Influencers: China’s arrests of hackers don’t prove commitment to stop economic espionage

But 78 percent of Passcode Influencers said the move does not prove China is willing to follow through on its promise.

Illustration by Jake Turcotte

October 28, 2015

A majority of Passcode’s Influencers say news that China arrested hackers accused of stealing trade secrets from American firms doesn’t prove Beijing is serious about upholding its commitment to curtail economic espionage. 

In what The Washington Post called an “unprecedented” move, China arrested several hackers suspected of working for the benefit of state-operated Chinese companies, after inking an agreement with the US banning digital spying for economic gain. But 78 percent of Passcode Influencers said the move does not prove China is willing to follow through on its promise.

“China’s arrest of hackers represents its leadership throwing the White House a political bone — nothing more,” said one Influencer, who chose to remain anonymous. “Meanwhile, the networks of American companies remain in China’s crosshairs, despite the pledge by President Xi [Jinping] to clamp down on the theft of trade secrets and intellectual property. It seems all but certain that little will curtail Chinese economic cyberespionage until the US and allied nations impose economic penalties on China.”

Ukraine’s Pokrovsk was about to fall to Russia 2 months ago. It’s hanging on.

Passcode’s Influencers Poll is a regular survey of more than 120 experts (listed below) in digital security and privacy, from across government and the private sector. To preserve the candor of their responses, Influencers have the option to comment on the record or anonymously. 

The arrests were a good faith gesture in conjunction with President Xi’s visit to Washington late last month, agreed Representative Jim Langevin (D) of Rhode Island, “and I certainly believe the Chinese were very serious about not wanting to embarrass their president on US soil.”

However, Mr. Langevin said, “unless there’s a sustained commitment to alter the overall trajectory of Chinese behavior in cyberspace, it’s just window dressing.” For China to prove it’s serious about upholding its commitment against economic espionage, added Bob Stratton, a general partner at the Mach37 cyber accelerator, it will take more than one arrest, but instead, “a pattern of similar enforcement actions over time.”

One Influencer said China’s actions did demonstrate its commitment to fight cyberespionage in this case – but likely for the wrong reasons. The arrests of these hackers were reportedly made at the US government’s urging. “It’s arguably embarrassing to the Chinese government that this was tracked, suggesting the PLA [People’s Liberation Army] needs to improve its methods. So, lots of motives for cracking down on hackers,” said the Influencer, who chose to remain anonymous. “The Chinese government is serious about curtailing economic cyber-espionage by certain actors, through certain means and for certain goals; but this is understandably a straightforward national interest calculation.”

Motives aside, some Influencers said it’s premature to speculate whether this move would hold any significance in the long run. “Until we have more details publicly available about the scope of the arrests, the backgrounds of the individuals, and any pending trials or sentencing of these individuals, there is still no clear indication yet that China is serious about upholding its commitment to curtail economic cyberespionage,” said Amy Chang, staff director for the House Foreign Affairs subcommittee on Asia and the Pacific.  

Howard University hoped to make history. Now it’s ready for a different role.

Still, a 22 percent minority of Influencers said the arrests could indicate willingness on China’s part to stymie cyberespionage. “Establishing trust is a gradual process that requires many small, incremental steps,” said Ely Kahn, cofounder of big data analytics firm Sqrrl, and former cybersecurity director at the White House. “This is a first good step.”

But even some Influencers who were optimistic that the government did intend to take this first step toward upholding its commitment said there could be other factors that complicate the viability of the US-China agreement. “While this shows the government is serious about upholding their commitment publicly, I remain concerned that they cannot control their hacker community,” an Influencer said. “And they need to ensure their government is not complicit in stealing secrets supporting Chinese industry.”

What do you think? VOTE in the readers’ version of the Passcode Influencers Poll.

For a full list of Passcode Influencers, check out our interactive masthead.

 

Comments:

No:

“The distinction between ‘strategic’ espionage and ‘economic’ espionage just doesn’t hold up in today’s world, even though governments (including the US government) like to pretend otherwise.” - Steve Weber, University of California at Berkeley

“This feels like an evolution of politics. They need to appear as if they care, but it is unlikely to curtail any meaningful amount of espionage.” - Robert Hansen, WhiteHat Security

“China arresting cyber criminals based on US evidence is likely a gesture to avoid sanctions, without signaling an overall shift in policy in China on government-sanctioned Internet espionage. As was the case when a similar arrest was made in 2010, the real test would be in whether the case ever goes to public trial and what happens to the accused criminal if found guilty. Getting China to agree to a new set of norms will be a longer term challenge. Technology is moving so quickly, and gaining competitive advantage in the next few years will be key to establishing trends in the global economy for decades to come. The population of internet-connected users in China is already so high compared to the United States, with over 626 million versus 276 million in 2014, according to the CIA. The nations that can innovate fastest will gain increasing economic leverage worldwide, and right now is a pivotal time to establish that technological dominance.” - Katie Moussouris, HackerOne

“They are doing the minimal amount of effort so they can claim cooperation and avoid sanctions under the recent executive order.” -Influencer

“It’s far too early to tell. At the time of writing this comment, there has only been one news story on the arrest. Please see my story ‘Does America want China arresting hackers?’ for more.” - Richard Bejtlich, FireEye

“I think it signals that they realize it’s a conversation that needs to happen but whether or not they take it seriously is a different story. It’s an economic issue to them so if we consider how cyberespionage has advanced their technology and benefitted their economy, you have to question the seriousness of the commitment.” - Mark Weatherford, The Chertoff Group

“Once again a loaded question! Yes, in certain respects, China is being serious about its commitment to fight cyber-espionage. In this case, the PLA [People’s Liberation Army] may have been engaged in activities to line their own pockets or support affiliated organizations. President Xi’s anti-corruption approach and interests synch in this case with the USG’s interests. Further, it’s arguably embarrassing to the Chinese government that this was tracked, suggesting the PLA needs to improve its methods. So, lots of motives for cracking down on hackers. Other motives include a likely genuine need for more innovation and entrepreneurship in China, something local business will not achieve in the long-run through cyber-theft. So, yes, the Chinese government is serious about curtailing economic cyber-espionage by certain actors, through certain means and for certain goals; but this is understandably a straightforward national interest calculation.” - Influencer

“Arresting a lone hacker does almost nothing to change the general ethos of a country. Unfortunately, before we throw too many accusations at China, we need to look at US complicity in undermining international laws that would make hacking illegal. Until the US is willing to abide by the same international norms it is asking China to unilaterally adopt, very little will change.” - Sascha Meinrath, X-Lab

“‘Round up the usual suspects’ was a great line in a film, but in real life it’s just evidence of an oppressive regime’s ability to mount public relations campaigns on the backs of its people. This, like squishing with a bulldozer piles of CDs of music or computer programs, is a theatrical, made-for-media event, unrelated to cyber espionage activities.” - Nick Selby, StreetCred Software

“It’s an interesting move but without more context it may have just been a convenient opportunity regarding internal power struggles that just also happens to look appropriate with the timing.” - Influencer

“We have to wait and see whether (i) this results in an actual prosecution and substantial jail time and (ii) they prove willing to do it in future instances that do not involve a looming state visit.” - Bobby Chesney, University of Texas School of Law

“When China shuts down their PLA [People’s Liberation Army] unit 61398 and the thousands of other Chinese government-directed CNE and CNA units, then we decide whether Beijing is being ‘serious.’ - Influencer

“China’s recent arrest of hackers does not signal that Beijing is serious about upholding its commitment to curtail economic cyberespionage; but, the arrest does signal the fact that the Chinese government has compromised on a longstanding debate between the US government and the rest of the modern world around the idea that economic espionage is a separate and distinct thing from espionage conducted in the name of state security. I don’t want to be overly dramatic here, but I think this is a tectonic shift in the Chinese foreign policy approach around cyberspace. Before the agreement between President Obama and President Xi, the U.S. was the only modern country that took such a position. As always, the devil is in the details though. It matters what happens to these Chinese hackers in terms of a trial and subsequent punishment. And it matters about any kind of future Chinese hacking. It was not a good sign that CrowdStrike recently announced that it had tracked an adversary group called Deep Panda attacking American technical and pharmaceutical companies leading up to and after the agreement announced by President Obama and President Xi. That said, it is not like President Xi has a tight control over every aspect of Chinese Government activity. We know that there are at least three Chinese government organizations authorized to conduct offensive operations: the People’s Liberation Army (PLA – equivalent to the US Department of Defense), the Ministry of State Security (equivalent to the US National Security Agency) and the Ministry of Public Security (equivalent to the US Federal Bureau of Investigation). It will take some time for President Xi’s policy guidance to filter down through these distinct organizations if at all. We will have to watch closely, but this is a good start.” - Rick Howard, Palo Alto Networks

“China is consistently on the offensive when it comes to protecting its own interests. It purposely sends mixed messages to confuse political opponents and further its interests.” - Influencer

“One news report does not make a fact. I have yet to see the [Ellen] Nakashima story echoed elsewhere notably the New York Times (the only New York Times reference to the arrests cited the Nakashima story). A week before the Obama-Xi agreement, the New York Times asserted that the two countries were going to agree not to attack each other’s critical infrastructure – but that story was never confirmed by the Washington Post and turned out to be wrong.” - Influencer

“There is a single uncorroborated report that China has arrested people. Such reports should be regarded skeptically. For instance, the New York Times reported that the United States and China would agree to not attack each other’s critical infrastructure. It was never corroborated in any other outlet and turned out not to be true.” - Influencer

 

YES:

“The arrests are a first step, a signal of good faith. However, it remains to be seen whether the arrests will be followed up with prosecutions and continuing cooperation in the effort to deter what has become rampant cyberespionage for the benefit of industry.” - Melanie Teplinsky, American University Washington College of Law

“It is no longer in China’s economic interest to support (actively or passively) cyber-espionage at large scale. The issue for the G-10 is the increase in destructive attacks coming out of the Middle East and Africa. I would expect to see more activities of this kind as China tries to partner with the U.S. and Russia to manage the adversary.” - Influencer

“I can say ‘Yes’ but only in the very narrow sense that the steps evidently taken are necessary. BUT NOT SUFFICIENT. It remains to be seen. See comments by Catherine Lotrionte. It is entirely conditional on whether the Chinese path leads to the rule of law or to show trials.” - Dan Geer, In-Q-Tel

“China has had its own problems with hackers for many years. Additionally, it has significantly advanced its own technological growth, so the government can afford to make promises that it has every intention of keeping. On the other hand, it still engages in multiple forms of technology transfer that have nothing to do with hacking, it has a population of hackers that act independently from the government, and it has an unknown number of foreign hackers operating out of Chinese IP space - so it may look like China is responsible when a different foreign government is instead.” - Jeffrey Carr, Taia Global

“This is the only first step in addressing China’s hacking concerns.” - Influencer

“I said yes, but this is something it’s hard to be yes-or-no about. If Beijing is arresting criminals (say credit card thieves) while letting the state-sponsored spies continue, then it is a very small good.” - Jon Callas, Silent Circle

“While this shows the government is serious about upholding their commitment publicly, I remain concerned that they cannot control their hacker community. And they need to ensure their government is not complicit in stealing secrets supporting Chinese industry.” - Influencer

“Yes, but... We’ll see if the Chinese follow through from arrest to prosecution of the individuals that the US identified, and if they can convict them on the basis of the information that we can provide. Stay tuned to see if the Chinese try to reciprocate and identify US persons they would like to bring to justice. That would be an interesting development.” -Influencer

What do you think? VOTE in the readers’ version of the Passcode Influencers Poll.