In between swipes at the United States, China's foreign minister Yang Jiechi called for new "rules and cooperation" against cyber attacks at the annual session of the National People's Congress this weekend. The statement, which really reads as yet another denial that China's involved in the recent string of attacks on American companies, though The New York Times points out that Jiechi is the highest-ranking Chinese official to make such a denial. (As a victim of recent cyber attacks traced back to China, The Times has been following this story especially closely.) The statement also marks a seemingly significant amplification of a curious message that Beijing's trying to send: China's not the aggressor in the inevitable hacker war. China's the victim.
That seems hard to believe, but we're willing to consider cutting China a little bit of slack, at least on the victim part of that claim. China's state news agency Xinhua said on Sunday that more than half of the cyber attacks launched against Chinese targets originated in the U.S. in the first two months of this year. Xinhua said that there's been an uptick in "increasingly serious" attacks on China and claimed that U.S. servers were controlling some 1.29 million hacked host computers in China. Those are all big claims that are very hard to verify. However, cyber attacks have been on the rise all over the world for years now. China's getting hit more but so is the U.S. and European countries and Latin American countries.
Now let's talk about China's innocence. The argument that China's not hacking into American computers attack sounds fairly absurd if you've been paying attention to the trend in reporting on attacks in the U.S. For The Times's own hack attack, Mandiant, the cyber security firm that the paper hired to help it investigate a breach, tracked the intruders trying to cover their tracks using the same network of computers on university campuses that the Chinese army has been caught using to mount attacks in the past. A couple of weeks after the Times report, Bloomberg Businessweek offered a detailed inside look at the anatomy of a Chinese cyber attack, not only tracing hacker traffic back to a Chinese military facility but back to specific people with known ties to the government. If China wasn't hacking the U.S., then somebody was doing a very good job pretending to be Chinese, sneaking into Chinese bases and attacking U.S. targets from a Chinese computers.
It'll be interesting to see if anybody gets on board with China's call for new rules around hacking. Hey, it's not a bad idea. Hacking's becoming a big problem, and everybody knows it. But for China to call for better regulation of cyber attacks these days is a little bit like the school bully calling for a crackdown on bullying. Teachers usually don't listen to the bully in situations like this.