The Unites States and China are actively negotiating a digital arms control accord in which each side agrees not to be the first to wage a cyber attack on the other’s critical infrastructure – like power grids, banks and cellular networks – during times of peace.
Sources familiar with the talks tell The New York Times that both sides have been working overtime to hammer out an agreement ahead of Chinese President Xi Jinping’s visit to Washington on Thursday.
President Obama last week said cyber attacks would likely be one of the biggest topics of the meeting and that they’d like to be able to at least put a process in place to facilitate negotiations.
It’s worth highlighting the fact that any deal, at least the first draft, would only apply to cyber attacks on critical infrastructure. Many of the recent cyber attacks that China has been blamed for, such as the Office of Personnel Management security breach that led to the theft of personal data belonging to 22 million government employees, would not be “covered” under the pending agreement.
In other words, cyber attacks used for espionage or theft of intellectual property would still be fair game.
Harvard professor Joseph S. Nye, well-known for his studies of American power, said the concept of a “no first use” doctrine has been building for some time in international forums. The problem, however, is that unlike physical weapons, it’s difficult to determine the origin of a cyber attack. What’s more, there’s little to stop a nation from indirectly attacking another through the use of a sponsored third party.
The deal would obviously be far from perfect but as the publication says, it would be a start.
Image courtesy Pablo Martinez Monsivais, AP Photo