An increasingly testy dispute between China and the United States over cyberespionage is about to drag out in Silicon Valley.
Last month, the Justice Department unsealed an indictment charging five officers of China's People's Liberation Army of trying to steal US commercial trade secrets. The assumption is that the five belong to the shadowy specialist group, Unit 61398, which was described in a 2013 report by Mandiant as a government-run Shanghai computer spy group.
China, which has never confirmed the group's existence and says that the government has never supported any hacker activities, this week issued a call "to punish severely the pawns" of the US government for monitoring China and stealing secrets.
"US companies including Apple, Microsoft, Google, Facebook, etc. are all coordinating with the PRISM program to monitor China," the People's Daily said on its official microblog. (PRISM was a government program set up to monitor foreign communications that cross US servers but which also gave the NSA access to the central servers of major tech companies.)
That fits with a familiar narrative. Ever since former contractor Edward Snowden one year ago disclosed the existence of extensive spying programs conducted by the National Security Agency, Chinese official media have suggested that American tech companies were in cahoots with Washington. (Coincidentally, Microsoft's top lawyer on Wednesday urged the US to change its surveillance procedures immediately.)
China also warned that it would favor domestic technology suppliers over US companies.
"To resist the naked Internet hegemony, we will draw up international regulations, and strengthen technology safeguards, but we will also severely punish the pawns of the villain. The priority is strengthening penalties and punishments, and for anyone who steals our information, even though they are far away, we shall punish them!" the statement said.
If China makes good on that threat, it will cost US technology companies billions in dollars in lost contracts. But this increasingly fraught Sino-American relationship is likely not going to improve anytime soon, notes Shen Yi, who teaches in Fudan University's department of international politics in Shanghai. CNET spoke with Yi to get a perspective on how China views the latest ratcheting up in tensions and the potential fallout suffered by US tech companies.
Q: Given Edward Snowden's revelations about the extent of NSA spy operations around the world, what's been the reaction to the US decision to indict five PLA officers?
Shen Yi: That US decision triggered quite a lot of feedback from China's side. The decision to indict five PLA officers is a surprise to China, especially considering the revelations of the PRISM project by Snowden. According to Beijing's understanding, the US needs to apologize first for the abuse of its capabilities and should find a proper solution on all these issues involving China and the US via diplomatic negotiations.
Obviously, many US technology companies do business in China. Is there likely to be a major impact on their ability to operate in China because of the latest dispute between Washington and Beijing?
Shen Yi: Of course there will be an impact. For quite a long time, since the end of the 1970s, these companies enjoyed an overwhelming advantage in the mainland market. One of the most important reasons that Beijing trusted these companies was the belief that technology companies are politically free, meaning that the company is not the secret agent of a foreign government, and the import of the technology could be a benefit to China's own national interest.
Does China believe that US tech companies are colluding with US espionage efforts?
Shen Yi: It's very difficult for China to say no after Snowden released the evidence.
The Chinese government says it plans to put in place new procedures to deal with what it says are potential security problems with Internet technology and services used by sectors "related to national security and the public interest." What might this mean in practice?
Shen Yi: In 2010, the Chinese government decided to research Washington's new concept: supply chain security. The newly reported procedures are nothing but the Chinese version of supply chain security and national security review procedures. Lots of Chinese companies enjoyed the warm welcome of such kinds of procedures and (now) it's Beijing's turn. Generally speaking, Beijing would like to duplicate the procedures deployed by Washington and its friends in Europe.
Is there a relationship between the PLA and Chinese state companies?
Shen Yi: According to the report on the existence of a global system for the interception of private and commercial communications (the Echelon interception system), US companies like Boeing could directly collect commercial intelligence on the Airbus via the national intelligence infrastructure (offered by) Echelon. In my personal view, China should copy such kinds of cooperation to ensure that our companies could be assured of fair play in such an environment.
The US argues that the PLA stole commercial information over the Internet in order to benefit Chinese firms. Is there persuasive evidence to back up that allegation? Is the government irritated because it views this as just another example of the US trying to hold back China?
Shen Yi: The US Department of Justice provides no more evidence than that found inside the Mandiant report about one year ago. Until now, no companies have been mentioned that directly benefited from the so-called hacking operation. Such an indictment, very easily, would revive the Chinese government's memory of the Cox Report in 1998 which implies that the development of China heavily depended on the stealing of high tech from the US. From theft of high tech to manipulation of the RMB exchange rate and to theft via PLA hacking again, it seems that the US favors the development of different narratives to explain the vivid development of the economy of China, and has tried its best to hold back China.
What's been the main takeaway for the Chinese government from the Snowden disclosures about cybersecurity? Were they caught unaware at the scale of the intelligence gathering being conducted over the Internet?
Shen Yi: At least before Snowden, no information officially came from Washington telling Beijing that we are spying on you via the Internet. If the video upload by Mandiant is true and they could record the screens of the so-called Chinese hacker when he was "invading" some US companies, it seems that it would be difficult for Beijing to realize the existence of US intelligence gathering via the Internet.
From a national security point of view, how does the Chinese military view the cybergathering of intelligence?
Shen Yi: My opinion is that the cybergathering of intelligence is a new arena for great powers like the US and China. The US already has overwhelming advantages in cyberspace. It seems that Washington, just like (American political scientist) Kenneth Waltz has mentioned, doesn't want to produce any self-restraint of its power in cyberspace.
Given the course that both countries are now on, how likely is it that we'll see a cyber conflict erupt between China and the US within the next 10 years? What will it take to prevent that from taking place?
Shen Yi: Cyber conflict is not easy to define, but it would be difficult to say it will be 100 percent impossible. I think if both sides are not able to improve their strategic confidence in the cyberspace, it would be very dangerous.