Last week, U.S. National Security Advisor Tom Donilon pointed to the unacceptable frequency and intensity of Chinese cyber attacks on American corporations and called for a comprehensive dialogue with Beijing. Until now, the global debate on cyber security has focused on the challenges of controlling internet crime, coping with hostile attacks on critical infrastructure like electricity grids in one country by another, and developing legal norms to limit cyber conflicts among nations. Donilon's remarks at the Asia Society in New York last week helped draw international attention to the impact of cyber warfare on the global economy and the future of U.S.-China commercial ties.
Donilon urged Beijing to recognize the dangers that the cyber theft of American intellectual property poses to the stability of the global economy, investigate and put an end to these attacks, and start negotiations on drafting a code of conduct. A few days before Donilon spoke, the U.S. cyber security firm Mandiant published a report which traced most of the cyber attacks on the U.S. corporations to a secret Chinese military unit, numbered 61398, located in a 12-story building in Shanghai.
That corporations spy on each other within and across nations is not a startling development. What is new is the Chinese military's decision to deploy its massive cyber resources against the U.S. companies. The PLA's objective is widely seen as part of an effort to alter the strategic balance between China and the United States by narrowing the gap between the two countries in the high technology sector. China's massive cyber efforts have begun to blur the distinction between commercial espionage and national security and the US is eager to work out a set of mutually acceptable constraints.
This outreach to Beijing complements Obama's determination to defend the U.S. economy, critical national infrastructure and American corporations against cyber attacks originating from China and other external sources. Obama also met last week with the CEOs of 13 major US corporations to discuss collaboration between the government and business on strengthening America's cyber security.
Responding to the recent barrage of American charges of cyber warfare, officials and media commentators in Beijing say China is being unfairly targeted for political reasons by Washington. They say China is also a major victim of cyber attacks and insist that most of those originate from the United States. They call for an end to "irresponsible criticism" of China and to jointly develop rules of the road for international cooperation in cyber space.
The question of cyber security in the economic realm also came up in the phone conversation between Obama and Chinese leader Xi Jinping after he was formally elected president of China last week. In his congratulatory call to Xi, Obama described cyber security as a "shared challenge" that must be addressed in the overall context of the all-important bilateral economic relationship between the United States and China. Xi apparently agreed to start talks with the US on cyber security and the new prime minister, Li Keqiang, affirmed on Sunday China's interest in building a new and sustainable relationship with America.
U.S. Treasury Secretary Jack Lew, who is in China this week, is expected to probe the Chinese leaders for the terms of the bilateral dialogue on cyber security. While the United States is deeply concerned about Chinese cyber attacks, there is a new tone that has begun to emerge from Washington underlining the importance of bilateral cooperation with Beijing.
The need to avoid confrontation with China came through clearly in Donilon's remarks at the Asia Society: "Economies as large as the United States and China have a tremendous shared stake in ensuring that the internet remains open, interoperable, secure, reliable, and stable."
Both countries face risks when it comes to protecting personal data and communications, financial transactions, critical infrastructure, or the intellectual property and trade secrets that are so vital to innovation and economic growth," Donilon added.
Despite the many tensions in the bilateral relationship, the Chinese public reaction to the spate of recent U.S. allegations on cyber theft and commercial espionage has been moderate. There have been substantive Track Two conversations between the United States and China on the economic dimension of cyber warfare and the need to build mutual trust.
The incipient Sino-American bilateral dialogue has the potential to alter the current international discourse on cyber security. Until now, Russia has led the debate in multilateral forums like the United Nations on information security. Russia, China and many developing countries have also ranged themselves against the United States and the West on questions relating to internet freedom and the sovereign right of states to regulate and control cyberspace.
Although these ideological issues might retain some salience, the new Sino-American dialogue is about managing the profound interdependence between the world's two largest economies in the cyber age. Just as the US and the erstwhile Soviet Union defined the nuclear discourse in the last century, Washington and Beijing are likely to shape the international regulation of the cyber domain in the coming decades.
India, then, must resist the temptation to hang its cyber rhetoric on familiar tropes of multilateralism. New Delhi must focus instead on building robust capacities at home for defense, offence and espionage in cyberspace.
Without a strong internal capability, Delhi will be unable to influence the international debates on regulating cyberspace at the UN General Assembly and the International Telecommunications Union. Even more important is India's bilateral engagement with both the United States and China on cyber security issues. So is the founding of a solid cyber partnership between the Union government in Delhi and the large private corporations in Mumbai.