Analysis: Public Posturing on Cyber-security Fools No One

Just what kind of political game was China playing in October? On 30 October, senior Chinese officials said that talks with the US were "unhindered" even though they had their differences. The statement was made less than two weeks after others in the Chinese government said that it had stopped talking to the US about cyber-security, following what it called "mistaken US practices".

It was the legal action by the US in May that really gummed up the works. The US government charged five Chinese individuals with hacking into American companies, targeting trade secrets. Westinghouse Electric, Alcoa, Allegheny Technologies Incorporated, US Steel and SolarWorld were attacked, the charges said.

This froze an ongoing Sino-US dialogue between cyber-crime originally announced by John Kerry in April 2013, leaving the two countries at odds with each other again.

This isn't the first time that China has have been linked to hacking attacks, however implicitly. In 2009, researchers at Information Warfare Monitor published a report into the GhostNet botnet.

GhostNet had targeted specific organisations including oil and gas companies, various government agencies in primarily Asian countries, and even the office of the Dalai Llama. These were all targets of interest to the Chinese and 70 per cent of the command and control servers were traced to addresses in Chinese territories.

The GhostNet report was unwilling to point the finger, though. "We must be cautious to rush to judgement in spite of circumstantial and other evidence, as alternative explanations are certainly possible and charges against a government of this nature are gravely serious," it said.

Governments are far less charitable. In its 2010 report to Congress, the US-China Economic and Security Review Commission accused the Chinese government, individuals and organisations of hacking into US systems.

The US Armed Services Committee did the same in September when it accused the Chinese military of hacking into Transcom, the US military transportation system.

As James Lewis, director of the US Centre for Strategic Studies, believes cyber espionage plays an important part in the growth of the Chinese economy. It is unlikely to stop happening soon at a state level.

Let's not get too moralistic, though. While the US levies accusations at China, Chinese officials have repeatedly accused the US of targeting its organisations with cyber attacks.

In the light of the Snowden revelations last year, in which the NSA was found to have snooped not only on its allies but on its own citizens, such allegations cannot simply be brushed away.

All of this points to what many already realise: behind the plausible deniability and faux indignance, there is a realpolitik at work. Realpolitik is a system of politics based on a country's situation and its needs, rather than on stated moral principles.

Those needs span the military and economic domains, making both armies and companies fair game. Such espionage has gone on for decades, of course, since before the integrated circuit was invented. The difference now is that the spying happens in real-time, and that, in spite of the governments' best efforts, it is far more transparent than ever before.

The public watches this cyber espionage like theatre, and there are many different acts. There are the Snowden leaks, and allegations that Chinese hackers systematically helped to destroy Canadian firm Nortel over the course of a decade. There are reports that the US and its ally Israel were indeed behind the Stuxnet virus that took down the Iranian Natanz nuclear enrichment plant - but they lost control of the virus, inflicting collateral damage.

Perhaps that points to the real casualty in this show: public trust in governments that are no longer fooling anyone. Both China and the US have been seen spying inside and outside their own borders. When your government becomes an attack vector, where can you run?

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them