CFR Presents

Asia Unbound

CFR experts give their take on the cutting-edge issues emerging in Asia today.

Print Print Cite Cite
Style: MLA APA Chicago Close


Presidential Inbox: The Constant Irrititant of Cybersecurity in Asia

by Adam Segal
January 23, 2013

U.S. President Barack Obama recites his oath of office as first lady Michelle Obama looks on during swearing-in ceremonies on the West front of the U.S Capitol in Washington, DC, on January 21, 2013. U.S. President Barack Obama recites his oath of office as first lady Michelle Obama looks on during swearing-in ceremonies on the West front of the U.S Capitol in Washington, DC, on January 21, 2013. (Jim Bourg/Courtesy Reuters)


Mr. President, as you look toward Asia in your second term, cybersecurity will be a grain of sand in the eye, a major irritant but not one that blocks the larger vision of what you hope to accomplish in the region. That grain, namely Chinese cyber espionage, is not going away any time soon, but there are things you can do to make it slightly less annoying. Moreover, many of the policies to mitigate the situation will overlap with other efforts to re-energize the U.S. presence and boost ties to allies and friends in the region.

There seems little hope that the speck of sand will just come out on its own. Cyber espionage attacks are accelerating, up 75 percent from 2011 to 2012, according to the Defense Security Service. Over the course of your first administration, numerous officials raised the issue with their Chinese counterparts. It was on the agenda at the 2012 Security and Economic Dialogue and was raised during U.S. Secretary Hillary Clinton’s meeting with Chinese Foreign Minister Yang Jiechi and U.S. Secretary Leon Panetta’s dialogue with Chinese Defense Minister General Liang Guangjie. It is time, however, for you to raise the issue, Mr. President. If you want the leaders in Beijing to think this really matters to the United States, you have to tell them yourself.

It may also be time to start showing the stick. In his October 2012 speech to Business Executives for National Security, Secretary Panetta suggested that the United States was making progress on attribution: “Potential aggressors should be aware that the United States has the capacity to locate them and to hold them accountable for their actions…” There are bound to be some costs in showing how capable the United States truly is, but you should consider having your administration provide evidence that Chinese-based hackers are behind the espionage attacks. And once that evidence is public, policy makers can either consider trade sanctions or criminal cases against firms or individuals that benefit. The Department of Justice is reportedly preparing to indict hackers or state-owned enterprises that benefit from stolen intellectual property.

You can also lean more on our allies and friends. The Liberal Democratic Party is well placed to “reinforce cybersecurity as national security” in Japan. Revising the war contingency bill to include cyber attacks and enacting a law to protect classified information should make it easier for Tokyo to cooperate with Washington. South Korea will host the third International Cyberspace Conference (the first was in London, the second in Budapest), and the World Bank and Korea Communications Commission recently signed a deal for the joint development of a “Global Cybersecurity Center.” Delhi has announced a five-year plan to reform the country’s cybersecurity institutions as well as new cooperation with the United Kingdom and expanded dialogue with Japan on cybersecurity. The United States and Australia have declared that their mutual defense treaty applies to cyberattacks, and Australian Prime Minister Julia Gillard announced on Wednesday the establishment of the Australian Cyber Security Centre.

You need to do more capacity building. Many characterized the breakdown of the International Telecommunication Union (ITU) World Conference on International Telecommunications as the beginning of the “Internet cold war.” While it is true that there was a divide between those who support an open Internet and those who want more state control, not all of those who eventually signed the treaty did so for ideological reasons. Instead, they have real security problems, lack technical expertise, and see the ITU as a credible partner (signatories in Southeast and East Asia include Vietnam, Singapore, China, Indonesia, Malaysia, Thailand, Cambodia, and South Korea). The United States, along with Japan and Australia, has to provide an alternative through on-the-ground technical assistance.

In short, don’t avoid taking on China directly over cyber espionage, Mr. President, but don’t expect much from it either. The good news, however, is that there is much the United States can do with its friends and allies in the region.


Post a Comment 3 Comments

  • Posted by 阿江

    Is that “sand” or is it more accurate to say “‘fog’, which just so happens to have chemicals irritating the eyes”?

  • Posted by BISE

    I run my own blogand I came here by mistake. I read your entries and I found that they’re great! I want to use them on my site. I want do that without your agreement, so say OK. I’m greeting warmly.

  • Posted by HI

    Something that would get their attention is a new Wassenaar arrangement to expand the reach of export control regulations to any information related to strategic industries as defined by the Chinese themselves: IT&C, space, transportation, media, biotech, finance, etc. Response asymmetrically. If they steal, cut off their access to legitimate sources of technology.

Post a Comment

CFR seeks to foster civil and informed discussion of foreign policy issues. Opinions expressed on CFR blogs are solely those of the author or commenter, not of CFR, which takes no institutional positions. All comments must abide by CFR's guidelines and will be moderated prior to posting.

* Required