China Agrees to Stop Cyber Attacks – U.S. Cyber Community Expresses Serious Doubts
After extended sessions with Chinese representatives, the Obama Administration has forged an agreement under which they claim neither US nor China will engage in theft of trade secrets or intellectual property for commercial gain.
The cybersecurity community however has its doubts. In a group high level Washington D.C. cybersecurity consultants, a twitter message was broadcast reading “Raise your hand if you actually believe China will stop economic espionage. Honest question.”
Responses included such answers as “Raising my hand, but only to inform I have this great bridge to sell. :-)” and “Not even a smidge. They may improve their ability to deny though.” We saw serious postive responses.
During the sessions, China repeatedly denied involvement in hacks for commercial intellectual property or in attacking sensitive U.S. government information sources.
The agreement has three parts:
1. China agrees to stop engaging in economic espionage.
2. China will respond to requests for law enforcement and CERT-to-CERT assistance.
3. A ministerial-level dialogue and red phone system will be established.
In a scenario surprisingly similar to the Iran agreement, China will mostly be investigating and monitoring itself.
Author’s Note: Some experts believe this is a face saving measure for both Xi and Obama, after bitter complaints by U.S. Companies. Might be, but I think Obama thinks he has made progress. I believe this is yet another deal from the Obama Administration that not only does not achieve its purpose, but puts the U.S. at a disadvantage.
China has no intention of slowing down its cyber espionage activities, and this agreement just gives them more time before they have to maneuver again.
Instead of slapping sanctions on them, Obama has them a means to tie us up legally. It gives China a much stronger position to claim cooperation and innocence in the view of the world.
Look for some “show the flag” activity by China, minor disruptions in their cyber espionage patterns to provide examples of Chinese enthusiasm for this agreement. But this will be completely cosmetic, and activities will actually ramp up.
In the meantime, U.S. businesses are losing billions through losses of intellectual property and sensitive government information systems are constantly at risk.