On February 27th, members of a new Chinese government body coordinating cybersecurity met for the first time. Chinese President Xi Jinping has taken the reins of the Central Cybersecurity and Information Leading Group, and declared that China will become a cyber power. Premier Li Keqiang and Liu Yunshan, both members of the Standing Committee of Communist Party’s Political Bureau, are deputy heads of the group. The establishment of such a high-level government body will be a milestone in the history of China’s Internet development.
China is a huge Internet power in terms of scale. According to the latest statistics from the China Internet Network Information Center (CNNIC), China is now home to over 618 million Internet users, 80 percent of which access the Web via smartphones. The number of Chinese domestic websites is about 4 million. Internet plays an important role in the reforms of China’s economic development model and economic structure. According to data released by the Ministry of Industry and Information Technology, telecommunication equipment export of China amounted to USD 149.3 billion, up by 14.8%, import USD 40.3 billion, up by 26.3%. Total volume of electronic information equipment in 2012 was USD 1186.8 billion, accounting for 30.7% in total export-import volume. The overall amount of information consumption was CNY 2200 billion in 2013, up by 28%. Alipay, China’s biggest e-payment vendor, said that the average per capita online transactions amounted to over CNY 10,000 last year. The new-type of online financial products was the most surpring increase. Yu E Bao, an online money-market fund promoted by Alipay in June 2013, has attracted 81 million Internet customers and 500 billion yuan by the end of February 2014.
Despite all these remarkable figures, China is not a cyber power with due strength. China’s independent technology research and development capability lags far behind those of advanced countries, and China is not adept at applying technologies into innovative commerce. Also, the gaps of levels of informationization between urban and rural areas and between eastern and western regions are huge. Then, the most crucial threat China faces in cyberspace comes from hacking activities. As Cai Mingzhao, the head of the Cabinet’s Information Office, said in a conference last November, between January and August of last year, more than 20,000 China-based websites were hacked and more than 8 million servers were hijacked by zombie and Trojan programs controlled from overseas. On January 21, 2014, most Chinese Internet users were rerouted to a US-based website run by Dynamic Internet Technology, causing a large-scale Internet outage in China. The rough estimation is that China’s economy lost tens of billions of dollars due to cyber-attacks every year. The files disclosed by former defense contractor Edward Snowden showed clearly that the National Security Agency (NSA) has long targeted China. It hacked into Chinese mobile phone companies to collect text messages and spied on Tsinghua University and many others. With Quantum program, the NSA can even enter offline computers and alter data through radio waves emitted from a variety of customized devices. The Chinese Army has been the most frequent target of Quantum. The Cyber Power Index, a report released by the Economist Intelligence Unit and sponsored by Booz Allen Hamilton, showed that China’s capability to withstand cyber attacks and deploy digital infrastructure ranks the 13th among the G20.
National security cannot be achieved without cybersecurity, not to mention building a cyber power. The establishment of a high-level office is always the first step in safeguarding cybersecurity and promoting cyber power. For example, the U.S. administration created the position of a ‘cyber czar’ and established a Cyber Command in 2009. In the same year, the United Kingdom established an Office of Cyber Security to protect information technology infrastructure, and Cyber Security Operations Centre to provide coordinated protection of critical IT systems. In May 2012, Israel established a Cyber Committee to unite the cyber security community and protect key infrastructures. The Republic of Korea also decided to instate a Cyber Security Secretary in March 2013 to deal with cyber attacks more efficiently. In China, multiple departments have to perform their duties in this new domain. As a result, more and more agencies are participating in the management of cyber issues, described by the media as Nine Dragons Running the Water. Actually, in order to perfect the management, China established the Joint Meeting of Economic Information headed by Vice Premier in 1993. The institution was upgraded into an Information Work Leading Group of the State Council in 1996, chaired by the Premier. The national Information leading group was established in 2001. China also established the Ministry of Information Industry (MII) in 1998. The Ministry of Industry and Information Technology was established mainly on the basis of MII in 2008. However, all these institutions do not have full authorities to coordinate the management of networks.
The newly established central leading group can take the leadership in coordinating all the efforts in various sectors, which can be viewed as a historical breakthrough. It is the third new central group led by the supreme leader since the end of the 18th Party Congress. The other two are the Leading Reform Group and the National Security Committee. It is a clear sign that the Internet has played and will play an increasingly important role in China’s development.
Another point is the title of this group: the Central Cybersecurity and Information Leading Group. The development of information technology and cybersecurity capabilities are called “two wings of a bird and two wheels of an engine”. In the past several decades, China has put more efforts and resources on information technology than cybersecurity. That explains why China has made astonishing achievements in developing and applying information networks, while the level of our cyber security is far lower than those developed countries. With the establishment of the new group, cybersecurity issues might be attached more importance in the future.
For China, establishing a new institution is only a first step in moving towards becoming a cyber power. In the future, China still has to make an effort on several issues to fulfill this aim. We should: a) enhance the independent and innovative capabilities in research, development and application of information technology; b) build a comprehensive cyber defense system to protect key infrastructures; c) increase competitiveness in the Internet industry in the world; d) perfect Internet information content management to spread mainstream values and positive energy and to protect people’s legal rights; e) cooperate with other countries to build an international cyber environment that is secure and trustworthy, fair and reasonable, peaceful and stable.
Dr. Lu Jinghua is a Research Fellow, Center on China-America Defense Relations (CCADR), PLA Academy of Military Science (AMS), China.