President Trump has repeatedly claimed that his predecessor was weak on China. But at least with respect to cybersecurity, the facts don't support that charge. In 2015, "following all-night negotiations," Robert Silvers writes, the United States convinced China to sign on to a joint commitment against "cyber enabled theft of intellectual property." Ever since, China's hacking of U.S. companies has dropped off dramatically. Next month, Chinese President Xi Jinping is set to meet President Trump at the "Southern White House" (Mar-a-Lago, of course). The question is, will cybersecurity be on the agenda?
It wasn't always "Russia, Russia, Russia."1 Before 2015, China was hacking culprit number one. Its operations against U.S. corporations took a toll on the economy in the billions, according to FBI Director James Comey. Chinese hackers were after everything, from trade secrets and other IP to information on companies' negotiation tactics. Around that time, the Ponemon Institute pegged the cost of all cyber crime for large companies and organizations at an average of $15.4 million/year.
In 2013, a cybersecurity firm linked a unit in the People's Liberation Army (PLA) to a hacking spree that targeted over 140 companies and groups in the United States and elsewhere. The next year, the U.S. government indicted five PLA officials on hacking-related charges. Their tactics allegedly included the use of phishing e-mails to steal trade secrets and company communications. Six major corporations had been targeted, including Westinghouse Electric, SolarWorld, and Alcoa.
Then came the joint commitment: "The United States and China agree that neither country's government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors."
Both countries further agreed to hold a biannual dialogue on cyber security issues. The Secretary of Homeland Security and the Attorney General would co-chair the event in which representatives from various Chinese and U.S. law enforcement and security agencies would meet. The next of these dialogues is supposed to occur in June.
The accord has proven to be quite successful. Cybersecurity firm Crowdstrike has seen a 90 percent drop in the hacking of American businesses by Chinese government actors. A sharp decline in Chinese hacking activity has also been confirmed by U.S. intelligence agencies.
Will this truce continue under President Trump? It's unclear. So far, the President hasn't treated U.S.-Sino relations as delicately as his predecessors. First, there was the controversial congratulatory call he took from the president of Taiwan, which broke with decades of diplomatic practice. Then, via Twitter, he accused China of devaluing its currency to make it harder for American companies to compete. Since then, the President has made other statements that have thrown into doubt his Administration's support for the One China policy.
Secretary of State Rex Tillerson recently met with President Xi to reaffirm "mutual respect and win-win cooperation." But privately, the New York Times reported, he struck a sterner tone. He strongly condemned North Korea's missile tests, which occurred only hours before his meeting in China, and echoed sentiments conveyed by the President, again via Twitter, about China having done "little to help" on North Korea issues.
With Russia ramping up its hacking activities, the United States can't afford to go backward with China on cybersecurity. Thus, to the President, Silvers makes three recommendations: (1) put cyber security on the Mar-a-Lago meeting agenda; (2) keep holding the biannual dialogues; and (3) continue to monitor Chinese hacking activity.
"Two superpowers agreeing to some rules of the road for a new age of digital weapons was unprecedented, and a significant victory for U.S. businesses," Silvers writes. It would be a shame for this progress to stagnate during the new Administration's first few months.
1 After the first presidential debate candidate Trump said, "I don't think anybody knows it was Russia that broke into the DNC. She's [Clinton] saying Russia, Russia, Russia, but I don't—maybe it was. I mean, it could be Russia, but it could also be China."
To view Foley Hoag's Security, Privacy and The Law Blog please click here
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.