Five Eyes sign cybersecurity agreement, target threats from China

Member states of the “Five Eyes” international intelligence alliance have signed a joint agreement on “responsible” use of cyberspace, with the group looking to target issues including intellectual property (IP) theft coming from China.

Why it matters: China is home to a number of high-profile advanced persistent threat (APT) groups, typically state-backed organizations that conduct clandestine cyber-espionage campaigns to gather intelligence and target the private sector.

• The agreement was signed ahead of a meeting of the United Nations’ General Assembly this week.
• Signatories include 27 countries from around the world, including the US, the UK, Australia, New Zealand, and Canada—members of the so-called Five Eyes.
• The agreement calls for countries to abide by already existing cybersecurity frameworks, while China and Russia look to rewrite the rules through a new set of accords.

“State and non-state actors are using cyberspace increasingly as a platform for irresponsible behavior from which to target critical infrastructure and our citizens, undermine democracies and international institutions and organizations, and undercut fair competition in our global economy by stealing ideas when they cannot create them.”

—Signatories of the agreement

Details: Though the document does not explicitly mention China, the complaints it details have long been seen as pain points when dealing with the world’s second-largest economy.

• Most recently, social networks including Twitter and Facebook have drawn attention to China’s disinformation campaigns, in which the country was accused of using the internet to sow discord during the Hong Kong protests.
• The signatories also called for human rights to be respected online and offline, “including when addressing cybersecurity.”
• The agreement lays out basic guidelines for states to conduct themselves online, though it does not provide specifics.
• The group said that governments should follow international law in cyberspace.

Context: China’s state-backed hackers have recently been accused of stealing overseas cancer research and patient data as mortality rates from the affliction increase and Chinese companies look to the lucrative oncology industry.

• Meanwhile, a central point of the US-China trade war is alleged IP theft, in which the Trump administration has accused China of seizing US technology through cyber-espionage and tech transfers.
• There is currently only one legally binding international treaty governing cybersecurity, though China and Russia have not signed it, instead calling for a new agreement at the UN.