Analysis: US-China agreement on cybertheft a first step

Analysis: US-China agreement on cybertheft a first step

WASHINGTON (AP) — China's pledge to assist crack down on hackers who steal commercial secrets from the United States, even coming as it did amid a bit of arm-twisting by President Barack Obama, is a huge breakthrough that could reduce U.S.-China tensions & end huge losses for American companies.

Analysts say the agreement between the world's two biggest economies is just a start yet could lead to real progress on the cybertheft issue — depending on how well it's put in place.

Still, it's not effortless to track down hackers & prove responsibility, experts say, even as they found hope in Friday's announcement by Obama at a joint news conference with Chinese President Xi Jinping.

p>"I think it's a huge deal," said Dmitri Alperovich, who published a seminal paper in 2011 identifying Chinese cyber economic espionage & now runs the cybersecurity firm Crowdstrike. "For the first time ever, the Chinese have made a distinction between national security espionage & economic espionage."

Also significant, Alperovich said, is the fact that the Chinese have agreed to provide responses to U.S. government requests for investigations. "They can't just shrug & say, 'We don't do hacking; hacking is illegal,'" he said.

Mark MacCarthy, vice president for public policy at the Software & Information Industry Association, said the tech industry trade group agrees with Obama that the cybertheft of intellectual property must stop. "We are hopeful the understanding reached by the president & Chinese President Xi Jinping results in real progress on the ground," he said.

The U.S. has accused Beijing of backing Chinese hackers who steal trade secrets from American companies. Before the Xi summit, Obama called cybertheft by China "an act of aggression."

James Lewis, director of the Center for Strategic & International Studies' Strategic Technologies Program, said the thefts probably cost American companies tens of billions of dollars annually.

Last year the U.S. charged five officers in China's People Liberation Army for computer hacking & economic espionage against six U.S. companies, including Westinghouse, U.S. Steel & Alcoa.

Malcolm Lee, nonresident senior fellow at the Brookings Institution & a former White House economic official, said that the Friday agreement will "begin to address one of the most destabilizing & corrosive issues in the relationship."

Senior U.S. officials said the Obama administration had been preparing a package of sanctions in recent weeks aimed at China & other nations over cyberthefts of intellectual property. When news of those plans appeared in the U.S. media, China dispatched a high-level delegation, led by Meng Jianzhu, the secretary of the Central Political & Legal Affairs Commission of the Chinese Communist Party, to work out a deal. The result was Friday's announcement.

"The thing that received the Chinese to the table is the threat of sanctions," Alperovich said.

Last year's indictments helped, too, Lewis said. "The Chinese thought approximately how unhappy that experience was, & they didn't want to go through it again," he said. "They knew the Americans were really worked up."

The U.S. moreover has been getting better at tracking the source of cyberattacks. North Korea, for instance, was quickly identified as the source of a hack last year that damaged computers at Sony & exposed internal emails at the filmmaker.

"That made them think, 'We're not going to be able to obtain away with this,'" Lewis said.

Trevor Nagel, a partner with the law firm White & Case who specializes in cybersecurity & other global technology issues, noted that China now has intellectual property of its own to protect, as it has become a world leader in manufacturing.

Jeremie Waterman, executive director for China at the U.S. Chamber of Commerce, called the agreement "a clear statement" on an issue of critical importance to the future of relations between the two countries. "Hopefully, it marks a new chapter," Waterman said, adding that, as with other areas of negotiation between the U.S. & China, the key will be implementation.

The agreement may not be effortless to enforce, particularly since it's often difficult to trace the source of cyberattacks & the Chinese government has never acknowledged a role in past attacks, said Betsy Page Sigman, a cybersecurity expert at Georgetown University's McDonough School of Business.

"The Chinese government can use intermediaries" in such attacks, "and it can be very difficult for them to be found out," she said.

The agreement raises questions, Robert Cattanach, a former Justice Department attorney who specializes in cybersecurity, said in an email.

Will spying by private Chinese companies "simply replace state-sponsored economic espionage?" he asked. "How effective will the high-level consultations really be? Will this affect China's well-known efforts to explore the vulnerability of the United States' power grid, financial sector, & health industry?"

___

EDITOR'S NOTE — Ken Dilanian is The Associated Press' intelligence writer. Paul Wiseman is an AP business writer.

___

Associated Press writers Martin Crutsinger & Marcy Gordon in Washington, Mae Anderson & Bree Fowler in New York, & Brandon Bailey in San Francisco contributed to this report.

An AP News Analysis

Source: “Associated Press”