After U.S. officials confirmed that they believe the North Korean government was responsible for an unprecedented hacking attack against Sony Pictures, the Obama administration called for China to assist in preventing future cyber attacks from North Korea. “What we are looking for is a blocking action, something that would cripple their efforts to carry out attacks,” one official said, according to the New York Times.
North Korea’s telecommunications networks are closely linked to China, as Chinese companies operate almost all of North Korea’s networks.. When it comes to cyber-attacks in particular, U.S. officials believe North Korea often either routes its hacking attempts through Chinese servers or sends hackers to China to conduct operations. For example, a March 2013 hacking attack on South Korean banks and media companies, suspected to be the work of North Korea, reportedly originated from a Chinese IP address. Some anonymous U.S. law enforcement officials have gone further and suggested that China could have been complicit in the Sony hack, but the Obama administration’s statements have not referenced those suspicions.
China itself denounced the Sony attack, with Foreign Ministry spokesperson Hua Chunying telling reporters that “China is against all forms of cyber attacks and cyber terrorism, including cyber attacks launched by any country or individual by using facilities beyond its own national borders against a third country.” That is the closest China has come so far to addressing reports that Beijing abetted the North Korean attack. Hua also said that Chinese Foreign Ministry Wang Yi had spoken with Secretary of State John Kerry over the phone about cyber security issues, although she provided no specifics on what was said.
Tellingly, Hua gave no indication that China was considering U.S. calls for cooperation to prevent future cyber attacks from North Korea. Instead, she obliquely challenged the U.S. claim that North Korea is responsible. “We need sufficient evidence before drawing any conclusion,” Hua said. North Korea’s official news agency has denied any North Korea involvement in the hacking attack, which it attributes to civilian “supporters” of the Pyongyang regime. “We do not know who or where they are but we can surely say that they are supporters and sympathizers with the DPRK,” Reuters quoted KCNA as saying. China’s alliance relationship with North Korea may be on rocky ground right now, but it’s still unlikely that Beijing will publicly join the U.S. in blaming Pyongyang for cyber attacks.
The U.S. call for cooperation with China goes beyond the specific charges against North Korea in this one case, however. In a statement condemning the attack on Sony, Secretary Kerry said the U.S. would “work with partners around the world to strengthen cybersecurity [and] promote norms of acceptable state behavior.” That puts the current outreach to China in a broader context – for years, the U.S. has been trying to work with China (and other countries) to hammer out rough guidelines for acceptable conduct in cyberspace. The disagreement within the U.S. over whether the Sony hack constitutes an “act of war” (President Obama says no) underlines how fuzzy red lines can be in cyberspace. That’s something the U.S., in collaboration with other major powers, would like to change.
However, the outlook for cyber cooperation right now is dim. China withdrew from designated cyber talks in May as a protest against the U.S decision to indict five PLA officers for cyber espionage. Beijing resents public U.S. accusations of hacking and other cyber attacks. In particular, China denies that the U.S. has credible evidence that these attacks originate in China – which is the same tactic China is using to respond to current accusations against North Korea. Reports, based on the Snowden leaks, indicating how widespread U.S. hacking activities are in China have only further reduced room for cooperation.
Beyond these issues, the U.S. and China remain far apart in their definitions of what constitutes “acceptable” cyber activity, especially when its comes to espionage. Washington has tried to draw a distinction between hacking for “legitimate” security reasons and hacking for economic gain; Beijing remains unconvinced by this rhetoric and is unlikely to accept this model as the basis for cyber norms.