Germany and China are working to create an agreement that would eliminate economic cyberattacks between the two countries. Chancellor Angela Merkel’s announcement, made during a trip to Beijing, came Thursday after mounting concerns from small and mid-level German companies that they would be unable to handle the threat of a potential cyberattack from China.
“China is very active in economic espionage, and Germany has been an attractive target because of the many technological innovations are happening at Mittelstand [mid-level] companies that traditionally have weak IT-security systems.” Sandro Gaycken, a cyber-security expert at Berlin’s European School of Management and Technology who helped prepare the deal, told Bloomberg. “This [agreement] is a big and important step upon which [we] can build.”
The Mittelstand is a new attempt by the German Federal Ministry of Economic Affairs and Energy to categorize those smaller companies that have less visibility than larger, more well-known firms like German automakers, and bring them up to a similar level of visibility, if not the same economic power.
Germany's interest in a cyber deal with China – one of its biggest economic partners abroad –may be primarily focused on addressing the issue of brand piracy from Chinese factories, which recently has become a troubling issue for German manufacturers that struggle to discern the difference between real imported goods and their fake counterparts. DeutscheWelle reports that more often than not, counterfeited materials like car parts can even come from the same factories as the real thing.
China has worked to broker similar cybersecurity deals that would protect its economic relationships with the US and Britain. When President Xi Jinping visited the US in September, President Obama made it known that the rising threat of cyberattacks from Chinese firms would “probably be one of the biggest topics” during their meeting.
The final negotiated agreement between the US and China agreed to limit the number of cyberattacks from China, but left ambiguous how that limit would be verified or what self-restraints would be put in place. In fact, doubts were raised about the effectiveness of such pacts when the security services provider CrowdStrike reported that cyberattacks from China continued in full force after President Xi's visit to the United States.
China routinely denies that it engages other countries in computer espionage, preferring instead to portray itself as a victim of attacks from other countries.
“We are against cyber theft and the stealing of trade secrets,” Chinese Premier Li Keqiang said at the Beijing meeting with Merkel. “We are [supportive of] protecting intellectual property.”
But according to translated documents obtained by the US military, China’s military has been practicing cyberwarfare against the United States and other countries since 1999, and perhaps earlier.
China has also engaged in cyberattacks against its own citizens – sometimes aggressively, other times more passively. These are primarily phishing attacks that seek to collect personal data, but at other times have been more sophisticated, complicated efforts to undermine the efforts of Chinese activists to make political and cultural reforms within and outside their own country.
Neither Chancellor Merkel nor Premier Li stated when, exactly, a deal would be reached, but both sides indicated they were keen to have something on paper quickly.
China was recently ranked last on a list of 65 countries for Internet freedom, according to Freedom House, a nonprofit agency that observes such trends.