China and the United States will hold the first round a new dialogue on fighting cybercrime this week in Washington DC. According to Reuters, China’s minister of public security, Guo Shengkun, arrived in Washington on Tuesday for the talks and will depart on Sunday. Guo met with U.S. Secretary of Homeland Security Jeh Johnson and Attorney General Loretta Lynch on Tuesday for the opening of the talks.
Cyber issues, and particularly Chinese government-sponsored hacking for commercial gain, was a major focus of the Obama administration heading in to President Xi Jinping’s September 2015 state visit to the United States. After threatening to slap China with sanctions for such hacking, the administration was able to get Beijing to agree “that neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.” It’s a promise of dubious worth, considering China has always officially denied carrying out hacking activities of any kind.
Of more potential value was the announcement of a new, high-level cyber dialogue – not only a replacement for but an upgrade to the working-level talks that were discontinued when China pulled out after the United States indicted five PLA officers for cybercrimes. According to a White House fact sheet issued during Xi’s visit, the two sides agreed “to establish a high-level joint dialogue mechanism on fighting cybercrime and related issues.” The dialogue would be led by a then-undetermined ministerial-level official from China (now known to be Guo of the Ministry of Public Security) and by Johnson and Lynch on the U.S. side. In addition, China’s Ministry of State Security, Ministry of Justice, and State Internet and Information Office and the U.S. Federal Bureau of Investigation and intelligence agencies would participate.
The dialogue, which will be held twice a year beginning in 2016, “will be used to review the timeliness and quality of responses to requests for information and assistance with respect to malicious cyber activity of concern identified by either side,” the White House said.
To prepare for this week’s dialogue, Deputy Secretary of Homeland Security Alejandro Mayorkas led a delegation to Beijing in mid-November to discuss cyber issues.
With Guo and the Chinese delegation in Washington this week, it’s a good time to look back at whether or not China changed its behavior in the cyber realm after Xi’s visit. Reviews have been mixed.
On one hand, U.S. National Counterintelligence Executive Bill Evanina said last month that he had seen “no indication … that anything has changed” when it comes to Chinese cyber espionage against U.S. companies. Evanina also indicated that China is the largest perpetrator of espionage against U.S. businesses. Of foreign espionage attempts reported by U.S. companies, he said that 90 percent of those attempts were linked to China.
On the other hand, Ellen Nakashima of the Washington Post cited “current and former U.S. officials” are saying that the Chinese military has largely withdrawn from commercially-motivated cyberattacks against U.S. companies — not since Xi’s visit in September, but since the 2014 indictment of PLA officers. “For a period of time following the indictments, there was a very significant decrease” in the PLA’s cyber espionage, one official said.
However, sources also told Nakashima that outside the military, China’s commercial cyber espionage continued apace. “From what we see, the majority of the intrusions today are coming from sets that we believe are MSS [China’s Ministry of State Security] or MSS contractors versus the PLA,” Dmitri Alperovitch of the cybersecurity firm CrowdStrike said.
The dialogue today and tomorrow is expected to discuss implementation of the agreements reached during Xi’s visit to the United States, with a focus on conducting joint investigations into cybercrimes. The two sides may decide to start with less controversial issues than cyber economic espionage, however. In April 2015, for example, when Johnson met with Guo in Beijing, both sides “agreed to focus on cross-border, cyber-enabled crime including online child sexual exploitation, money laundering, and counter proliferation of weapons.”