Language : English 简体 繁體

Why China Thinks the Mandiant Report is Dubious

Mar 08 , 2013
  • Li Zheng

    Assistant Research Fellow, CICIR

The U.S. cyber security firm Mandiant released a report last month alleging that a secret Chinese military unit in Shanghai was behind years of cyber attacks against U.S. companies. About 48 hours later, the White House unveiled a strategy to mitigate “trade secret theft.” The report and the strategy are so closely linked, which provides two signals to the Chinese government and public. One is that the U.S. government and enterprises blame all the cyber attacks and trade secret theft on China. The second is that the U.S. government strategy was elaborately planned after a series of media reports on Chinese hackers and the Mandiant report were released. Both threaten to ignite the “China- U.S. mutual trust deficit.” 

After a careful reading of the Mandiant report, I believe most readers will think three things. Firstly, Mandiant has astonishing intelligence capabilities, which allows it to find many minor details. Secondly, Mandiant has internet capabilities of reverse engineering, which also can be used to carry out cyber attacks and is far smarter and more capable than the “Chinese military hackers.” Thirdly, the evidence in the report is unable to prove that the APT attacks were launched by “PLA officials in the white, 12floor building.” The report is more likely aiming to find a scapegoat than make a meticulous and objective investigation. Most of the Chinese audience will not believe that the crack troops of PLA are using junk e-mails to fight against U.S. rivals. And they will not believe that the tactics are successful in stealing the top secrets and technologies from the U.S., the creator of the internet and the strongest country in cyber space. 

It is not the first time that “cyber espionage” has been a trouble in China-US relations, and it is probably not the last. At the end of 2011, China and the U.S. were facing a similar situation, as cyber security firms Symantec and MacAfee claimed that they tracked the source of cyber attacks to Chinese territory. Some believed that the increase in cyber problems is related to close relations between President Barack Obama and Silicon Valley. Eric Schmidt, the chairman of Google; Tim Cook, the CEO of Apple; and Mark Zuckerberg, the founder of Facebook have famously dined at the White House. And Barack Obama won his second term with a successful Twitter campaign despite a terrible economy. Therefore, it is not unexpected that the US government put cyber security as a top priority, and that it has raised a warning of outside cyber threats to push the process of domestic internet security lawmaking in order to help cyber security firms win more business. 

On the other hand, China is willing to cooperate with the U.S. on an international platform. China has the same concern of cyber threat as the U.S. does. There were over 14 million computers kidnapped by foreign hackers in 2012, as reported by the National Computer network Emergency Response technical Team Coordination Center of China. China also has a long history of cooperating in this area. In 2011, China and Russia submitted suggestions of cyber security international rule to UN, but were opposed by western countries. 

On a deeper level, the spasmodic “cyber espionage” problem between China and the U.S. has been caused by a fundamental difference in understandings of internet governance. One aspect is the priority and tolerance of the public on this issue. For China, the public is more worried about the security of food and environment than their cyber privacy, and most people have little knowledge’s and awareness of cyber security. It has caused China to become a relay station for cyber criminals around the world to thieve from or to hide themselves. Most of China’s websites and networks are easy to invade. According to an official agency, the number of foreign cyber attacks on China has increased by 18 times since 2009. In 2011, “CSDN,net”, one of the biggest programmer BBS was easily hacked by unknown group, and 6 million account numbers and passwords were released to the internet. However, the public is not aware of the cyber danger, so the government has little opportunity to cope with it. 

China has long insisted that government and official agencies should be responsible for stopping crime, and that the solution to international cyber attacks should come from international law enforcement agencies. Nevertheless, it seems to China that the principles and standards of the U.S. are changing and are often self-contradictory, as shown by its attitudes towards Wikileaks and internet freedom. How could the China and rest of world trust the country that developed and employed the most dangerous virus “Stuxnet” to free the world of cyber attacks? 

The bitterness caused by the Mandiant report is slowly being digested, although China has noticed that the U.S. has not intensified the issue. In other words, the event may become an opportunity for China and the U.S. to open a pragmatic dialogue on cyber issues as well as in the military area. It is more urgent for the two countries to reduce their security concerns than to be entangled by the past. It is better to establish a complex cyber dialogue for China and the U.S., which includes market opening, intellectual property protection and cyber security. As the  two biggest countries in the 21st century, China and US have a common interest in protecting the current international system from destructive attacks by cyber criminals, so we need to step forward.

Li Zheng is Assistant Researcher in the Institute of American Studies, China Institutes Of Contemporary International Relations

You might also like
Back to Top