China’s military recently called for better identifying differences between state-origin and unofficial cyber attacks.
Two Chinese officials with the People’s Liberation Army National University of Defense Technology stated in a recent journal article that “cyber sovereignty violations” need to be defined in order to resolve disputes between great powers.
Writing in China’s Science and Technology Daily, Sun Wei and Zhu Qichao stated that safeguarding cyber security requires first resolving disputes over cyber sovereignty.
Identifying the origin of cyber attacks is a “core issues” in disputes between nations, and two things are need to resolve them. First, the problem of identifying the origin of cyber attacks must be resolved.
“Only state-directed or controlled attacks may violate cyber sovereignty, while attacks launched by individuals or organizations fall under international private law,” the authors state.
A second problem is the lack of clear definitions of cyber sovereignty violations.
Sun and Zhu state that research is needed to define cyber sovereignty to resolve what they termed “theoretical paradoxes and actual challenges.”
The article reflects a key strategic information operation used by China’s military to deflect criticism and confuse debate over Chinese cyber operations.
China’s government routinely denied conducting any cyber attacks.
The Obama administration further confused the debate by distinguishing between cyber attacks by governments and cyber intellectual property theft by supposedly private Chinese firms – all of whom are linked directly or indirectly to the ruling Communist Party.
A similar tactic was identified by the congressional U.S.-China Eonomic and Security Review Commission during a visit to Beijing in July. A PLA student, Lu Jinghua, at the Academy of Military Science challenged the U.S. use of the term cyber attack by stating that alleged Chinese cyber intrusions were simple espionage and not attacks. Lu said before a U.S.-China agreement on cyber security can be reached the proper terminology needs to be defined.
Security analysts say China’s attempts to distinguish between cyber intelligence and attacks is specious since China uses both methods. Its break-ins of networks are often accompanied by the installation of hard-to-detect malware that can be used for future remote access or sabotage.
Cyber Threat Brief
Nov. 29, 2015