A highly publicized report to Congress by the U.S.-China Economic and Security Review Commission earlier this month observed that China’s “professional state sponsored intelligence collection not only targets a nation’s sensitive national security and policymaking information, it increasingly is being used to collect economic and competitive data to aid foreign businesses competing for market share with their U.S. peers.”

The report also noted that China is aware of gaps in U.S. cyber strategies, and may be exploiting gray areas in “U.S. policymaking and legal frameworks to create delays in U.S. command decision making.” Yet despite the magnitude of the challenge at hand being clear, the next president – whether it’s Barack Obama or Republican frontrunner Mitt Romney who wins the White House in November – will be faced with a frustrating but necessary challenge in tackling U.S.-Chinese cybersecurity engagement.

The Problem

After the White House published Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure in June 2009, several initiatives were launched or announced by elements of the U.S. defense community.In 2010, declassification of the Comprehensive National Cybersecurity Initiative (CNCI), enabled the timely development of a framework for international partnerships consistent with a common cybersecurity policy. In 2011, the White House released the U.S. International Strategy for Cyberspace. Subtitled, Prosperity, Security, and Openness in a Networked World,the document falls short of providing the solutions necessary to live up to its name. The simple fact is, without security there can be no prosperity or openness. This is where the new strategy is woefully inadequate – it lacks security strategies informed by technology rather than private sector lobbyists.

The sole purpose of cyberspace is to create effects in the real world. The United States’ high-tech sector leads the world in the innovation and development of computers, software and Internet services. These technologies are the backbone of the global information society. U.S. companies provide technologies that allow more and better digital information to flow across borders, thereby enhancing socioeconomic and human development worldwide. When markets and Internet connections are open, U.S. IT companies shape the world and prosper.

But leveraging the benefits of the Internet can’t occur if confidence in networked digital information and communications technologies is lacking. In cyberspace, security is the cornerstone of openness and prosperity. Cyber policies and strategies must therefore focus on promoting trust, network security, authentication, privacy and consumer protection.

In addition to benefits of free flowing communications, utility companies and industry rely on cyberspace to control critical systems. Electricity, water treatment, public health and financial services are at risk from operating specialized industrial control and embedded systems without appropriate security controls.

Today’s White House strategy prevents the federal government and the U.S. military from utilizing its expertise to protect private sector networks over which critical services flow – those that are often responsible for our prosperity.

To date, there hasn’t been a cyber event that has caused the destruction of critical infrastructure, but it would be poor strategy to do so right now anyway. Why? Because once such an attack is launched, defenders will learn from it, fixing weaknesses and preventing the same attack in the future. Thus, an American adversary is wise to avoid such an attack until a broader conflict between the United States and an adversarial nation is imminent.

Related posts:

1. Cyberspace in Pakistan is no terrorist playground, says this expert.
2. Can China’s Consumers Save West?
3. The Danger of Patriotic Geeks

When people warn of growing cyber insecurity they are often referring to the threat of an arms race, countries trying to outdo each other in the development of offensive weapons and defensive technologies. This is certainly a real risk, but the greater threat to Asian regional stability may not be from technology, but the spread of an organizational framework.

Keio University Prof. Motohiro Tsuchiya has written a commentary suggesting that Japan needs to establish a cyber militia in order to defend itself from attacks. Offense will always have the upper hand over defense, Tsuchiya argues, so the government will always struggle to keep up. The majority of expertise is in the private sector, and government salaries will never be competitive enough to attract and retain the talent needed. What can Japan do but appeal to patriotism? “Success hinges on whether the government can secure patriotic geeks.”

There has been similar discussion in India. In November 2011, Information Technology Minister Kapil Sibal called for a community of ethical hackers to help defend Indian networks since “the resource pool of them is very limited in the world.” India has also reportedly been considering using patriotic hackers for offensive operations. The Times of India reported a high level meeting in August 2010 – chaired by National Security Adviser Shiv Shankar Menon and attended by the director of Intelligence Bureau as well as senior officials of the telecom department and IT ministry – that considered recruiting and providing legal protection to hackers who would be used to attack the computers of hostile nations. During a visit that October, several security experts in Delhi told me that NTRO officials were soliciting hackers on websites and electronic bulletin boards.

China, of course, is widely suspected of using patriotic hackers and cyber militias for defense and offense. According to the Financial Times, Nanhao Group, a web company outside of Beijing, has departments tasked for attacks and defense, and this Chinese report mentions cyber militias in Tianjin’s Hexi District. Recent intelligence leaks and private security reports about cyber espionage suggest that the Chinese government backs or directs the majority of espionage attacks on Western and Japanese technology companies, with hackers clocking in and out between 9am and 5pm Chinese time.

The talent concern is real, but addressing the problem through cyber militias would be profoundly destabilizing for the region. Militia members may one day walk out the door and not only use their skill and knowledge against other states without authorization, but may also turn them back on home networks. Military planners would also have to worry, especially during a crisis, that militias might ignore orders or target off-limit networks, increasing the risk of escalation and decreasing ability to signal intent to the adversary.

The plausible deniability of patriotic hackers is one of their biggest selling points; states can claim they know nothing about attacks and can do little to stop them. Technological changes that make attribution easier, or other forms of intelligence that have the same impact, would do a great deal to make cyber militias less attractive to policymakers. In the short term, if regional leaders aren’t going to fight the urge to mobilize their own militias, they at least need to ensure that they know who they should be talking to on the other side if a crisis breaks out and they must be able establish clear lines of communication.

In the longer term, the Association of Southeast Asian Nations or other regional groupings would be wise to promote a norm of state responsibility for cyberattacks emanating from within a country’s borders. As the Atlantic Council’s Jason Healey argues, developing this norm will involve state-to-state negotiations and capacity building as well as diplomatic, economic, intelligence, and, possibly, military responses.

Patriotic geeks might be the answer to a lot of policy challenges. But in terms of cybersecurity, it may be best to either bring them completely into the fold, or keep them at arm’s length.

Adam Segal is the Ira A. Lipman Senior Fellow for Counterterrorism and National Security Studies at the Council on Foreign Relations. He blogs at Asia Unbound, where this piece originally appeared. Follow him on Twitter @adschina.

Related posts:

1. U.S. Maritime Dominance in Danger
2. The Danger of a Tehran Winter
3. The Danger for US-China Ties

In brief, the case for the United States having designed and developed Stuxnet is as follows: First, neither the United States nor Israel wants Iran to develop nuclear weapons. The worm, then, is seen as likely part of a covert strategy to delay or destroy Iran’s nuclear infrastructure while stopping short of war.

The weapon was designed to target a specific version of the Siemens SCADA programmable logic controls (PLC) operating a specific configuration and number of cascading centrifuges found in Iran. Some analysts point to the fact that there were vulnerability assessments being run at Idaho National Labs on Siemens PLC software. Others note that the design of the cyber weapon closely fit Richard Clark’s description in Cyber War of a well-designed and ethically thought out weapon limiting collateral damage due to a vast army of lawyers scrutinizing the effects. The malware-analyst community, meanwhile, points to digital code strings such as “b:\myrtus\” taken from biblical events important to Israeli identity. And, as the story goes, after the political decisions, vulnerability assessments, and weapon design took place, either an Iranian agent was found to take the USB memory stick into the nuclear facility, or all the computers around the plants were infected with Stuxnet via the conficker worm.

However, what about the case for Russian development and deployment? The Russians don’t support an Iranian indigenous nuclear capability. Their calculus is that their companies’ profit margins will benefit as long as the Iranians keep Russian scientists and engineers in country, who can oversee Iranian nuclear progress. Using its unique insights, Russia then plays a Byzantine game of delay and diplomacy. Delaying a program on technical grounds can’t go on indefinitely. At the same time, their involvement in the nuclear program is leverage in Russo-American negotiations.

Then there’s so-called nuclear gangsterism that was rampant in Chechnya and other breakaway regions over the past two decades. In 1995, for example, Chechen rebels planted a “dirty bomb” in Moscow’s Izmailovsky Park. Today, nuclear material is much more secure in Russia thanks to Russo-American cooperation. But should Iran develop a full-blown nuclear capability, Russian national security would be put at risk as Chechen or other violent-Islamic extremist and nationalist rebels look to Iran’s version of nuclear entrepreneur AQ Kahn to gain access to nuclear technology. Keeping access to Iran’s nuclear program, while keeping the Iranians far from the capacity to “break out” into full nuclear material production, is the balancing act Russia must play.

Related posts:

1. Why China and Russia Help Iran
2. Iran and the P5+1: Dual Track Clash
3. How Russia Plays the Great Game

To be sure, China isn’t a solitary actor, and Russia and other countries are routinely fingered as major sources of online intrusions and hacking. But in recent years, a multitude of U.S. corporations, universities, government agencies, and other institutions – to say nothing of their counterparts in places like Japan, South Korea, and Europe – have suffered cyber attacks alleged to have originated in China. Indeed, the new report calls Chinese actors “the world’s most active and persistent perpetrators of economic espionage.”

It’s easy to see how this pattern of behavior fits into Beijing’s oft-expressed desire to ascend quickly to global power status. Beijing, as the DNI report notes, is driven by a longstanding desire to attain the levels of economic prosperity enjoyed by the Western powers. This policy motivates many of China’s attempts at online malfeasance, including its efforts to acquire foreign technology, research plans, and proprietary intellectual property.

But this very approach challenges the core of China’s aspirations to a peaceful rise, and may have the effect of increasing the external constraints to that rise.

While a few years ago debate over China oscillated between those seeking to engage Beijing and those wishing to contain it, Washington has settled into a rough consensus on China policy that resembles closely the approach adopted by most Asian nations: deep economic and diplomatic engagement coupled with a strategy to hedge against the possibility of future Chinese aggression. As the United States and a number of Asian nations hedge, they are building up their own or each other’s militaries, deepening their pattern of security cooperation, and expanding their economic linkages. The result is an emerging power web that supplements the traditional hub-and-spoke American alliance system, with the virtual effect of Lilliputians tying down Gulliver.

Related posts:

1. China’s Arab Spring Cyber Lessons
2. Did China Tip Cyber War Hand?
3. On the Cyber Warpath

Throughout the Middle East, protestors have employed Facebook, Twitter, YouTube, cell phone texting and other technologies to organize and spread news at home and to the outside world. The use of these new communications tools has inspired Western governments, among others, to act. The US State Department, for example, plans to spend more than $25 million on Internet freedom programming this year, and Congress has given the Broadcasting Board of Governors an additional $10 million to develop technologies that would empower Internet activists abroad. But democratic governments aren’t the only ones reacting to the Arab Spring. Autocracies, including China, which hosts the world’s most sophisticated online control regime, are drawing their own lessons.

Last week, Beijing’s Ministry of Public Security urged police to use microblogs to ‘guide public opinion’ and ‘pay attention to hot topics people are talking about on the Internet.’ This represents just the latest step China has taken to guard against online echoes of the Arab Spring. In the wake of the Tunisian and Egyptian uprisings, Beijing blocked Internet search requests for key words and phrases including ‘Egypt,’ ‘Cairo’ and ‘Jasmine’ – a reference to Tunisia’s Jasmine Revolution. After protests in Inner Mongolia in May, Weibo – China’s version of Twitter – filtered out results of searches for the province’s name. And Beijing recently established a State Internet Information Office to better regulate the flow of online information.

As China and other regimes fine tune their Internet controls, they appear to have discerned at least four specific lessons from the Middle East revolutions.

First, there are real economic costs to Internet repression. According to OECD estimates, Egypt’s five-day Internet shutdown cost the country at least $90 million. Even after Egyptian officials pulled the plug on the Internet near the height of Tahrir Square protests, they left the Cairo Stock Exchange connected. Given China’s greater economic dependence on global information systems, it can ill-afford such losses and has mostly avoided widespread Internet interruption.

Second, Beijing’s more nuanced approach to monitoring and censorship works far better than the blunt tactics – including full shutdowns and extreme bandwidth restrictions – that have been employed by some Middle Eastern governments. These blunt moves can backfire; after Cairo turned off its people’s Internet access, the protest grew larger, not smaller. China, on the other hand, allows citizens to vent some frustrations via microblogs and social networks, and to engage in all manner of non-political expression, clamping down only when things get out of hand. At least in the short run, the Chinese model of Internet control seems far more effective.

Third, online dissent produces significant political change only if it results in offline protest. Despite widespread cyber protests, the Mubarak regime only began to teeter when thousands of citizens physically occupied Tahrir Square. Beijing and other regimes may be turning this to their advantage. A web posting earlier this year on the US-based Chinese language website Boxun.com called on activists to stage China’s own ‘Jasmine Revolution.’ Although there was no widespread turnout of demonstrators, security teams and plainclothes officers flooded the scene to arrest any protestors. Some observers have speculated that the Chinese government itself was behind the web posting in order to draw out those brazen enough to engage in offline dissent.

Finally, and most fundamentally, there’s emerging evidence that these new communications technologies can, in fact, facilitate political change. A recent report in Technology Review, for instance, found that the Internet provided the right conditions to those agitating for democratic change in Tunisia: anonymity, meaningful connections and, perhaps most importantly, a voice. In light of this year’s developments, Beijing appears to have devoted ever greater resources and energies to regulating every aspect of the Internet, from managing content to producing online propaganda.

China now has more Internet users than the entire population of the United States. It’s impossible to tell what impact online communications will have on Chinese politics over the long run, but Beijing is taking a vast array of steps to bolster its defences in the short term. Chinese cyber dissidents are sure to have a much more difficult time wielding the Internet to foment political change than did their Arab counterparts. This alone suggests the importance of the United States’ Internet freedom efforts. As they pursue an array of complex but productive ties with Beijing, the democratic countries of the world should stand up for the value of online freedom – especially as the autumn turns to winter.

Richard Fontaine is a Senior Advisor at the Center for a New American Security (CNAS) and former foreign policy advisor to Senator John McCain. Will Rogers is a Research Associate at CNAS. They are the authors of Internet Freedom: A Foreign Policy Imperative in the Digital Age.   

Related posts:

1. India’s Arab Spring Opportunity
2. China’s Cyber Moves Hurting Beijing
3. On the Cyber Warpath

The immediate triggers of China’s latest crackdown were most likely related to the outpouring of public outrage on the Internet over the crash of two high-speed trains in late July, and to the role played by the Internet in mobilizing the protest by residents of Dalian that forced the local government to promise to relocate a (truly) toxic petrochemical complex. 

But the Chinese authorities also seem to have good reason to attempt the impossible – the advent of the Internet and microblogs has now greatly amplified the impact of rumours.  On occasion, rumours have led to tragedies and riots.  In one incident that occurred in the early hours of February 10 this year, for instance, rumours that a chemical plant in Xiangshui county in Jiangsu Province was about to explode sent more than ten thousand local residents into a panicked flight.  Four people died and many were injured in the resulting traffic accidents.

Based on previous records of rumour-suppression, China’s latest crackdown doesn’t look promising.  The reason isn’t that Beijing lacks the muscle or resolve – Chinese censors are hardworking servants of the state and can be counted on to devise ingenious measures to combat rumours.  But fighting rumours in the Chinese social and political contexts requires much more than relentless censorship.  First and foremost, Chinese leaders worried about the harmful effects of rumours must understand that the influence of rumours is directly and positively correlated with the lack of press freedom and the decline of government credibility.  In other words, in a society ruled by an authoritarian regime that tolerates little freedom of the press, but which has an incentive structure that encourages its officials to fabricate critical data (such as GDP growth, inflation, and housing prices) and cover up accidents and communicable diseases, rumours are bound to flourish.

Indeed, when we compare how rumours fare in autocracies and democracies, the difference is huge. To be sure, rumours are concocted and spread in all societies. But those ruled by autocratic elites are far more vulnerable to their impact because these societies have no independent and free press that enjoys public confidence and can quickly discredit rumours through their fact-based reporting. In democracies, rumours can seldom cause mass panic or riots because a free press quickly acts as an antidote.

So a long-term and more effective measure to contain the harm of rumours in China is to allow greater press freedom.  Sadly, that doesn’t seem to be in the cards.

An interesting question is why rumours in China have grown more potent these days.  Although many Chinese officials blame the Internet, the real culprit is the crisis in government credibility. One of the most worrisome trends in China in recent years is the erosion of social trust, caused largely by the prevalence of cheating and dishonesty.  The symptoms include fake official rhetoric, fake goods, fake diplomas, fake data, and even fake Apple stores.  While many perpetrators are private citizens intent on making a fast profit, others are government officials who use dishonest means to get ahead. Some understate their age (because younger officials have a better chance for promotion); others embellish their resumes and educational achievements (to make themselves more competitive). A very peculiar phenomenon in China is that many officials claim to have earned advanced degrees. But when you look more closely at how they received their graduate degrees, nearly all of them got their masters or doctorates through dubious part-time programmes.  For these individuals, cheating may have helped advance their personal careers, but the damage done to the credibility of the Chinese state is irreparable: citizens find it hard to trust a government whose officials shamelessly sport fake academic credentials and get promoted.

A second cause of the crisis in government credibility is embedded in the political system of a one-party state. In addition to suppressing the freedom of the press, such a political system is notoriously opaque.  Information is tightly controlled by the state. Eager to maintain its image as a competent regime, a one-party state habitually conceals its shortcomings.

Unfortunately, attempts by government officials to cover up accidents and disasters can endanger the lives and well-being of ordinary citizens. In the infamous case of the outbreak of the SARS epidemic in 2003, Chinese officials hid the truth from the Chinese public for months and therefore greatly exacerbated the destructive effects of the outbreak. In 2008, to cite another example, government officials were aware of the deaths and illness caused by melamine-tainted milk powder produced by Sanlu, a state-owned company, but decided to suppress the information out of fear that the scandal would tarnish the Beijing Olympics.  The result was more deaths, consumer panic, and public outrage.  

The Sanlu case actually shows that if the public paid attention to ‘true’ rumours, more tragedies could be avoided. Before the official media belatedly acknowledged that Sanlu’s milk powder contained melamine, a Chinese consumer in May posted online his complaints about the harmful effects caused by Sanlu formula.  For unknown reasons, the posting didn’t go viral or attract enough public attention to ignite a public firestorm. To the Chinese public, the Sanlu scandal must have been a poignant reminder that they would fare better believing in rumours than trusting government officials.

So it seems that Beijing is fighting the wrong battle again.  Instead of launching a costly and ultimately futile campaign against Internet rumours, the Chinese government would better serve itself – and the Chinese people – by freeing the Chinese press and trying to improve its own credibility.

Related posts:

1. China Fears Spark Indo-US Courting
2. China’s Arab Spring Cyber Lessons
3. What Russia Fears in Asia

Yet, regardless of the outcome of this contest between a politically vengeful autocratic government and a technologically savvy US firm, the Google episode will likely remain a crucial moment in China’s relations with the West in general, and with Western companies doing business in China in particular.

This is not to suggest that Google’s defiance will force a crack in the ‘Great Firewall of China.’ Indeed, in the short term, the effects of Google’s confrontational tactic will be negative as the Chinese government will almost certainly impose tighter restrictions on the flow of information; Beijing understands clearly the risks of allowing Google to set a precedent by encouraging others to challenge its political control.

Sadly, despite Google’s stand, it has received practically no solidarity from Western companies, most of whom are either afraid of retaliation by Beijing or convinced that Google has made a horrible mistake by giving Beijing no ‘face’ – a Chinese expression for the public humiliation of the government. This disappointing response from the West’s corporate community suggests that it has not fully understood China, especially the political calculations behind its policy toward Western companies.

Among Western business leaders, China stands out as a shining example of what developing countries should do when it comes to foreign direct investment (FDI). Since 1979, China’s pro-FDI policies, including tax concessions, low environmental and labour standards, and speedy approval times, have turned it into a magnet for FDI. And both China and Western investors have benefited greatly from the arrangement, with the love-fest between Beijing and foreign businesses reaching such intensity that many Western corporate leaders have often cited China’s low tax, easy rules approach an example of how their own countries should conduct business. And in the process they have become effective advocates for Beijing, downplaying human rights issues. For them, the business of China is strictly business.

The truth, of course, is completely different.

For Beijing, business is not about business — it is about politics. This is clear from the way Beijing treats both domestic and foreign businesses. China initially welcomed foreign investment because the ruling Chinese Communist Party desperately needed capital, technology and management expertise to revive China’s moribund economy in the wake of the disastrous Cultural Revolution. In their political calculations, private Western capital was preferable to private domestic capital because a strong indigenous business community might have the potential to support social and political forces that would challenge the rule of the party. As a result, Beijing has treated foreign capital much more generously than the domestic private sector. Many important sectors, such as banking, financial services, petrochemicals, energy exploration and automobile production were opened to foreign investors but not to domestic private firms.

While favouring foreign capital over private domestic capital, Beijing has also maintained its bottom-line: it will not allow foreign firms to control and establish a significant presence in what it considers strategic sectors, such as telecom services, banking (foreigners are passive minority investors at best) and energy.  Above all, no private capital — foreign or otherwise — is to be allowed into the sector most critical to regime security: the media.

Today, flush with $2.3 trillion in hard currency, China no longer has the same need of foreign capital and its government has readjusted its economic policy accordingly. Because state-owned enterprises are both national champions and political patronage machines (the Communist Party can reward its loyalists with lucrative appointments in these state-owned firms), Beijing’s policy now clearly favours them over both domestic and foreign capital.

As for Google, it has committed a double offense. Its search technology poses a clear and present threat to the party’s regime security, while its capacity to dominate the Internet search business would deprive China of its own national champion, Baidu (which, although a private business, is easier to control).

Google’s senior management may have learned a thing or two about dealing with a one-party regime through its unhappy foray into China. It’s unclear, though, whether other Western firms have learned anything at all at Google’s expense.

Related posts:

1. Why Japan-China Spat Hurts Both
2. Solving South China Sea Spat
3. China’s Arab Spring Cyber Lessons

Recent alleged domestic terrorism plots, bombings in Jakarta, pandemic fears and climate change repercussions have underscored the need to both understand and prepare for all of the national security challenges confronting Australia. From the interagency missions in the Solomon Islands and Timor, to cooperation on transnational crime with our Asia-Pacific partners and wider, these challenges stretch in form and guise – from natural disasters to regional fragility and global stabilisation concerns – and impact wherever and whenever Australia’s national interests are engaged.

Tabled in December last year by Prime Minister Kevin Rudd the first National Security Statement lays some useful foundations, including a methodology to achieve national security through three  broad ‘national security policy responses’: participation in an activist diplomatic strategy; delivering a versatile Australian Defence Force (ADF) ready to respond; and building a national security community and capabilities that work together. However, the work is acknowledged as not yet over – indeed, it requires a constant vigilance. What is clear is that Defence has a part in all of those responses, to assist in making national security interactions more effective.

Foreshadowing much of the 2009 Defence White Paper’s policy content, the Statement demanded a defence force ready to respond to diverse security challenges – a task in which the ADF is already engaged. However, the Statement also unfurled a more holistic backdrop that clearly implies a contribution from the ADF beyond a narrow definition of ‘defence’. Accordingly, Defence has an opportunity to broaden the Government’s understanding of its entire capacity to contribute to national security – measures that exist both in terms of its operations and activities, as well as the lessons it could offer to the national security community.

Given the somewhat imposing nature of Defence, both in size and scope, it’s important to stress that these lessons don’t constitute any expansionist notions. Defence is already extrapolating its heritage of interoperability between its various services and specialisations to working with other elements of the national security complex, such as the Australian Federal Police and AusAID. Nonetheless, the Statement sought to take that evolution further. Each department and agency clearly has something to learn from its partners; however, Defence has extensive recent experience and unique insights into multi-agency coordination, through its mass, diversity, complexity and history. Defence and the ADF can therefore identify where they have ideas to offer to the rest of the national security community, and share accordingly.

The future will doubtless hold complex and congested spaces where security challenges will occur – both here and abroad: and at times, these spaces will be too extreme for non-military forces to deliver essential public and government services and functions safely or effectively. By virtue of the fact that it must be able to support itself in austere, threatening or hazardous environments, the ADF is by nature structured to perform or support tasks wider than combat operations that might include assistance to deliver those functions.

This is not to suggest that the ADF should develop niche capabilities beyond those required to operate and self-sustain in such circumstances. Rather, the ADF and its national security partner agencies need to focus on cultivating a willingness to engage early across their legal and bureaucratic boundaries, when crises arise or contingencies are identified. Doing so allows time for several agencies to plan ‘in parallel’, to understand each others’ capacities and limitations, and to strike the optimum balance of when and how to intervene and cooperate.

Related posts:

1. ‘Security Key to Prosperity’
2. Facing India’s Security Future
3. Enter China’s Security Firms

The latest instance of Chinese hackers targeting websites abroad involved the Melbourne International Film Festival. The festival was attacked over two recent weekends because of its organisers’ refusal to yield to pressure by Beijing not to screen ‘10 Conditions of Love,’ a documentary about exiled Uighur leader Rebiya Kadeer, and because Canberra had granted Kadeer a visa so that she could attend the screening. (Beijing has called Kadeer, now living in exile in the United States, a ’splittist’ and a leader of Uighur ‘terrorist’ groups in Xinjiang, charges that she denies and that don’t stand up to scrutiny.)

While the first attack only involved alterations to content of the festival’s website (displaying the Chinese flag and anti-Kadeer slogans, as well as spam), the second forced the managers of the site to shut down online ticket sales. Richard Moore, MIFF’s director, said that as 65 percent of ticket sales are done online, the attack would have serious financial repercussions on the festival.

At this point, it’s impossible to determine whether the attacks were orchestrated by the Chinese security apparatus or ultranationalist Chinese, with or without state sanction. Irrespective of this, the latest attack – and many others before it – represent political and economic warfare. While Beijing certainly retains the right to express its displeasure, via diplomatic channels, at the policy decisions of other states, it’s unacceptable for it to engage in, or at the least condone, economic warfare against market economies that have contributed to its economic boom.

In light of this, private companies and countries that have been targets of Chinese economic warfare should not only challenge Chinese authorities to prevent such attacks in future, but also take legal action against the perpetrators.

China is one of the 187 members of Interpol, the global law enforcement agency. One of Interpol’s mandates, as stated on its website, is fighting financial and high-tech crimes, which include computer virus attacks and cyber-terrorism. As Beijing has openly acknowledged, China benefited tremendously from cooperation with Interpol during the Olympic Games last year, where the agency screened every visitor’s passport through its vast database.

But membership in multilateral organisations does not just confer benefits upon its members; it also carries responsibilities. One such responsibility for Beijing is to punish perpetrators of cyber crime and prevent such attacks from recurring.

As it modernises and continues to develop political and economic relations with the community of nations, China must demonstrate that it is a country run by the rule of law, where the rights of individuals, governments and corporations are protected, both at home and abroad. Until it does this, China will never win foreign confidence in its ability to address crime through rigorous law rather than the arbitrariness of ideology. Cyber crime would be a good area for Beijing to show its willingness to fight crime and fulfil its role as a member of Interpol and responsible global actor.

Whether we like it or not, Beijing has every right to use the appropriate channels to reprimand states that do not act according to its will, as it did by summoning Australia’s ambassador to China over the Kadeer visa. But to resort to disruptive economic warfare against private institutions or film festivals that present documentaries it disagrees with is not only childish – it goes against the very principles of global trade. And, equally important, it undermines freedom of expression in other countries.

It’s time the world stopped reacting with complacency to Chinese bullying, state-sanctioned or otherwise.

Related posts:

1. China’s Cyber Moves Hurting Beijing
2. China’s Arab Spring Cyber Lessons
3. Did China Tip Cyber War Hand?