not only focused much of their attention on the issue, but also led to a slew of other media outlets reporting on cybersecurity and its role in US-China relations.

3)   Companies are fessing up.

Companies have been targeted by Chinese hackers seeking important commercial data for years, but many of them have been hesitant to publicly report these attacks. This has been due in large part to their fear of how investors would react. In recent weeks, however, numerous companies, including Apple, the second most valuable corporation in the world, have confessed to being targeted and, in many cases, victimized, by Chinese hackers. This has inspired ever more firms to come forward with their stories.

4) The Obama administration is pushing cybersecurity.

Congress has failed to implement cybersecurity legislation numerous times in recent years, with the most recent bill of relevance dying in November 2012. As a result, President Obama released an executive order on cybersecurity on February 12th and urged Congress to revisit the issue and formulate a meaningful set of relevant laws in his State of the Union later on that same day. These actions occurred directly between the media’s revelations and the release of the Mandiant report, keeping the topic in the pubic eye.

What is the significance of these developments for American businesses?

With the issue of Chinese cyber attacks and cyber espionage in the spotlight, American businesses have been given a strong hand to seek some form of protection, be it through the U.S. military’s Cyber Command or assurances that China will rein in some of its hackers obtained through bilateral dialogues. These developments will also provide a boost to those who are ahead of the curve as regards cybersecurity (or can at least claim to be), including defense contractors and major tech companies, such as Microsoft, which has taken an active role in combating cybersecurity threats in the past. That being said, Chinese hackers remain a significant danger to American firms. Additionally, obtaining government protection often comes with new regulations, which many companies may find to be unsavory.

What is the significance of these developments for US-China relations?

These revelations are bad for U.S.-China relations. They highlight a thorn in the side of the relationship on which there are very few, if any, established ground rules between the two countries. Unlike issues such as currency valuation and intellectual property, cybersecurity is relatively new to the relationship and there has been no demonstrable progress toward crafting any solutions to the problems it poses. Indeed, the Chinese government continues to flat out deny that they are responsible for any cyber attacks, with state-run media organizations even printing articles highlighting U.S. hacking of China to distract away from the Mandiant report and its resulting media coverage.

What is the U.S. going to do about it?

The amount of attention being drawn to these issues means everyone is likely to get involved in trying to craft a solution. Expect businesses to seek some protection and/or assistance from the government while looking to limit regulations that would require them to give-up sensitive information in return. Expect Congress to politicize the issue, as it has with currency and human rights, to score points with constituents angry about the state of the American economy while simultaneously debating relevant legislation. And expect the Executive Branch to proceed with its newly laid out agenda of executive orders and inter-agency actions while also engaging top Chinese officials on the issue through established forums such as the Joint Commission on Commerce and Trade and the Strategic and Economic Dialogue.

For more from Robert O’Brien on the Cybersecurity issue, check out his series on Context China:

Reposted with permission of the author.