Tag Archives: Thomas Donilon

Cybersecurity as 'pivot' version two? A policy narrative for media-friendly U.S.–China relations

Pivot. “I personally don’t like the term,” said Jeffrey Bader, former senior director for East Asia of the U.S. National Security Council. It was an “unfortunate word” selected by staff seeking a positive press response to President Barack Obama’s trip to Asia in 2011, he said at Beijing’s Tsinghua University on Nov. 29, 2012. Each time the president goes to Asia, he said, the story is always about China, and there are two options: Either the United States came as a supplicant and is in decline, or it put China on its heels. Both stories are wrong, Bader argues, but the word “pivot” was selected to push for the second story in the U.S. press.

The word “pivot” swiftly became “rebalance” in U.S. government statements. To some, it had implied a turn away from other regions, not a reassuring message for those seeking continued support in the Middle East. Some also thought it implied that the United States would shift its interventionist tactics from the Middle East to the Asia Pacific region. “Rebalance” was rolled out with more nuance, emphasizing at times that it implied only minor increases in the Pacific, instead emphasizing drawdowns elsewhere. Then, the question of whether the “pivot” or “rebalance” had failed as a strategy soared to the top of the discussion after Obama was reelected. In Secretary of State John Kerry’s confirmation hearings, he implied limited support for a shift of resources: “I’m not convinced that increased military ramp-up is critical yet. I’m not convinced of that. That’s something I’d want to look at very carefully when and if you folks confirm me and I can get in there and sort of dig into this a little deeper.”

With the pivot/rebalance downgraded as a strong-on-China rhetoric, and the deep need for greater engagement with China, what was left to keep the press on the “China on its heels” narrative? Consider cybersecurity. President Obama began a rollout with the State of the Union this year. Without naming China, he made “enemies [who] are also seeking the ability to sabotage our power grid, our financial institutions, and our air trafic control systems” the China policy point. The day before, someone had leaked to the Washington Post a classified National Intelligence Estimate naming China as the most aggressive cybersecurity threat.

President Barack Obama meets then-Vice President Xi Jinping in the Oval Office on Feb. 14, 2012.

President Barack Obama meets then-Vice President Xi Jinping in the Oval Office on Feb. 14, 2012.

In the coming days, the private online security firm Mandiant released a report that allegedly detailed Chinese military involvement in spying on U.S. businesses. A “senior defense official” told The New York Times, “In the cold war, we were focused every day on the nuclear command centers around Moscow. … Today it’s fair to say that we worry as much about the computer servers in Shanghai.” Then the White House released its “Strategy to Mitigate the Theft of U.S. Trade Secrets,” which does not name China in the body text but features it in six of the seven theft examples in sidebars.

This drumbeat has continued through February and March and up to today. National Security Advisor Thomas Donilon said in a speech in March that “intellectual property and trade secrets” had “moved to the forefront of our agenda.” Since then, cybersecurity, often with some degree of conflation between national security threats and threats to private intellectual property, has moved to the top of the U.S. media agenda on China, along with North Korea. In the White House background briefing on the upcoming summit between Obama and Chinese President Xi Jinping, the briefers didn’t have to bring up cybersecurity. The first question and half of all questions mentioned the topic (including the meta-question “how do you keep this summit from being a cyber summit?”). Admittedly impressionistic data from Google Trends shows U.S. searches for “China” and “cyber” peaking in February.

U.S. search interest in "China cyber" over time, according to Google Trends.

U.S. search interest in “China cyber” over time, according to Google Trends. (Embedding isn’t working, so here’s a screenshot. The y-axis is calibrated to set the peak in February at 100.)

Now, the White House is in the midst of a significant surge in China diplomacy with considerable attention to the future. The Obama-Xi “shirt-sleeves summit” near Palm Springs, Calif., to take place Friday and Saturday was preceded by, among other efforts:

  • Vice President Joe Biden’s trip to China in August 2011.
  • Xi’s trip to the United States as vice president and heir-apparent, with Biden as his host and an Oval Office meeting with Obama in February 2012.
  • Secretary of Treasury Jack Lew’s trip to China in March 2013.
  • Secretary of State John Kerry’s trip to China in April 2013.
  • Chairman of the Joint Chiefs of Staff Martin Dempsey’s trip to China in April 2013.
  • The April announcement of the 2013 round of the Strategic and Economic Dialogue to be held in Washington July 8–12, 2013.
  • National Security Advisor Thomas Donilon’s trip to China in May 2013.

It’s possible to view the dogged focus on cybersecurity in the media and in government statements as misplaced. After all, it is unclear what if any effect on actual operations the “naming and shaming” process is having, and we will have to wait and see what further measures the U.S. government might take. Meanwhile, other issues such as energy and climate cooperation, maintaining stability around North Korea, and military-to-military relations are also pressing. Perhaps most of all, say (almost) all the comments out there, Obama and Xi have the opportunity to open a new chapter of U.S.–China relations through high-level dialogue and building a “new kind of great power relations” (Chinese wording) or a “new model of relations between an existing power and an emerging one” (U.S. version).

These cooperative notes, however, could trigger the media narrative Bader said the administration dreads: the United States as declining supplicant. Instead, the administration gets to claim they will raise cybersecurity in this and other interactions. They have high-level working groups in progress or planned for cybersecurity (a challenge) and climate change (an opportunity and a challenge). And needless to say, there is the benefit of getting a very serious issue for U.S. businesses and the U.S. national security community on the table in a way the Chinese government cannot entirely ignore.

Why one might think the US government sees China as threat no. 1

In recent weeks, a series of U.S. government statements, leaks, and policy changes could leave you with the impression that policymakers see China as the biggest threat to U.S. security.

My guess is that even if top officials in the Obama administration believe this, they would rather temper that impression. On the other hand, take a look, and consider what impression you would get from the last month:

2013-02-11

Someone leaked at least part of a classified U.S. intelligence document to the Washington Post, which wrote: “The National Intelligence Estimate identifies China as the country most aggressively seeking to penetrate the computer systems of American businesses and institutions to gain access to data that could be used for economic gain.”

2013-02-12

President Obama, in his State of the Union speech, made a thinly veiled reference to Chinese hacking—the only substantial China-related statement:

America must also face the rapidly growing threat from cyber-attacks. We know hackers steal people’s identities and infiltrate private e-mail. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, and our air traffic control systems. We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.

2013-02-18

The New York Times reported on a study released by the private computer security company Mandiant, asserting that the People’s Liberation Army is behind attacks on U.S. businesses, national security institutions, and critical infrastructure.

On the record, a National Security Council spokesman said: “We have repeatedly raised our concerns at the highest levels about cybertheft with senior Chinese officials, including in the military, and we will continue to do so.” That sounds reasonable, even though a Chinese foreign ministry spokesman called the Mandiant allegations “irresponsible and unprofessional.”

But here’s what unnamed U.S. sources told the Times:

  • “There are huge diplomatic sensitivities here,” said one intelligence official, with frustration in his voice.
  • “In the cold war, we were focused every day on the nuclear command centers around Moscow,” one senior defense official said recently. “Today, it’s fair to say that we worry as much about the computer servers in Shanghai.”

OK, now we have a direct Cold War comparison, framing Chinese actions as taking the place of the nuclear threat from the Soviet Union.

2013-02-20

The White House released its “Strategy to Mitigate the Theft of U.S. Trade Secrets.” The document does not name China in the body text, but six of the seven concrete examples of theft in sidebars mention China explicitly. An attached Department of Justice list of “economic espionage and trade secret criminal cases” since 2009 includes 20 examples, 17 of which involve China.

2013-02-25

Senate Intelligence Committee Chairwoman Diane Feinstein said the Mandiant report accusing the PLA of specific actions is “essentially correct.” And House Intelligence Committe Chairman Mike Rogers said the Chinese government and military are behind attacks on U.S. companies “beyond a shadow of a doubt.”

2013-02-27

A report from the Department of Homeland Security outlined a six-month effort to target U.S. natural gas pipeline operators, and press reports such as this one from the Christian Science Monitor said the attack signatures indicate ties to Chinese attacks. The link to China comes from information newly released by the DHS. Whether the motive of an attacker would be to compromise gas pipelines, to steal technology to run them, or both, is left an open question.

2013-03-11

After a slight lull in action, filled nonetheless with plenty of commentary, U.S. National Security Advisor Thomas Donilon gave one of the administrations most thorough recent speeches on Asia and the Pacific region. The speech has some new material and plenty of small adjustments, but the press angle was clear: “U.S. Demands China Block Cyberattacks and Agree to Rules.”

Importantly, the China section comes in contrast to kind words about “emerging powers” in India and Indonesia. Although a “constructive” relationship with China is framed as its own pillar in the administration’s Asia Pacific strategy, little is new here other than a drastically higher billing for cybersecurity concerns:

Both countries face risks when it comes to protecting personal data and communications, financial transactions, critical infrastructure, or the intellectual property and trade secrets that are so vital to innovation and economic growth.

It is in this last category that our concerns have moved to the forefront of our agenda. I am not talking about ordinary cybercrime or hacking. And, this is not solely a national security concern or a concern of the U.S. government. Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China on an unprecedented scale. The international community cannot afford to tolerate such activity from any country. As the President said in the State of the Union, we will take action to protect our economy against cyber-threats.

From the President on down, this has become a key point of concern and discussion with China at all levels of our governments. And it will continue to be. The United States will do all it must to protect our national networks, critical infrastructure, and our valuable public and private sector property. But, specifically with respect to the issue of cyber-enabled theft, we seek three things from the Chinese side. First, we need a recognition of the urgency and scope of this problem and the risk it poses—to international trade, to the reputation of Chinese industry and to our overall relations. Second, Beijing should take serious steps to investigate and put a stop to these activities. Finally, we need China to engage with us in a constructive direct dialogue to establish acceptable norms of behavior in cyberspace.

2013-03-12 – The reporting goes overboard?

The top U.S. intelligence official “suggested that [cyber] attacks now pose the most dangerous immediate threat to the United States, even more pressing than an attack by global terrorist networks,” according to The New York Times. That official, Director of National Intelligence James Clapper, also said there was only a “‘remote chance’ in the next two years of a major computer attack on the United States, which he defined as an operation that ‘would result in long-term, wide-scale disruption of services, such as a regional power outage.'”

The Times assertion that Clapper suggested cyber attacks could be more of a risk than terrorism seems to be based on the fact that Clapper discussed them first, so it is to be taken with a grain of salt. The full text of his statement for the record is available online. His remarks as delivered are online too. I haven’t found a transcript of the Q&A yet, but I just watched most of it, and the direct comparison of cyber attacks to terrorist attacks does not seem to be there.

So the reporting here may be a bit much, but the 2012 statement listed terrorism and proliferation above “cyber threats,” whereas the 20032013 document puts “cyber” ahead of those two.

So, how does this all sound?

Especially if you read Clapper’s list order as indicative, these developments and statements as a whole sure could look like a concerted effort to escalate U.S. attention to one kind of threat posed by Chinese military operations. Meanwhile, the difference between stealing secrets and threatening military systems or life-supporting infrastructure is often glossed over, allowing fear of economic espionage to bleed into fear of military battle. Meanwhile, for obvious reasons, the government sources are not disclosing the U.S. military and NSA’s own cybersecurity capabilities and activities, except to announce greater efforts. Though other countries are sometimes mentioned, China is always held up as a marquee threat.

To at least some in the Chinese government, this is going to look like a move toward an aggressive and adversarial stance.

Is this the impression the Obama administration wants?

It is quite clear that the Obama administration has moved to bring greater pressure on the Chinese government over the issue of computer-enabled espionage and even sabotage. It is also clear that the issue is real, even if some elements of the story are being fudged in the press or by private contrators looking for a piece of the pie.

But it is less clear that this level of escalation is in the best interest of U.S.–China ties. As Donilon said in his speech (before emphasizing the cybersecurity demands), “Taken together, China’s leadership transition and the President’s re-election mark a new phase in U.S.-China relations—with new opportunities.” An agressive stance, however, might undermine the opportunities for renewed contact.

At worst, it could trigger a retrenchment in Chinese officials’ willingness to engage in meaningful dialogue with the U.S. leadership. At best, pressure on this issue could produce results and bring a major irritant into the open in bilateral dialogue. One potential good sign came from the Chinese Foreign Ministry, where a spokeswoman said Tuesday “Cyberspace needs rules and cooperation, not wars. China is willing to have constructive dialogue and cooperation with the global community, including the United States.”

Meanwhile, I hope the U.S. government will take into account the media amplification effects that come from their increased frankness in public in this particular direction. If more people in the U.S. start seeing China as a Cold War-like enemy, they may find themselves fulfilling their own prophesy, an outcome far worse than the loss of corporate secrets.

Coda

Nothing in this post should be taken to suggest I view cybersecurity as unimportant or as an argument that all sides in the Chinese government are innocent. Indeed, military and critical infrastructure security are absolutely critical to national security, and not just in the United States. Minimizing the theft of corporate secrets is a reasonable economic interest of the United States, and even more so an interest of the corporations. I support scrutiny of this issue and increased efforts by government and private sector organizations. But piggy-backing fear of the unknown in cyber threats and fear of the unknown in the field of a potential “China threat” presents a risk of simplification and harmful cascades. China is not the only element of the cybersecurity issue, and cybersecurity is not the only element of the U.S. relationship with China.