Expectations Set Low on Obama-Xi Summit

Presidents of U.S., China Set to Discuss Cybersecurity
Expectations Set Low on Obama-Xi Summit

Only a cockeyed optimist would expect the outcome of this weekend's summit between President Obama and Chinese President Xi Jinping to be a halt to Chinese cyber-attacks on U.S. computers.

See Also: Deception-Based Threat Detection: Shifting Power to the Defenders

"Expectations on outcome should be low, but even a joint announcement decrying state-sponsored hacking would be a symbolic step in the right direction," says Michael DuBose, a managing director at risk-mitigation adviser Kroll Advisory Solutions.

Cybersecurity is at the top of the agenda for the June 7-8 summit. What will emerge from two days of meetings isn't likely to be an acknowledgment from Xi that, indeed, hackers from China have attacked American computer systems to pilfer military and corporate trade secrets. Instead, Obama and Xi will seek to draft an agenda for a newly formed U.S.-Chinese cybersecurity working group that will convene next month.

In addition to cybersecurity, Obama and Xi will address North Korea's nuclear threat, territorial and maritime disputes in the western Pacific, human rights and bilateral and global economic challenges, all in formal and informal sessions at a 200-acre retreat called Sunnylands in Rancho Mirage, Calif.

A desired outcome of the summit would be the development of an amiable rapport between Obama and Xi, who assumed the presidency just months ago. [The two leaders met in the Oval Office last year when Xi was Chinese vice president.]

Less Scripted, Less Formal, Less Rigid

"Getting to a venue like Sunnylands allows for a more informal set of discussions than we've had with China to date in the sense that it's a less scripted, less formal, less rigid agenda, but rather there is some space for the two leaders to interact and have more open-ended discussions about the issues that underlie the U.S.-China relationship," a senior administration official said at a briefing on the summit earlier this week.

Some of the administration's top officials - National Security Adviser Tom Donilon, who announced his resignation this week, Defense Secretary Chuck Hagel and Secretary of State John Kerry - have raised concerns about cyber-attacks originating in China directly with senior Chinese leaders, who have denied such attacks have occurred. In fact, published reports this past week from the leader of the Chinese equivalent of computer emergency response teams said China can document attacks originating from the United States against its computers.

Still, the evidence is strong that the Chinese government is behind the attacks that have stolen military secrets and intellectual property from American computers [see 6 Types of Data Chinese Hackers Pilfer, DoD Outlines China's Spying on U.S. IT and Chinese Hack Targets Weapons' Designs].

Constructive, Not Confrontational Tone

Because of those digital invasions, Obama will not hesitate to express his displeasure about these cyber-attacks to Xi, but the tone will likely be constructive, not confrontational [see Is Obama Too Cool on Cybersecurity].

"We will make clear that, frankly, it's not in anybody's interest for there to be a situation in which businesses don't have the confidence that they have certain protections in place such that their intellectual property can't be compromised, and sensitive data can't be compromised," said one of the administration officials, whose identities remain anonymous as a condition of the briefing.

Administration officials declined to say whether Obama would threaten XI with some type of punishment if the Chinese hacking continues. But one of the officials at the briefing pointed out that the United States has successfully won economic cases against China before the World Trade Organization. "We have demonstrated that when we believe that we're not making progress simply through dialogue, we're willing to use the measures available to us within the international system to elevate those concerns," the official said.

Strong Incentive for Dialogue

With the Internet being a crucial component of the global economy, much is at stake if the U.S. and China can't reach agreement on how to secure it. "The two largest economies in the world have a lot to lose from state-sponsored and profit-motivated hacking, whether it involves trade secrets, key market intelligence or victimization of their citizenry," Kroll's DuBose says. "With so much at risk, both sides have strong incentive to come to the table, but trust and accountability will continue to be huge challenges. This summit is a step in the right direction, but expectations should be measured."

Yet, even if the cybersecurity talks between Obama and Xi are deemed a success, challenges to secure the Internet will remain. "Cyber-conflicts are a global governance issue and is not an issue that can be resolved with bilateral talks between two countries," says Ashar Aziz, founder of FireEye, a provider of IT security wares. "The number of countries and non-state groups with sophisticated offensive capabilities in cyber-space is growing at an alarming rate. So even if one or two countries decide to show restraint, it is difficult to see how that will result in fewer attacks on the U.S. and other countries given the global and highly distributed nature of the problem."

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.