Get real, China's cybercrime accord with the US will change nothing

Why a truce won't stop these superpowers hacking each other like mad

China president Xi Jinping agreed a truce on cybercrime with US President Barack Obama last week, a little different to the talk leading up to the event of a 'cyberwar accord' between the world's two most powerful nations.

There is more chance of Donald Trump saying something that isn't offensive or ignorant than there is of a cyber-peace treaty stopping anything remotely cyber-warfare related in times of war, which is probably why the two political and economic giants didn't go there.

Instead, they travelled down a similar but different road: the two agreed that 'cyber economic crime' must stop.

While both countries adopt a ludicrous position of 'I didn't do it' when it comes to launching any kind of cyber attacks against the other, be that industrial espionage or more traditional information spying raids, both also say the other must stop or there will be sanctions.

Obama spoke of a common understanding between the US and China that neither country would "conduct or knowingly support cyber-enabled theft of intellectual property", after warning that Chinese cyber attacks are not acceptable, and Xi Jinping happily agreed that "confrontation and friction are not the right choice for both sides" and insisted both countries would abide by "norms of behaviour."

To which my response is a big fat SO WHAT?

That response gets even more obese when you throw in the small detail that this 'deal' does cover the theft of trade secrets but not the taking of national security information. So it looks like state-sponsored removal of data as we almost certainly saw in both the US Office of Personnel Management (OPM)and Anthem breaches is set to continue.

Look, deals are only of any import if both sides stick to them, but the chances of that happening are pretty remote in the real world sense. No matter how much they deny it, the fact remains that both nations are hacking the bejesus out of each other. Cyber-spying is rife, and commercial espionage is par for the course.

China, if I were to risk a comment on who is being most successful, is looking like the undoubted winner right now. President Xi Jinping may say that the two powerhouse countries "share common concerns on cyber security" and that he is "ready to strengthen cooperation with the US side" but it means diddly-squat while Unit 61398 (Google it) of the People's Liberation Army's 3rd Department continues to attack US commercial and governmental concerns.

There is strong suspicion that it was behind the massive intelligence grab from OPMrecently, and the Anthem data breach, both of which were hugely successful in collecting personal information, health records, and even fingerprints of US government employees. Looking back, the PLA 3rd Department Unit 61398 is thought to have also targeted companies with an interest in CNI operations including power transmission lines, oil pipelines and power generation facilities to name but a few.

For President Xi Jinping to state that hacking and cyber-espionage are both illegal and that the Chinese government doesn't engage in the theft of commercial secrets or encourage others so to do is, frankly, laughable. It's hard to reach any conclusion other than no matter what is said, no matter what is signed, the truth of the matter is that the hacking will go on and security will continue to be tested in the most strenuous of ways.

That's what I'll be taking away from this particular state visit, and I have a funny feeling that whatever documents are signed I will feel pretty empty soon after. Anyone who says that such an 'accord' will make any difference whatsoever to the state-sponsored threatscape is, frankly, guilty of blowing smoke out of their ass...

Featured Resources

Choosing a collaboration platform

Eight questions every IT leader should ask

Download now

Performance benchmark: PostgreSQL/ MongoDB

Helping developers choose a database

Download now

Customer service vs. customer experience

Three-step guide to modern customer experience

Download now

Taking a proactive approach to cyber security

A complete guide to penetration testing

Download now

Recommended

UK’s IoT security regulation will also include smartphones
Internet of Things (IoT)

UK’s IoT security regulation will also include smartphones

21 Apr 2021
eBay, Apple, Microsoft, Facebook, and Google were phishers’ top targets in 2020
phishing

eBay, Apple, Microsoft, Facebook, and Google were phishers’ top targets in 2020

20 Apr 2021
HackBoss malware is using Telegram to steal cryptocurrency from other hackers
cryptocurrencies

HackBoss malware is using Telegram to steal cryptocurrency from other hackers

16 Apr 2021
Mastering endpoint security implementation
Security

Mastering endpoint security implementation

16 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
UK exploring plans to launch its own digital currency
digital currency

UK exploring plans to launch its own digital currency

19 Apr 2021