Chinese cyber-espionage efforts against American companies and government properties are predicted to increase during President-elect Donald Trump’s first year in office, according to a new analysis from global consulting firm Booz Allen Hamilton, but experts say it’s tough to forecast exactly how the U.S.-China cybersecurity relationship will change.
While Booz Allen Hamilton’s broad prediction about China may eventually hold some truth, analysts tell CyberScoop, it remains difficult to read how Beijing’s growing intelligence sphere will react to Trump’s brazen leadership style as it translates into actual policy and formalized trade agreements.
“The Chinese are perplexed by the new administration and that will make them cautious for awhile,” said James Lewis, senior vice president and program director at the Center for Strategic and International Studies. Trump’s reputation for unpredictable behavior will cause, according to Lewis, Chinese government officials to tread carefully around a previously agreed upon economic cyber-espionage pact President Barack Obama and Chinese President Xi Jinping struck in late 2015. The agreement has effectively resulted in a downturn of intellectual property theft.
But given Trump’s critical remarks about China in the past, there is no guarantee Beijing will recognize the agreement over the long haul, security and policy experts say. And the incoming presidential administration has not offered much detail about its stances on cybersecurity policy.
“I have not seen anyone on the Trump team question private-sector and government findings that [Chinese cyber-espionage] activity has declined. Although I guess that could change if conflict over Russian hacking and intelligence agencies becomes even more politicized,” said Adam Segal, director of digital and cyberspace policy at the Council on Foreign Relations.
“If Trump’s White House were to suggest that a ‘one China policy’ is a negotiating chip, for example, then we can expect Beijing will no longer see itself bound to numerous U.S. agreements — like the [Xi] cyber agreement,” Segal said. On Dec. 2, Trump challenged established U.S. foreign policy by accepting a congratulatory phone call from Taiwanese President Tsai Ing-wen. The conversation represented a deviation from a 40-year stance by the U.S. government that denies Taiwan’s sovereignty in support of China’s rule over the island democracy.
“Adhering to the ‘one China’ principle is the political bedrock for the development U.S.-China relations. If it is comprised or disrupted, the sound and steady growth of the bilateral relationship, as well as bilateral cooperation in major fields would be out of question,” Chinese Foreign Ministry spokesman Geng Shuang told CNN.
Paying attention to targets, not volume
Cyberthreat intelligence analysts at Milpitas, California-based FireEye — one of the largest and most active private sector cybersecurity firms monitoring the impact of malicious Chinese cyber-operations — told CyberScoop that the noted lull in Chinese hacking over the last 12 months is likely to change in 2017. The reasons for why, however, are admittedly more difficult to identify ahead of time.
“I think with the change in administration and the importance of trade policy, there will be a lot of opportunities for China to go after companies to steal trade-related information. If the president-elect has said that he is going to defend [a] certain industry, then they may not steal intellectual property but still may view it as legitimate under the agreement to compromise a firm to find out if [the U.S. is] planning to do some sort of national tariff,” said Christopher Porter, FireEye’s manager of threat intelligence analysis.
In the future, Chinese cyber-espionage campaigns may change in such a way that the actual volume of attacks will become less important for analysts, Porter described.
“Even before the election and after the Xi agreement, we have numerous examples of these hackers compromising private companies though I don’t think any of them were in the U.S. — many were friends and allies though. And much of this was, we think, to steal information not about trade secrets but rather information about non-public trade agreements, nation-to-nation agreements,” said Porter, a highly decorated former CIA intelligence officer. “I have hard evidence of this even post Xi-agreement.”
Booz Allen Hamilton’s aforementioned 2016 cybersecurity prediction report is based on research and analysis conducted by the firm’s specialized cyberthreat intelligence division, known as Cyber4Sight. The team “trawls more than 160,000 open sources and hundreds of sites that lay beyond the consumer-facing Internet, providing continuous monitoring, reporting and threat intelligence services” to Fortune 500 clients.