Cyber Transparency for Thee, But Not For Me

Secretary Hagel joins Chinese Defense Minister Chang Wanquan to review an honor guard in Beijing (Source: Xinhua)

In Beijing, a reminder for Hagel that the U.S. and China face divergent incentives on cyber policy

U.S. Secretary of Defense Chuck Hagel’s latest trip to Beijing represented a new milestone in Sino-U.S. military-to-military information-sharing. According to media reports, the U.S. side laid out in detail the makeup of America’s cyber forces, their command and control structures and U.S. policy regarding red lines and escalation in the network domain. Unfortunately, the Chinese have not responded in kind. In his speech at National Defense University closing out the trip, Hagel reiterated his desire for mutual transparency, but the tone was one of palpable disappointment. Chinese media largely ignored this section of Hagel’s remarks, with the only publications addressing it describing it as “hypocritical” in light of recent allegations regarding American cyber-spying and attacks on Huawei (Xinhua, April 9). Despite the Secretary’s wishes, China is unlikely to acquiesce to a regime of symmetric cyber transparency in the foreseeable future.

Why is China so hesitant to join the United States in sharing information regarding its network warfare capabilities? At the risk of oversimplifying, there are three primary reasons. The first is that China operates a massive peacetime industrial espionage apparatus, and the Chinese military (the object of Hagel’s desired transparency) plays a major role in providing the cyber-exploitation component of this capability. The second is that the leaks and accusations made by Edward Snowden have improved China’s diplomatic position in the context of any discussion of network warfare doctrine. The third is that Chinese military theoreticians’ views regarding the inherent battle-space characteristics of the network domain predispose the Chinese toward attempting to retain a degree of uncertainty and ambiguity around China’s offensive network warfare capabilities.

At this point, the rough outlines of China’s cyber-enabled peacetime industrial espionage capabilities are well-known to all interested parties. As detailed in the comprehensive book Chinese Industrial Espionage and open-source reports such as last February’s Mandiant Report on the peacetime espionage activities of PLA Unit 61398, PLA offensive cyber actors are aggressively gathering not only military but also industrial intelligence, which is then passed on to privileged Chinese corporations to impart a competitive advantage in international markets. The Chinese appear to view its unacknowledged industrial espionage operations as being every bit as deserving of secrecy as security-focused digital spycraft. The PLA’s offensive cyber capabilities have such a central role in espionage beyond traditional military intelligence that even military-related disclosures could have negative repercussions for Chinese intelligence operations.

Edward Snowden’s actions have also dramatically impacted America’s ability to horse-trade information on cyber operations. Setting aside the unknown quantity of information that Chinese intelligence gained from Snowden during his stay in Hong Kong, Snowden has publicly leaked the un-redacted Presidential Decision Directive detailing America’s cyber operations doctrine to the international media, published in The Guardian on June 7, last year. PLA leaders likely view briefings from Hagel’s team on these topics as a bow to the reality that such information is already fully available to anyone with an Internet connection. If the United States has no important information to share that the Chinese do not already possess, there is little incentive for additional Chinese transparency. More broadly, at a time when the focus of international attention and criticism is on the United States’ cyber-warfare capabilities, it is not in China’s diplomatic interest to shift the discussion back to its own considerable forces.

Finally, dominant Chinese perceptions of both the inherent nature of the network domain and the present balance of power within it have influenced PLA leaders to err away from information-sharing with potential adversaries (For a detailed examination of this topic, see Joe McReynolds, “Chinese Thinking on Deterrence and Compellence in the Network Domain,” 2013 CAPS-RAND Conference on the PLA, Taipei, Taiwan). On a theoretical level, PLA academicians believe that the network domain is offense-dominant by its nature due to the difficulty of attack attribution, the ongoing inadequacy of defensive technologies and the potential for adversaries to launch attacks that are high-speed, large-scale and low-cost (Zheng Lianqing, Liu Zengliang and Wu Yaoguang, eds., Battlefield Network Warfare, Beijing, China: Military Science Publishing House, PLA Internal Distribution, 2002). On a practical level, the PLA views the physical and operational control that the United States and its allies hold over the bulk of the Internet’s core architecture as constituting a form of “network hegemony” (wangluo baquan) that constrains China’s strategic options (China Youth Daily, July 19, 2013; Qiushi, August 1, 2013).

These perceptions deeply influence China’s strategic calculus. Transparency is helpful for preserving and stabilizing a “status quo” balance between two countries, but it can be harmful to the interests of an underdog reliant on the element of surprise in any hypothetical conflict against a more dominant power. China’s leadership views the current cyberspace status quo vis-à-vis the United States with disdain; they see it as placing China in an intolerably weak position, and they believe that the network domain’s characteristics are conducive to upsetting that balance with heavy investment in offensive capabilities that can be deployed in an asymmetric fashion. U.S. efforts at transparency, such as the 2011 release of the U.S. Department of Defense’s Strategy for Operating in Cyberspace, are viewed through this lens not as an attempt at mutually beneficial transparency, but rather as part of America’s deterrence posture (Global Times, March 13, 2013).

This is not to say that the Sino-U.S. cyberspace dialogue is destined to be entirely fruitless. Some limited cooperation and transparency initiatives may become possible as institutional understandings build over time between the two sides. The exchanges themselves may yield valuable informal information sharing even if no formal agreements are reached; information regarding the PLA’s cyber operations organizational structures is more likely to be sketched out by a Chinese interlocutor on the back of a banquet cocktail napkin than conveyed in a formal presentation. At the end of the day, however, China is not on a path to becoming a status quo power in cyberspace any time soon, and their approach to transparency reflects that reality.