China's Faltering Cyber-Security Efforts Offer Chance for Engagement

XI'AN, China -- While often portrayed as a major international cyber-security villain, the Chinese state is also facing its own grave online security problems. Despite having one of the most restricted internets in the world, it has generally struggled to develop coherent or effective policy responses to these threats. Recent developments suggest China may be attempting to modernize and legitimize its cyber-security apparatus. This represents a significant opportunity for foreign governments to revisit their perceptions of the country's cyber intentions and engage with Beijing on a major transnational security and intelligence issue.

To do so, it is first necessary to dispel the widely held belief that dominates most discussions of China's cyber-security landscape -- namely, that Chinese hackers function as state-sponsored "armies" to carry out Beijing's online objectives. In reality, Chinese hacker networks tend to be disparate and uncoordinated, and though notably nationalist, they generally operate without ideological basis or political intent. While the Chinese government and military are clearly engaged in offensive cyber activities, the evidence strongly suggests that the majority of cyber-attacks originating in China are from independent hackers or hacker cells. Indeed, government sites themselves are routinely attacked. ...