U.S. – China Agreement on Cyber Intrusions: An Inflection Point

China And US Flag

Chinese economic espionage reached its boiling point some time ago, and has been scalding industries throughout the world for years seemingly unabated. Still, I’ve always believed that the issue is not intractable, and comes down to changing China’s cost-benefit analysis. If progress only could be made on that front, I reasoned, the future could be different. I have to admit, however, that even I did not expect that future to be so close.

The joint U.S.-Chinese cyber agreement announcement today is a strategic inflection point. The Chinese have committed to not undertake cyber intrusions into private sector organizations for commercial benefits and also  have agreed to a process to timely investigate activities that would appear to violate this commitment is a watershed moment. This is the first time ever the Chinese had made such a distinction between national-security and commercial espionage and it’s a tremendous victory for the Obama administration and the whole U.S. private sector economy.

For years, I have argued for an aggressive trade sanctions approach to deter Chinese economic espionage against U.S. companies. Earlier this year, the Obama administration issued an unprecedented Executive Order 13694 which established a declaratory policy of the use of our global financial power to punish the perpetrators and beneficiaries of cyber intrusions of national consequence. When word leaked in recent weeks that the White House was seriously considering applying this new approach by instituting sanctions against some of the Chinese multinational companies which had benefited from these espionage operations, the Chinese responded instantly. Meng Jianzhu, a senior Politburo member and one of President Xi’s trusted lieutenants, was instantly dispatched with a large supporting delegation to Washington for urgent talks with very senior administration officials in an attempt to forestall the sanctions. This showed the vulnerability and deep concern of the Chinese leadership over such action and highlighted the opportunity for finally gaining leverage and upper hand in the negotiations to get them to dramatically scale back their state-sponsored intellectual property theft activities.

And with today’s announcement, this real and very serious threat against Chinese economic concerns, when added to prior diplomatic, law enforcement, and private sector responses to China,  appears to have altered President Xi’s calculus about the benefits of addressing the cybersecurity threat head-on, instead of with its head in the sand. Agreements are meaningless, however, without follow-through action and verification. Myself and the rest of the great team at CrowdStrike have been pioneers in highlighting and attributing the intrusions into Western companies from Chinese government-affiliated hackers, such as our report on the cyber activities of the 12th Bureau of the 3rd Department of General Staff (otherwise known as Putter Panda).  My co-founder George Kurtz has written more on the issues of validating this agreement and how private sector can be of help. CrowdStrike will, of course, continue to monitor Chinese activities with our Falcon cloud-based endpoint technology that’s deployed globally across numerous companies in the financial, manufacturing, technology, defense, agriculture and other industries. This will provide us with unique visibility into whether China abides by the commitment they’ve expressed today, so we can let our clients know whether today truly can go down in history as the day cybersecurity turned the corner for the better. Only time will tell.

Dmitri Alperovitch

Co-founder and CTO of Crowdstrike, Dmitri Alperovitch leads the Intelligence, Technology and CrowdStrike Labs teams. Alperovitch has invented 18 patented technologies and has conducted extensive research on reputation systems, spam detection, web security, public-key and identity-based cryptography, malware and intrusion detection/prevention. He is a renowned computer security researcher and thought leader on cybersecurity policies and state tradecraft. Alperovitch’s many honors include being selected as MIT Technology Review’s “Young Innovators under 35” (TR35) in 2013. He also was named Foreign Policy Magazine’s Leading Global Thinker for 2013 and received a Federal 100 Award for his information security contributions.

 

Stop Breaches with CrowdStrike Falcon request a live demo