A lot of this is political and military espionage, but some of it is commercial espionage. Many countries have a long history of spying on foreign corporations for their own military and commercial advantage. The U.S. claims that it does not engage in commercial espionage, meaning that it does not hack foreign corporate networks and pass that information on to U.S. competitors for commercial advantage. But it does engage in economic espionage, by hacking into foreign corporate networks and using that information in government trade negotiations that directly benefit U.S. corporate interests. Recent examples are the Brazilian oil company Petrobras and the European SWIFT international bank-payment system. In fact, according to a 1996 government report, the NSA claimed that the economic benefits of one of its programs to U.S. industry “totaled tens of billions of dollars over the last several years.” You may or may not see a substantive difference between the two types of espionage. China, without so clean a separation between its government and its industries, does not.

Many countries buy software from private companies to facilitate their hacking. Consider an Italian cyberweapons manufacturer called Hacking Team that sells hacking systems to governments worldwide for use against computer and smartphone operating systems. The mobile malware installs itself remotely and collects e-mails, text messages, call history, address books, search-history data, and keystrokes. It can take screenshots, record audio to monitor either calls or ambient noise, snap photos, and monitor the phone’s GPS coordinates. It then surreptitiously sends all of that back to its handlers. Ethiopia used this software to sneak onto the computers of European and American journalists.

* * *

When American officials first started getting reports of the Chinese breaking into U.S. computer networks for espionage purposes, they described it in very strong language. They labeled the Chinese actions “cyberattacks,” sometimes invoking the word “cyberwar.” After Snowden revealed that the NSA had been doing exactly the same thing as the Chinese to computer networks around the world, the U.S. used much more moderate language to describe its own actions—terms like “espionage,” or “intelligence-gathering,” or “spying”—and stressed that these were peacetime activities.

When the Chinese company Huawei tried to sell networking equipment to the United States, many feared that the Chinese government had installed backdoors into the switches that would allow Beijing to eavesdrop, and considered the move a “national-security threat.” But, as Snowden's disclosures eventually revealed, the NSA has been doing exactly the same thing, both to Huawei’s equipment and to American-made equipment sold in China.

The problem is that—as they occur and from the point of view of the victim—international espionage and attack look pretty much alike. Modern cyberespionage is a form of cyberattack, and both involve breaking into the network of another country. The only difference between them is whether they deliberately disrupt network operations or not. That’s a huge difference, of course, but the time lag between breaking into a network and disrupting operations might be months or even years. Because breaking into a foreign network affects the territory of another country, it is almost certainly illegal under that country’s laws. Even so, countries are doing it constantly to one another.