Institute for International Economic Policy

Event Summary: Who is Bashing Whom: China, Cyber-Attack, Democracy, and Retaliation

Project on Trade Agreements and Internet Governance

Where: The George Washington University’s Elliott School of International Affairs

When: 1200-1400 Friday March 22, 2013  


  • Ellen Nakashima (Washington Post)
  • Grady Summers (Mandiant)
  • Delphine Hagland (Reporters Without Borders)
  • Irving Lachow (Center for a New American Security)
  • Michael Nelson (Bloomberg)


Recently, the publication of Mandiant’s report on Chinese cyber attacks and cyber espionage has led to a major discussion of the consequences for Internet freedom and information security in the United States. Susan Aaronson convened a panel at GW’s Elliott School of International Affairs in order to discuss the implications of Chinese hacking, including what the appropriate government response should be; these panelists were selected for their diverse perspectives (journalism, industry, human rights, policy, and academia).

Structure of Event:

Ten Minute prepared statement from each panelist followed by an open question and answer session.


  • The panelists agreed that there has been a major increase in Chinese cyber attacks on the media and industry in the last few months.  Thus far, these attacks have focused on gathering information (e.g. media sources, intellectual property) rather than causing physical harm. In addition, within China, the government has been jailing and torturing national and foreign journalists as well as limiting internet freedom for its people.  Some panelists argued that denying such freedom to its people could “catch up” to China, limiting their ability to innovate in the future.
  • What can the United States do?
    • In the private sector, companies need to boost their security, and employees need to be more vigilant.  The problem the government is facing in this regard is how to help the companies that will not help themselves.
    • The U.S. has to remember that China is stealing intellectual property because it is trying to preserve its internal sovereignty and stability. According to Irving Lachow, the U.S. has a few options. We could try to play by the same rules China plays by, but this would be politically undesirable and impractical. The U.S. could also try to decrease the benefits or increase the costs associated with China’s actions. Increasing costs via diplomacy and economic sanctions has trade-offs in that it would impact our relations with China.  Decreasing benefits by making it harder to steal, or limiting the information available to steal, is also tricky, because there is disagreement in the U.S. about how big of a role the government should play in cyber security.
    • Michael Nelson argues there are three things that need to be done moving forward. First, we need better encryption throughout the internet. Second, the U.S. needs to be more transparent in how it’s using cyber, because we haven’t had a public discussion about this topic. Third, the U.S. needs to employ more “good” hackers.  Mr. Nelson also suggested three things the U.S. must not do. First, we should not consider an international disarmament treaty for cyber. Second, we should not hack China back.  And third, we must not eliminate anonymity across the board as this is terrible for democracy. 
    • Detailed Minutes:

    • Ellen Nakashima
      • Ms. Nakashima suggested a slight change to the overall theme of the discussion moving away from the original title of the event and focusing more on how rights are impacted.
      • There has been quite a bit of news concerning the hacking of Google accounts in the journalist community, but these events are not happening in a vacuum.
        • The various organizations that were hacked were researching and writing on the Chinese government.
      • So far, Chinese “attacks” are generally geared more towards getting information about the sources and methods of reporters, rather than actually causing physical damage.
      • The toll on reporters is high especially in China where human rights abuses are at play, e.g. detention, prison, torture. The reporters in China also lack access to nexus, have trouble meeting with sources, receive DDoS attacks on their websites, and have their e-mails deleted.
      • The role of China in cyber is part espionage and part harassment, and journalists are very concerned about the safety of their sources in the country.
        • Although, as hard as China may try they cannot shut down all speech because of the internet.
      • China spends upwards of 10 billion dollars a year on public relations, but undermines this immediately by contributing to all this hacking.
      • While cyber strikes are not necessarily the best solution, General Alexander’s recent mention of Cyber Command’s new offensive weapons demonstrates U.S. unwillingness to put up with further attacks.
      • All organizations need to boost their network security, and their employees need to be more vigilant.
      • The threat of international isolation - and destabilization of the international system - may force China to alter its behavior. We need to help China realize its actions are counterproductive to their goal of increasing their global standing. This seems to be a priority of the current administration.
    • Grady Summers
      • Began by claiming that Mandiant has no political axe to grind; they want to inform policymakers and the public by simply reporting what they see.
      • Attacks on media organizations are up fourfold over the past year.
      • Reasons that China goes after the media:
        • They want to find reporters’ sources who can spread information that they don’t want going public
        • They are looking for more soft power control - they need to know how the world media portrays China in order to figure out ways to influence such perceptions
        • They are economically motivated to hack - they need broadcast technology.
      • Mr. Summers wanted to talk in a broader sense, in terms of China’s targeting of intellectual property
        • Stealing intellectual property from the defense industry, energy, law firms, non-profits, etc.
        • APT 1 report claims over 100 terabytes of compressed data has been stolen by Chinese attacks, including designs, formulas, blueprints, etc.
          • Companies are seeing all the money they have spent on investment going out the door
      • Mandiant is trying to make the case that these attacks are definitely coming from China.
        • China is vehemently denying. They also say: we’re attacked by the U.S. and the U.S. attacked Iran. It is important to recognize, though, the difference between a large-scale, well-funded and sustained government effort and the general attacks that all companies see.
        • We also need to recognize the motivation is very different for the U.S.’ attack in Iran and what China is doing. the U.S. was concerned about national security. China hacks are stealing data from private companies for control of information about CCP, and for economic productivity (the basis of CCP’s legitimacy in China).
      • Impact of attacks:
        • The impact is hard to pinpoint at this time.  We usually say it is a “slow bleed,” but Summers believe  factories in the US could go out of business in the next few years because of the stolen intellectual property. Hacking has already ruined mergers and allowed China to gain unfair advantages on bidding for acquisitions in the global energy market. We won’t be able to say “this company definitely shut down because of China,” but Summers argues that their impact is huge economically.
      • What do we do?
        • We need to ask why this is happening
        • Remember that China is not just hacking because it wants to have the world’s biggest economy; the CCP is also trying to preserve its internal sovereignty and stability, which it believes comes from consistent economic growth.
        • So if we’re going to do anything about China, we need to remember why China hacks and use international pressure and increased attention to develop a norm against these actions.
    • Delphine Haglund
      • Human rights perspective
      • Attacks against foreign journalists have increased dramatically in the last year, and we are seeing unprecedented rates recently. Why is this happening?
        • Last month, there was a once in a decade leadership change in China
      • China is not afraid to block the websites of many journalistic agencies because they want to control the message. This happened to Beijing office of Al Jazeera English.
      • More disturbing is that physical threats against reporters are growing in China. She described several examples of reporters that had been physically threatened by government forces in China.
        • Additionally, systematic surveillance of the press is common.
      • China’s willingness to jail journalists is very concerning and their ability to do so is proven. There are 30 Chinese print journalists in jail, as well as 69 bloggers, all serving sentences for subversion or inciting public disorder. China is the biggest jailer of bloggers in the world.
      • China also engages in news blackouts in regions like Tibet.
      • China is currently one of the five worst countries for Internet freedom.
        • China’s “great firewall”
      • China asks Weibo (China’s equivalent of twitter) to monitor and filter posts
        • there is a list of forbidden words that cause a post to be deleted
      • Similarly, Chinese Skype has an automatic filter
      • China is exporting its model throughout the region by using diplomatic pressure on countries like Vietnam and Indonesia.
    • Irving Lachow
      • Mr. Lachow focused much of his talk on the theft of US intellectual property.
      • China and the US are playing by very different rules in the cyber domain.
        • China believes stealing secrets from intellectual firms is a perfectly legitimate role of states. Other countries think this way as well, including Russia, France, and Israel.
          • The U.S. doesn’t support this, and wants China to stop, and go back to “normal” state vs state espionage.
      • The question is, how do you get the Chinese to stop playing by their rules?
        • The U.S. can change the way it plays the spying game, and play by China’s rules
          • This is a problematic approach diplomatically, practically, politically, and morally. Highly unlikely we would do this.
        • The U.S. can increase the costs and lower the benefits of China’s activity.
          • To increase costs:
            • Economic sanctions, diplomatic pressure, law enforcement measures.
            • There are heavy trade-offs to this option. There will be consequences to US-China relations.
          • To decrease benefits:
            • make it harder to steal, or less information to steal
              • how do you do this? It is an interesting policy issue. There’s a debate going on right now about what role the government should play in deterring these kinds of thefts on intellectual property.
                • There’s even a pushback about the U.S. role in protecting infrastructure. The Executive Order created a voluntary program that provided a framework for standards and better protecting and built in incentives. The private sector is saying - let the market handle this.  It’s even harder for the government should be involved in intellectual property theft.
                • Maybe the government could engage in information sharing and education and awareness. But it’s not clear if the government should do this or stay out entirely.
        • So what do you do if you’re the U.S. government? How do you help the private sector help itself? I don’t have an answer for this, and I leave you to think about it.
    • Michael Nelson
      • The current state of affairs in cyber is analogous to an earthquake
        • New technology is profoundly changing what control the government has and what people can know and do.
      • A big problem in this discussion is that every nation believes cyber is a problem, but each uses different terms in framing the issue.
        • Russia and China care about the “nasty” people reporting the news, and propaganda
        • The U.S. fears intellectual property theft
        • Arab countries are concerned about people destabilizing governments.
      • The real problem is when people go in and don’t snoop, don’t delete a whole bunch of data, but make small changes in a code. This can have a huge impact for banks and other companies because it can ruin their reputation. Also, health records slightly changed can lead to huge medical problems.
      • There are three basic worlds the cyber domain can morph into:
        • The “1984 version”
          • The government knows everything and we know nothing, and don’t know what the government knows.
        • The “transparent society”
          • everyone knows everything about everyone. The good thing about this, some argue, is that we will know what the government does.
        • The “snow crash” world
          • The bad hackers take control and know everything, and the government and people know nothing.
      • Take a look at Bruce Schneider’s article from last week
      • How do we get to a better world?
        • Better encryption throughout the internet
        • Better transparency
          • We haven’t had a public discussion of what we’re doing. Other countries then fear the worst.
        • You need more “good” hackers
      • What we cannot do:
        • No international disarmament treaty for cyber
        • Don’t hack back
        • Don’t eliminate anonymity across the board. This is terrible for democracy.
    • Question and Answer
      • Q: Is there any fear that if we give companies power to retaliate that they’ll then hack the NSA?
        • A: No, not concerned about the NSA. If people are going to hack them, they’ll hack them regardless of whether they’re given any power.
        • What’s concerning is escalating tensions when the other side has access to critical infrastructure, millions of computers. We don’t want to retaliate because that is very dangerous
        • There are things that can be done that aren’t “hack back” - that’s a bad idea - but that bump against the law. Right now, honeypots are as far as companies are willing to go right now, which aren’t illegal.
      • Q: What is expected from the Mandiant Report moving forward?
        • A: hope that it slows the process on hacking, but China does not appear to be halting the progress of these units
      • Q: Which world of the internet (Michael) is the most likely?
        • A: different worlds will evolve for different countries: we should have the transparent model in the U.S., but some countries already have the 1984 model.
      • Q: Are U.S. people really just at the margins of the attacks? Who will be affected most - the U.S, people inside China, or people in South and Southeast Asia?
        • A: This is really a global issue impacting everyone, but the Chinese are indeed disproportionately impacted. Moreover, if your culture is based off of stealing intellectual property from others you run the risk of closing down innovation within your own country.
      • Q: What keeps the increasing number of bad chinese hackers from attacking China?
        • A: Fear. They arrest citizens for any opposing voices
      • Q: Will China’s culture of stealing come back to haunt them?
        • A: Possibly, it might result in them losing the ability to innovate or it may provide the impetus they need to innovate for themselves. Once they realize they actually want to protect their own innovators they may crack down on the stealing.
        • Moreover, if China would like a good reputation in the international community they will need to stop the hacking.
      • Q: How do you get policy issues talked about?
        • Think-tank world
          • Awareness
          • Bring different factions to bear
            • d.g. Republicans & Democrats, Legislative & Executive, Public & Private
          • The next generation of leaders in this space are coming out of the think tanks, and are extremely bright and aware of these issues.
        • Private enterprise
          • Continue to publish information for policy-makers to use and reference
        • Media
          • Try to illuminate issues in the debate in a way that is understandable, relevant, and accessible to the average person
          • Bring different perspectives together

      The IIEP Global Economic Governance in the 21st Century Initiative

      Project on Trade Agreements and Internet Governance

      Synopsis of

      "Can Trade Agreements Facilitate the Free Flow of Information?
      The TransPacific Partnership as a Case Study"


      Friday, September 21, 2012

      Washington, DC


      The panel was organized by the Project on Trade Agreements and Internet Governance, with funding from the John and Catherine T. MacArthur Foundation, the Computer Communications Industry Association, and the Heinrich Böll Foundation.


      The panel for the meeting included Jonathan McHale, Deputy Assistant U.S. Trade Representative for Telecommunications and E-Commerce; Jayme White, staff director for the Senate Committee on Trade, Customs, and Global Competitiveness; Rashmi Rohnath expert on IPR issues, director of the Global Knowledge Initiative at Public Knowledge; and Usman Ahmed, policy counsel at E-Bay. Professor Susan Aaronson moderated, and opened the discussion by asking how the TPP might affect issues such as privacy, trust, access to information, IPR, Internet freedom and Internet governance.


      Mr. McHale's spoke first, briefly describing the importance of Internet traffic as a trade issue. He quoted information from Cisco Systems, that in 2016 we will have 1.3 zetabytes of data moving per year, which is the equivalent of every movie ever made will move across the global IP network every three minutes. He pointed out that rules for commercial data flows, such as financial transactions, are well established, but what was new and different was the increase in consumer data flows like music downloads and online games. The challenge is to formulate rules for these data flows.


      Mr. White asked that his remarks be off the record.


      Ms. Rohnath spoke especially about the IP chapter in the TPP. She argued that while copyright law is essential, enforcement can overreach in a way that is an adverse impact on the free flow of information. She held out the website as an example: Customs Enforcement seized and held the website for a year due to supposed copyright infringement, blocking even the legal content available on the site. Ultimately, the website owners had permission for the music videos the government claimed were infringements. Ms. Rohnath pointed out at that the TPP requires parties to adopt rules similar to those which allowed the U.S. government to seize The TPP also gives copyright owners control over temporary copies of content, such as might be stored on a computer's RAM or in a browser cache. Ms. Rohnath did applaud the USTR in its efforts to guarantee the free flow of information, but also expressed concern that this goal be balanced with adequate privacy protections for consumers and users.


      Mr. Usman addressed the power and scope of the Internet for retailers and e-commerce. He described how E-bay moved from offering only domestic sites for each country, to a global marketplace. According to E-bay internal research, small businesses that export items through the site reach an average of 19 different markets. PayPal data shows that 25% of payments by volume are international transactions. Mr. Usman emphasized the importance of free flow of information for global e-commerce, and also pointed to a need to shield intermediaries (like E-bay) from liability for users activities on their platforms.


      The panel then turned to questions from the audience. One person asked how the USTR and other policymakers can write rules for technology that is changing rapidly. Mr. McHale explained that they use broad language to cover possible innovations, such as 'computing facilities' to describe server operations.


      One point of controversy in the Q&A was the degree of openness in the TPP negotiation process. Mr. McHale explained that the negotiations are secret to protect the parties, but that the USTR has tried to be as open as possible. Ms. Rohnath said that while the USTR was indeed open to meeting with her organization, they had little to talk about because the actual texts and language of the agreement are secret, apart from leaks.


      Another question asked whether the USTR was proposing anything like the E.U.'s Safe Harbour process for protecting privacy. Mr. McHale said that the relevant aspect of the TPP was a provision giving member governments the right to enforce their privacy rules even if the data leaves their jurisdiction. There are a number of ways to organize that enforcement -- Safe Harbour being one -- but for the agreement's purposes it was important only to have a mechanism.


      The final question asked what the USTR needed to do to resolve concerns about IPR enforcement overreach. Ms. Rohnath said that the TPP had to recognize the importance of protecting creativity, but also the importance of cultural participation for some forms of consumer content. She argued that it was inappropriate to export norms of strict copyright enforcement to countries which do not already have such rules and lack the government capability to enforce those rules effectively.


      A collection of press articles from the event can be found on the TAIG blog.