Written by Tim Stevens.

Cyberespionage – the illicit gathering of confidential information by computerised means – is a fact of the international system. Like other forms of espionage, states that have the means to conduct cyberespionage do so to improve their understanding of other states’ intentions and to maintain their standing in the global order. Few have attracted as much attention as China has through its economic cyberespionage operations. Nor have they infuriated the US so much, with Chinese activities destabilising an already fractious great power relationship. How has Chinese economic cyberespionage evolved, and what is its effect on its relations with the US?

In 2012, the former head of US Cyber Command called the digital theft of US intellectual property (IP) ‘the greatest transfer of wealth in history’. The principal beneficiary was unstated but his comments were clearly directed at China. For years, US government agencies and cybersecurity practitioners had identified Chinese extraction of confidential IP as a threat to national and economic security.

These claims were hotly denied by China, even as these attempts to close the technology gap with the US were consistent with Chinese national strategy. For the US and its allies, the problem was not Chinese cyberespionage as such, which is not illegal under international law, but the commercial use of confidential information, which very often is. China seemed to flout these prohibitions and conduct economic cyberespionage with impunity.

The fuzzy boundary between Chinese public and private sectors only heightened the suspicion that Chinese state or proxy hackers obtained US IP and transferred it to domestic companies for exploitation. The 2009 theft of Joint Strike Fighter F-35 data was a notable example. We do not know if this helped expedite the design and delivery of Chinese fifth-generation fighters but the evidence is tantalising. If one led to the other, this suggests commercial cyberespionage challenges US military advantage and provides China with improved export opportunities.

However, it is easier to steal data than to operationalise it effectively. Cyberespionage provides ample opportunities to gather sensitive data but it does so in massive volumes. These are difficult to analyse and interpret efficiently, let alone convert into products like military aircraft. Moreover, cyberespionage intended to limit reliance on foreign technologies may paradoxically have increased that dependency by stifling domestic innovation. The assumed linear relationship between economic cyberespionage and competitive advantage is likely flawed.

Research suggests China reined in economic cyberespionage after 2015. This may be due to internal political recognition of the negative externalities of dependency on foreign technology but the US has played a significant role too. In 2015, Presidents Obama and Xi agreed neither country would conduct or support ‘cyber-enabled theft’ of IP from the other. This came after 2014’s Federal Bureau of Investigation indictment of PLA hackers for economic crimes. Extraditions were never likely but it signalled US capabilities for infiltrating Chinese hacking units and the resolve to ‘name and shame’ them publicly.

US actions provoked limited behavioural change and Chinese economic cyberespionage dropped off thereafter. Recent studies suggest this has picked up again and, amidst talk of a US-China trade war, is becoming a key sticking point in bilateral relations. China’s ‘Indigenous Innovation’ and ‘Made in China 2025’ policies make explicit reference to the role of foreign technologies in boosting Chinese fortunes. How this is obtained is left open to question.

This is not just about IP theft, however. In one respect, China is a victim of its own success. Indigenous companies like Huawei and ZTE have innovated sufficiently to compete globally on their own merits. Benefiting from favourable labour costs at home they sell products in vast quantities abroad and are powerful players in global technology markets, including those serving the US and its allies.

Uncertainty about the close relationships between these companies and the Chinese state means they have come under persistent suspicion that their products can be used to serve China’s national security interests. Are they building ‘back doors’ into servers and smartphones that provide signals intelligence and surveillance capabilities to the PLA? If we want to buy their products, what safeguards need to be implemented to ensure they do not threaten our national security, now or in the future?

The UK responded by working closely with Huawei at classified facilities to inspect and verify their products. Citing resource limitations, it has declined to do the same with ZTE, blacklisting the company instead. At the same time, it invited Chinese companies to invest in nuclear infrastructure, raising other questions about cybersecurity vulnerabilities and potential Chinese strategic leverage. The US has been even less accommodating. Huawei and ZTE phones cannot be sold on military bases and in April 2018 Congress effectively banned ZTE from doing business with the US. Ostensibly for breaking sanctions against Iran and North Korea, direct national security concerns were the main drivers of this decision. The White House is struggling to contain the political and diplomatic fallout.

These are supply chain and national security problems with geopolitical implications. China provides desirable goods and services but, as a US official commented, ‘we can’t trust what they are telling us is truthful’. China has queered its pitch through past cyberespionage, but the US and others cannot, post-Snowden, claim the moral authority to which they aspire. It is reasonable to demand Chinese assurances about product cybersecurity but the US, in particular, has its own track record of supply chain subversion. It may not conduct large-scale economic cyberespionage but it has conducted cyberespionage against Chinese companies, including Huawei.

Cyberespionage is here to stay and China is unlikely to deny itself possibilities for strategic advancement. In response to internal and external factors it has modified its economic cyberespionage priorities and practices to better align with national interests. The central concern about Chinese government influence over its technology sector remains a serious obstacle to building confidence in the security of Chinese products. It is also a core destabilising feature of deteriorating US-China relations. If all conflicts are asymmetric, this one is characterised by asymmetries of transparency and trust.

Tim Stevens is Lecturer in Global Security at the Department of War Studies, King’s College London. Image Credit: CC by U.S. Department of State/Flickr.