Preliminary considerations on China's international cooperation in cyber security: legislation, competent authorities, and challenges

Authors

  • Andreea-Maria PIERȘINARU National University for Political and Administrative Studies (SNSPA)

DOI:

https://doi.org/10.53477/2284-9378-24-24

Keywords:

China, cyber security, cyber sovereignty, cyber espionage, international cooperation, cyber superpower.

Abstract

This article addressed general issues regarding the Chinese legislative framework, competent authorities, China’s strategic objectives and the challenges in terms of international cooperation in the field of cybersecurity. The main objective of the research is to identify the actors involved in ensuring China’s cybersecurity, describe their responsibilities and correlate them with Chinese cyber-security legislation and China Cyber Security Cooperation Strategy. This study traces preliminary considerations for future in-depth analyses of the impact of China’s actions in the field of international cybersecurity. Among the main findings of the study the aspects briefly identified were related to the influences of the policies and narratives of the Chinese Communist Party presented in China’s International Cyber Security Cooperation Strategy, as well as to the fact that, despite China’s intention to become a cyber power, open to cooperation, international reactions are quite reluctant due to allegations of cyber espionage and domestic surveillance problems existing at the national level, among others.

References

ABC News. 2015. US and China Reach Agreement to Stop Commercial Cyber Espionage. https://abcnews.go.com/US/us-china-reach-agreement-stop-commercialcyberespionage/story?id=34041002.

Atlantic Council. 2023. The 5×5—China’s cyber operations. https://www.atlanticcouncil.org/content-series/the-5x5/the-5x5-chinas-cyber-operations/.

CAC (Cyberspace Administration of China). n.d. 中央网络安全和信息化委员会办室. https://wap.cac.gov.cn/.

Carolan, Ciara. 2024. Europe and Belgium are ‘unresponsive’ in the face of Chinese cyberattacks, says hacked MP. https://www.brusselstimes.com/983253/europe-andbelgium-are-passive-in-the-face-of-chinese-cyber-attacks-says-hacked-mp.

Cary, Dakota. 2021. China’s National Cybersecurity Center. A Base for Military-Civil Fusion in the Cyber Domain. https://cset.georgetown.edu/publication/chinas-nationalcybersecurity-center/.

—. 2023. Community watch: China’s vision for the future of the internet. https://www.atlanticcouncil.org/in-depth-research-reports/report/community-watch-chinasvision-for-the-future-of-the-internet/.

CCTV News. 2023. Strategy for International Cooperation in Cyberspace. https://news.cctv.com/2023/11/07/ARTILliq1FlQi0B7msdoKsBn231107.shtml.

Cheung, Sunny. 2023. Examining China’s Grand Strategy For RISC-V. https://jamestown.org/program/examining-chinas-grand-strategy-for-risc-v/.

Chinese Embassy in UK. 2011. China’s Perspective on Cybersecurity. http://gb.china-embassy.gov.cn/eng/ambassador/dsjhjcf/2011lr/201106/t20110602_3386103.htm.

Chinese Ministry of Education. 2017. Management Measures for the Demonstration Project of Building a First-Class Cibersecurity College. http://www.moe.edu.cn/srcsite/A16/s3342/201708/t20170815_311176.html.

CNCERT/CC (National Computer network Emergency Response technical Team/Coordination Center of China). n.d. 国家互联网应急中心. https://www.cert.org.cn/publish/main/34/index.html.

CNNIC (China Internet Network Information Center). n.d. 中国互联网络信息中心.https://www.cnnic.com.cn/.

Consiliul de Stat al Chinei. 1994. Regulations of the People’s Republic of China on ComputerInformation System Security Protection. https://www.gov.cn/gongbao/content/2011/content_1860849.htm.

Creemers, Rogier. 2023. Cybersecurity Law and Regulation in China: Securing the Smart State. https://brill.com/view/journals/clsr/6/2/article-p111_001.xml.

Cyber Security Association of China (CSAC). n.d. 中国网络空间安全协会. https://www.cybersac.cn/.

Cyberspace Administration of China. 2017. 关于发布《网络关键设备和网络安全专用产品目录(第一批)》的公告 [Announcement on the release of the “Catalogue of Critical Network Equipment and Network Security Special Products (First Batch)”]. https://www.cac.gov.cn/2017-06/09/c_1121113591.htm.

CYWARE. 2022. APT10: A Chinese Threat on a Global Espionage Mission. https://cyware.com/resources/research-and-analysis/apt10-a-chinese-threat-on-a-global-espionagemission-56fe.

Dandong, Han. 2019. Legal Daily. http://epaper.legaldaily.com.cn/fzrb/content/20190729/Articel04004GN.htm.

EIAS. 2023. EU Digital Dialogue and Cooperation with China: The Way Forward? https://eias.org/publications/op-ed/eu-digital-cooperation-with-china-the-way-forward/.

European Commission. 2019. “EU-CHINA - A Strategic Outlook.” https://commission.europa.eu/system/files/2019-03/communication-eu-china-a-strategic-outlook.pdf.

European Council. 2021. China: Declaration by the High Representative on behalf of the European Union urging Chinese authorities to take action against malicious cyber activities undertaken from its territory. https://www.consilium.europa.eu/en/press/press-releases/2021/07/19/declaration-by-the-high-representative-on-behalf-ofthe-eu-urging-china-to-take-action-against-malicious-cyber-activities-undertakenfrom-its-territory/#:~:text=We%20continue%20to%20urge%2.

Fraser, Nalani, Fred Plan, Jacqueline O’Leary, Raymond Leong Vincent Cannon, DanPerez, and Chi-en Shen. 2019. APT41: A Dual Espionage and Cyber Crime Operation. https://cloud.google.com/blog/topics/threat-intelligence/apt41-dual-espionage-andcyber-crime-operation.

Fulton Library. n.d. Quantitative Research Methodologies. https://uvu.libguides.com/methods/quantitative.

GMF. 2021. NATO, EU, and allies attribute email intrusion to Chinese state-backed hackers. https://securingdemocracy.gmfus.org/incident/allies-attribute-email-hack-to-chinabacked-hackers/.

Goswami, Namrata. 2023. China Prioritizes 3 Strategic Technologies in Its Great Power Competition. https://thediplomat.com/2023/04/china-prioritizes-3-strategic-technologies-in-itsgreat-power-competition/.

gov.cn. 2016. 中华人民共和国网络安全法_滚动新闻_中国网 [Cybersecurity Lawof the People’s Republic of China]. https://www.gov.cn/xinwen/2016-11/07/ content_5129723.htm.

gov.uk. 2024. UK holds China state-affiliated organisations and individuals responsible for malicious cyber activity. https://www.gov.uk/government/news/uk-holds-china-stateaffiliated-organisations-and-individuals-responsible-for-malicious-cyber-activity.

Guo, Meirong. 2018. “China’s cybersecurity legislation, it’s relevance to critical infrastructures and the challenges it faces.” International Journal of Critical Infrastructure Protection vol. 22: pp. 139-149. doi:10.1016/j.ijcip.2018.06.006.

Handler, Simon. 2023. Atlantic Council. https://www.atlanticcouncil.org/content-series/the-5x5/the-5x5-chinas-cyber-operations/.

Hmaidi, Antoni. 2023. “Here to stay” – Chinese state-affiliated hacking for strategic goals. https://merics.org/en/report/here-stay-chinese-state-affiliated-hacking-strategicgoals.

Julian, Nicholas. 2021. United States’ and China’s Cybersecurity Policies: Collaboration or Confrontation? https://www.sirjournal.org/research/2021/1/24/united-states-andchinas-cybersecurity-policies-collaboration-or-confrontation.

Kremlin. 2017. Russia and China Enhance Cybersecurity Cooperation. https://www.kremlin.ru/events/president/news/55842.

Li, H. 2018. “BRICS and the Internet: Building a New Global Consensus.” InternationalAffairs 94 (5): 1125-1145.

Mandiant. 2022. APT41 (Double Dragon): A Dual Espionage and Cyber Crime Operation. https://www.mandiant.com/resources/reports/apt41-double-dragon-dual-espionageand-cyber-crime-operation.

MFA CN (Ministry of Foreign Affairs of the People’s Republic of China). 2017. Ministry of Foreign Affairs Holds Briefing for Chinese and Foreign Media on President Xi Jinping’s State Visits to Russia and Germany and Attendance at 12th G20 Summit. https://www.fmprc.gov.cn/mfa_eng/topics_665678/2017zt/XJPDEDFWBCXGEODSECFH/201707/t20170704_703649.html.

—. 2023. Proposal of the People’s Republic of China on the Reform and Development of Global Governance. https://www.fmprc.gov.cn/eng/wjbxw/202309/t20230913_11142010.html.

National Cyber Security Centre. 2018. APT10 continuing to target UK organisations. https://www.ncsc.gov.uk/news/apt10-continuing-target-uk-organisations.

NPC.GOV.CN. 2021. “Data Security Law of the People’s Republic of China.” http://www.npc.gov.cn/englishnpc/c2759/c23934/202112/t20211209_385109.html.

O’Donnell, Lindsay. 2018. APT10 Under Close Scrutiny as Potentially Linked to Chinese Ministry of State Security. https://threatpost.com/apt10-under-close-scrutiny-aspotential-chinese-ministry-of-state-security-contractor/137139/.

Office of Public Affairs. 2024. Seven Hackers Associated with Chinese Government Charged with Computer Intrusions Targeting Perceived Critics of China and U.S. Businesses and Politicians. https://www.justice.gov/opa/pr/seven-hackers-associated-chinesegovernment-charged-computer-intrusions-targeting-perceived.

—. 2020. Seven International Cyber Defendants, Including “Apt41” Actors, Charged In Connection With Computer Intrusion Campaigns Against More Than 100 Victims Globally. https://www.justice.gov/opa/pr/seven-international-cyber-defendantsincluding-apt41-actors-charged-connection-computer.

—. 2018. Two Chinese Hackers Associated With the Ministry of State Security Charged with Global Computer Intrusion Campaigns Targeting Intellectual Property and Confidential Business Information. https://www.justice.gov/opa/pr/two-chinese-hackersassociated-ministry-state-security-charged-global-computer-intrusion.

Pleil, Helen. 2023. Being a Cyberpower – China’s Ambitions in Cyberspace. https://www.techpolicy.press/being-a-cyberpower-chinas-ambitions-in-cyberspace/.

PwC Indonesia. 2023. A comparison of cybersecurity regulations: China. https://www.pwc.com/id/en/pwc-publications/services-publications/legal-publications/a-comparisonof-cybersecurity-regulations/china.html.

Saffa, Azizah. 2024. Thailand and China Strengthen Cybersecurity Cooperation. https://opengovasia.com/2024/05/29/thailand-and-china-unite-for-cyber-resilience/.

Shen, Yi. 2016. “Cyber Sovereignty and the Governance of Global Cyberspace.” ChinesePolitical Science Review vol. 1: pp. 81-93. https://doi.org/10.1007/s41111-016-0002-6.

Smith, J. 2023. China and Solomon Islands Sign Security Pact. https://www.theguardian.com/world/2023/apr/12/china-and-solomon-islands-sign-security-pact.

Stanford. n.d. Free speech vs Maintaining Social Cohesion. https://cs.stanford.edu/people/eroberts/cs181/projects/2010-11/FreeExpressionVsSocialCohesion/china_policy.html.

Sustainable Development. 2016. World Summit on the Information Society (WSIS). https://sustainabledevelopment.un.org/index.php?page=view&type=30022&nr=102&menu=3170.

TC260 (National Cybersecurity Standardization Technical Committee). n.d. 全国网络安全标准化技术委员会. https://www.tc260.org.cn/.

The White House. 2015. U.S.-China Cyber Agreement. https://obamawhitehouse.archives.gov/the-press-office/2015/09/25/us-china-cyber-agreement.

Thomas, Nicholas. 2009. “Cyber Security in East Asia: Governing Anarchy.” Asian Security5 (1): 3-23.

Truong, Sylvie. 2024. Chinese espionage campaigns and cyberattacks on critical infrastructure in Southeast Asia. https://thereadable.co/chinese-espionage-campaigns-andcyberattacks-on-critical-infrastructure-in-southeast-asia/.

UK GOV. 2024. UK holds China state-affiliated organisations and individuals responsible for malicious cyber activity. https://www.gov.uk/government/news/uk-holds-china-stateaffiliated- organisations-and-individuals-responsible-for-malicious-cyber-activity.

US Department of the Treasury. 2024. Treasury Sanctions China-Linked Hackers for Targeting U.S. Critical Infrastructure. https://home.treasury.gov/news/press-releases/jy2205.

Vijayan, Jay. 2017. China-Based Threat Actor APT10 Ramps Up Cyber Espionage Activity.https://www.darkreading.com/cyberattacks-data-breaches/china-based-threat-actorapt10-ramps-up-cyber-espionage-activity.

Wagner, B. 2019. “Cybersecurity in East Asia: Government Policies and Sectoiral Responses.” Journal of Cyber Policy 4 (1): 55-72.

Xinhua. 2019. http://www.xinhuanet.com/yuqing/2019-01/04/c_1210030391.htm.

Xinhua News Agency. 2017. 网络空间国际合作战略 [Cyberspace International Cooperation Strategy]. http://www.xinhuanet.com/politics/2017-03/01/c_1120552767.htm.

Yamaguchi, Mari. 2021. Japan, Vietnam Look to Cyber Defense Against China. https://thediplomat.com/2021/11/japan-vietnam-look-to-cyber-defense-against-china/.

Yerushalmy, Jonathan. 2024. China cyber-attacks explained: who is behind the hacking operation against the US and UK? https://www.theguardian.com/technology/2024/mar/26/china-cyber-attack-uk-us-explained-hack-apt-31.

Zhang, Duanhong, Wenjia Ding, Yang Wang, and Siwen Liu. 2022. Exploring the Role of International Research Collaboration in Building China’s World-Class Universities.https://doi.org/10.3390/su14063487.

Zulhusni, Muhammad. n.d. China’s new tech policies challenge Intel and AMD in a shifting landscape. https://techwireasia.com/03/2024/chinas-tech-shift-what-it-means-forthe-future-of-intel-and-amd/.

Downloads

Published

2024-07-08

How to Cite

PIERȘINARU, A.-M. . (2024). Preliminary considerations on China’s international cooperation in cyber security: legislation, competent authorities, and challenges. BULLETIN OF "CAROL I" NATIONAL DEFENCE UNIVERSITY, 13(2), 121–141. https://doi.org/10.53477/2284-9378-24-24

Issue

Section

Articles