Criminal Justice & the Rule of Law Cybersecurity & Tech Foreign Relations & International Law

What Effect Could Chinese Military Reorganization have on the Recent US-China Cyber Agreement?

Matthew Dahl
Tuesday, November 3, 2015, 5:55 PM

At the end of September, the United States and China reached an agreement that promising they would not engage in or support cyber espionage activity aimed at providing competitive advantage to commercial entities.

Published by The Lawfare Institute
in Cooperation With

At the end of September, the United States and China reached an agreement that promising they would not engage in or support cyber espionage activity aimed at providing competitive advantage to commercial entities. Lawfare has had some very interesting and insightful posts on the agreement here, here, and here. Of course, skepticism over the actual effect of this agreement abounds. Will China actually uphold its end of the bargain? Will differing interpretations of the deal’s terms lead to continued attacks against private companies in the United States?

It’s important to remember that the deal does not cover cyber actions that support national security intelligence gathering. This leaves the door open for cyber espionage against private companies, for example, in the defense sector which China could claim is related to national security, but which the US sees as seeking a competitive commercial advantage.

It’s too soon to make definitive conclusions about how effective the US-China cyber deal will be; however, a recent meeting of Chinese leadership in Beijing may factor into the long term success of the agreement. This meeting, the Fifth Plenum of the 18th Chinese Communist Party (CCP), occurred from October 26-29th. The purpose of the event is to gather members of the CCP’s Central Committee in order to review the leadership’s policy plans. Among the topics discussed during the four-day meeting was the reorganization of China’s Central Military Commission (CMC), which may be a signal that the long talked about plans to reorganize the Chinese military may finally get underway.

Media reports suggest that one of President Xi’s goals is to consolidate and streamline China’s military forces with the ultimate goal of making them more nimble, effective, and capable of projecting power. A significant element of any military reformation would almost certainly involve changes to the military’s cyber forces, which are viewed as a central pillar of China’s military success in winning what it calls “future informatized wars.” A shake up of cyber units in China begs the question: What sort of effect will such an overhaul have on cyber operations directed at the United States, particularly in the wake of the recent agreement?

A restructuring of China’s cyber forces may help to centralize control over what is currently a sprawling landscape of government/military units and private contractors believed to carry out a wide array of cyber operations. China’s military is massive with numerous components all capable of housing their own cyber units. Additional government-based cyber units reside in elements in the Ministry of Public Security and Ministry of State Security. Private contractors augment the capabilities of these civilian government and military units. These various sources of cyber activity may currently make it difficult to control what operations are being conducted and for what reasons.

For example, it has been suggested by some that government employees in these various cyber units are moonlighting as “hackers-for-hire” for corrupt officials or rogue companies stealing information and reselling it for their own financial gain. Assuming that is true, if these unsanctioned operations are identified and traced back to China, it increases the chances that China will suffer embarrassing consequences. Such consequences already occurred in 2014 when the US handed down an indictment of five Chinese nationals for their role in cyber espionage operations. Then, in 2015, the Obama administration announced that it was developing a package of economic sanctions to be used against Chinese individuals and entities benefiting from cyber operations. As James Lewis, Director and Senior Fellow at the Center for Strategic and International Studies (CSIS), has already suggested, these actions by the US were painful and embarrassing for China, and could have been motivating factors that resulted in the US-China cyber deal.

An overhaul that centralizes and streamlines the structure of China’s cyber forces could be good news with respect to the recent agreement. Reorganization may allow for greater control over what operations get carried out and how they are executed. This would reduce the chances of unauthorized operations that could lead to embarrassment for the government. It would also make it easier to identify unsanctioned activity and punish those involved. Punishment of unsanctioned operations would be a positive sign that China is abiding by the agreement and is committed to eliminating rogue elements trying to steal data for economic gain.

It could also be argued that an alternative scenario will result from a more structured Chinese cyber complex. If China is committed to fashioning a more modern and professional military it stands to reason that its cyber forces will grow more sophisticated. Increasingly sophisticated operators will be able to carry out operations that are more difficult to detect and defend against. Greater difficulty in detecting, defending, and attributing cyber operations may tempt China to reengage in the economically motivated cyber espionage that they agreed to cease at the end of September.

It’s still too early to know what organizational changes could be in store for the Chinese military and its cyber forces. With a military as large as China’s, any changes will take a significant amount of time to implement; however, this issue bears watching as it will likely have some effect, positive or negative, on how China conducts its cyber operations.

Matt Dahl is Manager of Global Threat Intelligence and Legal Counsel for the cybersecurity technology firm, CrowdStrike.

Subscribe to Lawfare