One of the most touted takeaways from Chinese President Xi Jinping’s (習近平) visit to the US last month was an agreement by the two leaders on the contentious issue of cyberattacks — and especially cyberespionage — against US targets. Particular attention has been given to a commitment Xi and US President Barack Obama made to avoid engaging in or knowingly supporting acts of cybertheft for economic gain.
However, while the commitment signals bilateral goodwill, there are a number of reasons to doubt its effectiveness in curbing commercial espionage and the broader problem of intrusive, destructive cyberattacks against a range of US targets by entities tied to the Chinese government:
Absence of clear standards or verification mechanisms: Security experts analyzing the agreement noted its vague wording and lack of definitions for what constitutes acceptable or unacceptable activity, meaning further negotiation would be required to render the agreement effective.
Similarly, no objective metrics were identified for determining whether one side or the other has followed through on its commitments. These challenges, along with the near impossibility of tracing who is responsible for most cyberattacks, are likely to make enforcement difficult.
Omission of politically motivated attacks: More problematic from the perspective of privacy and freedom of expression was the cybertheft agreement’s focus on the economic realm. By framing the pact in this way, Obama and Xi ignored the increasingly aggressive, sophisticated and widespread cyberattacks apparently committed by Chinese state actors against US media companies, human rights groups, individual activists and government bodies.
Thus, even if an agreement like this one had been in place for the past five years, it arguably would not have prevented attacks on Google in 2010 (which hacked rights defenders’ accounts, among other targets), media outlets like the New York Times in 2012 (seeking information on the sources for the paper’s investigation of former Chinese premier Wen Jiabao’s (溫家寶) family wealth), or a massive denial-of-service attack against the code-sharing platform GitHub in March of this year. Nor would it have helped stem routine phishing attacks that target overseas Chinese, Tibetan and Uighur activists and, increasingly, US government personnel.
Failure to address vulnerabilities created by China’s Great Firewall: More indirectly, any agreement that depoliticizes the Chinese government’s Internet policies is overlooking the general security problems created by the Great Firewall (GFW) — Beijing’s system for monitoring and filtering Internet communications between China and the outside world.
Over the past month, this issue was highlighted by two incidents in which malware infected applications on Apple’s mobile operating system. On Sept. 17, some of China’s most popular apps — including Tencent’s WeChat and NetEase — were found to be carrying malware, affecting hundreds of millions of smartphones and marking the largest such incident to date in Apple’s history.
The apps were susceptible to intrusions because they used an alternative to Apple’s standard XCode.
Analyzing why app developers might have used a less secure code, Oiwan Lam (林藹雲) of Global Voices (全球之聲) said that due to the slow international Internet connections in China (a direct result of the GFW’s real-time filtering), downloading XCode takes a very long time.
Some programmers have consequently turned to alternatives that are more accessible from within the firewall, but also more vulnerable to malware.
In the second incident, a malicious program targeting Apple devices was reported on Oct. 4 by researchers at Palo Alto Networks. This time, a Chinese marketing company took advantage of Internet users’ desire to circumvent censorship to convince them to download an infected application. The malware essentially allowed the marketers to take control of users’ phones and execute certain actions, such as opening their Safari Web browser to a page showing clients’ products or advertisements.
Both of the above incidents were resolved quickly without long-term harm to consumers, but future attacks that exploit the same incentives might not prove as innocuous.
Moreover, security analysts have found that the attack in March this year on GitHub was carried out with a tool they labeled the “Great Cannon.”
This weapon, which is colocated with the GFW, worked by redirecting large volumes of bystander traffic — mostly from Taiwan and Hong Kong — that was headed for search engine Baidu’s China servers and using it to swamp and paralyze the US-based code-sharing Web site.
Ultimately, actions speak louder than words. Over the next six months, security experts are to closely track and investigate reports of cyberintrusions from China against US companies and other targets, hopefully providing evidence on whether the pace of attacks has slowed, if not ceased.
Meanwhile, the Obama administration has two avenues — a bilateral dialogue and an ongoing response system — through which to press the Chinese government for answers and prosecutions of those found responsible for violations. The US would also continue to consider imposing sanctions on Chinese companies found to have benefited from cyberespionage.
The threat of sanctions appears to have had at least a short-term impact: On Monday, the Washington Post reported that Chinese officials had for the first time arrested hackers identified by US officials.
A White House fact sheet states that these new communication channels could address “malicious cyberactivities” generally. This leaves space for US officials to expand the scope of inquiries beyond commercial espionage. US and Chinese Internet users, civil society and media outlets would be well-served if politically driven attacks were covered, beginning with the first bilateral dialogue expected before the end of this year.
In the meantime, though, security experts who have analyzed the Obama-Xi agreement appear to agree that they will not be out of work anytime soon.
On Sept. 29, security firm KnowBe4 offered a stark warning to those seeking protection from detrimental cyberintrusions originating in China: “You are still mostly on your own.”
Sarah Cook is a Senior Research Analyst for East Asia at Freedom House and director of its China Media Bulletin.
China has successfully held its Forum on China-Africa Cooperation, with 53 of 55 countries from the African Union (AU) participating. The two countries that did not participate were Eswatini and the Sahrawi Arab Democratic Republic, which have no diplomatic relations with China. Twenty-four leaders were reported to have participated. Despite African countries complaining about summit fatigue, with recent summits held with Russia, Italy, South Korea, the US and Indonesia, as well as Japan next month, they still turned up in large numbers in Beijing. China’s ability to attract most of the African leaders to a summit demonstrates that it is still being
Taiwan People’s Party (TPP) Chairman Ko Wen-je (柯文哲) on Thursday was handcuffed and escorted by police to the Taipei Detention Center, after the Taipei District Court ordered that he be detained and held incommunicado for suspected corruption during his tenure as Taipei mayor. The ruling reversed an earlier decision by the same court on Monday last week that ordered Ko’s release without bail. That decision was appealed by prosecutors on Wednesday, leading the High Court to conclude that Ko had been “actively involved” in the alleged corruption and it ordered the district court to hold a second detention hearing. Video clips
The Russian city of Vladivostok lies approximately 45km from the Sino-Russian border on the Sea of Japan. The area was not always Russian territory: It was once the site of a Chinese settlement. The settlement would later be known as Yongmingcheng (永明城), the “city of eternal light,” during the Yuan Dynasty. That light was extinguished in 1858 when a large area of land was ceded by the Qing Dynasty to the Russian Empire with the signing of the Treaty of Aigun. The People’s Republic of China founded by the Chinese Communist Party (CCP) has never ruled Taiwan. Taiwan was governed by the
The Japanese-language Nikkei Shimbun on Friday published a full-page story calling for Japan’s Liberal Democratic Party’s (LDP) leadership hopefuls to be aware of and to prepare for a potential crisis in the Taiwan Strait. The candidates of the LDP leadership race must have a “vision” in case of a Chinese invasion in Taiwan, the article said, adding that whether the prospective president of the LDP and the future prime minister of Japan have the ability to lead the public and private sectors under this circumstance would be examined in the coming election. The “2027 Theory” of a Taiwan contingency is becoming increasingly