Here’s how you can tell that President Obama’s conference on cyber-security later today at Stanford University just doesn’t pass the seriousness test. There’s nothing on the agenda indicating that the administration will be dealing with the ongoing transfers of knowhow by U.S. technology firms to China that have taught the Chinese much about hacking and how to defend against it.
My 2013 article for BloombergView detailed the jaw-dropping scale of this activity by the likes of Google, Microsoft, IBM, Intel, Cisco, and other offshoring-happy multinationals. There’s no doubt that these transfers have slowed as Beijing has begun to push these firms around whenever their capabilities are no longer crucially needed. But there’s no reason to suppose that they won’t continue – as evidenced by the companies’ reaction to the latest conditions China will place on their businesses in the People’s Republic. In response to Beijing’s planned requirements that include turning over secret source codes for whatever equipment they sell to Chinese (government-owned) banks, the firms have simply called for “urgent discussion and dialogue.” The idea that they would shut down the numerous research centers and tech training programs they’ve set up in China is obviously as far off the table as the idea that the president would bring this matter up.
Yet if this hemorrhage of advanced, inherently offensive, hacking-related know-how to China isn’t stemmed, the various U.S. defensive measures being implemented and pursued could be largely and even wholly wasted – whether by the government, the private sector, or whatever cooperative arrangements they devise.
Worse, time is anything but on America’s side. As I’ve reported, no less than the Chairman of the Joint Chiefs of Staff admits that the United States has lost any superiority it might have had on cyber fronts. Unless American companies stop feeding the beast fast, the point will keep rapidly approaching at which China no longer needs them to become the world’s top cyber power.