China is regularly in the news over charges of computer hacking and cyber economic espionage, but how much espionage is really going on? How can anyone tell?

The first place to look ostensibly is in China’s military budget. Unfortunately, while the Chinese have increased their military budget by about 12.2% from 2013 (with another 55% added on in hidden spending according to SIPRI), it is a very opaque measure that does not accurately account for spending on economic espionage related activities.

Not being able to measure the inputs put into the process, the next step is to take a look at how many espionage activities can be directly attributed to China. Again, there are problems with this process. The ability to directly attribute a computer network attack (CNA) is clouded by the use of other people’s computers to carry out those attacks. There have been cases where Chinese actors have been directly tied to cyber-espionage, such as GhostNet, APT1(Advanced Persistent Threat One) , and the Comment Group. In the case of APT1 (AKA Unit 61398 of the Chinese military), the group was tied to attacks to 141 organizations. But this is the exception not the rule.


The problem is that companies that are targeted by such attacks may be reluctant to disclose information of the intrusion in fear of a negative impact on the company’s stock price. The next issue is really getting a clear understanding of this phenomenon across the whole range of countries that have been targeted. Perhaps with the sharing of intelligence between western governments a picture could emerge of the scale and nature of these attacks, but it would never provide a perfectly clear scope of how much is going on.

Okay, it may have been foolish to actually try and figure out exactly how much espionage the Chinese government engages in, but if hypothetically someone had access to detailed Chinese budgets and could estimate the exact number of personnel and quality of equipment someone should be able to tell the amount of espionage committed, right?

Wrong. Even if you have detailed budgets there are problems in accounting for the quality of espionage (what is the productive difference between a mediocre spy/hacker and an expert?), the time it takes to carry out an attack (what type of defence are you dealing with?) and the use of hacking from state sanctioned (but not state owned) hackers. The last point is the most interesting as some Chinese companies have hired their own hackers to carry out attacks. There are also patriotic hackers and criminal hackers who commit similar activities that the government can’t or won’t stop.

Two conclusions should be drawn from this: 1) it is easy to over or under estimate the scope of these activities and 2) it is easy to use cyber-espionage with a certain level of plausible deniability.

While I think these points are salient, I still believe that there is a way to estimate the general preference for using cyber spying by looking at the underlying causes of these activities. But isn’t it in every nation’s interest to spy and thus the only reason for any difference between them is based on each nation’s ability to allocate resources to spying? That is certainly seems to be a factor that would explain some difference, but there are also political, legal, economic, and structural reasons for why certain nations engage in more espionage.

The first and most obvious is that China is spending a large portion of its military budget on non-conventional and strategic weaponry that includes cyber operations to get around Western conventional warfare dominance. While I understand why the Chinese military won’t (hopefully) be testing their MRV capability anytime soon, cyber soldiers and assets can be developed and used in peacetime.

The most compelling reason for Chinese espionage however, is that Chinese government and business are often so close together as to be indistinguishable. Of course, that is not to say there are no private enterprises in China but there exists an extremely close relationship in many cases. Take the case Wu Ying an entrepreneur who raised capital through the shadow banking system and was executed for that crime in 2012. Or a World Bank report which shows that in a study of 1105 Chinese enterprises the government had control over 84% of them in 2005.[1] Or a Financial Times report that stated private investment accounts for only 12% of banking sector capital with the rest controlled by the state.

Further, there is a rotating door between State Owned Enterprises (SOE) and party officials. Even private industry is often interfered with if it grows too big or too important. What this all amounts to is that Chinese party official interests and business interests are often the same thing, which no doubt heavily influences the Planning and Direction phase of their intelligence process.

Gains from espionage are useful in reducing competition and improving technology but they do not address the fundamental issues of improving Chinese based innovation. Reducing state control over the economy, a more flexible financial sector, eliminating corruption and patronage networks, and making the domestic environment more competitive would go a long way towards making the Chinese economy more innovative. That is not to say there are no innovative Chinese companies, Huawei, Tencent, and Lenovo are good examples of Chinese innovation. However if China wants to build a reputation for high-quality innovative products, reducing reliance on foreign firms for ideas as well as improving the intellectual property protection within the country would be a step in the right direction.

Reducing the level of Chinese based cyber-espionage depends then on reducing the link between Chinese business and government which allows a steady stream of intelligence targets to be brought to the attention of government and the incentive to act on them.

While economic reform is certainly something that the Chinese government is pursuing themselves, many of the changes seem to be made at the margins, as most of Chinese growth since 2008 has been from “government influenced expenditure”.  As to whether international opinion could change these practices it seems unlikely without a widely accepted international regime regulating cyber conduct.


[1] Hutton, Will, The Writing on the Wall: China and the West in the 21st Century, (Great Britain: Little Brown, 2007), pg 146.

Featured Photo by Marc Veraart

You May Also Like