Experts don't really believe the countries will stop cyberspying on each other. The pact is more to further the alternative Internet governance agenda.

Sara Peters, Senior Editor

May 11, 2015

4 Min Read

Russia and China on Friday signed a pact agreeing not to hit one another with cyberattacks. Experts agree, however, that the countries don't actually have any intention of ceasing their cyberespionage campaigns against each other. They say that the agreement instead is political posturing intended to send a message to the United States and its allies, though they differ slightly on what that message is, what motivated Russia and China to send it, and what it means for the U.S.

The nations also agreed to exchange technology, share information between their law enforcement agencies, and "jointly counteract technology that may 'destabilize the internal political and socio-economic atmosphere,' 'disturb public order' or 'interfere with the internal affairs of the state,'" as the Wall Street Journal reports.

Tom Kellermann, chief cybersecurity officer of Trend Micro, says this is a natural progression of the economic and military relationship Russia and China have already had together since the Shanghai Cooperation Organization was established in 2001. He says this announcement could be happening now as a reaction to two things: the U.S-backed efforts to change Japan's pacifist constitution to allow Japan's Self-Defense Forces to engage in combat overseas (which would naturally extend to combat in cyberspace) and the U.S.'s new, more aggressive cybersecurity strategy.

Last month, the U.S. Department of Defense announced a new cybersecurity strategy and revealed that Russian hackers had accessed an unclassified DoD network. Also last month, a Department of Justice official explained that the U.S. is giving "no free passes" to cybercriminals, regardless of whether or not they are nation-state actors. This Russian-Chinese cybersecurity pact could be seen, says Kellermann, as a way of the two countries presenting a united front against the U.S.

As Kellermann puts it, "Oh, Mr. Secretary of Defense, you're taking the gloves off? Well, there's two of us. Now what?"

"When the U.S. pursues active defense against one of them, will [Russia and China] respond collectively?" says Kellermann. "That's the inevitable question."

Others say this is an effort probably instigated by the Russians to bolster their stance on Internet governance. Opinions about Internet governance are polarized around openness and sovereignty; Russia and China are largely aligned on the side of sovereignty.

"Russians have tried to shape how the Chinese think about these issues," says James Lewis, senior fellow and program director of the Center for Strategic and International Studies. "The Chinese just went along with it because anything the U.S. disagrees with can't be all bad."

Having two super-powers allied as a united front helps further the agenda in the international debate.

As Richard Bejtlich, Senior Fellow at the Brookings Institute explains, these nations' definition of "information security" is closer to "information control," including censorship and surveillance.

Lewis explains that the countries' tactics on information control are slightly different -- the Chinese are very focused on censorship, while the Russians, he says, have pervasive surveillance and a greater willingness to use physical force.

Bejtlich says that by the agreement to jointly counteract technology that may "disturb public order," Russia and China may be sharing technologies that improve surveillance or help automate censorship, which is still largely manual in China.

He does not, however, think that they would share malware, at least not anything significant. "Possibly they might share some low-level stuff to show good will," says Bejtlich, but those nations aren't going to share serious tricks of the trade because they have each have teams established specifically for cyberspying on the other and he doesn't expect that to change just because they agreed not to hack each other.

"I think they're trying to push the norm of not going to attack each other's critical infrastructure," says Bejtlich.

It's hard to know how close the partnership really is. "We'll know how seriously to take this when we see Chinese sources report it," says Lewis. "The Chinese haven't said anything."

Lewis also says the Russians made the announcement "largely to jerk the Americans' chain. We're always asking for law enforcement cooperation. What better way to irritate us than to cooperate with someone else?"

Will this closer partnership, if it is indeed closer, have any impact on Western law enforcement's efforts to pursue cybercriminals in Russia and China?

Bejtlich proposed one possibility. Suppose the U.S. and the Dutch are planning to capture a Russian cybercriminal while he's on vacation in Holland and a Chinese law enforcement agency gets wind of it? Maybe the Chinese officials would give their Russian counterparts a call.  "I wouldn't be surprised if they said 'The Americans are gonna pounce; get your guy out of there,'" says Bejtlich.

Kellermann says that this pact may just be posturing on the part of China and Russia, but that doesn't mean it shouldn't be taken seriously. "If they're saying they're no longer pointing their guns at each other," says Kellermann, "the guns have to be faced somewhere."

About the Author(s)

Sara Peters

Senior Editor

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law -- a collaborative project that investigated the dichotomy between laws regulating software vulnerability disclosure and those regulating Web vulnerability disclosure.


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights