What is the best strategy against Chinese cyberattacks?
By Ian Bremmer
The views expressed are his own.
All eyes should be peeled on China, but not for the reason you think. While the biggest structural risk right now is global rebalancing, especially between China and the U.S., there is another important threat from China: cyberwars. Cyberattacks are one of the biggest fat tails (along with climate and North Korea).
It’s no surprise that the latest Google hack attack came from China. The presumption is that the vast majority of cyber attacks hitting the U.S. are coming from the Chinese government. It’s very hard to know where threats are originating – country-wise and/or person-wise — because it’s very difficult to go back and figure out the paper trail. But at a minimum, there is an environment in China that tolerates cyber attacks.
Proprietary information around technologies – gaining profit shares, increasing revenues – allows a country to be much more economically competitive. China has leverage because everyone wants to get into China. If you want to make something in their country, you have to share the technology.
The Chinese government can really benefit from having access to proprietary data, whether it’s about Exxon’s oil reserves or pricing of commodities of proprietary technologies, such as American telecommunications. China’s become much more competitive and therefore has become much more of a threat. If it’s using a non-judicious system to gain economic advantage, we need to take that very seriously.
China did something similar with high-speed rail – and that was through legal means. They undermined German and French companies in order to gain access to the technology and they now have built the best high speed rail system. If they can access that kind of information through hacking, that’s going to be seen as a direct threat.
This isn’t to say that the Chinese are evil. Historically, Western institutions invested in China, but then took the money back West. China obviously wants a good chunk of that action.
The question for Western companies and governments is: What is the appropriate way to respond to what is essentially asymmetric warfare? Cyberattacks could start affecting day to day lives of people if, for instance, a company is brought down by it. Those companies employ people and have share prices. They are a big part of American wealth.
There are ways, however, to protect yourself — and your portfolio — against such attacks. Look at companies that are most exposed as cyberattacks like Google, and companies in sectors where the Chinese are trying to gain an advantage – telecommunications, IT firms, commodities.
It’s extremely hard to prepare for the known unknowns until you take them seriously. But you should try to make sure you’re not in a position where you are angering folks connected to the inside of Chinese government, which Google is now learning. Also, you should work closely with home governments, like the NSA in the U.S. You need to share your data with them because you may need political leverage.
Cyber threats are probably going to have to get worse before the issue gets policy traction in Washington, and at that point the U.S. will have to make them a priority. When the U.S. does, it will lead to big tensions. But it’s really important for governments to be transparent, and at least officially committed to the rule of law.
Note: This essay is based on a transcribed interview with Bremmer.