US, China set guidelines for fighting cyber crime

US, China set guidelines for fighting cyber crime
© Getty Images

The U.S. and China have reached an agreement governing how the two countries will request assistance to combat cyber crime, the Justice Department said Wednesday.


The agreement was reached during high-level cybersecurity talks in Washington, D.C., this week, led by Chinese Minister of Public Security Guo Shengkun and U.S. officials including Secretary of Homeland Security Jeh Johnson and Attorney General Loretta Lynch.

The guidelines set expectations for what information is to be included in requests for assistance and the timeliness of responses.

The two countries will also conduct “tabletop” exercises in the spring designed to “increase mutual understanding regarding their respective authorities, processes and procedures” in the event of a cyberattack.

The talks were planned following a landmark agreement reached in September during Chinese President Xi Jinping’s state visit, in which both countries pledged not to hack one another’s companies.

The White House and others have deemed the pact important progress as the U.S. seeks to push China to cut back on wholesale digital pilfering of sensitive information. Critics have called the deal overly vague and unenforceable.

A second ministerial meeting is now scheduled for June 2016, the Department of Justice said. Before then, the two sides will work to develop the scope and procedures for a direct cyber hotline between Xi and President Obama.

Absent from the release was any mention of reports that Beijing has arrested several Chinese hackers behind the devastating breach of the Office of Personnel Management.

China is widely believed to have been behind the hack, revealed this spring. The breach exposed the data of 21.5 million federal employees and others.

News of the arrests, reported Wednesday and still unverified, is the first indication that China could be accepting any form of responsibility for the incident. Until now, it has vehemently denied any involvement.

While the Obama administration has refrained from publicly blaming China for the incident — likely because the U.S. conducts similar intelligence-gathering missions itself — the hack was reportedly a key topic of discussion at the meetings.

China’s state-run news agency said Wednesday that the breach was a criminal act, not an authorized government hack.

“Among the cases discussed included the one related to the alleged theft of data of the U.S. Office of Personnel Management by Chinese hackers,” the English-language report reads. “Through investigation, the case turned out to be a criminal case rather than a state-sponsored cyberattack as the U.S. side has previously suspected.”