A recent report released by U.S. computer security firm FireEye revealed that Chinese hackers had accessed computers at the foreign ministries of five European countries. The New York Times identified the five countries as the Czech Republic, Portugal, Bulgaria, Latvia, and Hungary. As Nart Villeneuve, a researcher for FireEye, also told the Times, Chinese hacking attempts have in the past targeted Japanese and Indian firms, Tibetan activists, and even the finance ministers of G20 nations. According to James A. Lewis, a senior fellow and director at the Center for Strategic and International Studies, Chinese hackers have also tapped the foreign ministries of Australia, Britain, Germany, France, India, and Canada. FireEye reported that these disparate hacking jobs all used similar code, which was written in Chinese and tested on Chinese-language computers. The report concluded that these “seemingly unrelated cyberattacks” could actually be “part of a broader offensive fueled by shared development and logistics infrastructure.”
The laundry list of hacking targets mirrors the recent avalanche of accusations leveled at the U.S. National Security Agency (NSA). Ever since Edward Snowden fled the country and began leaking evidence of covert NSA cyber-espionage campaigns, hardly a month goes by without new revelations of the depth and breadth of NSA activity. According to Snowden’s documents, the NSA is responsible for monitoring the cell phone and internet metadata of U.S. citizens, tapping into German Chancellor Angela Merkel’s cell phone, and using the embassies of the United States and its allies to conduct covert surveillance operations in foreign countries ranging from Italy to Indonesia.
The lists of alleged hacking by both the U.S. and China are a bit puzzling, in that the reported targets seem of relatively little value. Why, for example, would the Chinese be particularly interested in hacking into the foreign ministries of Eastern European nations? And why would the U.S. be eager to tap the cell phone of Angela Merkel and to spy on Italian leaders? Both China and the U.S. have far more critical security concerns.
This suggests that the targets revealed so far are only part of a far more widespread cybersecurity espionage campaign. If the United States is indeed monitoring the activities of world leaders in Germany, Brazil and Italy, then why wouldn’t it be conducting similar surveillance in countries about which the U.S. has serious strategic concerns — countries like Iran, Russia, and, yes, China? The same logic applies to China. If Chinese hackers (who have not, it should be noted, been definitively tied to the Chinese government) are targeting small Eastern European countries, there is every reason to believe they are also monitoring countries of more strategic interest closer to home, such as Japan, Korea, and the U.S.
Instead of asking themselves why they should conduct cyber-espionage on targets of relatively low interest, the U.S. and China seem to be asking, “Why not?” As James Lewis of CSIS told The New York Times, “It is so easy to hack foreign targets, intelligence agencies can’t resist.” As hacking allegations mount against the U.S. and China, it seems that both countries are disinclined to rein in their intelligence agencies.
China’s Foreign Ministry customarily deflects accusations of hacking by saying that China is also a victim, which is almost certainly true. However, this obviously doesn’t preclude China from also being a perpetrator of such attacks. In his regular press conference, Foreign Ministry spokesman Hong Lei responded to the hacking accusations: “U.S. cyber security companies have long been interested in hyping up the so-called ‘cyber threat from China’ with no solid proof.” Hong Lei also said that “China has been engaged in a wide range of international cooperation to combat cyber crimes.” Despite these denials, there is little disagreement in the U.S. policy community that China is engaged in widespread cyber-espionage.
Meanwhile, the U.S. government has tried to defend its own hacking activities by drawing a line between “acceptable” and “unacceptable” cyber-espionage. According to the U.S.’s formulation, cyber-espionage is acceptable when applied to government or military institutions. In fact, National Intelligence Director James Clapper’s main defense for U.S. surveillance of foreign governments was that such practices are commonplace. He called it “a basic tenet” to monitor foreign leaders and politicians. This type of cyber-espionage falls under the realm of “national security” and is, in the U.S.’s view, tolerable.
However, the U.S. government wants to classify cyber-intrusions against private corporations or institutions as a different type of hacking, one that is “out of bounds,” as Vice President Biden put it in July. Conveniently, the U.S. most often accuses China of this latter type of hacking. Even this defense has worn thin after Snowden’s claims that the U.S. has hacked into private organizations, including universities, phone companies, and telecommunications companies.
As we move further into the 21st century, the U.S. and China will be the major rule-makers for the new global order. As such, the U.S. and China will together help define what is acceptable behavior in the cyberspace. There have already been calls for the U.S. and China to discuss limits on hacking activities and to define clear “rules of the road” for cyberspace. Unfortunately, it seems that (though neither would admit it) the U.S. and China have very similar ideas on cyberspace — anything goes.