Cyber quarrelling ‒ lately practiced by the US and China ‒ makes the need for increased openness and international cooperation in the domain clearly evident. An inclusionary process for negotiating cyber rules should be established in order to overcome the severe problems related to cyber espionage and other forms of cyber hostility.
The quarrelling intensified, when Mandiant, a private US cyber security company, in its February report pointed a finger towards China and accused her of systematic intrusions into governmental and business networks. These accusations are nothing new as such but reflect a widely recognised problem. What is new is the US attitude towards and response to Chinese intrusions.
The US cyber policy is becoming less tolerant towards breaches of the tacit cyber etiquette and more denunciatory. The Obama administration has been, and is, under public pressure to take a more firm stance to cyber security. As a response, it has e.g. constructed a hierarchy of the capabilities of potential adversaries to guide policy making. The report of Defence Science Board from January lists adversaries from tier I to tier VI. The top tier adversaries are not only able to abuse existing vulnerabilities, but also to create new ones ‒ even to highly protected systems. It names China, alongside the US and Russia, as one of the most apt cyber actors capable of inflicting existential damage on opponents.
China, on the other hand, has declared that she condemns cybercrime, has not been systematically involved in such activity and suffers from the same consequences of cyber hostility as other countries. Lately, China has also expressed her willingness to enter multinational negotiations dealing with cyber security issues and thus, signalled interest in cooperation.
It seems that bets are rising in the cyber game. Despite the declarations of goodwill, espionage is common on each side and produces significant economic losses and other problems related to compromised security. In addition, the heads of the US intelligence organisations named cyber security as the top current security issue in a congressional hearing this month. This implicates the end of terrorism dominated security discourse and policy in the US.
The only way to overcome cyber problems is to engage in rules making and practical cooperation to organise the diffuse cyberspace. There is a real and urgent need for this, as the importance of the domain for every aspect of life is continuously increasing. Diplomacy ought to take over the international cyber agenda. Otherwise, the current tensions will only intensify.