For the past three years, a couple of think tanks, one in China and one in the US, have been conducting what could be called “proxy” negotiations on cyberwar and cyberespionage. The China Institute of Contemporary International Relations and the US Center for Strategic and International Studies are both establishment institutions, with just enough independence from their governments to make the talks deniable. But both governments have been sending “observers,” so the interest on both sides is obvious.
What’s the result? It’s been hard to say from the outside, but the two sides recently agreed to release a public description of the issues raised in the talks and of the US and Chinese positions on those issues. The document is here (scroll for the English version). It’s surprisingly candid, by the low standards usually set for such releases, noting for example that both the US and China are concerned about their IT supply chain because “both believe that the other will seek to exploit the supply chain to introduce vulnerabilities in to networks and infrastructures.” True, that.
Overall, you get a sense that there may be some movement toward confidence-building measures to head off full-fledged cyberwar, reflecting what a nightmare that could be for both countries. Cyberespionage? Not so much, which may suggest that the advantages in cyberespionage are seen as asymmetric.
UPDATE: Fixed link