China and Russia remain leading threats in cyberspace, the director of national intelligence said in front of Congress.


Last week, the Director of National Intelligence, James R. Clapper, delivered his annual threat briefing to the Senate Armed Forces Committee noting that China remains engaged in malicious activities in cyberspace against the United States, despite a U.S.-Chinese bilateral agreement to refrain from conducting or knowingly supporting commercial cyber-espionage.

“China continues to have success in cyber espionage against the U.S. government, our allies, and U.S. companies,” Clapper emphasized. “Beijing also selectively uses cyberattacks against targets it believes threaten Chinese domestic stability or regime legitimacy.”

Clapper goes on to say that U.S. intelligence agencies will monitor China’s compliance with the September 2015 bilateral agreement to refrain from conducting or knowingly supporting cyber-enabled theft of intellectual property with the intent of providing competitive advantage to companies or commercial sectors.“Private-sector security experts have identified limited ongoing cyber activity from China but have not verified state sponsorship or the use of exfiltrated data for commercial gain,” he added.

Clapper remains skeptical however: “Russia and China continue to have the most sophisticated cyber programs. China continues cyber espionage against the United States. Whether China’s commitment of last September moderates its economic espionage remains to be seen.”

During a September 2015 testimony in front of the Senate Armed Services Committee, Clapper noted that the agreement was “good first step,” but unequivocally answered the question whether it would eliminate Chinese state-sponsored cyberattacks with a resounding “No.”

Enjoying this article? Click here to subscribe for full access. Just $5 a month.

“Such malicious cyber activity will continue and probably accelerate until we establish and demonstrate the capability to deter malicious state-sponsored cyber activity,” Clapper said back in September.

During his February testimony, Clapper emphasized that Chinese cyber attacks are continuing: “It’s our responsibility to ensure that our policymakers and particularly the Department of Defense are aware of this hemorrhage, if you will, of technological information that the Chinese purloined.”

According to Clapper, foreign actors in cyberspace “remain undeterred from conducting reconnaissance, espionage, and even attacks in cyberspace because of the relatively low costs of entry, the perceived payoff, and the lack of significant consequences.”


However, as I noted in January 2016 (See: “What Does 2016 Hold For China-US Relations in Cyberspace?”), certain policies such as threatening to impose sanctions appear to have made some sort of impression on China’s activities in cyberspace. As a consequence we will see continue to see this policy, along with others, in the future:

Sino-U.S. relations in cyberspace in 2016 will be defined by three key policies: attribution, sanctions, and norms. The first two tacks will be used by the United States to contain malicious Chinese activities in cyberspace (and to assuage the U.S. private sector and U.S. public opinion), whereas the last device will be used for promoting strategic stability between both nations by deepening the understanding of what is acceptable behavior in the cyber realm.

While Russia remains a much more capable adversary in cyberspace than China, it is the sheer volume of Chinese cyberattacks that has catapulted discussions about limiting cyber espionage and cyber norms of behavior on top of the Sino-U.S. bilateral agenda.