The China-U.S. Cybersecurity Brawl

 
 

The China-U.S. Cybersecurity Brawl

Cybersecurity has been a critical issue since the birth of the internet. Over the years, the internet has developed tremendously, from only dozens of networking devices in the ’80s to approximately 5 billion netizens today. With that, the concept of cybersecurity has constantly evolved, from computer viruses, junk mails, and distributed denial-of-service attacks in the beginning to more complicated challenges including cyberfraud, ransomware, data dredging and advanced persistent threats.

Emerging technologies, such as artificial intelligence, 5G, quantum computing and the internet of things in recent years have expanded the scope, and also the connotations, of cybersecurity. On top of that, they have given rise to increased tensions between the world’s two biggest economies.

The cyberspace confrontation has had ripple effects — not only on bilateral relations but on the operations of tech firms. A number of tech giants, such as TikTok and WeChat have been sanctioned. Other IoT companies focused on niche markets, such as Tuya, also face more challenges.

According to the Report on 2022 Global IoT Security, which was released by the Research Center for Global Cyberspace Governance at the Shanghai Institutes for International Studies, with PSA Certified and the ioXt Alliance in California, cybersecurity issues are exerting a bigger impact on the entire internet industry, and IoT companies around the world are under increasing pressure not only in the technology realm but also in the political arena.

Against this backdrop, cybersecurity issues have expanded and entangled Beijing and Washington. In the early days, technology was the main thing, and cooperation was mainstream, with both countries working with each other on building computer emergency responses and preventing virus attacks. Fast forward into the Barack Obama era: Cybersecurity topped the agenda of most bilateral high-level dialogues.

Brawls over cybersecurity have since flared up between China and the United States. The two nations have been through a lot: They inaugurated a joint cybersecurity working group; the U.S. charged Chinese military officers with cyber-economic espionage; the two reached cybersecurity agreements and established the U.S.-China Law Enforcement and Cybersecurity Dialogue; the U.S. accused China of interfering in its presidential election, which China denied; the U.S. indicted suspected hackers from China … and so on.

Gradually, cybersecurity has moved up to become one of the most controversial issues facing China-U.S. relations, one with high priority and extensive impact.

So what is the essence of the cybersecurity dispute between the world’s two biggest economies?

On one hand, cybersecurity, an enormous field, is composed of many specific issues. Washington, in recent years, has attached immense importance to theft of trade secrets, data security, disinformation, supply chain security, rules and norms, cyber operations and so on. These issues are interconnected and overlapping, and they involve a variety of government sectors, companies and the public. That helps explain why cybersecurity dialogues are scarce.

On the other hand, there’s something hidden, underlying all the specific issues — the correlation between cybersecurity and national security strategies. The importance of cybersecurity, as an emerging arena, has long been underestimated. Objectively speaking, it amounts to a national strategy in cyberspace; however, many lack a sufficient understanding of it, despite repeated calls from people of insight noting its strategic significance. Such differences are prevalent in public opinion and even in official circles.

If Beijing and Washington can’t reach consensus in recognizing the strategic importance of cybersecurity, most of the specific issues mentioned above will remain unsolved.

In retrospect, there was once a noteworthy success story. In 2015, Meng Jianzhu, who was secretary of the Central Political and Legal Affairs Commission of the Chinese Communist Party, led a delegation to the U.S. to meet with representatives of the U.S. Justice, State, and Homeland Security departments on cybersecurity and other issues. They aligned on six points that were key to stabilizing Sino-U.S. ties.

Nonetheless, the dialogue had a defect in that it failed to enhance high-level talks between the Chinese and U.S. militaries. This requires authorization from the top, a comprehensive dialogue mechanism, basic agreement in military cyber intelligence and continuous devotion to crisis management. That’s nearly impossible in view of the current China-U.S. contention. The two countries, therefore, need to make adjustments in their dialogue mechanisms, starting by setting achievable goals, improving the professionalism of dialogues, maintaining daily communication and promoting mutual trust.

Finite, feasible goals are needed to avoid focusing on problems that are too grand. Then, promoting the professionalism of such dialogues by picking the right issues, making full preparation and setting attainable goals. Finally, maintaining communication without being influenced by the political environment is essential. In the end, both sides should have confidence and trust in the dialogues and refrain from any behavior that could break it. In this way, dialogues will be more pragmatic and make it easier for both sides to reach consensus.

Related industries, technology organizations and think tanks should make concerted efforts to manage the cybersecurity divisions between China and the U.S. The Report on 2022 Global IoT Security proposes 12 initiatives in this regard. They are of crucial importance in safeguarding China-U.S. cybersecurity, as well as that of the globe.