The U.S. government is working on a sanctions package against Chinese firms and individuals for cyber-espionage activities against U.S. companies, the Washington Post reported. This move comes after months of cyber attacks on companies and government agencies that have been linked to China.
The sanctions will impose costs for economic cyber spying and not government-to-government intelligence activities. As a result, the incidents the package will cover do not include the Office of Personnel Management breach from earlier this year, because that attack was deemed to be part of traditional intelligence.
Instead, the sanctions are primarily in response to Chinese companies that have been accused over the past few months of breaking into American companies and stealing intellectual property, client lists, trade secrets, and other sensitive information in order to gain an economic advantage in the marketplace.
"It sends a signal to Beijing that the administration is going to start fighting back on economic espionage, and it sends a signal to the private sector that we're on your team," an administration official told the Washington Post. "It tells China, enough is enough."
The sanctions follow the president's Executive Order from April, which gave the U.S. Department of Treasury the authority to freeze assets and bar other financial transactions of entities engaged in destructive cyber attacks. The order targeted individuals and groups outside the United States that use cyber attacks to threaten U.S. foreign policy, national security, or economic stability. This doesn't mean, however, that the government will abandon diplomatic channels, trade policy tools, and law enforcement actions to go after individuals and entities engaged in malicious activity.
"Sanctions will be more symbolic in nature as it won't actually deter them [Chinese] from doing what they are really good at," said George Kurtz, president and CEO of Crowdstrike.
China has consistently denied taking part in economic cyber espionage, despite mounting evidence to the contrary. The latest figures from the Federal Bureau of Investigation showed that economic espionage cases jumped 53 percent in the past year, and China accounted for a bulk of those cases. Even if the sanctions don't stop the attacks, they represent a step in the right direction because they "force everyone to the table and have a conversation behind closed doors about cyber espionage," Kurtz said.
In the past, the U.S. government has been reluctant to be vocal about cyber espionage activities originating from China to avoid disrupting political and economic ties with the country. That has been gradually changing. In May 2014, U.S. prosecutors unsealed indictments on economic spying charges against five Chinese military personnel. The indictment alleged the five individuals breached computer systems of major American steel and other companies to profit Chinese firms.
Sign up for CIO Asia eNewsletters.