The Office of Personnel Management (OPM) hack raised the threat of Chinese cyber-espionage in a way that the American people had never seen before. American businesses, on the other hand, should have been extremely familiar with it. The Chinese government has a history of engaging in economic espionage – the theft of trade secrets and intellectual property – which it uses to benefit Chinese industry. This is a distinct and separate set of activities from the type of intelligence gathering conducted by the United States. U.S. intelligence services only collect in the interest of national security, rather than to give American businesses a competitive advantage in the world economy.
In September 2015, the United States and China made an agreement to stop using cyber-capabilities to conduct economic espionage operations against one another. The agreement was seen as a very positive step towards easing relations between the two nations, but many were skeptical as to whether China would actually abide by the agreement. However, a recent report from cybersecurity firm FireEye concluded that the overall amount of cyber-enabled economic espionage conducted against the U.S. by China has decreased to a significant degree. This finding is not without its skeptics, but if accurate, it could have profound implications for both U.S.-China relations and broader international norms about cyberspace.
Chinese economic espionage and intellectual property theft has been a significant problem for some time. According to CNN, the FBI reported a 53 percent increase in cyber-enabled economic espionage activities from 2014-2015, and 95 percent of those incidents were linked to the Chinese government. These thefts result in very real and very significant costs to the American economy. A 2013 IP Commission report claimed that, while exact figures were not possible to find, estimated losses from economic espionage in the United States were over $300 billion each year.
If these costs are being decreased through diplomatic agreements, it could provide an enormous incentive to future negotiations. The formation of norms for how nations interact in cyberspace, much like the norms for physical interactions, could reduce some of the tension and uncertainty that pervades cyber operations carried out by nation-states.
Thus far, the international community has been unable to create these norms. Bruce McConnell, Global Vice President of the EastWest Institute, told The Cipher Brief that “A group of governmental cyber experts has worked at the United Nations for over 10 years to come up with an initial set of non-binding norms of behavior in cyberspace,” but those efforts do not appear to be producing results. Agreements like the one made between the United States and China in regards to cyber espionage could help to accelerate the process of achieving this goal.
Yet, there is no consensus that FireEye’s findings necessarily indicate China has given up using its cyber-capabilities for economic espionage. Scott Warren Harold, associate director of the RAND Center for Asia Pacific Policy, told The Cipher Brief that “many observers suspect that China’s apparent compliance with the cyber agreement represents little more than a shift in tactics that is probably temporary.” He also pointed out that it is very possible that China reoriented its economic espionage efforts towards targets in other countries, rather than abandoning the tactic altogether.
Additionally, China does not only conduct its cyber espionage activities online. There have been numerous cases wherein Chinese nationals committed acts of economic espionage in person or through physical proxies, rather than by hacking. For example, several individuals were indicted by the Justice Department for doing exactly that in 2015. Similarly, not all economic espionage activity originating in China is controlled by the Chinese government. Even if the government of China were to completely cease all economic espionage activities, cyber-criminals would still continue to pose a problem.
There is also the issue of the private sector and its role in this arena. Generally speaking, the victims of economic espionage in the United States are businesses, but industry did not appear to have a seat at the table when the United States and China made their agreement in 2015. This may prove to be detrimental to the long-term success of the agreement. According to McConnell, “The current set of U.S.-China bilateral talks occasioned by last year’s Xi-Obama agreement to limit state-sponsored economic espionage activities is beginning to deliver modest results, but its effectiveness is limited by the absence of the agility and creativity of the private sector in the deliberations.”
Economic espionage activities originating from China have not stopped – and are unlikely to – but they have decreased by a large amount. This is important because it implies that state-behavior in the cyber-domain, which is often seen as hard to affect due to the difficulty of proper attribution, can be influenced through diplomacy in ways that yield actual results. The precedent that this sets has the potential to allow for the development of meaningful norms for how countries interact online. Even if the Chinese government reverts to old behavior patterns, the data from this experience can be used to refine similar efforts in the future. Developing effective frameworks will take time, but it looks like the 2015 cyber agreement between the U.S. and China was a good start.
Luke Penn-Hall is the cyber and technology producer at The Cipher Brief.
