Writing for Al Jazeera English, EWI's Graham Webster argues that cybersecurity depends on a focus on vulnerabilities, not threats, and that talk of any kind of U.S.–China war is irresponsible.
In January 2010, a Google executive announced "a new approach to China" in a blog post, revealing that the firm had "detected a highly sophisticated and targeted attack… originating from China" and that it would reconsider business operations there. In the ensuing two years, US rhetoric about China and cyber security has become ever more breathless.
"China is waging a quiet, mostly invisible but massive cyberwar against the United States," wrote the Washington Post editorial board earlier this month. A Bloomberg News headline summed up concerns about attacks on corporate targets by conjuring an "undeclared cyber cold war."
Computer systems in government and the private sector are indeed vulnerable to unauthorised access, as seen in the recent report of an allegedly China-based incursion at the US Chamber of Commerce. People who gain access can exfiltrate data, insert false information, or further tamper with systems for a variety of purposes. But the notion of a cyber cold war with China is inaccurate and irresponsible.
Read the full op-ed at Al Jazeera English.