Modern field guide to security and privacy

Opinion: Chinese cyberespionage is down. That's a win for Obama's diplomacy

Almost a year after a historic deal between Beijing and Washington to curtail cyberespionage, reports indicate digital attacks from China are fewer but more sophisticated.

Kevin Lamarque/Reuters
President Obama and China's President Xi Jinping met in Washington in September.

So have they or haven’t they?

Ever since President Obama and Chinese President Xi Jinping agreed last September that commercial cyberespionage for profit is off limits, experts and policymakers have asked one burning question: Has Beijing really stopped or changed its operations?

On Tuesday, US Assistant Attorney General John Carlin confirmed there had been drop in Chinese commercial cyberespionage, but added a needed note of caution: "There is a debate as to how long lasting it might be, but there has been a change."

Mr. Carlin’s hand may have been forced by a report last week by cybersecurity firm FireEye on a staggering decline: from a plateau of around 60 to 70 compromises per month by Chinese-linked groups, the number has dropped to about five per month just two years later.

The decline started in mid-2014, following the US indictment of Chinese military hackers in May 2014 and really plummeted in July 2015, just after the Obama administration finalized sanction authority to use against China and in the run-up for President Xi’s visit.

It appears now operations are shifting from the nonstate spies in favor of state-run professional intelligence teams with superior tradecraft. The threat "is less voluminous but more focused, calculated, and still successful in compromising corporate networks," in FireEye’s words.

So, should we consider this a success or a failure?

It's certainly a win for the political and diplomatic process. After years of tripping over itself, the US government finally started speaking publicly about something we decided to be a critical national security issue.

The US unilaterally took a stand against international commercial cyberespionage and by some miracle (and hard diplomacy) got the United Nations Group of Government Experts, and the G-20 to agree. Even China's head of state jumped in with personal and public commitments in support of the US position. In diplomacy, that's a result.

But in a larger sense, does a decrease in volume but increase in sophistication mean the United States is better off?

There are clear security upsides to this apparent new normal: A reduction in the volume of Chinese cyberspying means that intellectual property from dozens of corporations won't be flying over the wires back Beijing. Those companies now don’t have to hire cybersecurity companies to try and kick out Chinese spies.

As I wrote last month, if the US-China cyberespionage agreement "reduces Chinese espionage by only 5 percent it will be probably the single most effective countermeasure we’ve ever taken” and will “cost us almost literally nothing compared to the tens of billions of dollars” spent for programs such as the Comprehensive National Cybersecurity Initiative, the Obama administration's plan to safeguard America's digital networks.

Even so, I may have underestimated the impact: FireEye reported not a drop of 5 percent but more than 90 percent. What other solution have we ever implemented for such success at so little cost?

Moreover, it should be easier for Xi and the Communist Party to keep control over professional spies compared to large numbers of amateurs banging around US networks. This should tamp down chances for escalation in the US-China cyber relationship.

Third, future US countermeasures could be even more effective. With fewer Chinese economic spies, our indictments or sanctions can target the fewer fish in a smaller pond. And should the president ever order US Cyber Command to disrupt the command-and-control infrastructure used to support Chinese espionage, there may be fewer such targets.

Yes, there are downsides to a smaller, more professional China cyberespionage intelligence operation. Their pros are going to be more capable and more cunning – just like our National Security Agency or CIA. When they go after US companies or government agencies, they will be even more likely to get in undetected.

In addition, my colleague Michael Tanji of the cybersecurity firm Kyrus worries about the potential for new rogues actors: “If you’re a Chinese hacker who doesn’t make the cut to the professional team, what happens? Bagging groceries during the day; pwning US companies at night?” But, fortunately, such rogues would be even more worrisome for China.

Also as The New York Times' David Sanger recently noted, “The same political forces that may be alleviating the theft of data from American companies are also responsible for Mr. Xi’s stunningly swift crackdown on the Chinese media, bloggers, and others who could challenge the Communist Party.” Empowering these forces likely means more internet crackdowns in China or more censorship, including on US companies operating in China.

On the one year anniversary of the agreement, this September, the Obama administration should not just confirm the trend, but support that claim with details backed by declassified intelligence to truly establish if these reports of reduced activity are true or not.

Obama has made the issue of Chinese commercial cyberespionage at the front and center of his overall policy with China. It is time for us to know if Xi is living up to his promises to Obama – and to all of us in cyberspace.

Jason Healey is senior research scholar at Columbia University’s School of International and Public Affairs and senior fellow at the Atlantic Council. Follow him on Twitter @Jason_Healey.


You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to

QR Code to Opinion: Chinese cyberespionage is down. That's a win for Obama's diplomacy
Read this article in
QR Code to Subscription page
Start your subscription today