At first glance, the U.S. Justice Department's 31-count indictment of five Chinese military officers for hacking into the computers of six American corporations, in order to steal billions of dollars' worth of industrial secrets, seems a bit odd. No way are Beijing's leaders going to extradite members of their elite cyberwarfare unit to stand trial in a U.S. criminal court.
At second glance, the move still seems strange and possibly counterproductive. The United States engages in cyber-offensive operations, too. Doesn't President Barack Obama — who must have approved the indictment and its high-profile rollout — worry that China will strike back by revealing some of our own secret plots? Besides, won't this whole business endanger U.S.-Chinese relations, and at a time when Russian President Vladimir Putin is doing his own "pivot" toward Beijing? (Fostering a U.S.-Chinese alliance against Russia makes more sense than provoking a Russian-Chinese alliance against us.)
But at third glance, there is logic to what the Obama administration is doing, and though it's loaded with risk, it's on balance a good move, maybe even a necessary one.
For years the Chinese — especially, but not exclusively, a Shanghai-based department of the People's Liberation Army called Unit 61398 (where all of the indicted officers work) — have been hacking into the computer networks of U.S. corporations, defense firms and financial institutions. Obama and a few Cabinet secretaries have raised the issue in several diplomatic forums. Each time, Chinese officials have denied the charges and challenged the Americans to produce some evidence. The indictment is, in this sense, the reply: Here is the evidence — and in staggering detail.
When Obama tried to spark a dialogue on the issue last June, at the summit in Palm Springs, Chinese President Xi Jinping called him out on the hypocrisy. The first leaks from Edward Snowden had just appeared, revealing that the United States was hacking into Chinese networks. How, Xi asked, could Obama complain about Chinese hacking when he was hacking, too? (Of course, Xi still denied that his government was responsible for any of it.)
U.S. officials, then and now, have drawn a distinction: China hacks into our computer networks to steal secrets and enrich its state-run corporations; the United States hacks into Chinese networks only to protect national security. The Chinese and others, including many American critics, have scoffed at the fine line. First, to China, economic enrichment is national security. Second, to some, hacking is hacking is hacking.
In fact, though, there are real distinctions here. The Chinese cyberwarfare units don't just hack into corporate networks for trade secrets. They also — just like their counterparts in the United States, Russia, Britain, France, Israel, Iran, North Korea and other countries — hack into military and intelligence networks for national security secrets. The Obama administration is saying: The latter, the realm of traditional spying, is fair game; the former, the cyber-age equivalent of industrial espionage, is not.
For some time Obama has said he wants to negotiate "rules of the road" for this new, anarchic domain of cybertools and cyberweapons, laying out which kinds of networks are legitimate military targets and which kinds are vital to the workings of a civil, lawful society — and should, therefore, be protected (whether by treaty, international law, mutual asset, or whatever) from nation-state hackers.