China Daily has responded to a very detailed study Project 2049 published two weeks ago about Chinese signals intelligence and cyber reconnaissance. The response—which does not directly address any of the report’s specific claims about the role that the PLA General Staff Department’s Third Department plays in computer network exploitation—is essentially: those in glass houses shouldn’t throw stones. The United States may portray itself as the victim in cyberspace, “but it is no secret that the U.S. has already developed an information warfare doctrine and has capability to make cyber attacks on other nations.” And “the U.S. military is clearly capable of conducting offensive operations in cyberspace at any time and against any country.”
This is one of the standard comebacks to U.S. claims of Chinese cyberattacks (the other being China is also a victim) and would normally not be worthy of too much attention. But this article does end with two suggestions about how China and the United States might build trust in cyberspace. The first—that the two sides should cooperate and exchange information about “profit-driven” cyber crime—is also not much to get excited about, as it has been made several times in different fora. In November 2010, Gu Jian, head of Network Security in the Ministry of Public Security, suggested the United States and China cooperate on cases where there is “double criminality”—acts that are illegal in both countries. In May 2011, the EastWest Institute announced a joint agreement on battling spam. The problem, of course, is that the United States’ main complaint with China is not cyber crime, but cyber espionage—the theft of military and political secrets as well as commercial intellectual property, business plans, and corporate strategy. Mistrust will remain high unless this is tackled head on.