In March 2011, the U.S. computer security company RSA announced that hackers had gained access to security tokens it produces that let millions of government and private-sector employees, including those of defense contractors such as Lockheed Martin, connect remotely to their office computers. Just five months later, the antivirus software company McAfee issued a report claiming that a group of hackers had broken into the networks of 71 governments, companies, and international organizations. These attacks and the many others like them have robbed companies and governments of priceless intellectual property and crucial military secrets. And although officials have until recently been reluctant to name the culprit, most experts agree that the majority of the attacks originated in China.
In response, analysts and policymakers have suggested that Washington and Beijing work toward some form of détente, a broad-based agreement about how countries should behave in cyberspace that might eventually turn into a more formal code of conduct. Proponents argue that the two sides’ long-term interests are aligned, that one day China will be as dependent on digital infrastructure for economic and military power as the United States is today. As Major General Jonathan Shaw, the head of the British military’s Defence Cyber Operations Group, has said, China’s “dependence on cyber is increasing, the amount of cyber crime taking place inside that society is huge, and the impact on their economic growth and their internal stability is also going to be huge. . . . There’s more common ground than people might suggest.”
But a grand bargain won’t be struck anytime soon. Both China and the United States consider operations in cyberspace a valuable tool, and China currently has little interest in cracking down on hackers, who pose a constant threat to its economic and military rivals. This doesn’t mean that there is nothing Washington can do, however. Instead of engaging in a futile effort to achieve some equivalent in cyberspace to nuclear détente, the U.S. government should ranging approach to protecting American interests that includes working closely with other Internet powers and raising the costs of hacking. Cyberattacks are less like on-off switches and more like dials. The goal of U.S. policy should be to turn them down.
Loading, please wait...