An agreement not to support cyberattacks, especially those involving theft of corporate records for economic gain, has been reached by China and the United States after some lengthy negotiations, the Wall Street Journal reported.
The two countries have also agreed to investigate cybercrimes and create a high-level working group to counter the attacks as they pledge to cooperate more closely, the report said.
The agreement is one of the most-advanced steps taken by the U.S. to force China to commit to address the growing issue of intellectual property theft and corporate espionage against U.S. companies.
U.S. President Barack Obama said on Sept. 25 that he told President Xi that the wave of cyberattacks against U.S. companies has to stop.
Obama said that progress has been made through the talks with the Chinese leader, but they would still be monitoring closely to see if the attacks would stop.
The report said that another challenge would be whether the Chinese government will cooperate with the Federal Bureau of Investigation in probing the cyberattacks.
Meanwhile, President Xi urged both countries to strengthen dialogue and cooperation on ways to prevent cyberattacks, ignoring recent threats from U.S. officials who suggested economic sanctions against Chinese companies.
"Confrontation and friction are not the right choice for both sides," President Xi said.
American business groups are expected to watch the new agreement closely, the report added.
"This agreement finally starts a sustained dialogue where there was very little communication," said Dean Garfield, chief executive of the Information Technology Industry Council, a trade group. "It illustrates a spirit of cooperation on a sensitive issue, which is a positive signal to technology companies."
Dmitri Alperovitch, co-founder of Crowdstrike, a cybersecurity company, said that the agreement would require China "to respond to evidence [of cyberattacks] presented by the United States, and they can't just shrug it off like they have in the past."
Some experts, however, said that key parts of the agreement could be difficult to enforce.
"It appears that the U.S. will have to prove there's been a cyber-incursion, attribute its source, identify what was exfiltrated and then prove that there was a benefit conferred and that the information was put to use," said Michael Wessel, a member of the U.S.-China Economic and Security Review Commission, a body mandated by U.S. Congress to monitor the economic and security relationship between the two countries.
As part of the new pact, a meeting will be held twice a year to discuss issues related to cybersecurity. China will be represented by a top official, as well as senior officials from the divisions of public security, state security, justice, and state Internet and information office.
On the part of the U.S., the attorney-general and the secretary of Homeland Security will attend the meeting, with representatives from the intelligence community, Pentagon and the FBI.
The two leaders have also called for the creation of international guidelines on cyberattacks, although Obama said that despite progress in the talks, "the rules in this area are not well developed."
"We'll work together and with other nations to promote international rules of the road in cyberspace," Obama said. He called the agreement in "progress," but added, "our work is not yet done."