Thanks to the sharp eye of a colleague from a mailing list, I learned of the article Is China Really Cyberdragon? in the English-language China Daily newspaper. The article is by Tang Lan, deputy director of the Institute of Information and Social Development Studies, China Institutes of Contemporary International Relations (a state-directed research institute). His writing displays all of the class elements of what I call Chinese defensive propaganda, in this case specifically addressing APT intrusions.
I'll cite a few examples so you know what I mean.
Hacking poses a threat to both China and Western countries and politicizing the problem will be detrimental to all.
The beginning of the article introduces the reader to the concept that China is just as much a victim of hacking as the West. This is the first invocation of "the victim card," which is a constant aspect of Chinese self-identity and international relations.
Tang Lan then dismisses accusations that the Chinese hack Western organizations, naming a few companies specifically. Then we read:
This is not the first time China has been the victim of such accusations. In fact, it was also accused of having instigated several previous systemic long-term intrusions, namely Operation Titan Rain, Night Dragon and Operation Aurora.
Again we see the victim card, using the actual word "victim." I think this section is counter-productive, because it reminds the reader that the Chinese have been publicly active against Western targets since 2003 (i.e., the mention of Titan Rain).
Western governments and media would have people believe that China has become a "cyberdragon", able to infiltrate the computer systems of countries and companies seemingly at will.
It may be tough for the author to appreciate this statement, but it's fairly true.
Besides, it is simply untrue to say that China is not a victim of cyber attacks. China was hit by nearly 493,000 cyber attacks last year, about half of which originated from foreign countries, including 14.7 percent from the US and 8 percent from India, according to a report issued on Tuesday by the Computer Network Emergency Response Technical Team / Coordination Center of China (CNCERT/CC), the country's primary computer security monitoring network.
Notice the third use of the victim card. More interestingly, who said "China is not a victim of cyber attacks?" Tang Lan introduces a red herring (pun intended) to divert our attention, and then uses statistics from CNCERT to show an argument (made by no one) is false.
Hacking poses a great threat to both China and Western countries and should be considered a common enemy. It is irresponsible to accuse any other country without ample evidence, and politicizing the problem will only prove detrimental to the interests of all.
As a responsible country, China has long held the principle of strengthening supervision of the Internet, and encourages all countries to cooperate for the common good.
We also hope other countries can hear China's voice, and understand China's efforts in defending the security of all.
In this amusing conclusion to the article, there are three points. First, we have a fourth invocation of the victim card. Second, we read of "irresponsible" and "responsible" countries. The US is "irresponsible" because its private, non-state-owned security firms are pointing the finger at China. China is "responsible" because it promotes "supervision of the Internet" (obviously via the Great Firewall of China). Third, China is supposedly encouraging "all countries to cooperate for the common good" and "defending the security of all." How is that happening, exactly?
I thought it was telling that someone in the Party decided to commission a response via an institutional speaker. The double-speak in the article shows China craves being seen as "responsible," which gives the West a strategy for diplomatic pressure against APT intrusions. I also expect to see the victim strategy used by China as a constant justification for whatever activity they pursue.
On a slightly humorous note, one of the responses to this article that I read on a mailing list asked the following question:
Given that the Chinese PLA assaults Chinese Web sites from compromised IP addresses in the United States (reported in Slip-Up in Chinese Military TV Show Reveals More Than Intended), what would the statistics look like if they removed all their self-inflicted attacks?