Chinese President Xi Jinping met for summit talks with US President Barack Obama last week. It was hoped that the growing issue of cyber espionage, amid mounting tensions between the two global powers, would be high on the agenda – however, it seemed that the subject was overshadowed by other issues hitting the headlines over the weekend. The meeting followed recent reports from the Washington Post that Chinese hackers had stolen designs for ‘more than two dozen US weapons systems’. The US has also recently accused Beijing of executing a targeted cyber espionage campaign against the nation – claims which have been refuted by Chinese officials, who have instead pointed to ‘mountains of data’ pertaining to US generated cyber attacks.
Greg Day VP & CTO, EMEA at FireEye made the following comment: “While it was certainly a good move for these two national leaders to begin talks on the subject of cybersecurity and cyber espionage, many people will undoubtedly be left feeling somewhat underwhelmed by the outcome. However, while a significant agreement was – perhaps unsurprisingly – not reached, it is important to maintain the lines of communication to prevent the accidental escalation of hostilities in cyber space, especially since the level of ambiguity and misdirection is high in cyber conflicts.
“Despite the lack of a public plan of action to reduce ongoing incidents and allegations of cyber espionage, we remain hopeful that meetings such as this will reduce the problem. It is also true that the advantage belongs to the attacker in cyber space – as organisations struggle to keep pace with ever changing threat trends, and traditional security techniques are generally poor in their ability to detect the growing number of personalised advanced threats. Therefore it is difficult to rule out the possibility that attacks will continue to evolve, becoming even more stealthy and sophisticated, as opposed to actual execution in these attacks.
“Lastly, cyber conflicts are a global governance issue and is not a problem that can be resolved with bilateral talks between two countries. The number of countries and non-state groups with sophisticated offensive capabilities in cyber space is growing at an alarming rate. So even if one or two countries decide to show restraint, it is difficult to see how that will result in fewer attacks on the US and other countries, given the global and highly distributed nature of the problem.”